CN103873540A - Low-energy-consumption remote storage system and design method thereof - Google Patents

Low-energy-consumption remote storage system and design method thereof Download PDF

Info

Publication number
CN103873540A
CN103873540A CN201210567950.3A CN201210567950A CN103873540A CN 103873540 A CN103873540 A CN 103873540A CN 201210567950 A CN201210567950 A CN 201210567950A CN 103873540 A CN103873540 A CN 103873540A
Authority
CN
China
Prior art keywords
remote
access
remote storage
storage device
standby
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201210567950.3A
Other languages
Chinese (zh)
Other versions
CN103873540B (en
Inventor
陈莉华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201210567950.3A priority Critical patent/CN103873540B/en
Publication of CN103873540A publication Critical patent/CN103873540A/en
Application granted granted Critical
Publication of CN103873540B publication Critical patent/CN103873540B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to a low-energy-consumption remote storage system and a design method thereof, in particular to a method of remote data storage by utilizing network communication, and a storage system, and belongs to the technical field of network communication and data storage. The remote storage system comprises a remote storage device and a remote access device, and has normal and standby work modes. The remote storage device comprises a storer, a storage resource manager, a normal access control and security management module, a standby access control and security management module, a normal remote communication module, a standby remote communication module and a standby management module, and the remote access device comprises a user interface, a remote storage resource manager, an access control and security module, and a remote communication module. In the period that the storer does not carry out an access operation, the storage device is in a low-power-consumption or power-off state, the energy consumption is effectively reduced; the end-to-end encryption can be performed, and the basic guarantee of the security of data resources of the user is provided.

