CN103729600A

CN103729600A - Data security interconnected system establishing method and data security interconnected system

Info

Publication number: CN103729600A
Application number: CN201210384081.0A
Authority: CN
Inventors: 汪家祥; 杨潇
Original assignee: Beijing Zhongtian Antai Technology Co Ltd
Current assignee: The safe and sound Information Technology Co., Ltd in sky in Beijing
Priority date: 2012-10-11
Filing date: 2012-10-11
Publication date: 2014-04-16
Anticipated expiration: 2032-10-11
Also published as: CN103729600B

Abstract

The invention provides a data security interconnected system establishing and data access method. The method comprises the steps that (1) a first computing device sends an access request to a second computing device; (2) the second computing device sends a deployment inquiry to the first computing device to inquire whether the first computing device allows a data security storage method and a data security reading method to be deployed; (3) the first computing device sends a deployment response to the second computing device; (4) if the response is positive, the second computing device deploys the data security storage method and the data security reading method on the first computing device, deploys a first security storage device for the first computing device and adds the first computing device to a register list of the second computing device; (5) the second computing device reads the data needed by the first computing device from a corresponding second security storage device with the security reading method; (6) the second computing device sends an access response to the first computing device.

Description

Data security interacted system method for building up and data security interacted system

Technical field

The present invention relates to computer safety field, relate in particular to a kind of data security interacted system and method for building up thereof.

Background technology

Existing electronic information security field comprises security of system, data security and three sub-fields of device security.

In data security field, the general three kinds of technology below that adopt are guaranteed data security: (1) data content safety technique, comprise data ciphering and deciphering technology and end-to-end data encryption technology, ensure that data content in storage and transmitting procedure is not illegally read; (2) data security transfer techniques, comprises and prevents illegal copies, printing or other output, ensures the safety of data in use and transfer process; (3) network interrupter technique, comprises network physical blocking-up and the technology such as network barrier is set.

According to correlation analysis, the total effectively detecting ability of current all harm for computing machine is at most in 50% left and right; Because above-mentioned technology is at reply computer inner core virus, wooden horse, Loopholes of OS, system backdoor and people scarce capacity when divulging a secret, all may there is malicious code in any computing equipment (such as computing machine, handheld communication devices etc.) in fact.Once malicious code enters terminal system, above-mentioned encryption technology, anti-copy technology and network interrupter technique are in this case by ineffective.Existing hacking technique can utilize system vulnerability or system backdoor penetrate above-mentioned safety technique and implant malicious code, and utilizes malicious code to obtain user data.Above-mentioned technology more cannot be taken precautions against concerning security matters personnel's active or passive divulging a secret, and for example, internal staff can carry memory device, from internal network or terminal, downloads required data and takes away memory device, causes inside to be divulged a secret; Again for example, internal staff can directly take away computing equipment.

To sum up, anti-copy technology cannot guarantee that classified information is not illegally stored in terminal.Filtration Network Based cannot guarantee that classified information do not lose.Concerning security matters personnel can be caused and divulged a secret by malicious code or malice instrument, also may divulge a secret because of secrecy-involved apparatus or out of control the causing of storage medium.

Summary of the invention

The object of this invention is to provide a kind of data security interacted system and method for building up thereof, improve data security.

According to one aspect of the invention, a kind of method for building up of data security interacted system is provided, comprising:

Step 1, computing equipment send registration request to registrar;

Step 2, registrar send apply for information to computing equipment, inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access, or inquire whether this computing equipment agrees to dispose secure storage method of data and data safe reading method;

Step 3, computing equipment send response message to registrar; With

Step 4, registrar check described response message;

If this is replied as disagreeing with adapter, registrar is refused the registration request of this computing equipment, finishes method for building up;

If this is replied as agreeing to and takes over, registrar is at computing equipment deploy secure storage method of data and read method, registrar is this computing equipment deployment secure memory device, and this computing equipment is added in the register list on registrar;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

If the described hardware instruction of step a3 is storage instruction, the destination address of revising in described storage instruction is the corresponding memory address on described safety storage apparatus; With

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

If the described hardware instruction of step b3 is reading command, obtain the source address in reading command;

Step b4, search the first mapped bitmap, and according to the reading address in the data modification reading command of the first mapped bitmap; Described the first mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus; With

Step b5, amended reading command is sent to hardware layer.

Optionally, after step a3, secure storage method of data also comprises:

Upgrade position corresponding to destination address described in the first mapped bitmap;

The first mapped bitmap having upgraded is synchronized to described safety storage apparatus, saves as the second mapped bitmap; Described the second mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus.

Optionally, before step a1, secure storage method of data also comprises:

Set up the communication of computing equipment and described safety storage apparatus;

The second mapped bitmap on described safety storage apparatus is synchronized to described computing equipment, saves as the first mapped bitmap.

Optionally, before step b4, data safe reading method also comprises:

Optionally, in step a1 and b1, described hardware instruction is from hardware mapping layer.

Optionally, in step 4, registrar is instruction recombination method when computing equipment deploy is moved also, and during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Step c2, obtain machine instruction fragment to be scheduled; Before the last item instruction of the described machine instruction fragment of obtaining, insert the second jump instruction, the entry address of described the second jump instruction directional order restructuring platform, generates restructuring instruction fragment; The value of the address register in the instruction operation environment of described buffer memory is revised as to the address of restructuring instruction fragment;

Step c3, recover described instruction operation environment; The value of the address register in described instruction operation environment is amended value.

Steps d 1, buffer memory instruction operation environment;

Steps d 2, from the first memory location, read destination address, according to destination address, obtain machine instruction fragment to be scheduled; The last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Steps d 3, in the first memory location, preserve the destination address of the first jump instruction;

Steps d 4, the first jump instruction is replaced with to the second jump instruction, generate and there is two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform; With

Steps d 5, recover described instruction operation environment, and jump to the second address and continue to carry out.

Step e1, buffer memory instruction operation environment;

Step e2, the address that obtains the jump instruction of preserving in stack and parameter, calculate the instruction address that next is about to operation, and this address is the first address;

Step e3, according to the first address acquisition machine instruction fragment to be dispatched; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

Step e4, replacement the first jump instruction are pop down instruction, record address and the operand of the first jump instruction in pop down instruction;

Step e5, after pop down instruction, add the second jump instruction, generate and there is two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform; With

Step e6, recover described instruction operation environment, and jump to the second address and continue to carry out.

According to a further aspect of the present invention, provide a kind of data access method that is applied to the data security interacted system of said method foundation, comprising:

Step 1, the first computing equipment send request of access to the second computing equipment;

Step 2, the second computing equipment send secure address apply for information to registrar, inquire whether described the first computing equipment is secure address;

Step 3, registrar send secure address response message to the second computing equipment, inform whether this first computing equipment is secure address;

If step 4 obtains sure response message, the second computing equipment reads corresponding data according to request of access, and the process of reading is described data safe reading method; If obtain negative response message, the second computing equipment is ignored described request of access; With

Step 5, the second computing equipment send access to the first computing equipment and reply.

Optionally, described data access method also comprises after step 5:

If step 6 the first computing equipment needs save data, according to described secure storage method of data save data.

According to a further aspect of the present invention, provide a kind of data security interacted system to set up and data access method, comprising:

Step 2, the second computing equipment send and dispose inquiry to the first computing equipment, inquire whether the first computing equipment agrees to dispose secure storage method of data and data safe reading method, or whether inquiry the first computing equipment is agreed to take over by safety storage apparatus the data that this first computing equipment is operated and access;

Step 3, the first computing equipment send to dispose to the second computing equipment and reply;

Step 4, the second computing equipment check that described deployment replys;

If it is to disagree with deployment that deployment is replied, the second computing equipment is refused the request of access of the first computing equipment, finishes described method;

If it is to agree to dispose that deployment is replied, the second computing equipment is at the first computing equipment deploy secure storage method of data and read method, the second computing equipment is that the first computing equipment is disposed the first safety storage apparatus, and the first computing equipment is added in the register list of the second computing equipment;

Step 5, the second computing equipment utilize safe read method to read from the second safety storage apparatus of its correspondence the data that the first computing equipment needs; With

Step 6, the second computing equipment send access to the first computing equipment and reply;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

If the described hardware instruction of step a3 is storage instruction, the destination address of revising in described storage instruction is the corresponding memory address on safety storage apparatus; With

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, described data security interacted system is set up and data access method also comprises after step 6:

If step 7 the first computing equipment needs save data, the first computing equipment utilizes secure storage method of data that the visit data of acquisition is kept in the first safety storage apparatus of its correspondence.

Optionally, after step a3, secure storage method of data also comprises:

Optionally, before step a1, secure storage method of data also comprises:

Optionally, before step b4, data safe reading method also comprises:

Optionally, in step 4, the second computing equipment is instruction recombination method when the first computing equipment deploy operation also, and during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

Optionally, described data security interacted system is set up and data access method also comprises between step 1 and step 2:

Step f1, the second computing terminal send to dispose to the first computing terminal and check message, and whether this message has disposed secure storage method of data and data safe reading method for checking on the first computing terminal;

Step f2, the first computing terminal send to dispose to the second computing terminal and check feedback message; With

Step f3, the second computing terminal check that according to this deployment feedback message determines the deployable state of the first computing terminal: if disposed, the first computing equipment be added in the register list of the second computing equipment and perform step 5; If not yet disposed, continue execution step 2.

Another aspect according to the present invention, provides a kind of data security interacted system to set up and data access method, comprising:

Step 2, the first computing equipment send to dispose to the second computing equipment and inform that message, this message are used for being illustrated in and on the first computing equipment, disposed secure storage method of data and data safe reading method;

Step 3, the second computing equipment are informed message based on deployment, determine that the deployable state of the first computing equipment is for disposing;

Step 4, the second computing equipment utilize safe read method to read from the second safety storage apparatus of its correspondence the data that the first computing equipment will be accessed; With

Step 5, the second computing equipment send access to the first computing equipment and reply;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, described data security interacted system is set up and data access method also comprises after step 5:

If step 6 the first computing equipment needs save data, the first computing equipment utilizes secure storage method of data that the visit data of acquisition is kept in the first safety storage apparatus of its correspondence.

Optionally, after step a3, secure storage method of data also comprises:

Optionally, before step a1, secure storage method of data also comprises:

Optionally, before step b4, data safe reading method also comprises:

Optionally, described deployment informs that message is also for being illustrated in instruction recombination method while having disposed row on the first computing equipment, and during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

Optionally, in step 3, if the second computing equipment receives to dispose, do not inform message, or the second computing equipment informs that based on deployment deployable state that message can not determine the first computing equipment, for disposing, ignores described request of access.

According to a further aspect of the present invention, provide a kind of data security interacted system, comprising: computing equipment, safety storage apparatus and registrar;

Wherein, described registrar is suitable for registering computing equipment, and is computing equipment distribution safety storage apparatus; Described computing equipment is suitable for saving the data on safety storage apparatus or from safety storage apparatus reading out data by secure storage method of data and data safe reading method;

Wherein, secure storage method of data comprises: step a1, reception hardware instruction; Step a2, analyze described hardware instruction; If the described hardware instruction of step a3 is storage instruction, the destination address of revising in described storage instruction is the corresponding memory address on described safety storage apparatus; With step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises: step b1, reception hardware instruction; Step b2, analyze described hardware instruction; If the described hardware instruction of step b3 is reading command, obtain the source address in reading command; Step b4, search the first mapped bitmap, and according to the reading address in the data modification reading command of the first mapped bitmap; Described the first mapped bitmap is for representing whether the data of local memory address are dumped to described safety storage apparatus; With step b5, amended reading command is sent to hardware layer.

Optionally, described registrar is suitable for:

Reception is from the registration request of computing equipment;

To computing equipment, send apply for information, inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access, or inquire whether this computing equipment agrees to dispose secure storage method of data and data safe reading method;

Receive and check the response message from computing equipment; If reply as disagreeing with adapter, refuse the registration request of this computing equipment; If replied as agreeing to, take over, at computing equipment deploy secure storage method of data and read method, be this computing equipment deployment secure memory device, and this computing equipment is added in the register list on registrar.

Optionally, described registrar is also suitable for instruction recombination method when computing equipment deploy is moved, and during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

Another aspect according to the present invention, provides a kind of data security interacted system, comprising: the first computing equipment, the second computing equipment and safety storage apparatus; Wherein, described the first computing equipment and the second computing equipment are suitable for mutual registration, and save the data on safety storage apparatus or from safety storage apparatus reading out data by secure storage method of data and data safe reading method;

Optionally, instruction recombination method when described the first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

Another aspect according to the present invention, provides a kind of data security interacted system, comprising:

Be positioned at the first computing equipment and first safety storage apparatus of the first LAN (Local Area Network);

Be positioned at the second computing equipment and second safety storage apparatus of the second LAN (Local Area Network); With

Virtual secure storage server, is positioned at the first LAN (Local Area Network) and the second LAN (Local Area Network);

Wherein, described virtual secure storage server is suitable for registering the first and second computing equipments, and is that the first and second computing equipments distribute respectively the first and second safety storage apparatus; Described the first and second computing equipments are suitable for by secure storage method of data and data safe reading method, data being kept at respectively on the first and second safety storage apparatus or respectively from the first and second safety storage apparatus reading out datas;

Step c1, buffer memory instruction operation environment;

Step c2, obtain machine instruction fragment to be scheduled; Before the described machine obtaining refers to the last item instruction of modern fragment, insert the second jump instruction, the entry address of described the second jump instruction directional order restructuring platform, generates restructuring instruction fragment; The value of the address register in the instruction operation environment of described buffer memory is revised as to the address of restructuring instruction fragment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

According to a further aspect of the present invention, provide a kind of data security interacted system, comprising:

Be positioned at the first computing equipment of the first LAN (Local Area Network);

Be positioned at the second computing equipment of the second LAN (Local Area Network); With

Centralized safe storage server, is positioned at the first LAN (Local Area Network) and the second LAN (Local Area Network), comprises the first safety storage apparatus and the second safety storage apparatus;

Wherein, described centralized safe storage server is suitable for registering the first and second computing equipments, and is that the first and second computing equipments distribute respectively the first and second safety storage apparatus; Described the first and second computing equipments are suitable for by secure storage method of data and data safe reading method, data being kept at respectively on the first and second safety storage apparatus or respectively from the first and second safety storage apparatus reading out datas;

Step c1, buffer memory instruction operation environment;

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

According to a further aspect of the present invention, provide a kind of computing equipment, comprising:

Dispose inquiry unit, be suitable for sending apply for information to the second computing equipment, inquire whether this second computing equipment is agreed to take over by safety storage apparatus the data that this second computing equipment is operated and access;

Program deployment unit, is suitable for disposing data black hole system to the second computing equipment, after deployment finishes, is also suitable for upgrading register list, and this second computing equipment is added and entered in register list; With

Unit, black hole, is suitable for disposing data black hole system;

Wherein, data black hole system comprises data safe reading method and secure storage method of data;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

Optionally, unit, described black hole is also suitable for and the second computing equipment interaction data.

