Summary of the invention
The object of the present invention is to provide a kind of method of writing in files data, method and the device of file reading data, by file data is carried out to burst processing, slicing files data are disperseed to be stored on local and server, thereby make file data be difficult to intactly be stolen, the safety of safeguard file data to a great extent.
According to an aspect of the present invention, provide a kind of method of writing in files data, comprise, in computer system, carry out following steps: obtain the file write request that comprises file identification and memory buffer regional address; The file data that will write according to described core buffer address acquisition; Described file data is partitioned into two or more data fragmentations; The first fragment data of a part that comprises the two or more data fragmentations that are divided into is write to the predetermined partition in local disk; The second fragment data of the remainder that comprises the two or more data fragmentations that are divided into is sent to server; Receive the event memory of described the second fragment data from described server; The file storage data that write the data-bias value, burst size and the memory address that comprise each data fragmentation in the file of described file identification instruction, wherein, in described the second fragment data, the memory location of each data fragmentation is the precalculated position on server.
According to a further aspect in the invention, provide a kind of method of file reading data, comprise, in computer system, carry out following steps: obtain the file read requests that comprises file identification; From the file file reading storage data of described file identification instruction, described file storage data comprise data-bias value, burst size and the memory address of at least two data fragmentations, wherein, using comprising that the data fragmentation of memory address in the predetermined partition of local disk is as the first fragment data, using the data fragmentation that comprises the precalculated position of memory address on server as the second fragment data; Read corresponding the first data fragmentation described the first fragment data from described memory address respectively according to data-bias value, burst size and the memory address of each data fragmentation in described the first fragment data; According to data-bias value, burst size and the memory address of each data fragmentation in described the second fragment data to server request the second fragment data; Receive described the second fragment data from described server; Build described file data in core buffer according to the second fragment data of the file storage data that read, the first fragment data reading and reception.
According to a further aspect in the invention, provide a kind of method of store file data, comprise, carry out following steps at server end: the fragment data that comprises data fragmentation from client; The fragment data of storing received; To send to described client about the event memory of described fragment data.
According to a further aspect in the invention, provide a kind of method that file data is provided, comprise, carry out following steps at server end: from client memory address and burst size; Read the fragment data of described burst size from described memory address; The fragment data reading is sent to described client.
According to a further aspect in the invention, provide a kind of device for writing in files data, comprising: write request receiving element, for obtaining the file write request that comprises file identification and memory buffer regional address; File data acquiring unit, for the file data that will write according to described core buffer address acquisition; Data partitioning unit, for being partitioned into two or more data fragmentations by described file data; The first fragment data storage unit, for writing the first fragment data of a part that comprises the two or more data fragmentations that are divided into the predetermined partition of local disk; The second fragment data storage unit, for the second fragment data of the remainder that comprises the two or more data fragmentations that are divided into is sent to server, and receives the event memory of described the second fragment data from described server; File writing unit, for write the file storage data of the data-bias value, burst size and the memory address that comprise each data fragmentation at the file of described file identification instruction, wherein, in described the second fragment data, the memory location of each data fragmentation is the precalculated position on server.
According to a further aspect in the invention, provide a kind of device of store file data, comprising: fragment data receiving element, for comprise the fragment data of data fragmentation from client; Fragment data storage unit, for the fragment data of storing received; Event memory transmitting element, for sending to described client about the event memory of described fragment data.
According to a further aspect in the invention, provide a kind of device of file reading data, comprising: read requests receiving element, for obtaining the file read requests that comprises file identification; Document reading unit, for the file file reading storage data from described file identification instruction, described file storage data comprise data-bias value, burst size and the memory address of at least two data fragmentations, wherein, using comprising that the data fragmentation of memory address in the predetermined partition of local disk is as the first fragment data, using the data fragmentation that comprises the precalculated position of memory address on server as the second fragment data; The first fragment data reading unit, for reading corresponding the first data fragmentation described the first fragment data from described memory address respectively according to the data-bias value of the each data fragmentation of described the first fragment data, burst size and memory address; The second fragment data reading unit, for according to the data-bias value of the each data fragmentation of described the second fragment data, burst size and memory address to server request the second fragment data, and receive described the second fragment data from described server; File data construction unit, for building described file data according to the second fragment data of file storage data, the first fragment data reading and the reception of reading in core buffer.