Description

A kind of remote storage system of low energy consumption and method for designing thereof
Technical field
The present invention relates to a kind of remote storage system and method for designing thereof of low energy consumption, relate in particular to and utilize network service to carry out method and the storage system of remote data storage, belong to network service and technical field of data storage.
Background technology
People, in daily life and work, often need to store, back up or store another equipment into from a transfer file and data.At present, people mainly carry out storage, backup and the transfer of file and data by methods such as movable storage device, network transmission and the network storages.
The widely used movable storage device of people comprises USB flash disk, portable hard drive, read-write CD etc. at present.These movable storage devices have that capacity is large, volume is little, lightweight, low cost and other advantages, are widely used in storage, backup and the transfer of file and data by people.For example, people are usually suspended on small and exquisite USB flash disk on key chain and mobile phone as decorating small articles, not only carry with easy to use, have also increased the enjoyment of life.But movable storage device brings easily simultaneously, has also increased certain risk.First, movable storage device is carried by people, may be temporarily placed on outside supervision scope by owner, some lawless persons may copy file and the data information walked in movable storage device in the situation that equipment owner does not discover, and cause the leakage of file and data information.In addition, movable storage device is also lost than being easier to.For easy to use, people in most cases directly carry out file while using movable storage device to preserve file and data and data are preserved, and seldom pass through encryption.Like this, if preserve capsule information in the movable storage device of losing, the leakage of these data may bring the loss of the aspects such as property, fame and social status to related personnel.
In addition, people are also widely used method the staged files and the data information between different storage device that network transmits.For example, use the attachment function of Email, people are easy to file to be transferred to other people or to transfer to other equipment.But the file that this mode shifts is generally smaller, is not suitable for large file or large batch of file and shifts.In local area network (LAN), people can also use the method such as server, resource-sharing transferring data; The computer that also can sign in to oneself by Remote desk process carries out data access; Can also use the Internet chat instrument that special services business provides to transmit file.Although use these methods can transmit for a long time large scale, large batch of file, but these methods or need special service equipment or need computer for a long time in open state, not only equipment cost is higher, due to the equipment increase that power consumption also can bring use cost of starting shooting for a long time.
Except using mobile storage and network transmission, people can also use method storage, backup and the staged files and the data information of the network storage at present.The storage server of some is installed in the Internet by network storage service provider, or by the each user's of distributed storage algorithm statistic multiplexing storage resources, for user provides stores service, i.e. " cloud storage " service.User is by being registered as a network storage user to network storage service provider, can pay or freely obtain " the net dish " of static state or dynamic capacity.User uses register account number and cryptographic acess network, the file loading of oneself can be arrived to " net dish ", or from net dish download file, complete storage, backup and the transfer of file.Because user uses access to netwoks memory device, this method has good mobility.But make to have brought in this way new safety problem.First, memory device is placed on the place of network storage service provider, and or not user's place, server breaks down, suspends or stops service, and user's documentation may be lost thereupon.After all, " cloud " has natural unsteadiness and polytropy.Secondly,, for easy to use, user directly arrives " net dish " by file loading, is not encrypted; These files and data may be exposed to the other staff of user's the unknown, have potential data information risk of leakage; Although user can, with compressing file encryption are uploaded to " net dish ", use the inconvenience that has increased user's operation like this, user experiences variation; Storage service provider also may back up user's data and carry out data mining, or carries out bringing the business activity of control unknown risks to user.The storage server of storage service provider may be distributed in multiple countries and regions in the world, thereby storage service provider likely utilizes the difference of national laws to evade the legal risk of self.Therefore, user uses the loss that data is revealed, loss of data causes that " net dish " causes possibly cannot obtain compensation by legal means.If user uploads to file encryption " net dish " again, " net dish " method loses the convenience of its use.In addition, method and the computed SRM device of the most of user method of " uploading ", " download " access " net dish " are inconsistent, have reduced user's experience.
For example, two patent applications that EMC CORPORATION company application number in 2009 and 2010 is " T 1048/06 " and " T 0138/07 ", disclose respectively " interconnected memory device " and " remote data equipment ".The former " interconnected memory device " provided the Remote Dynamic communication between two kinds of storage mediums, wherein in the memory device of source, realizes host access, and the second memory device is realized the transfer of data of main frame and object equipment room; The latter's " remote data equipment " discloses the data-storage system of a remote data monitor management, this system comprises that the data that determine storage are transmitted between data-storage system and remote data storage system, and based on remote data, application is coupling in IP network data-storage system.Form and being connected of IP network based on remote data equipment application and ICP/IP protocol software layer, and interface is divided into 2 processors simultaneously, an interface section is connected with remote data service application, and second data-interface is connected with ICP/IP protocol software layer and makes the transmission data from data-storage system to remote data storage system IP based network.This two patent is carried out remote data storage and is shared according to IP network.Its file and data information transmit and lack reliable security mechanism; There is the risk that is exposed to the unknown personnel of user in user's file and data information; Memory device lacks effective conservation measures.
In the patent application of " data backup system and data backup and retrogressive method " (application number 201110031404.3), the storage device and the method that comprise transmission, record, variance analysis module based on user side and remote port are provided; Its storage Main Basis special time or cycle period have been dispatched.Use this cycle remote data backup method, equipment is in running order for a long time, and its equipment power dissipation is higher; This storage device and method lack effective security mechanism simultaneously.
The patent application of " a kind of Wireless cloud storage card " (application number 201110413943.3) and " a kind of wireless cloud storage module " (application number 201110413941.4) discloses respectively a kind of cloud storage card and a kind of cloud memory module based on radio communication based on radio communication, use antenna, SIM card or CPU, cloud storage control and Computer Interface Module to form memory device, based on local cache, remote storage data-mapping is carried out to automatic cloud storage to local resource.Provide the remote auto storage means of the wireless network mandate based on cloud storage control.In this method, a part of storage resources is configured in server end, and user's file and data need to upload to server, causes its file and data information to have the risk that is exposed to the unknown personnel of user, has potential safety hazard.
" remote storage system and carry out the method for remote storage " (application number 201110414084.X) discloses a kind of by the mode management document of virtual directory, based on remote storage system and the method for node configuration remote storage node.The difference part of this application and " data backup system and data backup and retrogressive method " is, the storage system described in this invention, based on client and server end program, different telefiles is provided provide local service.In local private room, realize the cloud storage of mass data.And that mass data distributed storage causes dispatching time delay is large, user's file data and data are submitted to ISP with clear-text way, have potential safety hazard.
Current existing mobile storage, network transmission and the file of the network storage and the storage of data information, backup and transfer method, in each own oneself advantage and deficiency such as equipment cost and use cost, convenience, fail safe, but lack a kind of in all very excellent memory device and systems of equipment cost and use cost, ease of use and fail safe several respects performance.
Summary of the invention
The present invention is directed to that existing movable storage device easily causes that file data is lost, network transmit memory device power consumption large, there is the shortcomings such as potential safety hazard, combined memory and network service, propose a kind of remote storage method and system of low energy consumption.
A method for designing for the remote storage system of low energy consumption, specifically comprises the steps:
Step 1, design stores equipment has conventional and two kinds of mode of operations of standby.Design by control circuit, make memory device there is standby management function: when memory is not conducted interviews to operation or memory device while receiving standby command in setting-up time, by control circuit, make memory, SRM device and enter low-power consumption operating state or cut off working power for remote access communication module and security module; When memory device is in holding state and when receiving memory device and waking instruction up, by control circuit, make memory, SRM device and enter conventional power supply and operating state for remote access communication module and security module.
Step 2, by standby remote communication module and the design of conventional remote communication module, make memory device under standby and routine work state, there is respectively telecommunications functions: when memory device is during in low-power consumption operating state or working power dissengaged positions, standby remote communication module, in low communication speed operating state, can receive memory device operating state query statement, switches memory device mode of operation instruction and send instruction response; When memory, explorer are in the time that routine work state also need to carry out read and write access, conventional remote communication module work, reception memorizer read and write access and storage management instruction and data, and send instruction response and be read data.
The conventional remote communication module of design is based on ICP/IP protocol; Standby remote communication module is based on ICP/IP protocol or other low rate communication protocol.
Step 3, by memory access control and security module design, make memory device under standby and conventional read and write access operating state, there is respectively the end-to-end encryption and decryption functions of instruction between access control, access rights control and memory device and access means, response and data.Described access control comprises permission or denied access service; Described access rights control function is that different access levels is set, and comprises read-write, read-only, part access rights.In the time that safety requirements is lower, access control is based on simple password authentication; In the time that the level of security requiring is higher, use password in conjunction with the public and private key cipher authentication system purview certification that conducts interviews.
End-to-end encryption and decryption design between memory device and access means is as follows: (1) respectively the memory access control of memory device and access means with in security module, set same enciphering and deciphering algorithm, and key is set; (2), under the read and write access normal operating conditions of memory device, response and data that the access control of memory device and security module send SRM device, be encrypted computing according to the key of setting and obtain ciphertext; And can be decrypted the plaintext that obtains access instruction, response and data to the remote access equipment ciphertext receiving; Or under the standby mode of memory device, instruction, response and data that standby management function module produces, the corresponding access control of warp and security module are encrypted computing and obtain ciphertext; And adopt decruption key to be decrypted the plaintext that obtains instruction response and data to the remote access equipment ciphertext receiving; (3) access control of access means and security module send remote storage resource manager response and data, be encrypted computing according to the key of setting and obtain ciphertext, and to the remote storage device ciphertext receiving, adopt decruption key to be decrypted and recover expressly, will expressly deliver to the remote storage resource manager of access means.