Optionally, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

Step c2, obtain machine instruction fragment to be scheduled; Before the last item instruction of the described machine instruction fragment of obtaining, insert the second jump instruction, the entry address of described the second jump instruction directional order restructuring platform, generates restructuring instruction fragment; The value of the address register in the instruction operation environment of described buffer memory is revised as to the address of restructuring instruction fragment; With

Steps d 1, buffer memory instruction operation environment;

Step e1, buffer memory instruction operation environment;

Optionally, if represent to disagree with adapter from the response message of the second computing equipment, dispose the registration request that inquiry unit is suitable for refusing this second computing equipment; If this response message agrees to take over, dispose inquiry unit and be suitable for start-up routine deployment unit.

Optionally, described computing equipment also comprises:

Dispose inspection unit, be suitable for sending to dispose to the second computing equipment checking message, check whether the second computing equipment has disposed data black hole system.

Optionally, if described the second computing equipment is found in the inspection of deployment inspection unit, disposed data black hole system, disposed inspection unit and be also suitable for upgrading register list, this second computing equipment is added and entered in register list; If deployment inspection unit is found this second computing equipment and is not yet disposed data black hole system, starts and dispose inquiry unit.

Optionally, described computing equipment also comprises:

I/O interface, couples with disposing inquiry unit, program deployment unit and unit, black hole respectively, is suitable for being connected and communicating with the second computing equipment.

Optionally, described computing equipment also comprises:

I/O interface, couples with disposing inquiry unit, program deployment unit, unit, black hole and deployment inspection unit respectively, is suitable for being connected and communicating with the second computing equipment.

Compared with prior art, apparatus and method of the present invention have improved the security of data.By instruction recombination method, the instruction of monitoring calculation equipment under instruction operation state; Data safe reading method coordinates secure storage method of data that data are present in controlled safe range all the time; Because this locality is by any data that are no longer kept under concerning security matters state, therefore prevented that concerning security matters personnel's active from divulging a secret and passive divulging a secret.

Accompanying drawing explanation

Fig. 1 is the system level schematic diagram of computing equipment in prior art;

The process flow diagram of instruction recombination method when Fig. 2 is the operation providing in one embodiment of the invention;

Fig. 3 is the generative process schematic diagram of the restructuring instruction fragment that provides in one embodiment of the invention;

Fig. 4 is the process flow diagram of step S102 in the Fig. 2 providing in another embodiment of the present invention;

The process flow diagram of instruction recombination method when Fig. 5 is the operation providing in another embodiment of the present invention, utilizes the corresponding table in address to preserve the instruction fragment of having recombinated;

The process flow diagram of instruction recombination method when Fig. 6 is the operation providing in another embodiment of the present invention, opens up separately the destination address that the first jump instruction is preserved in memory location;

The process flow diagram of instruction recombination method when Fig. 7 is the operation providing in another embodiment of the present invention, carries out dis-assembling and compilation process for on-fixed length instruction collection;

The process flow diagram of instruction recombination method when Fig. 8 is the operation providing in another embodiment of the present invention, substitutes or record the first jump instruction with pop down instruction;

The process flow diagram of instruction recombination method when Fig. 9 a is the operation providing in another embodiment of the present invention, the feature in a plurality of embodiment before instruction recombination method synthesis during operation wherein;

Operating process schematic diagram when instruction recombination method is moved on X86 system processor when Fig. 9 b-9d is the operation in Fig. 9 a;

Instruction recombination apparatus structure schematic diagram when Figure 10 is the operation providing in one embodiment of the invention;

Instruction recombination apparatus structure schematic diagram when Figure 11 is the operation providing in another embodiment of the present invention;

Figure 12 is the instruction recombination cellular construction schematic diagram providing in another embodiment of the present invention;

Instruction recombination apparatus structure schematic diagram when Figure 13 is the operation providing in another embodiment of the present invention;

Instruction recombination apparatus structure schematic diagram when Figure 14 is the operation providing in another embodiment of the present invention;

Figure 15 is the system level schematic diagram of computing equipment in one embodiment of the invention;

Figure 16 is the process flow diagram of the initialization procedure in the data security access procedure providing in one embodiment of the invention;

Figure 17 is the Bitmap schematic diagram in one embodiment of the invention;

Figure 18 is the process flow diagram of the secure storage method of data that provides in one embodiment of the invention;

Figure 19 is the process flow diagram of the data safe reading method that provides in one embodiment of the invention;

Figure 20 is the process flow diagram of the data safety access method that provides in one embodiment of the invention;

Figure 21 is the process flow diagram of the data safe transmission method that provides in one embodiment of the invention;

Figure 22 is network environment schematic diagram in one embodiment of the invention;

Figure 23 is the structural representation of the data safety storage device that provides in one embodiment of the invention;

Figure 24 is the structural representation of the data security reading device that provides in one embodiment of the invention;

Figure 25 is the data security storage that provides in one embodiment of the invention and the structural representation of reading device;

Figure 26 is the data security storage that provides in another embodiment of the present invention and the structural representation of reading device;

Figure 27 is the network environment in one embodiment of the invention;

Figure 28 a is the sequential chart of the method for building up of the data security interacted system that provides in one embodiment of the invention;

Figure 28 b is the sequential chart of the data access method of computing equipment in the data security interacted system providing in one embodiment of the invention;

Figure 28 c is the sequential chart of the data access method of computing equipment in the data security interacted system providing in another embodiment of the present invention;

Figure 28 d is the sequential chart of the data access method of computing equipment in the data security interacted system providing in another embodiment of the present invention;

Figure 28 e is the sequential chart of the data access method of computing equipment in the data security interacted system providing in another embodiment of the present invention;

Figure 28 f is the structural representation of the computing terminal that provides in one embodiment of the invention;

Figure 28 g is the structural representation of the registrar that provides in one embodiment of the invention;

Figure 28 h is the structural representation of the computing terminal that provides in another embodiment of the present invention;

Figure 28 i is the structural representation of the computing terminal that provides in another embodiment of the present invention;

Figure 29 is the structural representation of the safe interacted system of wide area network data that provides in one embodiment of the invention;

Figure 30 is the structural representation of the safe interacted system of wide area network data that provides in another embodiment of the present invention;

Figure 31 is the structural representation of the safe interacted system of network payment that provides in one embodiment of the invention.

Embodiment

In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with accompanying drawing, the present invention is described in more detail.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.

analyze

The system level schematic diagram that is illustrated in figure 1 computing equipment in prior art, from top to bottom, computing equipment comprises: user interface layer 101, application layer 102, operating system nucleus layer 103, hardware mapping layer 104 and hardware layer 105.

Wherein, user interface layer 101 is the interfaces between user and equipment, and user for example, is undertaken by this layer and equipment (be other levels of equipment, application layer 102) alternately.Application layer 102 finger application software layers.

Operating system nucleus layer 103 is a kind of logical layers based on software, by software data and software code, formed in general, than contact bed 101 and application layer 102, the code of operating system nucleus layer 103 has higher authority, can carry out complete operation to the various software and hardware resources in computer system.

Hardware mapping layer 104 is a kind of logical layers based on software, and it is generally operational in operating system nucleus layer, has the authority identical with inner nuclear layer.Hardware mapping layer is mainly, in order to solve, the operator scheme of dissimilar hardware is mapped as to a kind of unified high-level interface, upwards shields the singularity of hardware.In general, hardware mapping layer is mainly used by operating system nucleus layer 103, completes the operation to various hardware.

Hardware layer 105 refers to all hardware parts that form computer system.

User operates and obtains graphical or non-graphical feedback by user interface layer 101 (i.e. the user interface in user interface layer 101) to this computing equipment.With the example that is operating as of save data, its process comprises:

(1) user interface 101 that user provides by certain application program, selects " preservation " function;

(2) application layer 102 is called corresponding code, and above-mentioned user operation is converted into the interface function that one or more operating system provides, " preservations " operate and transform into calling of interface function that sequence of operations system kernel layer 103 is provided;

(3) operating system nucleus layer 103 is converted into by each operating system interface function the interface function that one or more hardware mapping layers 104 provide; I.e. " preservation " operation transforms into calling of interface function that a series of hardware mapping layers 104 are provided;

(4) interface function that hardware mapping layer 104 provides oneself each is converted into one or more hardware instructions and calls; Finally,

(5) hardware layer 105 (for example CPU) receives above-mentioned hardware instruction and calls and carry out hardware instruction.

For this computing equipment, after it is invaded by malicious code, malicious code can be obtained desired data from computing equipment, steal data after its behavior pattern comprise:

(1) storage behavior: target data content is saved in to certain memory location;

(2) transport behavior: the data of stealing are directly arrived to the destination address of appointment by Internet Transmission.

In addition, use the behavior pattern that the personnel of above-mentioned computing equipment or information equipment carry out divulging a secret inside to comprise:

(1) initiatively divulge a secret: concerning security matters personnel are copied, by malice instrument, penetrated security system, inserted the means such as wooden horse and directly obtain confidential data by active, and divulge a secret;

(2) passive divulging a secret: the computer of concerning security matters librarian use or storage medium are not good at losing or improper use (for example by concerning security matters equipment directly access Internet) causes divulges a secret because of keeping.

The above-mentioned multiple mode of divulging a secret cannot ensure the data security of this computing equipment.

Inventor finds after deliberation, and in computer run process, cpu address register is preserved the address of next machine instruction that will move, the address that for example pc (program counter, programmable counter) points to; Obtain the data in this register, and the address of pointing to according to these data, read the lower one or more of machine instruction that will move, in the time of can realizing operation, catch the object of machine instruction.

And, by revising the dispatch command fragment for the treatment of that described one or more machine instruction forms, (for example insert therein extra jump instruction, be called instruction recombination herein), make to regain CPU right of execution before this section of instruction operation is complete, and again catch the next one and treat dispatch command fragment, in the time of can realizing operation, catch continuously the object of machine instruction.

And, getting after dispatch command fragment, can also machine instruction wherein be analyzed and be processed, thereby in the time of not only can realizing operation, instruction be caught, recombinated, and can also realize the management to predetermined target instruction target word.

instruction recombination or instruction tracing

Based on above-mentioned analysis and discovery, a kind of instruction recombination method when operation is provided in one embodiment of the present of invention, is called instruction recombination platform during the method operation.As shown in Figure 2, the method S100 comprises:

S101, buffer memory instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

S102, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S103, before described the first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform, carries out after this second jump instruction, execution step S101;

S104, is revised as the second address by the first address in described address register; With

S105, recovers described instruction operation environment.

In the present embodiment, instruction recombination method is carried out on the CPU of X86-based during above-mentioned operation; In other embodiments of the invention, instruction recombination method also can be carried out on MIPS processor or the processor based on ARM framework during above-mentioned operation.One of ordinary skill in the art will appreciate that, in the instruction process unit of any other type that said method can be in computing equipment, carry out.

Wherein, in step S101, described buffer memory instruction operation environment can comprise:

To being pressed into CPU machine instruction in buffer memory stack, move relevant register data.

In other embodiments of the invention, buffer memory or the running environment of holding instruction also can be carried out in other data cached structures appointment, acquiescence and address.

In step S101, described address register can be cpu address register.

In step S102, in machine instruction fragment to be scheduled, the last item instruction is the first jump instruction, in machine instruction fragment to be scheduled, only have a jump instruction, machine instruction fragment to be scheduled comprise described the first jump instruction with and machine instruction all to be scheduled before.

In step S103, the last item instruction (i.e. the first jump instruction JP1) in described machine instruction fragment to be scheduled is front, insert the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform, generates and has the second address A " restructuring instruction fragment.

Inserting the second jump instruction is for when CPU moves described machine instruction fragment to be scheduled, before JP1 operation, restart to move described instruction recombination platform, like this, instruction recombination platform just can continue to analyze next section of machine instruction fragment to be scheduled, thus the restructuring of instruction while completing all operations by method iterates.

In step S105, recovering described instruction operation environment can comprise:

From buffer memory stack, eject the register data that instruction operation is relevant; The destination address of the jump instruction that wherein address register is preserved has been revised as that to take the second address A " be the new machine instruction fragment of entry address.

After step S105 carries out, recovered described instruction operation environment, instruction recombination platform completes once operation, and CPU carries out described restructuring instruction fragment, and CPU will carry out that to take the second address A " be the machine instruction fragment of entry address.When restructuring instruction fragment is carried out the second jump instruction JP2, described instruction recombination platform obtains CPU control (performing step S101) again, now the destination address of the first jump instruction obtains, this destination address is the first new address, then re-executes step S101～step S105.

Below in conjunction with Fig. 3, further illustrate the generative process of instruction recombination process and restructuring instruction fragment.

Fig. 3 comprises machine instruction set 401 to be scheduled (being for example written into the machine instruction of certain program in internal memory), wherein instruction 4012 is the first jump instruction, if the destination address of instruction 4012 is variable, first presumptive instruction 4012 points to machine instruction 4013; The machine instruction all to be scheduled that comprises the first jump instruction 4012 before the first jump instruction 4012 has formed machine instruction fragment 4011.

(instruction recombination platform 411), first buffer memory instruction operation environment after the operation of instruction recombination method; Then obtain (for example copy) machine instruction fragment 4011; It is own that instruction recombination platform has inserted the second jump instruction 4113, the second jump instruction 4113 directional order restructuring platforms 411 before the first jump instruction 4012, thereby generated restructuring instruction fragment 4111, and the address of restructuring instruction fragment is A "; The value A of the address register in the instruction operation environment of described buffer memory is revised as to address A "; Finally recover described instruction operation environment.

Instruction recombination platform 411 finishes after operation, and CPU carries out take A, and " be the restructuring instruction fragment of address, when execution is during to the second jump instruction 4113, instruction recombination platform 411 can regain CPU control.Now, the destination address 4013 of the first jump instruction 4012 has generated, this destination address is the first new address, instruction recombination platform restarts to perform step S101～step S105 according to this destination address, continue to analyze follow-up machine instruction to be scheduled, thus the method for instruction recombination while having completed operation.

According to a further embodiment of the invention, as shown in Figure 4, in step S102, obtaining machine instruction fragment to be scheduled can comprise:

S1021, for example, reads machine instruction to be scheduled address from address register (cpu address register);

S1022, take jump instruction as searched targets, retrieves machine instruction and subsequent instructions thereof that described machine instruction address is pointed to, until find first jump instruction (being called the first jump instruction); Described jump instruction refers to change the machine instruction that machine instruction is sequentially carried out flow process, comprises Jump instruction, Call instruction, Return instruction etc.;

S1023, described the first jump instruction is usingd and machine instruction all to be scheduled before as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in instruction recombination platform, or the memory location that can read of other instruction recombination platforms.

In other embodiments of the invention, obtaining machine instruction fragment to be scheduled, also can to take non-jump instruction (such as writing instruction, reading command etc.) be searched targets, further cutting machine instruction fragment.Due in such embodiments, also need to guarantee wait dispatch jump instruction carry out after instruction recombination platform still can obtain CPU control or right of execution, so jump instruction need to be as the second searched targets, thereby obtain the machine instruction fragment that granularity is less.

According to a further embodiment of the invention, between step S102 and S103, during described operation, instruction recombination method can also comprise:

Utilize the described machine instruction fragment to be scheduled of instruction set coupling, obtain target machine instruction; Described instruction set comprises X86, MIPS and ARM instruction set; With

According to predetermined mode, revise described target machine instruction.

In the time of not only can completing operation, instruction monitoring, can also carry out other processing procedures, and related embodiment will be described in detail below.