According to a further aspect in the invention, provide a kind of device that file data is provided, comprising: fragment data request reception unit, for from client memory address and burst size; Fragment data reading unit, for reading the fragment data of described burst size from described memory address; Fragment data transmitting element, for sending to described client by the fragment data reading.
Beneficial effect
The device that comprises the file management methods such as file writes, file reads and implement described method according to the present invention carries out burst processing by the file that user is write, a part is wherein stored in the predetermined partition of local disk, and another part is wherein stored on server, can reduce the possibility that all files data are revealed; And by being stored in local fragment data and being stored in the hidden partition of local disk, invisible to user, the security that can improve file data.According to file management method of the present invention, by file is divided into two parts, and two parts are disperseed to be stored in the mode in local disk and another system, even if the situation of divulging a secret appears in certain computer, also cannot obtain complete file.
In addition, before file data execution burst is processed, can be to described file data executive software or hardware encipher processing, further to guarantee the security of file data.
Embodiment
Present general inventive concept of the present invention is, in computer system, provide a kind of file management method: the file that user is write carries out burst processing, be divided into two parts, a part is wherein stored in the predetermined partition of local disk, and another part is wherein stored on server, and the described two-part storage information of file is stored in the file that user will write; In the time that user view reads the file data previously writing in the foregoing manner, from being written to the storage information of file file reading of user instruction, read the partial document data in the predetermined partition of local disk according to described storage information and be stored in another part file data server from server request, then carrying out the actual file data writing of reconstruct user according to the partial document data that read and another part file data of request.Described for storing the hidden partition that the predetermined partition of local disk of fragment data can be pre-configured local disk, invisible to user, to improve the security of file data.According to file management method of the present invention, by file is divided into two parts, and two parts are disperseed to be stored in the mode in local disk and another system, even if the situation of divulging a secret appears in certain computer, also cannot obtain complete file.
In order to keep and existing file management system compatibility, can be at the inner nuclear layer of computer system the processing entrance using the form of driver component as file management method of the present invention, the file request that writes and read driving to catch upper strata at inner nuclear layer, after this can be the reading of the application layer execute file data of system, write, the processing such as storage and reconstruct.In addition, before file data execution burst is processed, can be to described file data executive software or hardware encipher processing, further to guarantee the security of file data.By file data is carried out to burst storage and encryption, can prevent to a great extent the generation of the event that file divulges a secret.
On this basis, also can carry out difference management to user's file.For example, can pre-configuredly comprise the file operation white list of the information that allows the file that carries out burst storage or comprise the file operation blacklist of the information of the file that does not allow burst storage.In this article, described file operation white list and file operation blacklist are referred to as to file operation permissions data.In the time processing file write request, the file write request of reception is mated with the file operation permissions data prestoring, to determine whether to allow burst store file data.Write for the file that allows burst store file data, can continue to carry out burst stores processor; And write for the file that does not allow burst store file data, can be according to the needs of file management, write described file data according to general document management mode in the disk position of the file write request instruction receiving, or directly drive the information of returning to write error to prevent file copy to upper strata.Like this, can be for example to being construed to the file of important information or the file that regulation writes disk particular zones being forced to carry out burst storage, or forbid the file data of Application-Specific Processing operation to carry out burst store and management etc.
Fig. 1 is the integrated stand composition according to the file management method of exemplary embodiment of the present invention.