Step 4, design remote access mode is: distance access ports sends after access instruction, the standby management function module inquiry memory device operating state of memory device; When memory device is during in routine work state, SRM device is carried out normal read and write access and the storage management instruction that distance access ports sends memory device, and to the response of distance access ports return instruction and data; When memory device is during in holding state, distance access ports first wakes instruction up to memory device transmitting apparatus, the standby management module of memory device receives and wakes up after instruction, make memory device enter routine work state by control circuit, and this state is returned to distance access ports, memory device is carried out to normal read and write access and storage management.
Step 5, experiences and reduces re-transmission for improving user, and file content transmits and uses fountain coding, and supports breakpoint transmission.
Use fountain coding to reduce and retransmit, and support the concrete grammar of breakpoint transmission to be:
(A) the information source length K of setting fountain coding, the length N of information source packets.
(B) file to be transmitted is carried out to segmentation, every segment length is KN symbol, obtains altogether L section source symbol; Segment counter c=1 is set; In the time adopting binary system fountain coding, its symbol is binary character; In the time adopting q system fountain coding, its symbol is q system symbol.
(C) take out c section source symbol, carry out symbol subpackage by the former order of file, each bag N symbol, obtains K information source packets (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1).
(D) reset K information source packets (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1), obtain new N packet (a 0, b 0..., f 0), (a 1, b 1..., f 1) ..., (a n-1, b n-1..., f n-1); Rearrangement principle is: the n bit of K former information source packets is arranged as new n packet by the number order of former information source packets, n=1, and 2 ..., N.
(E) by i packet (a after resetting i, b i..., f i) after fountain coding, export semo-infinite sequence (A i, B i..., F i...), i=0,1 ..., N-1; Lined up a N capable, the matrix of unlimited row, i sequence (A i, B i..., F i...) be placed on matrix i capable; Read this matrix by row order and obtain fountain coding packet sequence (A 0, A 1..., A n-1), (B 0, B 1..., B n-1) ..., (F 0, F 1..., FN -1) ....Wherein, (A 0, A 1..., A n-1) be the 0th fountain coding bag, (B 0, B 1..., B n-1) be the 1st fountain coding bag ...; Its fountain coding adopts LT code, Raptor code or the multi-system fountain codes based on finite field gf (q).
(F) transmitting terminal packet-by-packet sends the fountain coding bag of c section, and receiving terminal receives fountain packet and c information source data segment is carried out to fountain decoding; If successfully decoded, to transmitting terminal loopback confirmation signal; Transmitting terminal is received confirmation signal, stops paying out the fountain coding bag of c section, goes to step (G); Otherwise transmitting terminal continues to send the follow-up fountain coding bag of c section;
(G) segment counter c=c+1 is set, checks whether c is greater than L; If c > is L, file transmits complete; Otherwise go to step (C).
A kind of remote storage system, comprises remote storage device and remote access equipment.Remote storage device passes through the Internet or is directly connected with remote access equipment.
Described remote storage device provides the physical storage medium of stored file and data data, and the interface of remote read-write access is provided; Specifically comprise memory, SRM device, conventional access control and safety management module, standby access control and safety management module, conventional remote communication module, standby remote communication module and standby management module.
Standby management module is connected with security module with security module, conventional remote communication module, standby access control with memory, SRM device, conventional access control respectively; Memory is connected to SRM device; SRM device is connected to conventional access control and security module; Conventional access control and security module are connected to conventional remote communication module; Standby remote communication module is connected with security module with standby access control; Conventional remote communication module and standby communication module provide the TCP/IP network interface of standard, by the Internet or be connected directly to remote access equipment.
Described memory is the physical storage medium of stored file and data data, adopts mobile memory or read-only storage or the combination of the two.Read-only storage provides basic capacity configuration for remote storage device, and mobile memory is connected in memory by the interface of standard, and user can insert and take off mobile memory, extension storage capacity at any time.
SRM device is resolved and is received instruction, and carries out reading and writing, inquiry, the management of file system, the storage management of file and data information according to instruction.
Remote storage device has two kinds of mode of operations: normal mode and standby mode.
Conventional access control and safety management module are realized access control, access rights control, safety certification and the file of the SRM device under normal mode and the encryption and decryption that data information transmits.
Standby access control and safety management module are realized the encryption and decryption of access control, access rights control, safety certification and instruction and response under remote storage device standby mode.
Conventional remote communication module completes the communication function that carries out SRM between remote access equipment and remote storage device, has comprised the ICP/IP protocol communication of network service, the unencryption receiving or encrypted instruction are reached to conventional access control and security module, respond and Apple talk Data Stream Protocol Apple Ta decapsulation from unencryption or the encrypted instruction of conventional access control and security module.
Standby remote communication module completes under remote storage device holding state, the basic communication functions between remote access equipment and remote storage device.Standby remote communication module is operated in low communication speed, the unencryption receiving or encrypted instruction are reached to standby access control and security module, complete the protocol encapsulation from standby access control and security module unencryption or encrypted instruction response and data flow, and be sent to remote access equipment, the remote instructions such as while energy receiving equipment wakes up, device status inquiries.
Standby management module completes the standby management of remote storage device, be responsible for the communication flows monitoring of conventional remote communication module, when the communication flows of conventional remote communication module does not have communication flows in default time range, or receive send from remote access equipment remote equipment standby command is set time, control storage, SRM device, access control and security module and conventional remote communication module proceed to low-power consumption standby state, and reduce or turn-off its working power.At remote storage device during in holding state, when receive send from remote access equipment wake remote equipment instruction up time, recover the normal power supply of conventional remote communication module, conventional access control and security module, SRM device and memory, and control storage, SRM device, access control and security module and conventional remote communication module disengaging holding state, proceed to conventional resource management status, accept the resource management of remote access equipment.
The user interface that described remote access equipment provides user to access remote storage device, completes remote storage resource management; Specifically comprise user interface, remote storage resource manager, access control and security module, remote communication module.
Described user interface is connected with remote storage resource manager, remote storage resource manager is connected with security module with access control, access control and security module are connected to remote communication module, and the TCP/IP network interface of remote communication module by standard is through the Internet or be connected directly to remote storage device.
Wherein, remote communication module completes the communication function that carries out SRM between remote access equipment and remote storage device, comprises that transmission carries out remote storage resource administrative institute and need the signal of communication processing of control command, file data data, packet encapsulation and the decapsulation of communication protocol data.Remote communication module is based on ICP/IP protocol.When the standby remote communication module of remote storage device is not while communicating based on ICP/IP protocol, remote communication module also comprises the communication protocol that can interconnect with the standby remote communication module of remote storage device.
Access control and safety management module complete access control, access rights control, safety certification and the file of remote storage device and the encryption and decryption that data information transmits.
Remote storage resource manager is by carrying out peer layer instruction interaction with the SRM device of remote storage device, encapsulation access control and security module, remote communication module form remote equipment and drive interface, the management of the reading and writing of remote storage device file and data information, inquiry, file system and storage management are mail to device drives interface, and from device drives interface reading command and response data, realize local resource manager and use local memory access mode access remote storage device.
User interface provides user the man-machine interface of the storage management to remote storage device, completes the resource management of remote storage device by remote storage resource manager.
The workflow of described remote storage system is: user sends the instruction of access remote storage device by user interface, this access instruction is after remote storage resource manager gain access, encrypt through access control and security module, by remote communication module through the Internet or be directly sent to standby remote communication module or the conventional remote communication module of remote storage device.For the instruction of being sent to standby remote communication module, be sent to standby access control and security module completes instruction decryption by standby remote communication module, carry out instruction by standby management module, and return to remote access equipment the response that its instruction is carried out by standby remote communication module.For the instruction of being sent to conventional remote communication module, complete access rights verification, instruction decryption by conventional access control and security module; SRM device is carried out instruction, the response data that return instruction is carried out.Response data is after routine access and security module encryption, by conventional remote communication module through the Internet or be directly sent to the remote communication module of remote access equipment, through access control and security module deciphering, deliver to remote storage resource manager, return to user, remote storage resource manager returns to response confirmation to remote storage device simultaneously.
The instruction and data reciprocal process of remote access equipment access remote storage device is: (1) remote access equipment sends storage device access instruction to remote storage device; (2) remote storage device receives this storage device access instruction, carries out this instruction, returns to response data and the result of this instruction to remote access equipment; (3) remote access equipment receiving remote memory device sends response data and result, to remote storage device loopback storage device access instruction response confirmation.
Instruction and response reciprocal process that remote access equipment wakes remote storage device up are: (1) remote access equipment sends and wakes remote equipment instruction up to remote storage device; (2) remote storage device receives this and wakes remote equipment instruction up, carries out this instruction, wakes up after correlation module success, returns to the ready response of remote equipment to remote access equipment.