Further, in order to improve the efficiency of instruction recombination method, the pointed dispatch command for the treatment of of fixed address jump instruction can be obtained in the lump in step S102.

According to a further embodiment of the invention, a kind of instruction recombination method when operation is provided, the method S300 comprises:

S301, buffer memory instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

S302, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S303, before described the first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform, carries out after this second jump instruction, execution step S301;

S304, is revised as the second address by the first address in described address register;

S305, recovers described instruction operation environment.

Compare with the method providing in embodiment before, difference is: in step S302, in machine instruction fragment to be scheduled, can comprise many jump instructions; In jump instruction, only have an argument address jump instruction, be called the first jump instruction.

It should be noted that, jump instruction can comprise two classes, argument address jump instruction and constant address jump instruction, wherein, the jump address of constant address jump instruction is constant (being immediate), and argument address in argument address jump instruction generally calculates in a machine instruction before jump instruction.

Similarly, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; Machine instruction fragment to be scheduled comprise described the first jump instruction with and machine instruction all to be scheduled before.

Further, because the machine instruction generating in program operation process has very high repeatability, in order to improve the efficiency of instruction recombination method, save the computational resource (cpu resource) of computing equipment, can utilize a small amount of storage space to preserve restructuring instruction fragment.

A kind of instruction recombination method while according to a further embodiment of the invention, providing operation.As shown in Figure 5, the method S200 comprises:

S201, buffer memory instruction operation environment; Described instruction operation environment comprises address register (for example cpu address register) (in general, instruction operation environment refers to all registers of CPU, comprise general-purpose register, status register, address register etc.), address register is preserved the address of next machine instruction that will move, and this address is the first address;

S202, utilizes the corresponding table in described the first address search address; The corresponding table in described address is for representing whether the dispatch command fragment for the treatment of that the first address A points to has the restructuring instruction fragment of having preserved, and the data of the corresponding table in address are address pair;

S203, if find corresponding record, is revised as described the first address A (being the value A of address register) the address A ' of the restructuring instruction fragment of having preserved;

S204, if do not find corresponding record, obtains machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

S205, before described the first jump instruction, inserts the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform, carries out after this second jump instruction, execution step S201;

S206, is revised as the second address by the first address in described address register;

S207, recovers described instruction operation environment.

Further, step S206 also comprises: utilize the second address A " sets up address to (or a record) in the corresponding table in described address with the first address A.There is address A " restructuring instruction fragment be stored in restructuring instruction platform, for reusing.

This method is utilized the corresponding table in address, saves computational resource, the efficiency of instruction recombination while improving operation.

Above-mentioned recombination method, generally by treating that inserting required jump instruction among dispatch command fragment completes, in other embodiments of the invention, also can complete the generation of restructuring instruction fragment by other means.Below in conjunction with embodiment, introduce in detail.

According to a further embodiment of the invention, provide a kind of instruction recombination method, open up separately the destination address that the first jump instruction is preserved in memory location.As shown in Figure 6, the method S110 comprises:

S111, buffer memory instruction operation environment;

S112, reads destination address from the first memory location, obtains the machine instruction fragment for the treatment of scheduling (pending) according to destination address; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

S113, preserves the destination address of the first jump instruction in the first memory location;

S114, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform, carries out after this second jump instruction, execution step S111;

S115, recovers described instruction operation environment, and jumps to the second address continuation execution.

Wherein, in step S112, obtaining machine instruction fragment to be scheduled can comprise:

S1121, take jump instruction as searched targets, retrieve machine instruction and subsequent instructions thereof that described machine instruction address is pointed to, until find first jump instruction (being called the first jump instruction);

Described jump instruction refers to change the machine instruction that machine instruction is sequentially carried out flow process, comprises Jump instruction, Call instruction, Return instruction etc.;

S1122, described the first jump instruction is usingd and machine instruction all to be scheduled before as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in instruction recombination platform, or the memory location that can read of other instruction recombination platforms.

In step S113, destination address is the destination address parameter of jump instruction, and it can be immediate or variable parameter, for immediate, preserves its value, for variable parameter, preserves its address/quote.When processor is about to carry out certain jump instruction, its jump target addresses is complete as calculated.

According to a further embodiment of the invention, provide a kind of instruction recombination method, for on-fixed length instruction collection, carry out dis-assembling and compilation process.As shown in Figure 7, the method comprises:

S121, buffer memory instruction operation environment;

S122, reads destination address from the first memory location, according to destination address, obtains and treats dispatch command fragment:

From destination address, obtain one section of machine instruction to be scheduled, this section of machine instruction carried out to dis-assembling, and dis-assembling result is processed and mated by a lexical analyzer whether wherein comprise jump instruction, if do not comprised, continue to obtain next section of machine instruction to be scheduled and repeat aforesaid operations, until match jump instruction, this jump instruction is the first jump instruction; The first jump instruction and all instructions before form treats dispatch command fragment;

S123, preserves the destination address of the first jump instruction in the first memory location;

S124, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform; In the present embodiment, this first jump instruction and the second jump instruction are all assembly instruction;

S125, generates corresponding machine code by the assembly code after the restructuring of generation by assembler; With

S126, recovers described instruction operation environment, and jumps to the second address continuation execution.

According to a further embodiment of the invention, provide a kind of instruction recombination method, with pop down instruction, substitute or record the first jump instruction.As shown in Figure 8, the method S130 comprises:

S131, buffer memory instruction operation environment;

S132, obtains address and the parameter of the jump instruction of preserving in stack, calculates the instruction address that next is about to operation, and this address is the first address;

S133, waits the machine instruction fragment of dispatching/carrying out according to the first address acquisition; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

S134, replacing the first jump instruction is pop down instruction, records address and the operand of the first jump instruction in pop down instruction;

S135 adds the second jump instruction after pop down instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction directional order restructuring platform; With

S136, recovers described instruction operation environment, and jumps to the second address continuation execution.

One of ordinary skill in the art will appreciate that, the function providing in above-mentioned each embodiment or feature can be superimposed upon in same embodiment according to the actual needs, and just combination provides no longer one by one here, only gives one example below and carries out exemplary illustration.

According to a further embodiment of the invention, provide a kind of instruction recombination method, as shown in Fig. 9 a, comprising:

(1) buffer memory instruction operation environment, described instruction operation environment comprises whole CPU environment and memory environment; Obtain address and the parameter of the jump instruction of preserving in stack, calculate the instruction address (zero-address) that next is about to operation, the first address is set to zero-address;

(2) utilize the first address to search address correspondence and show (also referred to as address search table), if find record, recover the instruction operation environment of institute's buffer memory, and jump to corresponding address (address in the corresponding table in address is internal) the continuation execution of finding;

(3) if do not find record, since the first address, obtain pending machine instruction fragment, the ending of instruction fragment is jump instruction (jump instruction address is the 3rd address);

(4) since the first address, machine code is carried out to dis-assembling, and dis-assembling result is processed by a lexical analyzer, generate the assembly code after restructuring, until the 3rd address;

(5) whether the code that judges the 3rd place, address can further be processed, the destination address of the jump instruction at the 3rd address place be known quantity (for example, immediate), if can, the first address is set to the 3rd address (or destination address of the 3rd address), restarts to carry out (3);

(6) if cannot, assembly code after the restructuring generating is last, add pop down instruction to record the original address position of current the 3rd address (i.e. the value of the 3rd address) and operand, and after pop down instruction, add and jump to the instruction that starts of restructuring platform, can make step (1) again start to carry out;

(7) assembly code after the restructuring of generation is generated to corresponding machine code by assembler, and be stored in the address (the second address) distributing in restructuring address space, and the second address and zero-address are stored in the corresponding table in address with the right form of corresponding address;

(8) recover environment, and jump to the second address continuation execution.

For convenient, understand, the existing method of moving this embodiment and providing with X86 system processor describes, and with reference to figure 9b-9d, an instantiation procedure of instruction recombination is as follows:

(1) restructuring is after platform starts working, first buffer memory present instruction running environment; Obtain address and the parameter of the jump instruction of preserving in stack, calculate the instruction address that next is about to operation, this address is the first address.

(2) utilize the first address to search the corresponding table in address, if find record, recover the instruction operation environment of institute's buffer memory, and jump to the corresponding address continuation execution (Fig. 9 b) of finding; If do not find record, proceed as follows (Fig. 9 c).

(3) dis-assembling, since the first address, is carried out by machine code in-(6), and dis-assembling result is processed by a lexical analyzer, generates restructuring code;

This paragraph assembly code is retrieved, checked and whether comprise jump instruction;

First jump instruction is analyzed, judged whether its jump target addresses is known quantity, if known quantity continues to find, until find the jump instruction of article one argument address, be called the first jump instruction, the address of this instruction is the 3rd address;

At the assembly code (machine instruction from three addresses, the first address to the, does not comprise the first jump instruction) generating, finally add pop down instruction to record original address position and the operand of the first redirect of current the 3rd address;

After pop down instruction, add and jump to the instruction (the second jump instruction) that restructuring platform starts.

(7) assembly code of generation is generated to corresponding machine code by assembler, and be stored in the address (the second address) distributing in restructuring address space;

The second address and zero-address are stored in the corresponding table in address with the right form of corresponding address.

(8) recover environment, and jump to the second address continuation execution.

(Fig. 9 d) processor starts to carry out two address instruction, and the jump instruction in instruction fragment to be reorganized before has replaced with the instruction of pop down instruction and redirect duplicate removal group platform, and the main object of pop down instruction is to provide input parameter to restructuring platform.(Fig. 9 d) is when carrying out to the second jump instruction, restructuring platform is carried out again, carries out above-mentioned step (1), by checking address and the parameter of the jump instruction of preserving in pop down instruction, calculate the instruction address that next is about to operation, this address is the first address.

Processing is afterwards the circulation of said process.

Further, instruction monitoring while moving in order to carry out from system starts, while realizing the operation of computing equipment operation phase, refer to modern full monitoring, in another embodiment of the present invention, load instruction while revising computer starting, before carrying out, load instruction calls instruction recombination platform provided by the invention, instruction recombination method while carrying out above-mentioned operation, because load instruction jump address is known fixed address, instruction recombination platform can establish the corresponding table in address and this article one record in advance, and establishes first restructuring instruction fragment.

Further, according to a further embodiment of the invention, provide a kind of computer-readable medium, wherein, in described computer-readable recording medium, store the executable program code of computing machine, the step of described program code instruction recombination method when carrying out the operation that above-described embodiment provides.

Further, according to a further embodiment of the invention, provide a kind of computer program, wherein, the step of instruction recombination method when the operation providing in above-described embodiment is provided described computer program.

instruction recombination for data security

During above-mentioned operation, instruction recombination method provides the foundation for further application.Instruction recombination method when the various operation that instruction is processed for different machines is provided in the following examples, comprising storage/reading command, I/O instruction, and Internet Transmission instruction:

(1) storage/reading command refers to all instruction or packing of orders that External memory equipment (including but not limited to disk, mobile storage, optical storage) is stored/read in computer system.

(2) I/O instruction refers to the instruction of the address space of all operations peripheral hardware in computer system, and these instructions finally can affect peripheral hardware input/output state, data, signal etc.The I/O Address space here includes but not limited to (I/O address space, memory-mapped I/O device address space).

(3) Internet Transmission instruction refers to all instructions that affect the network equipment in computer system, and these instructions finally can affect all correlation properties such as the transmission, state, data, signal of computer system network equipment.

Wherein, between storage/reading command and I/O instruction, can there is common factor.

According to one embodiment of the invention, instruction recombination method S400 when a kind of operation for storage/reading command is provided, comprising:

S401, buffer memory instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

S402, utilizes the corresponding table in described the first address search address;

S403, if find corresponding record, is revised as described the first address A the address A ' of the restructuring instruction fragment of having preserved;

S404, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S4041, obtains machine instruction fragment to be dispatched; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; S102 is identical with step;

S4042, machine instruction fragment to be dispatched described in dis-assembling, obtains assembly instruction fragment;

S4043, searched targets assembly instruction, described target assembly instruction is storage/reading command;

S4044, if retrieval obtains the storage/reading command in described assembly instruction fragment, storage and the reading address revised are wherein the address on safety storage apparatus; Alter mode can be the direct mapping between local address space and safety storage apparatus address space;

S4045, before described the first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S4046, the assembly instruction fragment revised of compilation, generation has address A " restructuring machine instruction fragment;

The restructuring instruction fragment that S4047, utilizes restructuring machine instruction sheet sector address A " set up a record (or address to) with the first address A in the corresponding table in described address, have address A " is stored in recombinates in instruction platform;

S4048, is revised as the second address A by the first address A ";

S405, recovers described instruction operation environment.

The present embodiment carries out instruction process after dis-assembling step; In other embodiments, also can omit dis-assembling and corresponding compilation step, directly handling machine instruction.

In step S4044, for storage and reading command, operate, revise target and source address wherein, to realize storage reorientation/redirected, guarantee data security.The method of safe storage/read will be introduced in the following examples provided by the invention more specifically.

According to one embodiment of the invention, instruction recombination method S500 when a kind of operation for I/O instruction is provided, comprising:

S501, buffer memory instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

S502, utilizes the corresponding table in described the first address search address;

S503, if find corresponding record, is revised as described the first address A the address A ' of the restructuring instruction fragment of having preserved;

S504, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S5041, obtains machine instruction fragment to be dispatched; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; S102 is identical with step;

S5042, machine instruction fragment described in dis-assembling, obtains assembly instruction fragment;

S5043, searched targets assembly instruction, described target assembly instruction is I/O instruction;

S5044, if retrieval obtains the I/O instruction in described assembly instruction fragment, all stops the input instruction in described I/O instruction;

S5045, before described the first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S5046, the assembly instruction fragment revised of compilation, generation has address A " restructuring machine instruction fragment;

The restructuring instruction fragment that S5047, utilizes restructuring machine instruction sheet sector address A " set up a record (or address to) with the first address A in the corresponding table in described address, have address A " is stored in recombinates in instruction platform;

S5048, is revised as the second address A by the first address A ";

S505, recovers described instruction operation environment.

In step S5044, for I/O, instruction operates, and the input instruction in described I/O instruction is all stoped, to realize the write operation of thorough blocking-up to local hardware device; In conjunction with the storage instruction process process in a upper embodiment, can also realize the prevention to the input instruction except storage instruction, can improve the data security in computing equipment.

According to one embodiment of the invention, instruction recombination method S600 when a kind of operation for Internet Transmission instruction is provided, comprising:

S601, buffer memory instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

S602, utilizes the corresponding table in described the first address search address;

S603, if find corresponding record, is revised as described the first address A the address A ' of the restructuring instruction fragment of having preserved;

S604, if do not find corresponding record, the generation method of restructuring instruction fragment comprises:

S6041, obtains machine instruction fragment to be dispatched; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction; S102 is identical with step;

S6042, machine instruction fragment to be dispatched described in dis-assembling, obtains assembly instruction fragment;

S6043, searched targets assembly instruction, described target assembly instruction is Internet Transmission instruction;

S6044, if retrieval obtains the Internet Transmission instruction in described assembly instruction fragment, check whether remote computing devices corresponding to destination address in described Internet Transmission instruction is secure address (being accessible address), if not, described Internet Transmission instruction stoped;

S6045, before described the first jump instruction JP1, inserts the second jump instruction JP2, the entry address of described JP2 directional order restructuring platform;

S6046, the assembly instruction fragment revised of compilation, generation has address A " restructuring machine instruction fragment;

The restructuring instruction fragment that S6047, utilizes restructuring machine instruction sheet sector address A " set up a record (or address to) with the first address A in the corresponding table in described address, have address A " is stored in recombinates in instruction platform;

S6048, is revised as the second address A by the first address A ";

S605, recovers described instruction operation environment.