With reference to Fig. 1, when user's input requirements write F: when the instruction of 1.txt file, the driver component 10 that is positioned at system kernel layer is caught the file write request bag driving from upper strata, described file write request bag can comprise file identification and memory buffer regional address, also can also comprise initial off-set value and the data writing size of writing.Operation 1 in Fig. 1, described driver component 10 passes to described memory buffer regional address the documentor 20 of application layer, and documentor 20 obtains the file data that will write and described file data is partitioned into two or more data fragmentations according to described memory buffer regional address (and initial off-set value and data writing size of writing).In operation 3, documentor 20 by the first fragment data of a part that comprises the two or more data fragmentations that are divided into write predetermined partition in local disk G:; In operation 4, the second fragment data of the remainder that comprises the two or more data fragmentations that are divided into is sent to server by documentor 20, and receive the event memory of described the second fragment data from described server.After this, documentor 20 the file of described file identification instruction F: write the file storage data of the data-bias value, burst size and the memory address that comprise each data fragmentation in 1.txt, wherein, in described the second fragment data, the memory location of each data fragmentation is the precalculated position on server.
On the other hand, when user's input requirements read F: when the instruction of 1.txt file, the driver component 10 that is positioned at system kernel layer is caught the file read requests bag driving from upper strata, described file read requests bag can comprise file identification, also can further comprise initial off-set value and the reading out data size of reading.Operation 1 in Fig. 1, described driver component 10 passes to described file identification (and initial off-set value and reading out data size of reading) documentor 20 of application layer.In operation 2, documentor 20 from the file of described file identification instruction F: 1.txt file reading storage data, described file storage data comprise data-bias value, burst size and the memory address of at least two data fragmentations, wherein, using comprising that the data fragmentation of memory address in the predetermined partition of local disk is as the first fragment data, using the data fragmentation that comprises the precalculated position of memory address on server as the second fragment data.In operation 3, documentor 20 reads corresponding the first data fragmentation described the first fragment data from described memory address respectively according to data-bias value, burst size and the memory address of each data fragmentation in described the first fragment data; In operation 4, documentor 20 to server request the second fragment data, and receives described the second fragment data from described server according to data-bias value, burst size and the memory address of each data fragmentation in described the second fragment data.After this, documentor 20 builds described file data according to the second fragment data receiving in the operation 2 file storage data that read, at operation 3 the first fragment datas that read and in operation 4 in core buffer.
Fig. 2 is according to the schematic diagram of the file fragmentation storage of exemplary embodiment of the present invention.
With reference to Fig. 2, user use word.exe editing files data and by editor's file data be stored as F: 1.txt.Write processing through aforesaid file, by the first fragment data be stored as G: on file a, and the second fragment data is stored as file b by precalculated position on server.According to the size of file data, can be also two or more files by the first fragment data and the second fragment data distributed store.
Fig. 3 is according to the process flow diagram of the method for the writing in files data of exemplary embodiment of the present invention.
With reference to Fig. 3, at step S310, obtain the file write request that comprises file identification and memory buffer regional address.Described file identification comprises file path and file name.According to an alternative embodiment of the invention, described file write request also can further comprise initial off-set value and the data writing size of writing in file data, with writing of operating part file data.
At step S320, the file data that will write according to described core buffer address acquisition.According to an alternative embodiment of the invention, at step S320, can be according to described memory buffer regional address, initially write data that off-set value and data writing acquiring size write said write size of data off-set value from memory buffer regional address initial as the described file data that will write, the partial document data that will write to read appointment.
At step S330, described file data is partitioned into two or more data fragmentations.Here, can simply described file data be divided into two, also can as required described file data be divided into more than two equal and opposite in direction or data fragmentation not etc.
At step S340, the first fragment data of a part that comprises the two or more data fragmentations that are divided into is write to the predetermined partition in local disk.According to a preferred embodiment of the invention, the predetermined partition of described local disk is the hidden partition separating in local disk, thereby user cannot directly obtain described the first fragment data, to improve data security.