The instruction of remote access equipment control standby and response reciprocal process are: (1) remote access equipment sends remote storage device standby command is set to remote storage device; (2) remote storage device receives this remote storage device standby command, carries out this instruction, correlation module is set after standby mode, returns to remote equipment standby success response is set to remote access equipment.
Remote access equipment access remote storage device, the instruction and data reciprocal process of upgrading remote storage device file is as follows: (1) remote access equipment sends and upgrades telefile instruction to remote storage device, and needs the essential information such as file name, length, time, type of transaction file; (2) remote storage device receives this renewal telefile instruction, ready after, upgrade telefile response to remote access equipment loopback; (3) remote access equipment receives this renewal telefile response, sends file content to remote storage device; (4) remote storage device receives file content, after renewal is stored successfully, to the success response of remote access equipment loopback remote file updates.
Remote access equipment access remote storage device, the instruction and data reciprocal process that reads telefile is as follows: (1) remote access equipment sends and reads the instruction of telefile to remote storage device, and needs the essential information such as file name, length, time, type of file reading; (2) remote storage device receives this and reads telefile instruction, ready after, read essential information and the file contents such as telefile response, file size, time, type to remote access equipment loopback; (3) remote access equipment receives file, after receiving successfully, reads success response to remote storage device backspace file data.
Remote access equipment access remote storage device, the instruction of row file directory and response reciprocal process are as follows: (1) remote access equipment sends the instruction of row file directorys to remote storage device, and the title of driver, catalogue or file that need to row catalogue; (2) remote storage device receives this row file directory instruction, reads the bibliographic structure of appointment, returns to required file directory to remote access equipment; (3) remote access equipment receives this file directory, after receiving successfully, confirms to remote storage device backspace file catalogue.
A differential file synchronous method for remote access equipment and remote storage device, its step is as follows: (1) user's assigning remote access means needs the catalogue of synchronizeing with remote storage device; (2) remote access equipment sends the instruction of row file directorys to remote storage device, obtains and in remote storage device, needs synchronous catalogue and fileinfo; (3) remote access equipment carries out the comparison of size, time to treat file and the filesinsubdir at different levels in synchronous directory of remote storage device and remote access equipment this locality, finds out local new amendment, local new file, long-range new amendment, the different file of long-range new file four classes; (4) remote access equipment is set according to user, uses and upgrades remote storage device file instruction and read telefile instruction and upgrade one by one these differential files.
The safety transfer method of the instruction and data End to End Encryption of a kind of remote access equipment and remote storage device, the encryption and decryption step that its remote access equipment sends instruction and data to remote storage device is as follows: (1) user sets enciphering and deciphering algorithm in remote access equipment and remote storage device, and key is set; (2) instruction and data that the remote storage resource manager of remote access equipment sends is delivered to access control and security module, and the encryption key that access control and security module adopt user to set is encrypted computing to instruction and data and obtains ciphertext; (3) under the normal mode of remote storage device, conventional access control and the security module of remote storage device receive this ciphertext, adopt decruption key that ciphertext is decrypted and is recovered expressly, and plaintext is delivered to SRM device; Or under the standby mode of remote storage device, standby access control and security module receive this ciphertext, adopt decruption key that ciphertext is decrypted and is recovered expressly, plaintext is delivered to standby management module.
The safety transfer method of the instruction and data End to End Encryption of a kind of remote access equipment and remote storage device, the encryption and decryption step that its remote storage device sends instruction and data to remote access equipment is as follows: (1) user sets cryptographic algorithm in remote access equipment and remote storage device, and key is set; (2) under the normal mode of remote storage device, the instruction and data that the SRM device of remote storage device sends is delivered to conventional access control and security module, and the encryption key that conventional access control and security module adopt user to set is encrypted computing to instruction and data and obtains ciphertext; Or under the standby mode of remote storage device, standby management module produces instruction, response and data, and the encryption key that standby access control and security module adopt user to set is encrypted computing to instruction, response and data and obtains ciphertext; (3) the standby access control of remote access equipment and security module receive this ciphertext, adopt decruption key that ciphertext is decrypted and is recovered expressly, and plaintext is delivered to remote storage resource manager.
Beneficial effect
The invention provides a kind of remote storage system, user carries out remote access by remote access equipment to remote storage device.Remote storage device is placed on the medium harbor of office or family, and accessing Internet; User carries out accessing operation by the computer connecting on the internet to remote storage device.By access control and security module, remote communication module function package forming apparatus being driven to interface in remote access equipment, the local resource manager of remote access equipment can be used local memory access mode access remote storage device, this is converted to remote storage device the local extended menory of remote access equipment, and user can adopt unified explorer to complete the resource management of remote storage device.User can use remote storage device based on local storage resources use habit, obtains good experience.Can be whenever and wherever possible by the file content of computer or mobile communication terminal reference to storage without carrying memory device, reduce the risk that documentation is lost and revealed, improve fail safe.In addition, remote storage device is controlled by user oneself completely, and user can insert more memory or the larger memory of capacity expands the capacity of memory device by the mobile memory interface at remote storage device.
User accesses remote storage device and has very strong sudden.Most of the time memory, in idle state, does not have the accessing operations such as data access.During memory does not carry out the accessing operations such as data access, memory device, in even power down state of low-power consumption, can effectively reduce energy resource consumption.Remote storage device provided by the invention has standby and conventional two kinds of mode of operations.Under standby mode, remote storage device, with very low power consumption work, has greatly reduced power consumption, has saved the energy, has reduced the use cost of memory device.Remote storage device under standby mode receiving remote access means wake instruction and status poll instruction up, thereby can proceed at any time and accept user instruction and proceed to routine work pattern, complete data access.Thereby that remote storage device of the present invention and system have advantages of is easy to use, cost is low.
The instruction and data of remote access equipment provided by the invention and remote storage device can carry out End to End Encryption, for the safety of user data data provides basic guarantee.Instruction and data between remote storage device and remote access equipment is by End to End Encryption transmission, what network transmitted is cipher-text information, even if someone obtains transmitted total data from network and also cannot decode, like this, user's file data data can not expose and reveal to unknown personnel, has greatly improved the storage security of file and data information.
The differential file synchronous method of remote access equipment provided by the invention and remote storage device, by comparing the file under remote storage device and remote access equipment assigned catalogue, finds out the discrepant file of tool, only the discrepant file of these tools is carried out synchronously.Make in this way, when synchronous directory, only the file of revising and new file are upgraded, can greatly reduce the required data traffic of Internet Transmission, save network service bandwidth, reduce the file transfer time.File transmission based on fountain coding breakpoint transmission can also improve the Transmission problem that network interrupts, network traffics rise and fall and transmission error brings, and improves user and experiences.
Brief description of the drawings
Fig. 1 is remote storage system composition schematic diagram of the present invention; Wherein (a) is the annexation of each equipment in remote storage system, (b) is the functional block diagram of remote storage device, remote access equipment;
Fig. 2 is the instruction and data reciprocal process of remote access equipment access remote storage device of the present invention;
Fig. 3 is that remote access equipment of the present invention wakes remote storage device up and the reciprocal process of remote storage device standby is set; Wherein (a) is for waking reciprocal process up, (b) for standby reciprocal process is set;
Fig. 4 is remote access equipment access remote storage device of the present invention, upgrades the instruction and data reciprocal process of remote storage device file;
Fig. 5 is remote access equipment access remote storage device of the present invention, reads the instruction and data reciprocal process of telefile;
Fig. 6 is remote access equipment access remote storage device of the present invention, the instruction of row file directory and response reciprocal process;
Fig. 7 is a kind of composition of the remote storage system based on power line communication schematic diagram of embodiment; Wherein (a) is remote storage device based on power line communication and the annexation of power line; (b) be the functional block diagram of remote storage device;
Fig. 8 is in embodiment under several different network environments, remote storage device and system each several part annexation; Wherein (a) is that remote storage device and remote access equipment are in same local area network (LAN) or same public network; (b) be remote storage device and remote access equipment all in IPv6 network, have separately a static IP v6 address; (c) network providing in different Internet service providers separately for remote storage device and remote access equipment, remote storage device and remote access equipment be through network address translation, then realized and being connected by the data transmitting server through being connected to public network;
Fig. 9 is that the differential file simultaneous user interface of remote access equipment in embodiment and remote storage device is not routine;
Figure 10 is that remote access equipment access remote storage device of the present invention is to reduce the fountain-coded data and the encoded packets arranged mode that retransmit, support breakpoint transmission;
Figure 11 installs computer remote additional and manually controls mains switch the structural representation of realizing remote storage device function in embodiment.
Embodiment
Below in conjunction with drawings and Examples, technical scheme of the present invention is described further and is described in detail.
Fig. 1 is remote storage device of the present invention and system composition schematic diagram.Remote storage device is by the Internet or be connected directly to remote access equipment.The wherein empty wire frame representation in the Internet, represents the Internet selectivity connecting system.The Internet can be also local area network (LAN) herein.Remote storage device can be the computer that remote access equipment software has been installed, and can be also the mobile mobile communication terminal that remote access equipment software has been installed.
Fig. 1 (a) is the annexation of each equipment in remote storage device and system.Remote storage device provides the physical storage medium of stored file and data data, and the interface of telefile and data information read and write access is provided.Remote storage device comprises memory, SRM device, conventional access control and safety management module, standby access control and safety management module, conventional remote communication module, standby remote communication module and standby management module.