In step S6044, the instruction of stop/refusal Internet Transmission can replace with the transfer instruction of itself " cancelling the instruction of current operation " or directly replace with illegal command by inserting one to many instructions in the code after restructuring, be depending on the difference of hardware.

In step S6044, for Internet Transmission, instruction operates, and checks whether remote computing devices corresponding to destination address in described Internet Transmission instruction is secure address; If not, stop described Internet Transmission instruction, to realize Security Data Transmission.

The corresponding table in address in above-mentioned a plurality of embodiment is set up and is safeguarded by instruction recombination platform, can be the structure of arrays of regular length, can be also the list structure of variable-length, can also be the suitable data structure of other storage binary datas.Preferably, its adjustable in length, and it takes up room and can discharge.The operation that discharges the corresponding table in address can be carried out at random, also can carry out in the cycle.In certain embodiments, the corresponding table in described address can also comprise and record field Time Created, for when the Free up Memory deletion record, according to the length deletion record of Time Created.In certain embodiments, the corresponding table in described address can also comprise and records access times field, in searching address corresponding table step, if found, will change the value of this field; The described access times field that records is also for when the Free up Memory deletion record, according to how many deletion records of access times.

In addition, those skilled in the art will appreciate that above-mentioned instruction recombination method (instruction recombination method while moving) can be used the method for software or hardware to realize:

(1) if realized with software, the step that said method is corresponding is stored on computer-readable medium with the form of software code, becomes software product;

(2) if realized with hardware, the step that said method is corresponding for example, is described with hardware identification code (Verilog), and curing (through processes such as physical Design/placement-and-routing/wafer factory flows) becomes chip product (for example processor products).To introduce in detail below.

instruction recombination device

During with above-mentioned operation, instruction recombination method S100 is corresponding, according to one embodiment of the invention, and instruction recombination device when a kind of operation is provided.As shown in figure 10, instruction recombination device 500 comprises:

Refer to modern running environment buffer memory and recovery unit 501, be suitable for buffer memory and recover instruction operation environment; Described instruction operation environment comprises address register, and this address register is preserved the address of next machine instruction that will move, and this address is the first address;

Instruction fetch unit 502, is suitable for, after unit 501 buffer memory instruction operation environment, obtaining machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Instruction recombination unit 503, is suitable for resolving, revising described machine instruction fragment to be scheduled, comprising: before the first jump instruction, insert the second jump instruction, generate and have the second address A " restructuring instruction fragment; Described the second jump instruction indicator device 500, carries out after this second jump instruction, and instruction operation environment buffer memory and the recovery unit 501 of device 500 are processed next time; With

Address replacement unit 504, is suitable for the value of the address register in the instruction operation environment of described buffer memory to be revised as the address of restructuring instruction fragment.

Described instruction operation environment buffer memory and recovery unit 501 respectively and instruction acquiring unit 502 and address replacement unit 504 couple, described instruction fetch unit 502, and 503He address, instruction recombination unit replacement unit 504 couples successively.

Install 500 implementations as follows:

First, instruction operation environment buffer memory and recovery unit 501 buffer memory instruction operation environment, for example, be pressed into the register data that instruction operation is relevant in buffer memory stack;

Then, described instruction fetch unit 502 reads machine instruction to be scheduled address from cpu address register 511, and reads machine instruction fragment from described machine instruction address, and the instruction of described machine instruction fragment the last item is jump instruction;

For example, instruction fetch unit 502 reads machine instruction to be scheduled address from cpu address register 511; Take jump instruction as searched targets, retrieve machine instruction corresponding to described machine instruction address, until find first jump instruction; Described jump instruction comprises such as Jump instruction and Call instruction etc.; Using described first jump instruction and all machine instructions before thereof as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in device 500, or the memory location that can read of other device 500;

Then, instruction recombination unit 503, before the last item instruction of the described machine instruction fragment of obtaining, inserts the second jump instruction, and the entry address of described the second jump instruction indicator device 500 generates and has address A " restructuring instruction fragment;

Then, address replacement unit 504 is revised as address A by the value A of the address register in the instruction operation environment of described buffer memory ";

Finally, instruction operation environment buffer memory and recovery unit 501 recover described instruction operation environment, for example, from buffer memory stack, eject the register data that instruction operation is relevant.

During with above-mentioned operation, instruction recombination method S300 is corresponding, and described instruction fetch unit 502 can be using first non-constant address jump instruction as the first jump instruction.To improve the execution efficiency of reconstruction unit.

During with above-mentioned operation, instruction recombination method S200 is corresponding, according to a further embodiment of the invention, instruction recombination device when a kind of operation is provided, in the time of can making full use of operation, instruction repeatability, raises the efficiency, and saves computational resource.

As shown in figure 11, instruction recombination device 600 comprises:

Instruction operation environment buffer memory and recovery unit 601, be suitable for buffer memory and recover instruction operation environment; Described instruction operation environment comprises address register, and address register is preserved the address of next machine instruction that will move, and this address is the first address;

Instruction fetch unit 602, is suitable for obtaining machine instruction fragment to be scheduled; Wherein, the last item instruction of machine instruction fragment to be scheduled is the first jump instruction;

Instruction recombination unit 603, machine instruction fragment to be dispatched described in being suitable for resolving, revising, comprising: before the first jump instruction, insert the second jump instruction, to generate, have two address restructuring instruction fragment; Described the second jump instruction indicator device 600, carries out after this second jump instruction, and instruction operation environment buffer memory and the recovery unit 601 of device 600 are processed next time;

Address replacement unit 604, is suitable for the value of the address register in the instruction operation environment of described buffer memory to be revised as the address of restructuring instruction fragment; With

Instruction retrieval unit 605, is suitable for utilizing the corresponding table in described the first address search address; The corresponding table in described address is for representing whether the dispatch command fragment for the treatment of that the first address A points to has the restructuring instruction fragment of having preserved, and the data of the corresponding table in address are address pair;

If find corresponding record, instruction retrieval unit 605 is suitable for call address replacement unit 604, described the first address A (being the value A of address register) is revised as to the address A ' of the restructuring instruction fragment of having preserved; If do not find corresponding record, instruction retrieval unit is suitable for utilizing the second address A " sets up a record with address A in the corresponding table in described address.

Described instruction operation environment buffer memory and recovery unit 601 respectively and instruction retrieval unit 605 and address replacement unit 604 couple, described instruction retrieval unit 605 is and instruction acquiring unit 602 respectively, 603He address, instruction recombination unit replacement unit 604 couples, and described instruction fetch unit 602,603He address, instruction recombination unit replacement unit 604 couple successively.

The implementation of device 600 is as follows:

First, instruction operation environment buffer memory and recovery unit 601 buffer memory instruction operation environment, for example, be pressed into the register data that instruction operation is relevant in buffer memory stack;

Then, instruction retrieval unit 605 utilizes the value A of the address register in the instruction operation environment of described buffer memory to search the corresponding table in address;

If find corresponding record, instruction retrieval unit 605 call address replacement units 604, address replacement unit 604 is revised as the value A ' in record by the value A of described address register; Address replacement unit 604 call instruction running environment buffer memorys and recovery unit 602 to recover described instruction operation environment, eject the register data that instruction operation is relevant from buffer memory stack, and this reorganization operation finishes;

If do not find corresponding record, described instruction fetch unit 602 is from cpu address register read machine instruction to be scheduled address, and reads machine instruction fragment from described machine instruction address, and the instruction of described machine instruction fragment the last item is jump instruction.Concrete, instruction fetch unit 602 is from cpu address register read machine instruction to be scheduled address; Take jump instruction as searched targets, retrieve machine instruction corresponding to described machine instruction address, until find first jump instruction; Described jump instruction comprises Jump instruction and Call instruction etc.; Using described first jump instruction and all machine instructions before thereof as a machine instruction fragment to be scheduled; This machine instruction fragment is kept in device 600, or the memory location that can read of other device 600;

Then, instruction recombination unit 603, before the last item instruction of the described machine instruction fragment of obtaining, inserts the second jump instruction, and the entry address of described the second jump instruction indicator device 600 generates and has address A " restructuring instruction fragment;

Then, 603Jiang address, instruction recombination unit A " send to instruction retrieval unit 605, instruction retrieval unit 605 utilizes address A " sets up a record with the corresponding table in address A address therein; In order to subsequent instructions, reuse;

Then, address replacement unit 604 is revised as address A by the value A of the address register in the instruction operation environment of described buffer memory ";

Finally, instruction operation environment buffer memory and recovery unit 601 recover described instruction operation environment, from buffer memory stack, eject the register data that instruction operation is relevant.

Continuation is with reference to Figure 11, and wherein, instruction recombination unit 603 can also comprise:

Instruction resolution unit 6031, is suitable for utilizing instruction set to mate described machine instruction fragment, obtains pending target machine instruction (utilizing target instruction target word to retrieve machine instruction fragment to be scheduled); Described instruction set comprises X86, MIPS and ARM instruction set;

Modifying of order unit 6032, is suitable for according to predetermined mode, revises described target machine instruction.

For example, if described target instruction target word is storage/reading command, described instruction resolution unit 6031 will be responsible for obtaining the storage/reading command in machine instruction fragment to be scheduled, and storage and reading address that described modifying of order unit 6032 is revised are wherein the address on safety storage apparatus.Its effect is identical with above-mentioned corresponding embodiment of the method S400, repeats no more here.

Again for example, if described target instruction target word is I/O instruction, described instruction resolution unit 6031 will be responsible for obtaining the I/O instruction in machine instruction fragment to be scheduled, and described modifying of order unit 6032 all stops the input instruction in described I/O instruction.Its effect is identical with above-mentioned corresponding embodiment of the method S500, repeats no more here.

Again for example, if described target instruction target word is Internet Transmission instruction, described instruction resolution unit 6031 will be responsible for obtaining the Internet Transmission instruction in machine instruction fragment to be scheduled, and whether remote computing devices corresponding to destination address in the described Internet Transmission instruction of described modifying of order unit 6032 check is secure address; If not, described modifying of order unit is suitable for stoping described Internet Transmission instruction.Its effect is identical with above-mentioned corresponding embodiment of the method S600, repeats no more here.

According to a further embodiment of the invention, above-mentioned instruction recombination unit can also comprise dis-assembling unit and assembly unit.As shown in figure 12, instruction recombination unit 703 comprises: the dis-assembling unit 7031 coupling successively, instruction resolution unit 7032, modifying of order unit 7033 and assembly unit 7034.

Wherein, dis-assembling unit 7031 was suitable for before resolving, revising described machine instruction fragment to be scheduled, and machine instruction fragment to be scheduled described in dis-assembling, generates assembly instruction fragment to be scheduled; Send to instruction resolution unit 7032.

Assembly unit 7034 is suitable for after resolving, revising described machine instruction fragment to be scheduled, and the assembly instruction fragment after compilation restructuring, obtains the restructuring instruction fragment that machine code represents; Send to instruction replacement unit.

In this embodiment, described instruction resolution unit 7032 and modifying of order unit 7033 will operate assembly instruction fragment to be scheduled.

During with above-mentioned operation, instruction recombination method S110 is corresponding, according to a further embodiment of the invention, and instruction recombination device when a kind of operation is provided.As shown in figure 13, instruction recombination device 800 comprises:

Instruction operation environment buffer memory and recovery unit 801, be suitable for buffer memory instruction operation environment;

Instruction fetch unit 802 and the first memory location 803, wherein, instruction fetch unit 802 is suitable for reading destination address from the first memory location 803, and obtains according to destination address the machine instruction fragment for the treatment of scheduling/execution; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction; And

Instruction recombination unit 804, is suitable for the destination address in first memory location 803 preservation the first jump instructions, and the first jump instruction is replaced with to the second jump instruction, generates and has two address restructuring instruction fragment; The entry address of described the second jump instruction indicator device 800.

Wherein, instruction operation environment buffer memory and recovery unit 801 are also suitable for, after instruction recombination unit 804 replacement instructions, recovering described instruction operation environment, and jump to the second address continuation execution.

The implementation of device 800 is as follows:

First, instruction operation environment buffer memory and recovery unit 801 buffer memory instruction operation environment;

Then, instruction fetch unit 802 reads destination address (treating dispatch command address) from the first memory location 803, according to destination address, obtain machine instruction fragment to be dispatched; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

Then, the destination address of the first jump instruction is preserved in instruction recombination unit 804 in the first memory location 803; For immediate, preserve its value, for variable parameter, preserve its address/quote;

Then, instruction recombination unit 804 replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment;

Finally, instruction operation environment buffer memory and recovery unit 801 recover described instruction operation environment, and jump to the second address continuation execution.

According to a further embodiment of the invention, instruction recombination device when a kind of operation is provided, S130 is corresponding with said method, and the feature that the device providing in above-mentioned some embodiment is provided.As shown in figure 14, this device 900 comprises:

Instruction operation environment buffer memory and recovery unit 901, be suitable for buffer memory and recover instruction operation environment;

Instruction fetch unit 902, the mode that is suitable for calculating by input parameter is obtained next instruction address that is about to operation, and this address is the first address; Also be suitable for treating according to the first address acquisition the machine instruction fragment of scheduling/execution; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

Instruction recombination unit 903, being suitable for replacing the first jump instruction is pop down instruction, records address and the operand of the first jump instruction in pop down instruction; Also be suitable for adding the second jump instruction after pop down instruction, generate and there is two address restructuring instruction fragment; The entry address of described the second jump instruction indicator device 900; Also be suitable for the second address of restructuring instruction fragment in the corresponding table in address, to set up a record with the first address;

Instruction retrieval unit 904, is suitable for utilizing the corresponding table in described the first address search address; The corresponding table in described address is for representing whether the dispatch command fragment for the treatment of that the first address is pointed to has the restructuring instruction fragment of having preserved, and the data of the corresponding table in address are address pair;

If find corresponding record, instruction retrieval unit 904 is suitable for call instruction running environment buffer memory and recovery unit 901 recovers the instruction operation environment of institute's buffer memory, and jumps to the corresponding address continuation execution (reorganization operation completes) of finding;

If do not find corresponding record, call instruction recomposition unit 903 is carried out reorganization operation.

Wherein, instruction recombination unit 903 can also comprise dis-assembling unit 9031, instruction resolution unit 9032, modifying of order unit 9033, and assembly unit 9034.

Wherein, when instruction recombination unit 902 completes after restructuring, be suitable for the instruction operation environment of call instruction running environment buffer memory and recovery unit 901 recovery institute buffer memorys, and jump to the address continuation execution (this reorganization operation completes) of restructuring instruction fragment.

According to a further embodiment of the invention, above-mentioned dis-assembling unit 9031 can be positioned among instruction fetch unit 902, when obtaining instruction fragment to be scheduled, by it, carries out dis-assembling operation.

It will be appreciated by those skilled in the art that, the arrow of the data stream in the accompanying drawing of said apparatus embodiment is just for the ease of explaining the concrete operations flow process in above-described embodiment, do not limit the data flow between unit or closure in figure, in device between unit for coupling relation.