At step S350, the second fragment data of the remainder that comprises the two or more data fragmentations that are divided into is sent to server.
At step S360, receive the event memory of described the second fragment data from described server.The event memory of described the second fragment data can comprise the memory location of the file that stores described the second fragment data.
At step S370, in the file of described file identification instruction, write the file storage data of the data-bias value, burst size and the memory address that comprise each data fragmentation.Wherein, in described the second fragment data, the memory location of each data fragmentation can be the precalculated position on server, can be also the memory location that server that the event memory of described the second fragment data from receiving obtains stores the file of described the second fragment data.Here said memory location can be the logical place of the file for storing described fragment data, as the file path in file system and file name.
In order to keep the leakage-preventing management of the different levels to file with the compatible of existing file way to manage and support, the pre-configured file operation permissions data that comprises the information that allows the information of the file that carries out burst storage or do not allow the file of burst storage.The described information that allows the file that carries out burst storage can comprise and allows the information of the file type of carrying out burst storage and allow at least one in the information of the file place disk partition of carrying out burst storage; The information of the described file that does not allow burst storage can comprise the information of the file type that does not allow burst storage and it not allowed at least one in the information of process of burst storage file.
Before execution step S320 or S330, the file write request of reception is mated with the file operation permissions data prestoring, to determine whether to allow burst store file data.If according to determining and allow burst store file data with mating of described file operation permissions data, continue execution step S330~370.
If according to determining and do not allow burst store file data with mating of described file operation permissions data, drive the information of returning to write error to upper strata, to prevent unwarranted file copy, or according to common file writing mode, write described file data in the disk position of the file write request instruction receiving.
According to a preferred embodiment of the invention, in order further to improve the security of file data, before execution step S330, the file data obtaining at step S320 is encrypted, and at step S370, in the file of described file identification instruction, also write for by the information of described file data encrypt/decrypt.
According to a preferred embodiment of the invention, at step S310, catch the described file write request driving from upper strata at system kernel layer, at the application layer execution step S320~S370 of system, and system kernel layer also returns to upper strata driving by the pointer of the file of described file identification instruction.Fig. 4 is according to the process flow diagram of the method for the store file data of exemplary embodiment of the present invention.
With reference to Fig. 4, at step S410, comprise the fragment data of data fragmentation from client.
At step S420, the fragment data of storing received.Can the fragment data of described reception be stored as to file in precalculated position.
At step S430, will send to described client about the event memory of described fragment data.According to an alternative embodiment of the invention, the described event memory about described fragment data comprises the memory location of the file that stores described fragment data.
Fig. 5 be according to the file reading data of exemplary embodiment of the present invention the process flow diagram of method.
With reference to Fig. 5, at step S510, obtain the file read requests that comprises file identification.Described file identification can comprise file path and file name.According to an alternative embodiment of the invention, described file read requests can also comprise initial off-set value and the reading out data size of reading in described file data.
At step S520, from the file file reading storage data of described file identification instruction, described file storage data comprise data-bias value, burst size and the memory address of at least two data fragmentations, wherein, using comprising that the data fragmentation of memory address in the predetermined partition of local disk is as the first fragment data, using the data fragmentation that comprises the precalculated position of memory address on server as the second fragment data.According to a preferred embodiment of the invention, the predetermined partition of described local disk is the hidden partition separating in local disk.
At step S530, read corresponding the first data fragmentation described the first fragment data from described memory address respectively according to data-bias value, burst size and the memory address of each data fragmentation in described the first fragment data.
At step S540, according to data-bias value, burst size and the memory address of each data fragmentation in described the second fragment data to server request the second fragment data, be specially, the size of the memory address of the second fragment data and the second fragment data is sent to server, the size of described the second fragment data be each data fragmentation in the second fragment data burst size and.
At step S550, receive described the second fragment data from described server.