Wherein memory is the physical storage medium of stored file and data data.This memory can be mobile memory, mobile memory interface (as USB flash disk interface, storage card reader interface) by standard is connected in remote storage device, make user can in remote storage device, insert and take off at any time mobile memory, extension storage capacity.For example, its memory can be equipped with provides one or more mobile memory interfaces, makes user can access at any time the movable storage devices such as USB flash disk, portable hard drive at remote storage device.This memory can be read-only storage, is linked in remote storage device, for remote storage device provides basic capacity configuration by fixing connection.For example, remote storage device can equipped capacitor the basic storage that is 20TB.This memory can comprise mobile memory and read-only storage simultaneously, when making remote storage device have basic memory capacity, can also carry out easily capacity extension.Again for example, its memory can comprise read-only storage and a 1TB mobile memory of 20TB.Its 1TB mobile storage is connected to remote storage device by mobile memory interface.Remote storage access means can send order, mutual copied files between the mobile memory in remote storage device and read-only storage.This provides a kind of remote storage device memory rapid batch document copying method.
As an embodiment, provide a kind of remote storage device and a kind of remote access equipment; Remote storage device comprises USB flash disk, USB flash disk interface, ARM treatment system, network interface card and Single Chip Microcomputer (SCM) system.Its USB flash disk is by USB flash disk interface access ARM treatment system, and network interface card accesses ARM treatment system by data/address bus, and Single Chip Microcomputer (SCM) system and USB flash disk, ARM treatment system, network interface card have control connection.In ARM treatment system, install and USB flash disk is carried out to protocol data between the SRM device software of read and write access and management, the module that completes conventional access control and safety function, the tcp/ip communication that completes network interface card and conventional access control and security module encapsulates and the additional communications modules of decapsulation.Network interface card completes the protocol communication of TCP/IP, forms conventional remote communication module together with additional communications modules.Single Chip Microcomputer (SCM) system completes standby remote communication module, standby access control and security module, standby management control module function, the tcp/ip communication of low rate is provided, and by its inner ON-OFF control circuit, control the power supply of ARM system, network interface card, USB flash disk and USB flash disk interface.At memory device, during in standy operation mode, Single Chip Microcomputer (SCM) system keeps the power supply of ARM system, network interface card, USB flash disk and USB flash disk interface in off-state, reduces power consumption; Single Chip Microcomputer (SCM) system is carried out the command communication of low rate, finishing equipment status poll, and the state of control appliance switches.Can also use short message communication module to replace standby remote communication module, complete standby telecommunications functions.Short message communication module receives operating state inquiry, the working method switching command from remote access equipment short message mode, acts on ON-OFF control circuit by standby management control module, controls the power supply of ARM system, network interface card, USB flash disk and USB flash disk interface.Short message communication module can also send by short message mode the response of short-message instruction.Remote access equipment in the present embodiment is the computer on the internet that is connected that user interface, remote storage resource manager, access control and security module, remote communication module are installed, and completes normal remote memory read-write, manages.Memory reference order in remote access equipment is sent to remote storage device by the protocol communication of TCP/IP through the Internet; In remote access equipment, can be sent to remote storage device through the Internet by the protocol communication of TCP/IP to the inquiry of remote storage operating state, status switching instruction.If the standby remote communication module of remote storage device is short message communication module, the inquiry of remote storage operating state, status switching instruction are converted to note command format by the access control of remote access equipment and security module, and add suitable safety check, deliver to remote communication module, and the note dispatching centre that is sent to the Internet sends to remote storage device.
In this embodiment, can also in remote storage device, install a Temperature Detector that is connected to standby management module additional, standby management module inquiry obtains remote storage device working temperature.When temperature is higher than a default threshold temperature, standby management module sends control command to conventional remote communication module, conventional access control and security module and SRM device, suspense file data access and telecommunication, and record breakpoint.In the time that the temperature of remote storage device is reduced to permissible value, standby management module control recovers each module and normally works; The transmission of its file data can be based on fountain coding breaker point continuous transmission method, and the breakpoint location that continues continues to transmit.Make in this way, remote storage device is the larger heat dissipation equipment of installation volume not, effectively reduces the volume of remote storage device.
As an embodiment, by the common computer with network interface card is suitably reequiped, make it to increase the remote access function of low energy consumption.For example, the power unit of computer is transformed, made the power supply both can be by Long-distance Control, again can be by manually controlling.As shown in figure 11, the mains switch of computer adopts the on-off controller based on power line communication transducer to control; On same power line local area network (LAN), install power line communication gateway interface additional, power line communication transducer is connected with the Internet.The on-off controller of Figure 11 also has hand controller, and user can open or close by hand controller the power supply of computer.In computer, remote storage device software is installed, comprise the SRM device in remote storage device, conventional access control and security module, conventional remote communication module; The power line communication transducer of the mains switch of computer completes standby communication, standby management and standby safety function.If this computer is home computer, when user is away from home, adopt manual mode to close this computer.User, in office, can install remote access equipment software in the working computer of office, makes the working computer of office have remote access equipment function.When user prepares in office during to family's Computer remote access file, inquiry finds that family's Computer is in closed condition.Remote access equipment sends and wakes instruction up to remote storage device, and this instruction is received by the power line communication transducer of remote storage device, and computer power supply in control switch controller opens man.After main Computer start, remote storage device is in routine work state, and user can carry out file read-write and management to it.User completes after the file read-write and management of remote storage device, can long-rangely close a Computer, makes computer get back to stand-by operation state.In this embodiment, power line communication transducer only completes simple instruction and response transmitting-receiving and the simple function of controlling, and traffic rate and disposal ability require very low; As the computer of remote storage device, only in the user memory work of starting shooting momently during the visit, the most of the time of not accessing this equipment user is in off-mode; In addition, power line gateway interface also only need complete low rate communication function, and its disposal ability requires very low, thereby whole system can be with very low energy consumption work.
In the above-described embodiments, conventional access control and safety management module adopt IDEA or TEA private key cryptosystem to be encrypted the instruction and the response that transmit, carry out corresponding decryption processing at receiving terminal.IDEA or TEA password have advantages of that encryption/decryption speed is fast, safe, can not bring data volume expansion.Encryption and decryption are used a kind of password or multiple cascading; This access control and safety management module can also be opened encryption and decryption interface, allow user to embed third-party encryption and decryption module, with tightening security property.
As one embodiment of the present of invention, the remote storage device based on power line communication is as shown in Fig. 7 (a).Remote storage device access power line based on power line communication, by power line communication gateway interface accessing Internet, is then connected to remote access equipment.Remote storage device based on power line communication is as shown in Fig. 7 (b), and this equipment connection, on power line, can obtain lasting supply of electric power, is equipped with and changes battery without installing.In the time that remote storage device works in standby mode, standby management module control switch controller, make the DC power supply of conventional remote communication module, conventional access control and security module, SRM device and the memory of supply based on power line communication in off-state, make remote storage device in low-power consumption operating state.Wake up after instruction when receiving remote access equipment, standby management module control switch controller recovers each modular power source supply, switches back routine work pattern.Like this, during user does not carry out data access to remote storage device, remote storage device power consumption is very low, has effectively saved the energy, reduces equipment use cost.In figure (b), in remote storage device, also can comprise many cover on-off controllers, switch, and overlap conventional remote communication module, conventional access control and security module, SRM device and the memory based on power line communication more.Conventional remote communication module, the conventional access control of every suit based on power line communication can corresponding a set of on-off controller and switch with security module, SRM device and memory.Like this, user can by on-off controller and switch is long-range closes and opens its memory and carry out read and write access.Adopt in this way, a remote storage device can be multiple users provides safe, energy-conservation remote memory space independently.
As an embodiment, Fig. 8 has provided remote storage device of the present invention and system each several part annexation under several different network environments.Wherein Fig. 8 (a) is that remote storage device and remote access equipment are in same local area network (LAN) or same public network; Its remote storage device has IP address 219.152.168.222, and remote access equipment has IP address 219.152.168.223, and these IP addresses are in same local area network (LAN) or same public network.Remote storage device and remote access equipment can directly communicate by IP address, complete instruction or data interaction.Fig. 8 (b) be remote storage device and remote access equipment all in IPv6 network, each son has a static IP v6 address.Its remote storage device has IP address 2001:0db8:85a3:08d3:1319:8a2e:0370:7344, and remote access equipment has IP address 2001:0db8:85a3:08d3:1319:8a2e:0400:3344.These IP addresses are in same public network.Remote storage device and remote access equipment can directly communicate by IP address, complete instruction or data interaction.The network that Fig. 8 (c) provides in different Internet service providers separately for remote storage device and remote access equipment, remote storage device and remote access equipment, through network address translation, are then realized and being connected by the data transmitting server through being connected to public network; The internal network of its remote storage device in network service 1, has implicit IP address and port one 92.168.1.55:5566, is public network address and port 219.152.168.10:9200 through network address translation, is connected to data transmitting server.Data transmitting server has public network static address 219.152.0.1, and the user who is fixed as remote storage device and system provides memory data to forward service.The internal network of its remote access memory device in network service 2, has implicit IP address and port one 0.168.0.25:4465, is public network address and port 219.152.4.22:1245 through network address translation, is connected to data transmitting server.Like this, the data transmitting server that remote storage device and remote access equipment have a static ip address in public network by being located at is realized and being connected.IP address can be set by the user, and also can obtain (IP address acquisition or address transition are completed by other servers in network) to the IP server application in network by remote communication module.For example, user is by a user account of logon data forwarding server registration, and obtains No. ID, a remote storage device and remote access equipment No. ID.User writes remote storage device No. ID by remote storage device, and remote access equipment is write to remote access equipment No. ID.Remote storage device and remote access equipment use respectively and are connected to data transmitting server oneself No. ID, data transmitting server is facility registration according to user No. ID, can realize the associated of remote storage device and remote access equipment, and provide data retransmission service for remote storage device and remote access equipment.If user adopts End to End Encryption to content-encrypts such as instruction, response and data informations between remote storage device and remote storage access means, data transmitting server does not have the clear content of user instruction, response and data information; Only be required to be to improve and forwarded service quality, these ciphertexts of temporary cache, and the ciphertext content that can not store for a long time these instructions, response and data information.Like this, the memory that data transmitting server needs is few, is conducive to reduce the cost that service provides.