Above by the detailed introduction of some embodiment instruction recombination method and apparatus during operation, it compared with prior art has the following advantages:

By instruction recombination method, can be under instruction operation state the instruction of monitoring calculation equipment;

Utilize the corresponding table in address, improved instruction recombination efficiency, saved computational resource;

For storage and reading command, operate, revise target and source address wherein, to realize storage reorientation/redirected, guarantee data security;

For I/O, instruction operates, and the input instruction in described I/O instruction is all stoped, to realize the write operation of thorough blocking-up to local hardware device; The prevention to the input instruction except storage instruction can also be realized, the data security in computing equipment can be improved;

For Internet Transmission, instruction operates, and checks whether remote computing devices corresponding to destination address in described Internet Transmission instruction is secure address; If not, stop described Internet Transmission instruction, to realize Security Data Transmission.

data security access procedure

Figure 15 is the system level schematic diagram of computing equipment in one embodiment of the invention.

Wherein, computing equipment (for example terminal system) 200 comprises: user interface layer 201, application layer 202, operating system nucleus layer 203, hardware mapping layer 204, safe floor 205, and hardware layer 206.

Wherein, hardware layer 206 further comprises CPU2061, hard disk 2062 (being local memory device) and network interface card 2063.

In addition, computing equipment 200 couples with memory device 10 (being called again safety storage apparatus).

In the present embodiment, memory device 10 is remote disk array, connects the network interface card 2063 of hardware layer 206 by network, with computing equipment 200 swap datas.In other embodiments of the invention, memory device 10 can be also other memory devices known or UNKNOWN TYPE.

Wherein, hard disk 2062 also can replace with the local memory device of other types, and such as u dish and CD etc. just illustrates here, and unrestricted object.

In conjunction with above-mentioned hierarchical structure, the data security access procedure that the present embodiment provides comprises:

S1000, initialization;

S2000, data write; With

S3000, data read.

With reference to Figure 16, above-mentioned initialization procedure S1000 comprises:

S1010, the communication of setting up terminal system 200 and safety storage apparatus 10;

S1020, from safety storage apparatus 10, synchronization map bitmap (Bitmap) to current computer terminal system 200, for example, is kept in terminal system 200 internal memories; Described mapped bitmap is for representing whether the data of local memory device have stored safety storage apparatus into;

S1030, if Bitmap initialization are set up in the synchronous operation of step S1020 failure on safety storage apparatus 10, is then synchronized to terminal system 200.

Wherein, in order to distinguish Bitmap on terminal 200 and the Bitmap on memory device 10, hereinafter, except as otherwise noted, Bitmap in terminal system 200 (also can be called computing equipment) is called to mapped bitmap or the first mapped bitmap, the Bitmap on safety storage apparatus 10 is called to the second mapped bitmap.

In step S1020, if synchronous the second mapped bitmap is to the operation failure of current computer terminal system 200 from memory device 10, illustrate that between memory device 10 and terminal system 200 be First Contact Connections.

Wherein, step S1030 can comprise:

Local storage space in terminal system 200 is mapped on memory device 10, and mapping relations are to take the mapping one by one that 1 sector (or base unit of other storages) is unit, and set up mapped bitmap (Bitmap).

In other embodiments of the invention, also can use other basic tankagies for unit sets up local storage space is to the Bitmap on memory device 100.

Figure 17 is the Bitmap schematic diagram in one embodiment of the invention.Figure comprises for example, storage medium 3000 on local memory device (hard disk in Figure 15 2062), the storage medium 4000 on the memory device 10 being connected with local memory device network.

The process prescription of setting up Bitmap is as follows.To storage medium 3000, on storage medium 4000, set up and its big or small identical storage space 4010, as mapping space one by one.In storage space 4010, preserve Bitmap4020, Bitmap4020 is a bitmap, wherein 1 represents 1 sector, on the data of each (0 or 1) signs/indication storage medium 3000, whether corresponding sector is in dump or the storage space 4010 of corresponding stored on storage medium 4000, so mapped bitmap also can be called dump list.After having set up, Bitmap4020 on memory device 10 is synchronized in terminal system 200.

The process prescription that upgrades Bitmap is as follows.In Bitmap4020, the sector mark of dump is 1, and the sector of non-dump does not have mark (dump sector and non-dump sector use mark can freely select).For example, when application program or operating system are preserved data when file (), the file system of operating system inside will be opened up a certain amount of storage space on the storage medium at local memory device 3000, for example sector 3040 and sector 3050, and distribute to this document and use, and rewrite local file allocation table.During this document dump (when the data that write sector 3040 and sector 3050 are stored on memory device 10), identical allocated sector,

position

4040 and 4050 on storage medium 4000, and preserve therein unload database, finally change the bit data of sector in Bitmap4020 3040 and sector 3050 correspondences into 1.

In conjunction with Figure 15, above-mentioned data writing process S2000 further comprises:

S2010, application layer 202 is sent operating writing-file request by the file system of operating system nucleus layer 203, or operating system nucleus layer 203 directly sends operating writing-file request; Or

Application layer 202 is directly sent data writing operation request to hardware mapping layer 204, or operating system nucleus layer 203 directly sends data writing operation request to hardware mapping layer 204;

S2020, operating system nucleus layer 203 becomes hardware port instruction (being hardware instruction) by written document request analysis, is issued to hardware mapping layer 204, and wherein port command comprises the position (for example sector) that need to write memory device;

It should be noted that if step S2010 directly sends data writing operation request to hardware mapping layer 204, this request has been hardware port instruction;

S2030, the hardware port instruction that safe floor 205 receives from hardware mapping layer 204, and the writing position in port command (being sector) is rewritten as to the corresponding stored address being positioned on memory device 10, then upgrade the first mapped bitmap, for example bit data corresponding to described sector is revised as to 1, represents the dump of this sector; Safe floor 205 sends to hardware layer 206 by amended port command.

After ablation process is complete, terminal system 200 data that storage does not write, corresponding reorientation of data is stored on safety storage apparatus 10.

In another embodiment of the present invention, if write local hard drive instruction itself and to write network hard disc instruction different, so not only need change of address, also need to change storage instruction.

According to a further embodiment of the invention, ablation process S2000 can also comprise:

S2040, is synchronized to the first mapped bitmap on memory device 10, saves as the second mapped bitmap, thereby guarantees that the first mapped bitmap in terminal system 200 is consistent with the second mapped bitmap on memory device.

In other embodiments of the invention, in order to save system resource, S2040 also can carry out once before 200 shutdown of local terminal system in unification.

In conjunction with Figure 15, above-mentioned data read process S3000 further comprises:

S3010, is synchronized to the second mapped bitmap on memory device 10 in terminal system 200, saves as the first mapped bitmap;

S3020, application layer 202 is sent and is read file operation requests by the file system of operating system nucleus layer 203, or operating system nucleus layer 203 directly sends and reads file operation requests; Or

Application layer 202 is directly sent read data operation requests to hardware mapping layer 204, or operating system nucleus layer 203 directly sends read data operation requests to hardware mapping layer 204;

S3030, the data reading command that safe floor 205 receives from hardware mapping layer 204, obtain reading address (source address) wherein, search the first mapped bitmap, if it is dump address that the bit data in the first mapped bitmap represents described reading address, the reading address that safe floor 205 is revised port command is the address on memory device 10; Safe floor 205 sends to hardware layer 206 by amended port command.

This reads process does not affect the existing operator scheme of user, has realized reading for the data of dump on safety storage apparatus (being memory device 10).

In step S3010, from synchronous the second mapped bitmap of memory device 10 to local process, be for after having restarted in terminal system 200, keep the consistance of the data on local data and safety storage apparatus.

It will be understood by those skilled in the art that for above-mentioned data and write, read process and initialization procedure, carry out according to actual needs required process or step.

data safety access method

Based on above-mentioned data writing process and read process, describe data security storage provided by the invention and read method below in detail.

It will be understood by those skilled in the art that above and illustrate that in conjunction with Figure 15 reading of data is to understand for convenient with storing process, is not to limit, and in other embodiments of the invention, can on the applicable level of computing equipment, carry out each step described above.

According to one embodiment of the invention, provide a kind of secure storage method of data; As shown in figure 18, the method comprises the steps:

S4010, receives hardware instruction;

S4020, analyzes and judges whether this hardware instruction is storage instruction;

S4030, if this hardware instruction is storage instruction, revises destination address in storage instruction and is the memory address on corresponding memory device (being safety storage apparatus);

S4040, sends to hardware layer by amended storage instruction.

In step S4010, described hardware instruction can be the hardware instruction from hardware mapping layer.Reception can 100% from the hardware instruction of hardware mapping layer all hardware instructions (interface instruction) that send to the processors such as CPU of examination.

Wherein, in terminal system, can move Windows operating system, the hardware abstraction layer HAL in Windows system is hardware mapping layer.In other embodiments, terminal also can move other operating systems, Linux for example, and Unix or embedded OS etc., hardware mapping layer is Linux or Unix or hardware mapping layer corresponding to embedded OS.

In step S4010, instruction recombination method during in conjunction with above-mentioned operation, the process that receives hardware instruction can comprise: while adopting operation, instruction recombination method (for example S101-S105) is obtained hardware instruction.Change a kind of saying, exactly can be when when operation, instruction recombination method get machine instruction, process storage and reading command (for example S404, S504, or S604).Instruction recombination method during by operation, can not only store safety storage apparatus into by calculating net result reorientation, can also store the whole reorientations of the pilot process calculating (comprising the pilot process that operating system produces) into safety storage apparatus.

In step S4010 and S4020, hardware instruction can be the types such as X86 instruction, ARM instruction, MIPS instruction, can be in computing terminal built-in analysis mechanisms, to process dissimilar cpu instruction.

According to a further embodiment of the invention, after step S4030, can also comprise:

S4050, renewal the first mapped bitmap, be set to dump mark, for example " 1 " by destination address (sector) corresponding " position " in the first mapped bitmap; And, the mapped bitmap having upgraded is synchronized to described safety storage apparatus, save as the second mapped bitmap.

In the present embodiment, dump operation is completely transparent for upper layer application and user, does not affect the workflow of active computer operation, application system.

The said method that the present embodiment provides not only can be used in terminal system, can also be applied on any computing equipment and intelligent terminal that comprises application layer, operating system nucleus layer, hardware layer, before hardware layer is carried out instruction, realize instruction-level storage reorientation/redirected (i.e. the storage reorientation based on hardware store instruction/being redirected).

According to one embodiment of the invention, provide a kind of data safe reading method; With reference to Figure 19, the method comprises:

S5010, receives hardware instruction;

S5020, analyzes and judges whether this hardware instruction is reading command;

S5030, if reading command is obtained the source address in reading command, searches the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap; With

S5040, sends to hardware layer by amended hardware instruction.

Before step S5010, the method can also comprise S5000: the second mapped bitmap on memory device is synchronized in terminal system 200, saves as the first mapped bitmap.

In step S5010, described hardware instruction can be from hardware mapping layer.

In step S5010, instruction recombination method during in conjunction with above-mentioned operation, the process that receives hardware instruction can comprise: while adopting operation, instruction recombination method (for example S101-S105) is obtained hardware instruction.Change a kind of saying, can, when when operation, instruction recombination method got machine instruction, process storage and reading command (for example S400) exactly.

In step S5020, if this hardware instruction is not reading command, can directly hardware instruction be sent to hardware layer to go to carry out.

Step S5030 can also further be decomposed into two steps:

S5031, if reading command is obtained the source address in reading command, judges whether described source address is the address on memory device;

S5032, if described source address is not the address on memory device, searches the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap.

In step S5031, if the source address of this reading command has been the address on memory device, computing equipment (for example safe floor in Figure 15 205) need not be searched the data in the first mapped bitmap again, can directly hardware instruction be sent to hardware layer to go to carry out.

Further, in order to save Internet resources, in some embodiments of the invention, safety storage apparatus 10 can be used as the shared resource of a plurality of terminal systems.

Once mentioned above and data security storage and the combination of read method and instruction recombination method can be understood for convenient, below by embodiment, introduced in detail.

According to one embodiment of the invention, provide a kind of data safety access method.As shown in figure 20, the method S6000 comprises:

S6010, buffer memory instruction operation environment;

S6011, reads destination address from the first memory location, obtains the machine instruction fragment for the treatment of scheduling/execution according to destination address; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction;

S6012, preserves the destination address of the first jump instruction in the first memory location;

S6013, analyzes and judges whether each instruction in machine instruction to be dispatched is access instruction;

S6014, if access instruction:

For storage instruction, revise destination address in storage instruction and be the memory address on corresponding memory device (being safety storage apparatus); And revise the first mapped bitmap;

For reading command, obtain the source address in reading command, search the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap;

If write local hard drive instruction itself and to write network hard disc instruction different or read local hard drive instruction itself and to read network hard disc instruction different, so not only need modified address, also need corresponding storage instruction or the reading command revised;

S6015, replaces with the second jump instruction by the first jump instruction, generates and has two address restructuring instruction fragment; Described the second jump instruction refers to the entry address of modern restructuring platform;

S6016, recovers described instruction operation environment, and jumps to the second address continuation execution.

It will be appreciated by those skilled in the art that, this embodiment just gives an example in order to illustrate, do not limit the array mode of safe read method, method for secure storing and instruction recombination method, the various safe read method of above-mentioned introduction, method for secure storing and instruction recombination method can be used in combination in various required modes.

Storing and reading is generally the exchanges data of carrying out for local memory device; Transmission generally refers to the exchanges data of being undertaken by the network equipment.

Further, in one embodiment of the invention, provide a kind of data safe transmission method.

As shown in figure 21, the method comprises:

S7010, receives (for example from hardware mapping layer) hardware instruction;

S7020, analyzes and judges whether this hardware instruction is Internet Transmission instruction;

S7030, if this hardware instruction is transfer instruction, reads destination address;

S7040, judges whether destination address is secure address;

S7050, if secure address sends to hardware layer by hardware instruction; If not secure address, refuse this instruction;

S7060, hardware layer transmission transfer instruction and data are to the terminal system of destination address;

S7070, the terminal system of destination address receives and utilizes secure storage method of data save data.

In step S7040, judge that whether destination address is that the method for secure address is as follows.With reference to Figure 22, security server 820 is connected with terminal system 800,810 by network, during data safe transmission method that terminal system 800,810 provides in disposing the above embodiment of the present invention, all to security server 820, has carried out registration operation.Secure address table of security server 820 internal maintenance, has recorded chartered all terminal systems.

When secure address table has change, security server 820 sends to each terminal by the secure address table of renewal automatically, and the framework of terminal system 800 comprises application layer 801, operating system nucleus layer 802, safe floor 803 and hardware layer 804, safe floor 803 is responsible for safeguarding this secure address table.

Safe floor 803 will, according to destination address whether in secure address table, judge whether destination address is secure address.In step S7040, if destination address has been listed secure address table in, destination address is secure address.

The enforcement of above-mentioned safe transmission method, also cannot transmit obtained information even if make wooden horse or malice instrument obtain classified information.Safe transmission method launches safe interconnect portion below to introduce in conjunction with the embodiments.