At step S560, build described file data in core buffer according to the second fragment data of the file storage data that read, the first fragment data reading and reception.If the described file read requests obtaining at step S510 can also comprise initial off-set value and the reading out data size of reading in described file data, at step S560, build the file data that reads described reading out data size off-set value from initial in core buffer according to the second fragment data of the file storage data that read, the first fragment data reading and reception.
According to an alternative embodiment of the invention, before execution step S520, the file read requests of reception is mated with the file operation permissions data prestoring, to determine whether to need burst assembling file data.Described file operation permissions data comprises the information that allows the information of the file that carries out burst storage or do not allow the file that carries out burst storage.The described information that allows the file that carries out burst storage comprises and allows the information of the file type of carrying out burst storage and allow at least one in the information of the file place disk partition of carrying out burst storage, and the information of the described file that does not allow burst storage comprises the information of the file type that does not allow burst storage and it is not allowed at least one in the information of process of burst storage file.If determine and need burst assembling file data, continue to carry out the operation from the file file reading storage data of described file identification instruction; If determine and do not need burst assembling file data, read described file data in the disk position of the file identification instruction receiving.
According to a preferred embodiment of the invention, in the file of described file identification instruction also with for by the information of described file data encrypt/decrypt, and building after described file data, use described by the information of described file data encrypt/decrypt by described decrypt file data.
According to a preferred embodiment of the invention, step S510, catch the file read requests driving from upper strata at system kernel layer, at the application layer execution step S520~S560 of system, and system kernel layer also by described file data in the address of core buffer and the size of described file data return to upper strata and drive.
Fig. 6 is according to the process flow diagram of the method that file data is provided of exemplary embodiment of the present invention.
With reference to Fig. 6, at step S610, from client memory address and burst size.
At step S620, read the fragment data of described burst size from described memory address.For example, read the fragment data of described burst size from being stored in the file of described memory address.
At step S630, the fragment data reading is sent to described client.
Fig. 7 is according to the logic diagram of the device of the writing in files data of exemplary embodiment of the present invention.
With reference to Fig. 7, comprise write request receiving element 710, file data acquiring unit 720, data partitioning unit 730, the first fragment data storage unit 740, the second fragment data storage unit 750 and file writing unit 760 according to the device of the writing in files data of exemplary embodiment of the present invention.
Write request receiving element 710 is for obtaining the file write request that comprises file identification and memory buffer regional address.Described file identification comprises file path and file name.According to an alternative embodiment of the invention, described file write request also can further comprise initial off-set value and the data writing size of writing in file data, with writing of operating part file data.
The file data of file data acquiring unit 720 for writing according to described core buffer address acquisition.According to an alternative embodiment of the invention, file data acquiring unit 720 can be according to described memory buffer regional address, initially write data that off-set value and data writing acquiring size write said write size of data off-set value from memory buffer regional address initial as the described file data that will write, the partial document data that will write to read appointment.
Data partitioning unit 730 is for being partitioned into two or more data fragmentations by described file data.
The first fragment data storage unit 740 is for writing the first fragment data of a part that comprises two or more data fragmentations that data partitioning unit 730 is divided into the predetermined partition of local disk.Predetermined partition in described local disk is the hidden partition separating in local disk.
The second fragment data storage unit 750 is for the second fragment data of the remainder that comprises the two or more data fragmentations that are divided into is sent to server, and receives the event memory of described the second fragment data from described server.The event memory of described the second fragment data can comprise the memory location of the file that stores described the second fragment data.
File writing unit 760 is for writing the file storage data of the data-bias value, burst size and the memory address that comprise each data fragmentation at the file of described file identification instruction, wherein, in described the second fragment data, the memory location of each data fragmentation is the precalculated position on server.Also can be the memory location that server that the event memory of described the second fragment data from receiving obtains stores the file of described the second fragment data.