As an embodiment, in the conventional access control of the remote storage device of Fig. 1 and the access control of security module and remote access equipment and security module, configure respectively end-to-end encryption and decryption functions; For example, in the conventional access control of remote storage device and security module and in the access control of remote access equipment and security module, configure AES, the encryption and decryption module of IDEA or TEA.When instruction, response and data mail to the conventional access control of remote storage device and security module from remote access equipment, completed the AES of instruction, response and data by the access control of remote access equipment and security module, IDEA or TEA encrypt, completed the AES of data by the conventional access control of remote storage device and security module, IDEA or TEA deciphering.When instruction, response and data mail to remote access equipment from the conventional access control of remote storage device and security module, completed the AES of instruction, response and data by the conventional access control of remote storage device and security module, IDEA or TEA encrypt, completed the AES of data by the access control of remote access equipment and security module, IDEA or TEA deciphering.Its End to End Encryption can also be the special encrypting module that third party provides.In addition, End to End Encryption can adopt multiple encryption algorithms cascade, further to strengthen the fail safe of algorithm.As seen from Figure 8, no matter under which kind of network configuration, instruction, response and data are after End to End Encryption, except remote storage device and remote access equipment, there is not Anywhere the plaintext of instruction, response and data in other in network, like this, user's file and data information can not given unknown personal management, have fundamentally ensured the safety of user data.
Except adopting private key to carry out End to End Encryption, user's mode arranging key that can also use public-key, then carries out data encryption and deciphering according to the private key of consulting to obtain.Make in this way, user without in advance for remote storage device and remote access equipment arrange key, also without being in use that remote storage device and remote access equipment are changed key.Adopt the cipher mode of PKI in conjunction with private key, on the one hand, the fail safe that instruction, response and data transmit has good guarantee, and on the other hand, user is without in advance for End to End Encryption arranges key, and user can obtain better experience.
PKI mode can realize secure communication without key is set in advance, but its while encrypting data propagations large, the bandwidth availability ratio of communication channel is low.Private key encryption/decryption speed is fast, and the data rate of spread is little or do not expand the not communication channel bandwidth outside occupying volume completely.But private key mode need to be set at receiving-transmitting sides the key of encryption and decryption.The mode of PKI and private key combination can overcome shortcoming separately.Adopt PKI to consult private key, then adopt private key to carry out subsequent communications.For example, PKI can carry out as follows in conjunction with the encryption and decryption mode of private key.Its PKI is taking RSA PKI as example, and its private key algorithm can be AES, IDEA or TEA.(1) remote access equipment is chosen two large prime P 1 and P2 at random, and calculates its product P=P1*P2 as encryption key.Preserve P1 and P2 as decruption key, then directly send P to remote storage device with clear-text way.(2) remote storage device is chosen two large prime number Q1 and Q2 at random, and calculates its product Q=Q1*Q2 as encryption key.Preserve Q1 and Q2 as decruption key, then directly send Q to remote access equipment with clear-text way.(3) remote storage device is chosen a private key K at random, and private key K is encrypted with the encryption key P of remote access equipment, and sends remote access equipment to; (4) ciphertext that remote access equipment receiving remote access means sends, and use oneself decruption key P1 and P2 to be decrypted ciphertext, obtain expressly K1; (5) remote access equipment uses the encryption key Q of remote storage device to encrypt K1, and the ciphertext after encrypting is sent to remote storage device; (6) ciphertext that remote storage device receiving remote access means sends, and the decruption key of use oneself is to this decrypt ciphertext, obtains expressly K2; (6) relatively K and K2 of remote storage device, if identical, private key is consulted successfully, subsequent instructions, response and data acquisition carry out end-to-end encryption and decryption by private key mode; Otherwise go to step (1).
Fig. 9 is the differential file simultaneous user examples of interfaces of remote access equipment and the remote storage device of the embodiment of the present invention.Whether user can be by the UI Preferences comparison in remote access equipment and synchronous local directory and remote directory, default update mode, carry out time of End to End Encryption, encryption and decryption mode, access rights, remote storage device standby stand-by period, remote storage device etc.After cipher mode and key are set, for the remote access equipment that is fixedly mounted on harbor, office or family's Computer of remote access equipment software are for example installed, user can be by arranging, End to End Encryption and the access registrar parameter based on setting is carried out automatically, user carries out purview certification without each input password, has both ensured fail safe, improves again user and experiences.In this embodiment, the device driver of remote storage device has been installed in remote access equipment, remote memory is mapped as local virtual driver K by this driver, makes user can use local resource manager accesses virtual driver K.User arranges by " setting " option, make remote storage synchro system to local directory D: myWork and remote directory K: myWork compare and synchronously.User sends after " comparison " order, remote access equipment is mutual by remote storage device instruction and data, obtain remote storage device K: the bibliographic structure of myWork, by itself and local directory D: myWork carry out diversity ratio, its comparative result is as shown in Figure 9.Through relatively finding that D: myWork Patents is different with " specification .doc " file under K: myWork Patents catalogue, this file has newly been revised in this locality; D: myWork Patents is different with " Figure of description .doc " file under K: myWork Patents catalogue, long-range new this file of having revised; Long-range K: myWork have new file " quantum calculation .ppt " under academic report catalogue; Local D: myWork have new file " manuscript.tex " under Papers catalogue.Local directory D: myWork and remote directory K: may there is heap file in myWork, by relatively finding to only have above-mentioned several file there are differences.After relatively completing, upgrading selection default value is " selection ", represents to upgrade the discrepant file of tool of specifying.User can select by cancellation, forbids that some of them have the renewal of differential file; User also selects a kind of update mode in " using new file to replace ancient deed " and " using ancient deed to replace new file " simultaneously.For example, user, after " comparison " command execution completes, arranges " upgrade and select ", cancels the renewal of the 4th file " interplanetary Internet .doc ".Like this, while carrying out " synchronously " order, will can not upgrade file " interplanetary Internet .doc ".Thisly find out the discrepant file of tool by long-range and comparison local file, then according to user, the method that the discrepant file of these tools is upgraded is set, need the file amount upgraded little, reduced Internet Transmission expense; Save the required time of synchronous documents; Meanwhile, this synchronous method is easy to use, and user can obtain good experience.
Figure 10 is that remote access equipment access remote storage device of the present invention is to reduce the fountain-coded data and the encoded packets arranged mode that retransmit, support breakpoint transmission.Needs are upgraded for the SRM device of remote storage device or the remote storage resource manager of remote access equipment and the file of teletransmission carries out fountain coding.K information source packets is (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1), by this K information source packets (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1) reset, obtain new N packet (a 0, b 0..., f 0), (a 1, b 1..., f 1) ..., (a n-1, b n-1..., f n-1); All the 1st bits that are former packet are arranged as the 1st new packet by the number order of former packet, and all the 2nd bits of former packet are arranged as the 2nd new packet by the number order of former packet, the like obtain a new N packet.Further, i packet (a after rearrangement i, b i..., f i) after fountain coding, export semo-infinite sequence (A i, B i..., F i...), i=0,1 ..., N-1; By (A i, B i..., F i...), i=0,1 ..., it is capable that N-1 lines up a N, the matrix of unlimited row, its i sequence (A i, B i..., F i...) be placed on matrix i capable; Read semo-infinite sequence by row order and obtain fountain coding packet sequence (A 0, A 1..., A n-1), (B 0, B 1..., B n-1) ..., (F 0, F 1..., F n-1) ...; Wherein, (A 0, A 1..., A n-1) be the 0th fountain coding bag, (B 0, B 1..., B n-1) be the 1st fountain coding bag, the like; Wherein fountain coding can be LT code, can be also Raptor code, or multi-system fountain codes based on finite field gf (q).The detailed description of the multi-system fountain coding based on finite field gf (q) can be referring to being numbered ZL200910119741.0, and name is called the patent specification of " a kind of multi-system fountain coding and interpretation method based on finite field ".In the time using binary system fountain coding, it uses fountain coding to reduce and retransmits, and supports in the step of breakpoint transmission, and when file fragmentation, every section comprises KN binary character.In the time using the fountain coding of multi-system based on finite field gf (q), it uses fountain coding to reduce and retransmits, and supports in the step of breakpoint transmission, and when file fragmentation, every section comprises KN q system symbol.Use fountain coding, receiving terminal only need receive enough fountain coding bags can recover information source sequence, receives those fountain coding bags without care.In the time of Transmission, transmitting terminal stops sending, and records the fountain coding packet number that stops transmission, and receiving terminal stops receiving, and records fountain coding packet number while stopping receiving; After Transmission recovers, transmitting terminal can continue at original transmission breakpoint place the follow-up fountain coding bag of transmission, reception bag starts to continue to receive fountain coding bag from reception breakpoint and carries out decoding, once successfully decoded, can send successfully decoded confirmation to transmitting terminal, transmitting terminal receives the transmission of successfully confirming and stopping this information source packets.This has just reduced re-transmission effectively, has supported well breakpoint transmission.
The above is preferred embodiment of the present invention, and the present invention should not be confined to the disclosed content of this embodiment and accompanying drawing.Every do not depart under spirit disclosed in this invention, complete equivalence or amendment, all fall into the scope of protection of the invention.