Although using terminal system in some embodiments of the invention as the main body of applying method provided by the invention, but, any handheld device, intelligent terminal etc. can provide the electronic equipment of file or data edition, preservation or transmission, can become the carrier of application data security access provided by the invention and transmission method.

In addition, those skilled in the art will appreciate that above-mentioned secure storage method of data, read method and transmission method can realize by the form of software or hardware:

(2) if realized with hardware, the step that said method is corresponding for example, with the formal description of hardware identification code (Verilog), and curing (through processes such as physical Design/placement-and-routing/wafer factory flows) becomes chip product (for example processor products).

data security access device

Corresponding with above-mentioned secure storage method of data, according to one embodiment of the invention, provide a kind of data safety storage device.

It should be noted that data safety storage device refers in the present invention: the device of realizing secure storage method of data with example, in hardware; Safety storage apparatus refers in the present invention: for the storage entity of dump information or data, such as disk etc.

With reference to Figure 23, data safety storage device 7100 comprises: receiving element 7110, instruction analysis unit 7120, modifying of order unit 7130 and transmitting element 7140.Described receiving element 7110 and instruction analytic units 7120 couple, and unit 7130 is revised and transmitting element 7140 couples in instruction analysis unit 7120 respectively and instruction, and transmitting element 7140 is gone back and instruction and revised unit 7130 and couple.

Wherein, receiving element 7110 is suitable for receiving hardware instruction, and described hardware instruction can be from hardware mapping layer;

Instruction analysis unit 7120 is suitable for analyzing described hardware instruction and judges whether described hardware instruction is storage instruction; If storage instruction, instruction analysis unit 7120 is also suitable for sending it to modifying of order unit 7130, and if not storage instruction, instruction analysis unit 7120 is also suitable for sending it to transmitting element 7140;

Modifying of order unit 7130 is suitable for revising the memory address on safety storage apparatus that the destination address in described storage instruction is correspondence, then amended storage instruction is sent to transmitting element 7140;

Transmitting element 7150 is suitable for the instruction receiving to be transmitted to hardware layer 7200.

Further, this data safety storage device can also comprise: updating block 7150 and lock unit 7160.Wherein, updating block 7150 and instructions modification unit 7130 couple; Lock unit 7160 couples with updating block 7150.

Described updating block 7150 is suitable for, after described storage instruction is revised in modifying of order unit 7130, upgrading position corresponding to destination address described in mapped bitmap.In the present embodiment, " position " data set of sector correspondence in the first mapped bitmap that storage instruction target address is comprised, represents dump.

Described lock unit 7160 is suitable for setting up the communication of computing terminal system and described safety storage apparatus, and mapped bitmap is carried out between described computing terminal system and described safety storage apparatus synchronous.

Concrete, when computing terminal system starts, lock unit 7160 is set up the communication of computing terminal system and described safety storage apparatus, and the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal system, saves as the first mapped bitmap.

If the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal thrashing, represent that computing terminal system and safety storage apparatus are communications for the first time, lock unit 7160 is mapped to the local storage space in terminal system on described safety storage apparatus, and sets up mapped bitmap and the second mapped bitmap.For example in the present embodiment, first on safety storage apparatus, set up the second mapped bitmap, be then synchronized to this locality, become the first mapped bitmap.

When updating block 7150 has upgraded position corresponding to destination address described in the first mapped bitmap (being mapped bitmap), lock unit 7160 will send to safety storage apparatus the first mapped bitmap after upgrading, and on safety storage apparatus, saves as the second mapped bitmap.

Described safety storage apparatus can be remote storage device or local memory device, and described remote storage device can be a computing equipment service, also can be shared by a plurality of computing equipments.

Described hardware instruction can be hardware port I/O instruction.

Corresponding with above-mentioned data safe reading method, according to a further embodiment of the invention, provide a kind of data security reading device.

With reference to Figure 24, data security reading device 8100 comprises:

Receiving element 8110, instruction analysis unit 8120, modifying of order unit 8130 and transmitting element 8140.Wherein, receiving element 8110 and instruction analytic units 8120 couple, and unit 8130 is revised and transmitting element 8140 couples in instruction analysis unit 8120 respectively and instruction, and modifying of order unit 8130 also couples with transmitting element 8140.Transmitting element 8140 couples with hardware layer 8200.

Described receiving element 8110 is suitable for receiving hardware instruction, and in the present embodiment, described hardware instruction is from hardware mapping layer.

Described instruction analysis unit 8120 is suitable for analyzing described hardware instruction and judges whether described hardware instruction is reading command, if described hardware instruction is reading command, obtains the source address of reading command and judge whether described source address is the address on safety storage apparatus.

If described hardware instruction is not reading command, or described source address is the address on safety storage apparatus, and instruction analysis unit 8120 sends to transmitting element 8140 by described hardware instruction.

If described source address is not the address on safety storage apparatus, mapped bitmap is searched in modifying of order unit 8130, and according to the reading address in reading command described in the data modification of mapped bitmap.

Identical with the mapped bitmap in above-described embodiment, mapped bitmap described in the present embodiment is also for representing whether the data of local memory address are dumped to described safety storage apparatus.For example, corresponding position in the first mapped bitmap, sector that source address comprises is searched in modifying of order unit 8130.If " position " data are shown as 1, represent dump has occurred, if " position " data are shown as 0 or NULL (sky), there is not dump in expression.If there is dump, modifying of order unit 8130 dump address corresponding to described source address (reading address) changes into, and amended hardware instruction is sent to transmitting element 8140.

Further, described data security reading device can also comprise lock unit 8150.Described lock unit 8150 and instructions are revised unit 8130 and are coupled.Described lock unit 8150 is suitable for setting up the communication of computing terminal system and described safety storage apparatus, and mapped bitmap is carried out between described computing terminal system and described safety storage apparatus synchronous.Concrete, lock unit 8150 is when computing terminal system starts, set up the communication of computing terminal system and described safety storage apparatus, and the second mapped bitmap on described safety storage apparatus is synchronized to described computing terminal system, save as the first mapped bitmap, provide modifying of order unit 8130 to use.

Described safety storage apparatus can be remote storage device, and described remote storage device can be shared by a plurality of computing terminal systems.

In other embodiments of the invention, described safety storage apparatus can be also local memory device.

According to a further embodiment of the invention, above-mentioned data security reading device and data safety storage device can be merged into a device, and wherein instruction analysis unit and modifying of order unit can be processed storage instruction and can process reading command again, introduce for example below.

According to a further embodiment of the invention, provide a kind of data security storage and reading device.As Figure 25, data security storage and reading device 9100 comprise:

Instruction operation environment buffer memory and recovery unit 9101, be suitable for buffer memory and recover instruction operation environment;

Refer to modern acquiring unit 9102, be suitable for obtaining the instruction address that next is about to operation, this address is the first address; Also be suitable for treating according to the first address acquisition the machine instruction fragment of scheduling/execution; Wherein, the last item instruction of machine instruction fragment to be dispatched is the first jump instruction; In the embodiment of the concrete mode of obtaining machine instruction fragment to be dispatched above, describe in detail, repeat no more here;

Instruction retrieval unit 9104, is suitable for utilizing the corresponding table in described the first address search address; The corresponding table in described address is for representing whether the dispatch command fragment for the treatment of that the first address is pointed to has the restructuring instruction fragment of having preserved, and the data of the corresponding table in address are address pair;

If find corresponding record, instruction retrieval unit 9104 is suitable for call instruction running environment buffer memory and recovery unit 9101 recovers the instruction operation environment of institute's buffer memory, and jumps to the corresponding address continuation execution (this restructuring completes) of finding;

If do not find corresponding record, call instruction recomposition unit 9103 is carried out reorganization operation.

Wherein, instruction recombination unit 9103 comprises:

Instruction resolution unit 9111, is the combination of above-mentioned instruction analysis unit 7120 and instruction analysis unit 8120, and whether each hardware instruction that is suitable for analyzing in the machine instruction fragment for the treatment of scheduling/carry out described in described hardware instruction judgement is storage or reading command;

Modifying of order unit 9112, if instruction resolution unit 9111 is found storage or reading command:

For storage instruction, the destination address of revising in described storage instruction is the corresponding memory address on safety storage apparatus;

For reading command, search mapped bitmap, and according to the reading address in reading command described in the data modification of mapped bitmap;

Updating block 9113, is suitable for, after described storage instruction is revised in modifying of order unit 9112, upgrading position corresponding to destination address described in mapped bitmap, to embody dump;

Lock unit 9114, the communication that is suitable for setting up computing terminal system and described safety storage apparatus, and mapped bitmap is carried out between described computing terminal system and described safety storage apparatus synchronous.

After instruction resolution unit 9111, modifying of order unit 9112, updating block 9113 and lock unit 9114 have operated, it is pop down instruction that instruction recombination unit 9103 is suitable for replacing the first jump instruction, records address and the operand of the first jump instruction in pop down instruction; Also be suitable for adding the second jump instruction after pop down instruction, generation has two address restructuring and refers to modern fragment; The entry address of described the second jump instruction indicator device 9100; Also be suitable for the second address of restructuring instruction fragment in the corresponding table in address, to set up a record with the first address.

Description based on the preceding paragraph, instruction recombination unit 9103 in other embodiments, also can and instruction resolution unit 9111, modifying of order unit 9112, updating block 9113 and lock unit 9114 as same level and column unit (as shown in figure 26).

After instruction recombination unit 9103 acquisition restructuring instruction fragments, be also suitable for the instruction operation environment of call instruction running environment buffer memory and recovery unit 9101 recovery institute buffer memorys, and jump to the address continuation execution (reorganization operation completes) of restructuring instruction fragment.

It will be appreciated by those skilled in the art that, this embodiment just gives an example in order to illustrate, restricting data security readers, data safety storage device and instruction recombination device do not merge mode, and various data security reading devices, data safety storage device and the instruction recombination device of above-mentioned introduction can merge in various required modes.

In addition, above-mentioned method for secure storing and device can also be combined with cloud, guarantee the safety of data in cloud, thereby accelerate the application of cloud computing (cloud computing) and popularize.Specific embodiment will be introduced below.

It will be understood by those skilled in the art that the said method realized at safe floor also can complete at operating system nucleus layer to each layer in hardware layer.The position of realizing of concrete function does not depart from the spirit and scope of the present invention.

In above-described embodiment detailed introduction method for secure storing provided by the invention and device, compared with prior art, tool has the following advantages:

1, to have realized instruction-level data dump be data total dumps to secure storage method of data, based on this, realized the secure storage method of data of computing terminal system line period for the national games, on the one hand, even if make wooden horse or malice instrument obtain classified information, also cannot preserve obtained information, data are present in controlled safe range all the time; On the other hand, this locality is no longer kept at any data under concerning security matters state, has therefore prevented that concerning security matters personnel's active from divulging a secret and passive divulging a secret;

2, receive can 100% from the hardware instruction of hardware mapping layer all instructions of examination, further improve data security.

In above-described embodiment also detailed introduction safe read method provided by the invention and device, compared with prior art, tool has the following advantages:

1, data safe reading method coordinates secure storage method of data that data are present in controlled safe range all the time, and guarantees at safe data storage (dump) afterwards, unload database to be read; Because this locality is by any data that are no longer kept under concerning security matters state, therefore prevented that concerning security matters personnel's active from divulging a secret and passive divulging a secret;

When 2, safety storage apparatus is remote storage device, can share for a plurality of terminals, improve the space service efficiency of safety storage apparatus.

data security is interconnected

According to the data security of introducing, method and the device such as read/store above, can the safe interacted system of design data, realize network data security.

According to one embodiment of the invention, a kind of network environment is provided, as shown in figure 27, this network environment comprises:

By network 1 carry out interconnected terminal system A01, terminal system A02 ... terminal system A0n (n is natural number) and memory device A80;

By network 2 carry out interconnected terminal system A11, terminal system A12 ... terminal system A1n (n is natural number) and memory device A81;

By network m, carry out interconnected terminal system (not shown) and memory device A8n;

By network x carry out interconnected network 1, network 2 ... network m and registrar A90.

Wherein, memory device (being safety storage apparatus) A80, A81 ... the safety storage apparatus of A8n for introducing in embodiment above.

Memory device A80 and terminal system A01, terminal system A02 ... between the local memory device of terminal system A0n, set up mapped bitmap; Terminal system A01, terminal system A02 ... terminal system A0n disposes the data security storage/safe read method of introducing, instruction recombination method in the time of can also disposing the operation of introducing above above.

Memory device A81 and terminal system A11, terminal system A12 ... between the local memory device of terminal system A1n, set up mapped bitmap; Terminal system A11, terminal system A12 ... terminal system A1n disposes the data security storage/safe read method of introducing, instruction recombination method in the time of can also disposing the operation of introducing above above.

Between memory device A8n and the local memory device by the interconnected terminal system of network m, set up mapped bitmap; By the terminal system that network m is interconnected, dispose the data security storage/safe read method of introducing, instruction recombination method in the time of can also disposing the operation of introducing above above.

Network X can be network 1, network 2 ... in network m one, can be also different from network 1, network 2 ... another network of network m.In other words, registrar A90 can be positioned at network 1, network 2 ... in one of network m, network 1, network 2 ... network m is interconnected.

Network 1, network 2 ... in network m, can also comprise data server or application server etc., the corresponding memory device in itself and each network is set up mapped bitmap; Data security storage/safe the read method that server disposition is introduced above, instruction recombination method in the time of can also moving.

Registrar A90 can have one, also can have a plurality of.Registrar A90 is used for providing terminal system access authentication, and, when terminal system wishes to get involved this network environment or network system, registrar A90 receives its registration request and judges whether to allow its access.The operation of registrar A90 will be discussed in more detail below.

According to one embodiment of the invention, in this network environment, the storage of the data of terminal system and read operation can carry out according to above-mentioned data security storage and read method.

Concrete, terminal system (or data server/application server) data manipulation method S800 comprises:

S801, initialization operation, comprising:

S8011, from setting up the safety storage apparatus synchronization map bitmap of mapped bitmap with local memory device, save as the first mapped bitmap; Preserving position can be in internal memory;

S8012, from registrar synchronous safety address table, save as local security address table (also can be called the first secure address table); Preserving position can be in internal memory;

S802, receives hardware instruction;

S803, analyzes and judges whether this hardware instruction is reading command, storage instruction or transfer instruction;

S804, if these three kinds of instructions, carries out instruction process as follows:

S8041, for storage instruction, the local destination address by storage in instruction is revised as with local memory device sets up the corresponding stored address on the safety storage apparatus of mapped bitmap;

S8042, for reading command, obtains the source address in reading command, utilizes source address to retrieve the first mapped bitmap, and according to the reading address in the data modification reading command of mapped bitmap;

S8043, for transfer instruction, obtains the destination address in transfer instruction, utilizes destination address to retrieve the first secure address table, judges whether destination address is secure address, if not, refuse this transfer instruction;

S805, sends to hardware layer by amended or not unaccepted hardware instruction.

According to a further embodiment of the invention, S8041 can also comprise:

Upgrade the first mapped bitmap, by destination address (sector) corresponding " position " in the first mapped bitmap be set to 1 or other indicate the mark of dumps; And, the mapped bitmap having upgraded is synchronized to corresponding safety storage apparatus, in safety equipment, save as the second mapped bitmap.

Computing equipment in above-mentioned network environment has formed a kind of embodiment of data security interacted system provided by the invention.More embodiment of data security interacted system will be described in detail below.