According to a preferred embodiment of the invention, described data partitioning unit 730 is being partitioned into described file data before two or more data fragmentations, the file write request of reception is mated with the file operation permissions data prestoring, to determine whether to allow burst store file data, described file operation permissions data comprises the information that allows the information of the file that carries out burst storage or do not allow the file of burst storage.The described information that allows the file that carries out burst storage can comprise and allow the information of the file type of carrying out burst storage and allow at least one in the information of the file place disk partition of carrying out burst storage, and the information of the described file that does not allow burst storage can comprise the information of the file type that does not allow burst storage and it is not allowed at least one in the information of process of burst storage file.
If described data partitioning unit 730 is according to determining and allow burst store file data with mating of described file operation permissions data, described data partitioning unit continuation is carried out described file data is partitioned into two or more data fragmentations, and the first fragment data storage unit 740, the second fragment data storage unit 750 and file writing unit 760 can continue the processing that writes of executing data storage and file storage data; If described data partitioning unit 730 is according to determining and do not allow burst store file data with mating of described file operation permissions data, described data partitioning unit 730 drives the information of returning to write error to upper strata, or file writing unit 760 writes described file data in the disk position of the file write request instruction receiving.
According to a preferred embodiment of the invention, the device of said write file data also comprises DEU data encryption unit (not shown), described DEU data encryption unit, in described data partitioning unit, described file data being partitioned into before two or more data fragmentations, is encrypted described file data.According to another preferred embodiment of the invention, file writing unit 760 also writes for by the information of described file data encrypt/decrypt in the file of described file identification instruction, wherein, when described DEU data encryption unit is encrypted described file data, use and described the information of described file data encrypt/decrypt is encrypted described file data.
According to a preferred embodiment of the invention, write request receiving element 710 is caught the described file write request driving from upper strata at system kernel layer; File data acquiring unit 720, DEU data encryption unit (if any), data partitioning unit 730, the first fragment data storage unit 740, the second fragment data storage unit 750 and file writing unit 760 carry out in the application layer of system.
According to a preferred embodiment of the invention, described device is also included in the write request response unit of system kernel layer, and said write request-response unit drives for the pointer of the file of described file identification instruction being returned to upper strata after described file writing unit 760 is complete.
Fig. 8 is according to the logic diagram of the device of the store file data of exemplary embodiment of the present invention.
With reference to Fig. 8, comprise fragment data receiving element 810, fragment data storage unit 820 and event memory transmitting element 830 according to the device of the store file data of exemplary embodiment of the present invention.
Fragment data receiving element 810 is for comprising the fragment data of data fragmentation from client.
Fragment data storage unit 820 is for the fragment data of storing received.The specified optional embodiment according to the present invention, fragment data storage unit 820 is stored as file in precalculated position by the fragment data of described reception.
Event memory transmitting element 830 is for sending to described client about the event memory of described fragment data.The described event memory about described fragment data can comprise the memory location of the file that stores described fragment data.
Fig. 9 is according to the logic diagram of the device of the file reading data of exemplary embodiment of the present invention.
With reference to Fig. 9, comprise read requests receiving element 910, document reading unit 920, the first fragment data reading unit 930, the second fragment data reading unit 940 and file data construction unit 950 according to the device of the file reading data of exemplary embodiment of the present invention.
Read requests receiving element 910 is for obtaining the file read requests that comprises file identification.Described file identification can comprise file path and file name.
Document reading unit 920 is for the file file reading storage data from described file identification instruction, described file storage data comprise data-bias value, burst size and the memory address of at least two data fragmentations, wherein, using comprising that the data fragmentation of memory address in the predetermined partition of local disk is as the first fragment data, using the data fragmentation that comprises the precalculated position of memory address on server as the second fragment data.According to a preferred embodiment of the invention, the predetermined partition of described local disk is the hidden partition separating in local disk.
The first fragment data reading unit 930 is for reading corresponding the first data fragmentation described the first fragment data from described memory address respectively according to the data-bias value of the each data fragmentation of described the first fragment data, burst size and memory address.