Claims (9)

1. a method for designing for the remote storage system of low energy consumption, is characterized in that: comprise the steps:
Step 1, design stores equipment has conventional and two kinds of mode of operations of standby; Design by control circuit, make memory device there is standby management function: when memory is not conducted interviews to operation or memory device while receiving standby command in setting-up time, by control circuit, make memory, SRM device and enter low-power consumption operating state or cut off working power for remote access communication module and security module; When memory device is in holding state and when receiving memory device and waking instruction up, by control circuit, make memory, SRM device and enter conventional power supply and operating state for remote access communication module and security module;
Step 2, by standby remote communication module and the design of conventional remote communication module, make memory device under standby and routine work state, there is respectively telecommunications functions: when memory device is during in low-power consumption operating state or working power dissengaged positions, standby remote communication module, in low communication speed operating state, can receive memory device operating state query statement, switches memory device mode of operation instruction and send instruction response; When memory, explorer are in the time that routine work state also need to carry out read and write access, conventional remote communication module work, reception memorizer read and write access and storage management instruction and data, and send instruction response and be read data;
Step 3, by memory access control and security module design, make memory device under standby and conventional read and write access operating state, there is respectively the end-to-end encryption and decryption functions of instruction between access control, access rights control and memory device and access means, response and data; Described access control comprises permission or denied access service; Described access rights control function is that different access levels is set, and comprises read-write, read-only, part access rights; In the time that safety requirements is lower, access control is based on simple password authentication; In the time that the level of security requiring is higher, use password in conjunction with the public and private key cipher authentication system purview certification that conducts interviews;
Step 4, design remote access mode is: distance access ports sends after access instruction, the standby management function module inquiry memory device operating state of memory device; When memory device is during in routine work state, SRM device is carried out normal read and write access and the storage management instruction that distance access ports sends memory device, and to the response of distance access ports return instruction and data; When memory device is during in holding state, distance access ports first wakes instruction up to memory device transmitting apparatus, the standby management module of memory device receives and wakes up after instruction, make memory device enter routine work state by control circuit, and this state is returned to distance access ports, memory device is carried out to normal read and write access and storage management.
2. the method for designing of the remote storage system of a kind of low energy consumption according to claim 1, it is characterized in that: the end-to-end encryption and decryption design between described memory device and access means is as follows: (1) respectively the memory access control of memory device and access means with in security module, set same enciphering and deciphering algorithm, and key is set; (2), under the read and write access normal operating conditions of memory device, response and data that the access control of memory device and security module send SRM device, be encrypted computing according to the key of setting and obtain ciphertext; And can be decrypted the plaintext that obtains access instruction, response and data to the remote access equipment ciphertext receiving; Or under the standby mode of memory device, instruction, response and data that standby management function module produces, the corresponding access control of warp and security module are encrypted computing and obtain ciphertext; And adopt decruption key to be decrypted the plaintext that obtains instruction response and data to the remote access equipment ciphertext receiving; (3) access control of access means and security module send remote storage resource manager response and data, be encrypted computing according to the key of setting and obtain ciphertext, and to the remote storage device ciphertext receiving, adopt decruption key to be decrypted and recover expressly, will expressly deliver to the remote storage resource manager of access means.
3. the method for designing of the remote storage system of a kind of low energy consumption according to claim 1, is characterized in that: file content transmits and uses fountain coding, and supports breakpoint transmission; Concrete grammar is:
(A) the information source length K of setting fountain coding, the length N of information source packets;
(B) file to be transmitted is carried out to segmentation, every segment length is KN symbol, obtains altogether L section binary source symbol or multi-system source symbol; Segment counter c=1 is set;
(C) take out c section source symbol, carry out symbol subpackage by the former order of file, each bag N symbol, obtains K information source packets (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1);
(D) reset K information source packets (a 0, a 1..., a n-1), (b 0, b 1..., b n-1) ..., (f 0, f 1..., f n-1), obtain new N packet (a 0, b 0..., f 0), (a 1, b 1..., f 1) ..., (a n-1, b n-1..., f n-1); Rearrangement principle is: the n bit of K former information source packets is arranged as new n packet by the number order of former information source packets, n=1, and 2 ..., N;
(E) by i packet (a after resetting i, b i..., f i) after fountain coding, export semo-infinite sequence (A i, B i..., F i...), i=0,1 ..., N-1; Lined up a N capable, the matrix of unlimited row, i sequence (A i, B i..., F i...) be placed on matrix i capable; Read this matrix by row order and obtain fountain coding packet sequence (A 0, A 1..., A n-1), (B 0, B 1..., B n-1) ..., (F 0, F 1..., F n-1) ...; Wherein, (A 0, A 1..., A n-1) be the 0th fountain coding bag, (B 0, B 1..., B n-1) be the 1st fountain coding bag ...; Its fountain coding adopts LT code, Raptor code or the multi-system fountain codes based on finite field gf (q);
(F) transmitting terminal packet-by-packet sends the fountain coding bag of c section, and receiving terminal receives fountain packet and c information source data segment is carried out to fountain decoding; If successfully decoded, to transmitting terminal loopback confirmation signal; Transmitting terminal is received confirmation signal, stops paying out the fountain coding bag of c section, goes to step (G); Otherwise transmitting terminal continues to send the follow-up fountain coding bag of c section;
(G) segment counter c=c+1 is set, checks whether c is greater than L; If c > is L, file transmits complete; Otherwise go to step (C).
4. a remote storage system, is characterized in that: comprise remote storage device and remote access equipment; Remote storage device passes through the Internet or is directly connected with remote access equipment;
Described remote storage device comprises memory, SRM device, conventional access control and safety management module, standby access control and safety management module, conventional remote communication module, standby remote communication module and standby management module;
Standby management module is connected with security module with security module, conventional remote communication module, standby access control with memory, SRM device, conventional access control respectively; Memory is connected to SRM device; SRM device is connected to conventional access control and security module; Conventional access control and security module are connected to conventional remote communication module; Standby remote communication module is connected with security module with standby access control; Conventional remote communication module and standby communication module provide the TCP/IP network interface of standard, by the Internet or be connected directly to remote access equipment;
Described memory is the physical storage medium of stored file and data data, adopts mobile memory or read-only storage or the combination of the two;
SRM device is resolved and is received instruction, and carries out reading and writing, inquiry, the management of file system, the storage management of file and data information according to instruction;
Conventional access control and safety management module are realized access control, access rights control, safety certification and the file of the SRM device under normal mode and the encryption and decryption that data information transmits;
Standby access control and safety management module are realized the encryption and decryption of access control, access rights control, safety certification and instruction and response under remote storage device standby mode;
Conventional remote communication module completes the communication function that carries out SRM between remote access equipment and remote storage device;
Standby remote communication module completes under remote storage device holding state, the basic communication functions between remote access equipment and remote storage device;
Standby management module completes the standby management of remote storage device, be responsible for the communication flows monitoring of conventional remote communication module, when the communication flows of conventional remote communication module does not have communication flows in default time range, or while receiving the standby command of remote access equipment, control storage, SRM device, access control and security module and conventional remote communication module proceed to low-power consumption standby state, and reduce or turn-off its working power; At remote storage device during in holding state, when receive send from remote access equipment wake remote equipment instruction up time, recover the normal power supply of conventional remote communication module, conventional access control and security module, SRM device and memory, and depart from holding state, proceed to conventional resource management status, accept the resource management of remote access equipment;
Described remote access equipment comprises user interface, remote storage resource manager, access control and security module, remote communication module;
Described user interface is connected with remote storage resource manager, remote storage resource manager is connected with security module with access control, access control and security module are connected to remote communication module, and the TCP/IP network interface of remote communication module by standard is through the Internet or be connected directly to remote storage device;
Wherein, remote communication module completes the communication function that carries out SRM between remote access equipment and remote storage device, comprises that transmission carries out remote storage resource administrative institute and need the signal of communication processing of control command, file data data, packet encapsulation and the decapsulation of communication protocol data;
Access control and safety management module complete the encryption and decryption of access control, access rights control, safety certification and file and the data information of remote storage device;
Remote storage resource manager is by carrying out peer layer instruction interaction with the SRM device of remote storage device, encapsulation access control and security module, remote communication module form remote equipment and drive interface, the management of the reading and writing of remote storage device file and data information, inquiry, file system and storage management are mail to device drives interface, and from device drives interface reading command and response data, realize local resource manager and use local memory access mode access remote storage device;
User interface provides user the man-machine interface of the storage management to remote storage device, completes the resource management of remote storage device by remote storage resource manager.
5. a kind of remote storage system according to claim 4, is characterized in that: described conventional remote communication module completes the ICP/IP protocol communication of network service, the unencryption receiving or encrypted instruction are reached to conventional access control and security module, respond and Apple talk Data Stream Protocol Apple Ta decapsulation from unencryption or the encrypted instruction of conventional access control and security module.
6. a kind of remote storage system according to claim 4, it is characterized in that: described standby remote communication module is operated in low communication speed, the unencryption receiving or encrypted instruction are reached to standby access control and security module, complete the protocol encapsulation from standby access control and security module unencryption or encrypted instruction response and data flow, and be sent to remote access equipment, the remote instructions such as while energy receiving equipment wakes up, device status inquiries.
7. a kind of remote storage system according to claim 4, is characterized in that: the communication protocol that remote communication module interconnects based on ICP/IP protocol and with standby remote communication module.
8. a kind of remote storage system according to claim 4, it is characterized in that: in remote storage device, install a Temperature Detector that is connected to standby management module additional, when temperature is higher than a default threshold temperature, standby management module sends control command to conventional remote communication module, conventional access control and security module and SRM device, suspense file data access and telecommunication, and record breakpoint; When the temperature of remote storage device is lower than permissible value, standby management module control recovers each module and normally works.
9. a kind of remote storage system according to claim 4, is characterized in that: it is synchronous to carry out differential file; Concrete steps are: (1) user's assigning remote access means needs the catalogue of synchronizeing with remote storage device; (2) remote access equipment sends the instruction of row file directorys to remote storage device, obtains and in remote storage device, needs synchronous catalogue and fileinfo; (3) remote access equipment carries out the comparison of size, time to treat file and the filesinsubdir at different levels in synchronous directory of remote storage device and remote access equipment this locality, finds out local new amendment, local new file, long-range new amendment, the different file of long-range new file four classes; (4) remote access equipment is set according to user, uses and upgrades remote storage device file instruction and read telefile instruction and upgrade one by one differential file.
CN201210567950.3A 2012-12-15 2012-12-15 The remote storage system and its design method of a kind of low energy consumption Expired - Fee Related CN103873540B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210567950.3A CN103873540B (en) 2012-12-15 2012-12-15 The remote storage system and its design method of a kind of low energy consumption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210567950.3A CN103873540B (en) 2012-12-15 2012-12-15 The remote storage system and its design method of a kind of low energy consumption