According to one embodiment of the invention, a kind of process of establishing of data security interacted system is provided, as shown in Figure 28 a, this process of establishing S900 comprises:

S901a, computing equipment (being shown as computing terminal 1 in figure) send registration request to registrar;

S901b, registrar inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access;

S901c, computing equipment send response message to registrar;

If this replys S902a as disagreeing with adapter, registrar is refused the registration request of this computing equipment, finishes this process of establishing; (this step is not shown)

If this replys S902b as agreeing to adapter, registrar is at the above-mentioned secure storage method of data of computing equipment deploy and read method and safe transmission method, and registrar is agreed to this computing equipment registration;

S902c, registrar are this computing equipment deployment secure memory device, complete process of establishing, between this computing equipment of cut-out that simultaneously will be complete and any memory device except safety storage apparatus alternately, and also that cut-out and the all-network except safe interacted system is mutual.

" cut-out " is wherein exactly operation by instruction-level, utilizes bitmap that the operation of all memory devices except safety storage apparatus is redirected on safety storage apparatus and is realized.

The deployment area of this safety storage apparatus is hard-core, can be local at computing equipment, also can be arranged in the LAN (Local Area Network) at computing equipment place, and also can be arranged in the LAN (Local Area Network) at registrar place, as long as there is network can physical connection just passable.

In other embodiments of the invention, instruction recombination method when registrar can also be disposed above-mentioned operation to this computing equipment, instruction recombination or tracking while realizing operation.Now, the combination S6000 of instruction recombination method and data safety access method in the time of can also realizing for example above-mentioned operation.

Computing equipment (for example terminal system or intelligent terminal) completes after registration, by above-mentioned data security storage and read method, will in safety storage apparatus, preserve sensitive data or secure data.

According to one embodiment of the invention, in safe interacted system, added data server, also according to S900, registration adds this data server, and its corresponding safety storage apparatus is for example safety storage apparatus 1.

For example, when a computing equipment (computing terminal 2) needs the data in access security interacted system, first, according to S900 registration, adding safe interacted system, its corresponding safety storage apparatus is for example safety storage apparatus 2.

Then, as shown in Figure 28 b, the data access process S910 of computing terminal 2 in data security interacted system comprises:

S911, computing equipment (for example computing terminal 2) send request of access to data server;

S912, data server send secure address apply for information to registrar, inquire whether this computing terminal 2 is secure address;

S913, registrar send secure address response message to data server, inform whether this computing terminal 2 is secure address;

After if S914 obtains affirmative acknowledgement, data server reads corresponding data according to this request, and this reads process is above-mentioned data safe reading method; If obtain negative response, data server is ignored described data access request;

S915, data server send data answering to computing terminal 2; With

If S916 computing terminal 2 needs save data, according to above-mentioned secure storage method of data, to 2 kinds of save datas of safety storage apparatus.

In another embodiment, the content that in above-described embodiment, registrar completes also can complete in each terminal system, and each terminal system is a registrar simultaneously.If need terminal oneself to complete, confirm the task whether visitor is safe, need so a kind of mechanism, can allow any machine deploy that is connected to terminal by network of terminal check data black hole systems (comprise above-mentioned data security storage/read method, instruction recombination method in the time of can also comprising above-mentioned operation, can also comprise above-mentioned data safe transmission method), and each terminal oneself is safeguarded an authentication registration table.

After having had this mechanism, when terminal is received any one network request, first whether the promoter of checking request has disposed data black hole system, be verified the promoter who joins request in the authentication registration table of terminal, the promoter (another machine) of request is just by this terminal authentication like this.Whether the promoter of checking request has disposed data black hole system can adopt the mutual trust verification algorithm based on timestamp to carry out, be verified the promoter who joins request in the authentication registration table of terminal, the promoter (another machine) of request is just by this terminal authentication like this.

Accordingly, above-mentioned data access method S910 need to adjust.According to one embodiment of the invention, as shown in Figure 28 c, there is the data access method S940 (being simultaneously also a kind of data security interacted system method for building up) of the computing equipment of registering functional, comprising:

S941, computing terminal 1 send request of access to computing terminal 2;

S942, computing terminal 2 send and dispose inquiry to computing terminal 1, inquire whether computing terminal 1 agrees to dispose above-mentioned secure storage method of data and read method;

S943, computing terminal 1 send to dispose to computing terminal 2 and reply;

For whole access process is described, in the present embodiment, computing terminal 1 sends affirmative acknowledgement; If computing terminal 1 sends negative response, finish with the information interaction of computing terminal 2, data access can not complete;

S944, computing terminal 2 is to computing terminal 1 dispositions method and specify safety storage apparatus; Described method is above-mentioned data security storage and data safe reading method, instruction recombination method in the time of can also comprising above-mentioned data safe transmission method and operation; Described safety storage apparatus is safety storage apparatus 1;

S945, computing terminal 2 utilize safe read method to read from its corresponding safety storage apparatus 2 data that computing terminal 1 will be accessed;

S946, computing terminal 2 send access to computing terminal 1 and reply; With

If S947 needs save data, computing equipment 1 utilizes secure storage method of data that the visit data of acquisition is kept in its corresponding safety storage apparatus 1.

Optionally, on each computing terminal, safeguard a register list, for example, when computing terminal 1, disposed after data black hole system, computing terminal 1 is added to the register list of computing terminal 2, can also computing terminal 2 be added to the register list of computing terminal 1 simultaneously.

Optionally, before step S942, can first check whether disposed secure storage method of data and read method (or data black hole system).

As shown in Figure 28 d, according to a further embodiment of the invention, provide a kind of data access method S950 with the computing equipment of registering functional, comprising:

S951, computing terminal 1 send request of access to computing terminal 2;

S952, computing terminal 2 send to dispose to computing terminal 1 and check message, and whether this message has disposed data black hole systems (or above-mentioned data safety access method) for checking on computing terminal 1;

S953, computing terminal 1 send to dispose to computing terminal 2 and check feedback message;

This feedback message comprises one or one group of numerical value, and according to this numerical value, computing terminal 2 can judge whether computing terminal 1 has disposed data black hole system;

S954, computing terminal 2 are determined the deployable state of computing terminal 1, judge whether computing terminal 1 has disposed data black hole system;

(1) if described deployment inspection feedback message is determined computing terminal 1, disposed data black hole system, continued to carry out:

S955, computing terminal 2 utilize safe read method to read from its corresponding safety storage apparatus 2 data that computing terminal 1 will be accessed;

S956, computing terminal 2 send access to computing terminal 1 and reply;

If S957 needs save data, computing equipment 1 utilizes secure storage method of data that the visit data of acquisition is kept in its corresponding safety storage apparatus 1.

(2) if described deployment inspection feedback message is determined computing terminal 1, also do not dispose data black hole system, carry out above-mentioned data access method S940:

S943, computing terminal 1 send to dispose to computing terminal 2 and reply;

S944, computing terminal 2 is to computing terminal 1 dispositions method and specify safety storage apparatus; Described method is above-mentioned data security storage and data safe reading method; Described safety storage apparatus is safety storage apparatus 1;

S946, computing terminal 2 send access to computing terminal 1 and reply; With

Above-mentioned steps S953-S954 can comprise: computing terminal 1 and computing terminal 2 utilize the mutual trust verification algorithm based on timestamp to judge whether the other side has disposed data black hole system (the similar CHAP agreement of process).

Optionally, on each computing terminal, safeguard a register list, for example, when computing terminal 1, disposed after data black hole system, computing terminal 1 is added to the register list of computing terminal 2, can also computing terminal 2 be added to the register list of computing terminal 1 simultaneously.When certain computing terminal access the machine, first check whether registration class table comprises this computing terminal, if comprised, illustrates and registers, needn't dispose again and check or dispose the operations such as inquiry.

Optionally, said method S950 can further improve, and by access initiator, is initiatively illustrated and self has been disposed data black hole system.As shown in Figure 28 e, according to a further embodiment of the invention, provide a kind of data access method S960 with the computing equipment of registering functional, comprising:

S961, computing terminal 1 send request of access to computing terminal 2;

S962, computing terminal 1 send " message is informed in deployment " to computing terminal 2, and this message is used for notifying computing terminal 2 on computing terminal 1, to dispose data black hole system (or above-mentioned data safety access method);

S963, computing terminal 2 are determined the deployable state of computing terminal 1, judge whether computing terminal 1 has disposed data black hole system;

S964, computing terminal 2 utilize safe read method to read from its corresponding safety storage apparatus 2 data that computing terminal 1 will be accessed;

S965, computing terminal 2 send access to computing terminal 1 and reply;

If S966 needs save data, computing equipment 1 utilizes secure storage method of data that the visit data of acquisition is kept in its corresponding safety storage apparatus 1.

Further, in each terminal, be in the embodiment of a registrar, in order to facilitate the use of computing terminal and in order to make safe interacted system there is unidirectional import feature (data only import but no export), according to a further embodiment of the invention, the computing equipment in data security interacted system (for example terminal system A01) has two patterns:

Under first mode, be called again safe mode, instruction recombination platform on computing equipment operation (in computing equipment deploy during above-mentioned operation instruction recombination method or instruction recombination device while having applied above-mentioned operation), data are stored and are read all and complete on the safety storage apparatus of its distribution, and mutual between this computing equipment of complete cut-out and any memory device except safety storage apparatus, also cuts off this computing equipment and all-network except safe interacted system (by above-mentioned operation time instruction recombination platform shield dependent instruction) alternately;

Under the second pattern, be called again general mode, the instruction recombination platform on computing equipment does not move, and registration service function is not enabled, and the computing equipment under general mode can equally with common computing equipment be used, for example, can obtain data from other network nodes.

In addition, between the computing equipment of general mode and safe mode computing equipment, can not mutually access.For example, suppose computing terminal 1 in safe mode and computing terminal 2 in general mode.Computing terminal 2 is if access computation terminal 1, and computing terminal 2 will send request of access to computing terminal 1, and computing terminal 1 will send deployment inspection message, and computing terminal 1 cannot obtain the effective response of computing terminal 2, and access can not be carried out.Computing terminal 1 is if access computation terminal 2, computing terminal 1 need to send request of access to computing terminal 2, before sending, computing terminal 1 can attempt to obtain the deployment fox message of computing terminal 2 equally, if computing terminal 1 cannot obtain the effective response of computing terminal 2, access can not be carried out.

The switching of above-mentioned two kinds of patterns can have been restarted by carrying out system, concrete, at the beginning of system starts, which kind of pattern interrogation system user is wished to enter, and which kind of pattern system user determines to enter according to the user demand of oneself.

Corresponding with method S900, the S910 of description above substantially, according to one embodiment of the invention, provide a kind of computing terminal (being computing equipment).As shown in Figure 28 f, this computing terminal f00 comprises:

I/O interface f01, is suitable for connecting and communicating by letter with registrar f11;

The registering unit f02 being connected respectively with I/O interface f01, unit, black hole f03, query unit f04.

Wherein, registering unit f02 is suitable for registering to registrar f11 by I/O interface f01;

The course of work of registering unit f02 comprises the information interaction with registrar, for register or accept the deployment inspection of registrar on registrar, and specifically can reference method S900, S910 and S950.

Wherein, unit, black hole f03 is suitable for receiving the data black hole system that registrar f11 disposes; Described data black hole system defines in the introduction above.For example, data black hole system comprises (having realized) above-mentioned secure storage method of data and data safe reading method, or data black hole system comprises above-mentioned data safety storage device and data security reading device; Instruction recombination method when data black hole system can also comprise above-mentioned operation, or instruction recombination device while comprising above-mentioned operation; Data black hole system can also comprise above-mentioned data safe transmission method etc.

This unit, black hole f03 is also suitable for carrying out data interaction with other computing terminals or computing equipment, such as comprising, sends request of access etc.

Wherein, query unit f04 is suitable for sending apply for information to registrar f11, inquires whether certain computing equipment is registered.

Corresponding with method S900, the S910 of description above substantially, according to one embodiment of the invention, provide a kind of registrar.As shown in Figure 28 g, this registrar g00 comprises:

I/O interface g01, is suitable for for example, being connected and communicating with computing equipment (the computing equipment g11 in figure and computing equipment g12, be called again computing equipment a and computing equipment b);

Dispose inspection unit g02, be suitable for sending to dispose to computing equipment checking message, check whether computing equipment has disposed data black hole system; Check that reciprocal process can reference method S950; If dispose this computing equipment of inspection unit g02 inspection discovery, disposed data black hole system, disposed inspection unit g02 and be also suitable for upgrading register list g05, this computing equipment is added and entered in register list; If deployment inspection unit g02 finds this computing equipment and not yet disposes data black hole system, starts and dispose inquiry unit g03;

Dispose inquiry unit g03, be suitable for sending apply for information to computing equipment, inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access; If the response message from computing equipment represents to disagree with adapter, refuse the registration request of this computing equipment, finish; If this is replied as agreeing to and takes over, calling program deployment unit g04 disposes data black hole system;

Program deployment unit g04, is suitable for disposing data black hole system to computing equipment, after deployment finishes, is also suitable for upgrading register list g05, and this computing equipment is added and entered in register list.

This registrar g00 also comprises: trade mark enquiries unit g06, for receiving from for example inquiry of computing equipment g12 of computing terminal, by inquiry register list, g05 checks whether certain specific computing terminal is registered, and to computing equipment g12 feedback query result.

Corresponding with method S940, the S950 of description above substantially, according to a further embodiment of the invention, provide a kind of computing terminal.As shown in Figure 28 h, this computing equipment h00 comprises:

I/O interface h01, is suitable for for example, connecting and communicating with computing equipment (the computing equipment h11 in figure, is called again computing equipment c);

Dispose inspection unit h02, be suitable for for example, sending to dispose to computing equipment (computing equipment c) checking message, check whether computing equipment has disposed data black hole system; Check that reciprocal process can reference method S950; If dispose inspection unit h02, check that this computing equipment of discovery c has disposed data black hole system, dispose inspection unit h02 and be also suitable for upgrading register list h06, this computing equipment c is added and entered in register list; If dispose inspection unit h02, find that this computing equipment c not yet disposes data black hole system, start and dispose inquiry unit h03;

Dispose inquiry unit h03, be suitable for for example, sending apply for information to computing equipment (computing equipment c), inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access; If the response message from computing equipment represents to disagree with adapter, refuse the registration request of this computing equipment, finish; If this is replied as agreeing to and takes over, calling program deployment unit h04 disposes data black hole system;

Program deployment unit h04, is suitable for disposing data black hole system to computing equipment, after deployment finishes, is also suitable for upgrading register list h06, and this computing equipment is added and entered in register list.

This computing equipment h00 also comprises: unit, black hole h05, is suitable for disposing data black hole system.This unit, black hole h05 is suitable for carrying out data interaction with other computing terminals or computing equipment, such as comprising, sends request of access etc.

Corresponding with the method S960 of description above substantially, according to a further embodiment of the invention, provide a kind of computing terminal/computing equipment.As shown in Figure 28 i, this computing equipment i00 comprises:

I/O interface i01, is suitable for for example, connecting and communicating with computing equipment (the computing equipment i11 in figure, is called again computing equipment d);

Dispose inspection unit i02, be suitable for receiving and for example, inform message from request of access and the deployment of other computing equipments (computing equipment i11); If inform that by deployment message determines that computing equipment i11 has disposed data black hole system, upgrade register list h06, this computing equipment d is added and entered in register list;

Unit, black hole i03, is suitable for disposing data black hole system, is also suitable for carrying out data interaction with other computing terminals or computing equipment i11, sends request of access, disposes and inform message etc. such as comprising.