The second fragment data reading unit 940 for according to the data-bias value of the each data fragmentation of described the second fragment data, burst size and memory address to server request the second fragment data, and receive described the second fragment data from described server.
File data construction unit 950 is for building described file data according to the second fragment data of file storage data, the first fragment data reading and the reception of reading in core buffer.
According to an alternative embodiment of the invention, the described file read requests receiving also comprises that initial in described file data read off-set value and reading out data size, and described file data construction unit 950 for according to the second fragment data of file storage data, the first fragment data reading and the reception of reading at core buffer structure from the initial file data that reads described reading out data size off-set value.
According to a preferred embodiment of the invention, obtain at read requests receiving element 910 after the file read requests that comprises file identification, document reading unit 920 also mates the file read requests of reception with the file operation permissions data prestoring, to determine whether needing burst assembling file data, described file operation permissions data comprises the information that allows the information of the file that carries out burst storage or do not allow the file that carries out burst storage.The described information that allows the file that carries out burst storage can comprise and allow the information of the file type of carrying out burst storage and allow at least one in the information of the file place disk partition of carrying out burst storage, and the information of the described file that does not allow burst storage can comprise the information of the file type that does not allow burst storage and it is not allowed at least one in the information of process of burst storage file.
Need burst assembling file data if document reading unit 920 is determined, document reading unit 920 is from the file file reading storage data of described file identification instruction; Do not need burst assembling file data if document reading unit 920 is determined, document reading unit 920 reads described file data in the disk position of the file identification instruction receiving.
According to a preferred embodiment of the invention, described device also comprises data decryption unit (not shown), the described decrypt file data of described data decryption unit for file data construction unit is built.According to another preferred embodiment of the invention, document reading unit 920 also reads for by the information of described file data encrypt/decrypt in the file of described file identification instruction, wherein, described data decryption unit use described by the information of described file data encrypt/decrypt by described decrypt file data.
According to a preferred embodiment of the invention, read requests receiving element 910 is caught the file read requests driving from upper strata at system kernel layer, document reading unit 920, the first fragment data reading unit 930, the second fragment data reading unit 940 and file data construction unit 950 are carried out in the application layer of system; Described device also comprises: at the read requests response unit of system kernel layer, described read requests response unit for by described file data in the address of core buffer and the size of described file data return to upper strata drive.
Figure 10 is according to the logic diagram of the device that file data is provided of exemplary embodiment of the present invention.
With reference to Figure 10, described in provide the device of file data to comprise: fragment data request reception unit 1010, fragment data reading unit 1020 and fragment data transmitting element 1030.
Fragment data request reception unit 1010 is for from client memory address and burst size.
Fragment data reading unit 1020 is for reading the fragment data of described burst size from described memory address.For example, fragment data reading unit 1020 can read from being stored in the file of described memory address the fragment data of described burst size.
Fragment data transmitting element 1030 is for sending to described client by the fragment data reading.
The device that comprises the file management methods such as file writes, file reads and implement described method according to the present invention carries out burst processing by the file that user is write, a part is wherein stored in the predetermined partition of local disk, and another part is wherein stored on server, can reduce the possibility that all files data are revealed; And by being stored in local fragment data and being stored in the hidden partition of local disk, invisible to user, the security that can improve file data.According to file management method of the present invention, by file is divided into two parts, and two parts are disperseed to be stored in the mode in local disk and another system, even if the situation of divulging a secret appears in certain computer, also cannot obtain complete file.
In addition, before file data execution burst is processed, can be to described file data executive software or hardware encipher processing, further to guarantee the security of file data.
On this basis, mate with file operation permissions data by the fileinfo that will write/read, also can carry out difference management to user's file, can be for example to being construed to the file of important information or the file that regulation writes disk particular zones being forced to carry out burst storage, or forbid the file data of Application-Specific Processing operation to carry out burst store and management etc.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, any be familiar with those skilled in the art the present invention disclose technical scope in; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of described claim.