Publications (2)

Publication Number Publication Date
CN103873540A true CN103873540A (en) 2014-06-18
CN103873540B CN103873540B (en) 2018-04-06

Family

ID=50911661

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210567950.3A Expired - Fee Related CN103873540B (en) 2012-12-15 2012-12-15 The remote storage system and its design method of a kind of low energy consumption

Country Status (1)

Country Link
CN (1) CN103873540B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484008A (en) * 2014-12-05 2015-04-01 大唐微电子技术有限公司 Handling method and handling device for low power consumption of chip
CN105531951A (en) * 2014-07-29 2016-04-27 华为技术有限公司 Data encryption and transmission method and device
CN105915637A (en) * 2016-06-07 2016-08-31 厦门纳网科技股份有限公司 Remote automatic standby and awakening method based on storage system server
CN106201490A (en) * 2016-06-30 2016-12-07 天脉聚源(北京)传媒科技有限公司 The method and device that a kind of optimization application is run
CN108132847A (en) * 2017-12-21 2018-06-08 联想(北京)有限公司 A kind of data processing method, the first electronic equipment and computer storage media
CN108351949A (en) * 2015-08-25 2018-07-31 K·斯特拉特福德 method and system for secure data storage
CN109511117A (en) * 2018-09-28 2019-03-22 深圳大学 The defence method and system of the destruction power supply system of wireless energy transfer communication network
CN112115435A (en) * 2020-10-29 2020-12-22 桂林微网互联信息技术有限公司 Computer equipment and working method thereof
CN114422347A (en) * 2022-01-14 2022-04-29 西安热工研究院有限公司 Intelligent thermal power plant power network equipment
CN115174596A (en) * 2022-07-27 2022-10-11 济南浪潮数据技术有限公司 Equipment remote copying method, device and medium
CN115577331A (en) * 2022-12-08 2023-01-06 成都不烦智能科技有限责任公司 Interaction control method, device, system and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050060591A1 (en) * 2003-03-13 2005-03-17 International Business Machines Corporation Information processor, program, storage medium, and control circuit
CN1764908A (en) * 2003-03-26 2006-04-26 松下电器产业株式会社 Memory device
CN101526844A (en) * 2008-03-03 2009-09-09 佳能株式会社 Information processing apparatus and control method thereof
CN102299818A (en) * 2010-06-23 2011-12-28 苏州彭华信息技术有限公司 Method for managing computer working condition based on network access data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050060591A1 (en) * 2003-03-13 2005-03-17 International Business Machines Corporation Information processor, program, storage medium, and control circuit
CN1764908A (en) * 2003-03-26 2006-04-26 松下电器产业株式会社 Memory device
CN101526844A (en) * 2008-03-03 2009-09-09 佳能株式会社 Information processing apparatus and control method thereof
CN102299818A (en) * 2010-06-23 2011-12-28 苏州彭华信息技术有限公司 Method for managing computer working condition based on network access data

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105531951A (en) * 2014-07-29 2016-04-27 华为技术有限公司 Data encryption and transmission method and device
CN104484008A (en) * 2014-12-05 2015-04-01 大唐微电子技术有限公司 Handling method and handling device for low power consumption of chip
CN108351949A (en) * 2015-08-25 2018-07-31 K·斯特拉特福德 method and system for secure data storage
CN105915637A (en) * 2016-06-07 2016-08-31 厦门纳网科技股份有限公司 Remote automatic standby and awakening method based on storage system server
CN106201490A (en) * 2016-06-30 2016-12-07 天脉聚源(北京)传媒科技有限公司 The method and device that a kind of optimization application is run
CN108132847A (en) * 2017-12-21 2018-06-08 联想(北京)有限公司 A kind of data processing method, the first electronic equipment and computer storage media
CN109511117A (en) * 2018-09-28 2019-03-22 深圳大学 The defence method and system of the destruction power supply system of wireless energy transfer communication network
CN112115435A (en) * 2020-10-29 2020-12-22 桂林微网互联信息技术有限公司 Computer equipment and working method thereof
CN114422347A (en) * 2022-01-14 2022-04-29 西安热工研究院有限公司 Intelligent thermal power plant power network equipment
CN115174596A (en) * 2022-07-27 2022-10-11 济南浪潮数据技术有限公司 Equipment remote copying method, device and medium
CN115577331A (en) * 2022-12-08 2023-01-06 成都不烦智能科技有限责任公司 Interaction control method, device, system and storage medium
CN115577331B (en) * 2022-12-08 2023-03-17 成都不烦智能科技有限责任公司 Interaction control method, device, system and storage medium

Also Published As

Publication number Publication date
CN103873540B (en) 2018-04-06

Similar Documents

Publication Publication Date Title
CN103873540A (en) Low-energy-consumption remote storage system and design method thereof
CN102111735B (en) Remote management over wireless wide-area network using short message service
CN102457567B (en) Mirror image backup/recovery method and tool of web management mode
KR101745221B1 (en) Automatic sanitization of data on a mobile device in a network environment
CN102415046A (en) Method for securing communications in a wireless network, and resource-restricted device therefor
CN105739460A (en) Method and device for automatically generating control interface of Internet-of-Things household appliances
CN103916296B (en) A kind of communication system for merging LAN
CN102611693A (en) System and method for netbackup data decryption in a high latency low bandwidth environment
EP2856695A1 (en) A method and system for transferring firmware or software to a plurality of devices
KR20120031943A (en) System and method for priority delivery of load management messages on ip-based networks
CN108419452A (en) Technology for the remote web clients for managing the application in mobile device
CN101141348A (en) Intelligent domestic system and safety implementing method
CN103561044A (en) Data transmission method and data transmission system
US20090232307A1 (en) Method of establishing virtual security keypad session from a mobile device using java virtual machine
KR20160043535A (en) Secure wireless device connection using power line messages
CN102986290A (en) Method and apparatus for wireless distributed computing
US10255643B2 (en) Classified relation networking optimization platform in open wireless architecture (OWA) mobile cloud terminal device
CN101799677A (en) System and method for remotely controlling household intelligent terminal
CN101924696A (en) Be used for effectively realizing the system and method for enhanced router device
CN109617867A (en) A kind of Intelligent gateway system for home equipment control
CN105228114A (en) A kind of Encrypted short message receive-transmit system based on power failure navigation system and method
CN113515075A (en) Intelligent control system and method through low-power-consumption long-distance radio frequency wireless network
CN104660644A (en) Communication method and remote terminal
CN211577683U (en) Intelligent household equipment and intelligent household system
CN113474829A (en) Secure secret shared storage system using cloud services

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180406

Termination date: 20181215