Instruction recombination method when in addition, unit, black hole i03 is also suitable for disposing above-mentioned operation.Now, computing equipment i00 can have two kinds of patterns, i.e. above-mentioned safe mode and general mode.

In addition, this computing equipment i00 can also comprise deployment inquiry unit and program deployment unit, when deployment inspection unit i02 finds that computing equipment d does not dispose data black hole system, disposes inquiry and deployment operation.

In other embodiments of the invention, computing terminal in above-described embodiment or the units/components quantity in registrar (for example can increase and decrease as required, can not comprise IO interface, unit directly and destination object couple), the parts and the function that in each embodiment, provide can also be provided, or with the parts in known elements alternative embodiment.

It will be appreciated by those skilled in the art that; the embodiment of above-mentioned computing terminal and registrar describes for example;, as the meaning of restriction, the distortion that any those of ordinary skills may carry out said apparatus does not depart from the protection domain that the claims in the present invention are stated.

wide area network data safety is interconnected

Continuation is with reference to Figure 27, if one or more not in same LAN (Local Area Network) in network 1, network 2 and network m the following will discuss data security interacted system in this case.

According to one embodiment of the invention, provide a kind of wide area network data safe interacted system.As shown in figure 29, this wide area network data safety mutual contact turnkey is drawn together:

Be arranged in terminal system B01, terminal system B02..., terminal system B0n, the memory device B80 of LAN (Local Area Network) 1;

Be arranged in terminal system B11, terminal system B12..., terminal system B1n, the memory device B81 of LAN (Local Area Network) 2;

Be arranged in terminal system B21, terminal system B22..., terminal system B2n, the memory device B82 of LAN (Local Area Network) m;

Respectively with the interconnected virtual secure storage server B30 of LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m.

Wherein, virtual secure storage server B30 is as the trunk node of distributed file system, and memory device B80-B82 is each partial node of distributed file system.Terminal B11 only needs accesses virtual safe storage server B 30, can obtain by virtual secure storage server B30 the data of memory device B80, B81 and B82.Data access in all LAN all directly carries out, and the data access between all LAN in fact all carries out transfer by virtual secure server B 30.

In addition, in the safe interacted system of wide area network, (for example said method S950 or S960) registered in the access control of setting up that each node (comprising memory device and terminal system or even virtual secure storage server) is autonomous.

According to a further embodiment of the invention, provide a kind of wide area network data safe interacted system.As shown in figure 30, this wide area network data safety mutual contact turnkey is drawn together:

Be arranged in terminal system C01, terminal system C02..., the terminal system C0n of LAN (Local Area Network) 1;

Be arranged in terminal system C11, terminal system C12..., the terminal system C1n of LAN (Local Area Network) 2;

Be arranged in terminal system C21, terminal system C22..., the terminal system C2n of LAN (Local Area Network) m;

With the interconnected centralized safe storage server C30 of LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m, comprise memory device C80, memory device C81 and memory device C82 etc. respectively.

Wherein, centralized safe storage server C30 has respectively the corresponding network port and lan address to distribute to each LAN 1, LAN 2 and LAN m.

Centralized safe storage server C30 has the function of registrar in above-described embodiment.Terminal system in LAN (Local Area Network) 1, LAN (Local Area Network) 2 and LAN (Local Area Network) m is all registered on centralized safe storage server C30, and be deployed the methods such as above-mentioned safety reads/stores and when operation instruction recombination method.

Centralized safe storage server C30 comprises a plurality of memory devices, such as memory device C80, memory device C81 and memory device C82 etc.These memory devices have been distributed to the system terminal in each LAN in safe interacted system, as the safety storage apparatus adopting in its secure access method.Concrete, at centralized safe storage server C30, in the data security storage and read method that provide during terminal system is disposed previous embodiment of the present invention, memory device C80 distributes to terminal system in LAN (Local Area Network) 1 as safety storage apparatus; Memory device C81 distributes to terminal system in LAN (Local Area Network) 2 as safety storage apparatus; Memory device C82 distributes to terminal system in LAN (Local Area Network) m as safety storage apparatus.

According to one embodiment of the invention, above-mentioned wide area network data safety mutual contact construction in a systematic way cube method comprises:

SA01, computing equipment (for example system terminal C01) send registration request to safe storage server B 30 or C30;

SA02, safe storage server B 30 or C30 inquire whether this computing equipment is agreed to take over by safety storage apparatus the data that this computing equipment is operated and access;

SA03, computing equipment send response message to safe storage server B 30 or C30, for example the response message of content for agreeing to take over;

SA04, safe storage server B 30 or C30 (response message according to content for agree to taking over) be at computing equipment deploy data black hole system, and register this computing equipment;

SA05, safe storage server B 30 or C30 are this computing equipment deployment secure memory device (for example memory device C80), complete process of establishing.

Instruction recombination method when if safe storage server B 30 or C30 dispose above-mentioned operation to this computing equipment, instruction recombination or tracking in the time of just can realizing operation.Now, the combination S6000 of instruction recombination method and data safety access method in the time of can also realizing for example above-mentioned operation.

Computing equipment (for example terminal system or intelligent terminal) completes after registration, by the storage of above-mentioned data security and read method, will be to save data in safety storage apparatus, or from safety storage apparatus reading out data.

the safe interacted system of network payment

Apply above-mentioned data security interacted system, according to one embodiment of the invention, provide a kind of network payment safe interacted system.As shown in figure 31, this network payment safety mutual contact turnkey is drawn together:

Be arranged in network 1: registrar D91, data server D01 and corresponding safety storage apparatus D81 thereof, pay application server D02 and corresponding safety storage apparatus D82 thereof;

Be arranged in the network 2 interconnected with network 1: registrar D90, network terminal D03 (computing machine), mobile terminal D04, and the two corresponding safety storage apparatus D83; With

Be arranged in the network 3 interconnected with paying application server D02: registrar D92, account settlement server D05, account data server D06, and account data server and safety storage apparatus D84 corresponding to account settlement server.

Wherein, the interface that pays application server access network 1 is called application interface, and the interface of access network 3 is called payment interface.

Wherein, network 1 and network 2 can be a network.

Wherein, data server D01, payment application server D02, network terminal D03, mobile terminal D04 respectively by registrar D90 and registrar D91 are registered and have been added the safe interacted system of network 1 and network 2 according to the method for the S900 introducing above; Pay application server D02, account settlement server D05, account data server D06 and all according to the method for the S900 introducing, by registrar D92 registration, added safe interacted system above.Owing to paying application server D02, lay respectively among network 1 and network 3, so respectively to registrar D91 and D92 registration.

Wherein, data server D01, paying safety storage apparatus corresponding to application server D02 also can be identical; The safety storage apparatus that network terminal D03, mobile terminal D04 are corresponding also can be different; The safety storage apparatus that account settlement server D05, account data server D06 are corresponding also can be different.

Wherein, registrar D90, D91 and D92 to the deployed with devices of each registration instruction recombination method and the safe storage based on the method/read/transmission method during above-mentioned operation.

Continuation is with reference to Figure 31, in the safe interacted system of network payment, network terminal D03 or the mobile terminal D04 data server D01 in can accesses network 1, and can on data server D01, set up accesses to your account preserves visit information (can certainly preserve visit information in this locality, its process is identical with S910).

The process of data server D01 in network terminal D03 or mobile terminal D04 accesses network 1 is similar to S910, but has increased the step of preserving visit information on data server D01.Concrete, this process (being the processing procedure of the data access request of computing terminal) S920 comprises:

S921, computing equipment (network terminal D03 or mobile terminal D04) send request of access to data server D01; This request of access can directly send to data server D01 by computing equipment, also can be transmitted to data server D01 by other application servers;

S922, data server D01 send secure address apply for information to registrar D90, inquire whether this computing terminal is secure address;

S923, registrar D90 send secure address response message to data server D01, inform that this computing terminal is secure address;

S924, obtain affirmative acknowledgement after, data server D01 reads corresponding data according to this request, this reads process is above-mentioned data safe reading method; If obtain negative response, data server D01 ignores described data access request;

S925, data server D01 send data answering to computing terminal;

It is upper that S926, computing terminal determine that a part of visit data is kept to data server D01, and according to above-mentioned secure storage method of data, data server D01 is to safety storage apparatus D81 save data.

Continuation is with reference to Figure 31, and in the safe interacted system of network payment, network terminal D03 or mobile terminal D04 can buy product or the service of accessing by the payment application server D02 in network 1.

Network terminal D03 or mobile terminal D04 (passing through application interface) access pay application server D02, then by paying process (being the processing procedure of the payment request of the computing terminal) S930 of application server D02 access account settlement server D05, comprise:

S931, computing equipment (network terminal D03 or mobile terminal D04) send to paying application server D02 the request of payment;

This payment request can directly be sent to and be paid application server D02 by computing equipment, also can is transmitted to and be paid application server D02 by other application servers;

Fund account information and Transaction Information that this payment request comprises user; Described fund account information can be the fund account information of entity bank account, virtual bank's account and other types, and described Transaction Information comprises number of transaction, unit price etc.;

S932, payment application server D02 send secure address apply for information to registrar B90, inquire whether this computing terminal is secure address;

S933, registrar D90 send secure address response message to paying application server D02, inform that this computing terminal is secure address;

If S934 obtains negative response, pay application server D02 and ignore described payment request; If obtain affirmative acknowledgement, pay application server D02 and calculate transaction data and generate settlement information according to the Transaction Information paying in request; Settlement information can be a concrete numerical value (being required payment), also can be for a series of for calculating the data of settlement information;

S935, payment application server D02 (passing through payment interface) send clearing request to account settlement server D05; Described clearing request comprises user's fund account information and settlement information;

S936, account settlement server D05 send secure address apply for information to registrar D92, inquire whether this payment application server D02 is secure address;

S937, registrar D92 send secure address response message to account settlement server D05, inform that this payment application server D02 is secure address;

S938, account settlement server D05 for example, call corresponding fund account data according to the fund account information in settlement information (account name and account ID);

Judge whether fund account data can meet the requirement of settlement information;

If can not meet, to payment application server D02, send unsuccessfully and reply;

If can meet, carry out settlement operations (amount of money that is about to settlement information is deducted from fund account data), the fund account data of renewal are kept to corresponding safety storage apparatus D84, and send successful respond to paying application server D02;

S939, pay application server D02 according to the success receiving or unsuccessfully reply to computing terminal and send successfully or unsuccessfully and reply, and if be successful respond, on corresponding safety storage apparatus D82, preserving this payment request information.

Wherein, in step S938, account settlement server D05 can also access account data server D06 and obtain fund account data.

Above-mentioned safe interacted system (for example safe interacted system of data security interacted system/network payment) by data security characteristic, (for example store/read/transmission method by data security, and based on when operation instruction recombination method data security store/read/transmission method) implanted in LAN (Local Area Network) or wide area network, guaranteed the security of sensitive data in LAN and Wide Area Network.Even rogue program invasion, any data of its access can not be stolen, and even together with rogue program itself, all will forever be confined among the safety storage apparatus of safe interacted system.

Above-mentioned safe interacted system not only provides strong support to the data security in cloud computing, and more network payment and mobile payment universal established safe basis.

Should be noted that and understand, in the situation that not departing from the desired the spirit and scope of the present invention of accompanying claim, can make various modifications and improvement to the present invention of foregoing detailed description.Therefore, the scope of claimed technical scheme is not subject to the restriction of given any specific exemplary teachings.

Claims

1. data security interacted system is set up and a data access method, comprising:

Step 4, the second computing equipment check that described deployment replys;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

2. data security interacted system as claimed in claim 1 is set up and data access method, after step 6, also comprises:

3. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, after step a3, secure storage method of data also comprises:

4. data security interacted system as claimed in claim 3 is set up and data access method, and wherein, before step a1, secure storage method of data also comprises:

5. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, before step b4, data safe reading method also comprises:

6. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step a1 and b1, described hardware instruction is from hardware mapping layer.

7. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is instruction recombination method when the first computing equipment deploy operation also, and during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

8. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is instruction recombination method when the first computing equipment deploy operation also, and during this operation, instruction recombination method comprises:

Steps d 1, buffer memory instruction operation environment;

9. data security interacted system as claimed in claim 1 is set up and data access method, and wherein, in step 4, the second computing equipment is instruction recombination method when the first computing equipment deploy operation also, and during this operation, instruction recombination method comprises:

Step e1, buffer memory instruction operation environment;

10. data security interacted system as claimed in claim 1 is set up and data access method, between step 1 and step 2, also comprises:

11. 1 kinds of data security interacted systems, comprising: the first computing equipment, the second computing equipment and safety storage apparatus; Wherein, described the first computing equipment and the second computing equipment are suitable for mutual registration, and save the data on safety storage apparatus or from safety storage apparatus reading out data by secure storage method of data and data safe reading method;

12. data security interacted systems as claimed in claim 11, wherein, instruction recombination method when described the first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

13. data security interacted systems as claimed in claim 11, wherein, instruction recombination method when described the first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Steps d 1, buffer memory instruction operation environment;

14. data security interacted systems as claimed in claim 11, wherein, instruction recombination method when described the first computing equipment or the second computing equipment are also suitable for being deployed operation, during this operation, instruction recombination method comprises:

Step e1, buffer memory instruction operation environment;

15. 1 kinds of computing equipments, comprising:

Unit, black hole, is suitable for disposing data black hole system;

Wherein, secure storage method of data comprises:

Step a1, reception hardware instruction;

Step a2, analyze described hardware instruction;

Step a4, amended storage instruction is sent to hardware layer;

Wherein, data safe reading method comprises:

Step b1, reception hardware instruction;

Step b2, analyze described hardware instruction;

Step b5, amended reading command is sent to hardware layer.

16. computing equipments as claimed in claim 15, unit, wherein said black hole is also suitable for and the second computing equipment interaction data.

17. computing equipments as claimed in claim 15, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step c1, buffer memory instruction operation environment;

18. computing equipments as claimed in claim 15, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Steps d 1, buffer memory instruction operation environment;

19. computing equipments as claimed in claim 15, wherein, instruction recombination method when described data black hole system also comprises operation, during this operation, instruction recombination method comprises:

Step e1, buffer memory instruction operation environment;

20. computing equipments as claimed in claim 15, wherein, if represent to disagree with adapter from the response message of the second computing equipment, dispose the registration request that inquiry unit is suitable for refusing this second computing equipment; If this response message agrees to take over, dispose inquiry unit and be suitable for start-up routine deployment unit.

21. computing equipments as claimed in claim 15, also comprise:

22. computing equipments as claimed in claim 20, wherein, if the inspection of deployment inspection unit is found described the second computing equipment and has been disposed data black hole system, dispose inspection unit and be also suitable for upgrading register list, this second computing equipment is added and entered in register list; If deployment inspection unit is found this second computing equipment and is not yet disposed data black hole system, starts and dispose inquiry unit.

23. computing equipments as claimed in claim 15, also comprise:

24. computing equipments as claimed in claim 15, also comprise: