CN106203142A - A kind of method and device of the Primary Hard Drive data protecting computer - Google Patents

A kind of method and device of the Primary Hard Drive data protecting computer Download PDF

Info

Publication number
CN106203142A
CN106203142A CN201610580991.4A CN201610580991A CN106203142A CN 106203142 A CN106203142 A CN 106203142A CN 201610580991 A CN201610580991 A CN 201610580991A CN 106203142 A CN106203142 A CN 106203142A
Authority
CN
China
Prior art keywords
computer
hard drive
key
primary hard
storage equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610580991.4A
Other languages
Chinese (zh)
Inventor
骆建军
车嵘
丁塔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sage Microelectronics Corp
Original Assignee
Sage Microelectronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sage Microelectronics Corp filed Critical Sage Microelectronics Corp
Priority to CN201610580991.4A priority Critical patent/CN106203142A/en
Publication of CN106203142A publication Critical patent/CN106203142A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0637Permissions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses the method and device of a kind of Primary Hard Drive data protecting computer.In external mobile storage equipment, prestore the key of the Primary Hard Drive data for encryption and decryption computer, when computer to be used, computer is connected with external mobile storage equipment.The method includes: when the electric power starting of computer, and by the first os starting computer, the first operating system is installed in external mobile storage equipment in advance;After computer starting, obtain the key of storage in external mobile storage equipment, so that the Primary Hard Drive of computer enters encryption and decryption mode of operation;Generated by the first operating system and restart instruction;When restarting the computer, restart computer by the second operating system, so that computer enters normal operating conditions based on the second operating system.Application the method, by key storage in external mobile storage equipment, separates with the Primary Hard Drive of computer, improves the safe class of Primary Hard Drive data.

Description

A kind of method and device of the Primary Hard Drive data protecting computer
Technical field
The present invention relates to technical field of data security, a kind of method particularly relating to Primary Hard Drive data protecting computer And device.
Background technology
Computer, as the instrument that people's work and life are conventional, its problem of data safety gets growing concern for.
In the prior art, it is common that carry encryption function by the hard disk of computer and realize the protection to hard disc data.
In this method of prior art, data and key are required for storing in a hard disk, and key is easy to by illegally Stealing, once key from stealing, hard disc data will be compromised so that the safety of hard disc data is low.
Summary of the invention
For solving above-mentioned technical problem, the present invention provides the method and device of a kind of Primary Hard Drive data protecting computer.
A kind of method of Primary Hard Drive data protecting computer, prestores for adding solution in external mobile storage equipment The key of the Primary Hard Drive data of close computer, when to use described computer, deposits described computer with described external movement Storage equipment connects, and described method includes:
When the electric power starting of described computer, the Primary Hard Drive of described computer is in the state of not being activated, by first Computer described in os starting, described first operating system is installed in described external mobile storage equipment in advance;
After described computer starting, obtain the described key of storage in described external mobile storage equipment, so that described The Primary Hard Drive of computer enters encryption and decryption mode of operation, and the Primary Hard Drive of described computer is active;
The described Primary Hard Drive the second operation system to being installed on described Primary Hard Drive in advance is ordered about by described first operating system After the related data successful decryption of system, generate and restart instruction;
When described restarting the computer, restart described computer by described second operating system, so that institute State computer and enter normal operating conditions based on described second operating system.
In a kind of detailed description of the invention of the present invention, in the described external mobile storage equipment of described acquisition, storage is described Key, including:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, described subscriber identity information is in user name, password, biological characteristic At least one.
In a kind of detailed description of the invention of the present invention, described method also includes:
The described key got is temporarily held in the buffer register of described Primary Hard Drive.
In a kind of detailed description of the invention of the present invention, the key in described external mobile storage equipment is at encryption Reason and the hiding key processed.
In a kind of detailed description of the invention of the present invention, described external mobile storage equipment is USB flash disk, it is total to have general serial The portable hard drive of line USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is external series advanced technology attachment The portable hard drive of part eSATA interface and the one having in the card reader of storage card.
The device of a kind of Primary Hard Drive data protecting computer, prestores for adding solution in external mobile storage equipment The key of the Primary Hard Drive data of close computer, when to use described computer, deposits described computer with described external movement Storage equipment connects, and described device includes:
Computer starting module, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in not Be activated state, and by computer described in the first os starting, described first operating system is installed on described external in advance In movable storage device;
Key Acquisition Module, for after described computer starting, obtains storage in described external mobile storage equipment Described key, so that the Primary Hard Drive of described computer enters encryption and decryption mode of operation, the Primary Hard Drive of described computer is in activation State;
Instruction of restarting generation module, for ordering about described Primary Hard Drive to being installed on institute in advance by described first operating system After the related data successful decryption of the second operating system stating Primary Hard Drive, generate and restart instruction;
Restart module, for when described restarting the computer, restarted by described second operating system Described computer, so that described computer enters normal operating conditions based on described second operating system.
In a kind of detailed description of the invention of the present invention, described Key Acquisition Module, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, described device also includes:
Key preserves module, for the described key got is temporarily held in the buffer register of described Primary Hard Drive In.
In a kind of detailed description of the invention of the present invention, the key in described external mobile storage equipment is at encryption Reason and the hiding key processed.
The application technical scheme that provided of the embodiment of the present invention, when after the electric power starting of computer, the Primary Hard Drive of computer It is in the state of not being activated, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage The key prestored in equipment, so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in State of activation, then restarts computer by the second operating system of Primary Hard Drive, and computer enters based on the second operating system Enter normal operating conditions.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make close Key separates with the Primary Hard Drive of computer, it is not easy to be stolen, and improves the safe class of Primary Hard Drive data.
Accompanying drawing explanation
For the clearer explanation embodiment of the present invention or the technical scheme of prior art, below will be to embodiment or existing In technology description, the required accompanying drawing used is briefly described, it should be apparent that, the accompanying drawing in describing below is only this Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to root Other accompanying drawing is obtained according to these accompanying drawings.
Fig. 1 is the implementing procedure figure of a kind of method of Primary Hard Drive data protecting computer in the embodiment of the present invention;
Fig. 2 is the structural representation of the device of a kind of Primary Hard Drive data protecting computer in the embodiment of the present invention.
Detailed description of the invention
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with the accompanying drawings and detailed description of the invention The present invention is described in further detail.Obviously, described embodiment be only a part of embodiment of the present invention rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise Lower obtained every other embodiment, broadly falls into the scope of protection of the invention.
A kind of method embodiments providing Primary Hard Drive data protecting computer, when computer dispatches from the factory One external mobile storage equipment of corresponding outfit.External mobile storage equipment needs prestore for encryption and decryption computer The key of Primary Hard Drive data, computer coordinates the Primary Hard Drive data that can protect computer with external mobile storage equipment.
When user's computer to be used, computer can be connected with external mobile storage equipment.Electricity when computer When source is opened, the Primary Hard Drive of computer is in the state of not being activated, and can first pass through the first os starting computer.First Operating system is installed in external mobile storage equipment in advance.When, after computer starting, external mobile storage equipment being obtained In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation State, Primary Hard Drive uses this key Primary Hard Drive data to be read can be decrypted operation, the number to Primary Hard Drive to be written According to being encrypted operation.The Primary Hard Drive the second operating system to being installed on Primary Hard Drive in advance can be ordered about by the first operating system Related data successful decryption after, generate for the instruction that restarts of computer, and by the second operating system of Primary Hard Drive Restarting computer, so, computer can enter normal operating conditions based on the second operating system.
By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key and calculating The Primary Hard Drive of machine separates, and improves the safe class of Primary Hard Drive data, and can carry out systematized key setting and management, than Relatively it is suitable for the application scenarios of enterprise or grouping of the world economy.
In embodiments of the present invention, external mobile storage equipment is USB flash disk, has the movement of general-purpose serial bus USB interface Hard disk, there is the portable hard drive of thunder and lightning thunderbolt interface, there is the shifting of external series Advanced Technology Attachment eSATA interface Dynamic hard disk and the one having in the card reader of storage card.
Shown in Figure 1, the method for a kind of Primary Hard Drive data protecting computer provided by the embodiment of the present invention Implementing procedure figure, the method may comprise steps of:
S110: when the electric power starting of computer, the Primary Hard Drive of computer is in the state of not being activated, by the first operation System start-up computer.
First operating system is installed in external mobile storage equipment in advance.
In actual applications, when user's computer to be used, the power supply of computer will be opened.Power supply at computer is opened Qi Shi, computer i.e. enters startup program.Now, the Primary Hard Drive of computer is in the state of not being activated, can be by the first behaviour Make this computer of system start-up.
First operating system is installed in external mobile storage equipment in advance, can be to the overall number of the Primary Hard Drive of computer According to being encrypted, improve the safety of Primary Hard Drive data.
S120: after computer starting, obtains the key of storage in external mobile storage equipment, so that the master of computer is hard Dish enters encryption and decryption mode of operation, and the Primary Hard Drive of computer is active.
In step S110, after the first os starting computer, can obtain and be stored in advance in external movement and deposit Key in storage equipment.
In external mobile storage equipment, the enciphering and deciphering algorithm of the Primary Hard Drive data that the key of storage is computer is used Key, after getting key, the Primary Hard Drive of computer can enter normal encryption and decryption mode of operation, and the Primary Hard Drive of computer is in State of activation, it uses this key Primary Hard Drive data to be read can be decrypted operation, the number to Primary Hard Drive to be written According to being encrypted operation.
In embodiments of the present invention, the key in external mobile storage equipment be encrypted and hide process close Key.Concrete, it is possible to use key is encrypted by rivest, shamir, adelman, can by by key storage in external shifting Key is hidden processing by the invisible area of dynamic storage device.As such, it is possible to increase key at external mobile storage equipment In safety, it is to avoid by illegal operation and read-write.It addition, the data of the Primary Hard Drive of external mobile storage equipment and computer are led to Road through encryption, can also further enhance the safety of cipher key delivery, it is to avoid is illegally stolen.
For the Primary Hard Drive data of computer, high-speed symmetric AES can be used, as used state close algorithm SM4, AES (Advanced Encryption Standard, Advanced Encryption Standard), GOST (Gosudarstvennyi Standard, front The block encryption algorithm of soviet design), one in DES (Data Encryption Standard, data encryption standards).When So, it is also possible to use other enciphering and deciphering algorithms, such as rivest, shamir, adelman, this is not restricted by the embodiment of the present invention.
In actual applications, the first operating system is installed in external mobile storage equipment in advance, can be in external movement Storage device is installed the first application software in advance.
After by the first os starting computer, this first application software can load accordingly and run.This is years old One application software can by privately owned order respectively with Primary Hard Drive and the external mobile storage equipment communication of computer, at both Between play a bridge beam action.Computer can obtain close by this first application software from external mobile storage equipment Key.
In a kind of detailed description of the invention of the present invention, the method is further comprising the steps of:
The Primary Hard Drive of computer gets in external mobile storage equipment after the key of storage, the key that can will get It is temporarily held in the buffer register of Primary Hard Drive.
So, when computer power down, this key also will disappear in buffer register.If user reopens calculating During electromechanical source, then need to reacquire this key.So, further ensure key safety in a computer, can keep away Exempt from illegally to be stolen.
S130: order about the Primary Hard Drive the second operating system relevant to being installed on Primary Hard Drive in advance by the first operating system After data deciphering success, generate and restart instruction.
After step S120 computer gets key, Primary Hard Drive can be ordered about to installing in advance by the first operating system Related data in the second operating system of Primary Hard Drive is decrypted, after successful decryption, by first operating system generate for Computer restart instruction, so that computer can restart.
S140: when restarting the computer, restarts computer by the second operating system so that computer based on Second operating system enters normal operating conditions.
When restarting the computer, can restart computer by the second operating system, so, computer is permissible Normal operating conditions is entered based on the second operating system.
So far, user can normally use this computer.
User uses in computer procedures normal, and when computer receives data write instruction, Primary Hard Drive can make The data being used in the double secret key write got in external mobile storage equipment are encrypted operation;When computer receives data When reading instruction, the data that Primary Hard Drive can use the double secret key got in external mobile storage equipment to read are decrypted Export to user after operation.
The method that the application embodiment of the present invention is provided, when, after the electric power starting of computer, the Primary Hard Drive of computer is in Be not activated state, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage equipment In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation State, then restarts computer by the second operating system of Primary Hard Drive, and computer is just entering based on the second operating system Often duty.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key with The Primary Hard Drive of computer separates, it is not easy to is stolen, improves the safe class of Primary Hard Drive data.
In one embodiment of the invention, the step of the key of storage in external mobile storage equipment is obtained the most permissible Including:
Receive external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards The key sent.
In embodiments of the present invention, the first operating system is installed in external mobile storage equipment in advance.External movement is deposited Storage equipment can provide the user subscriber identity information input interface, after user inputs corresponding subscriber identity information, external Subscriber identity information can first be authenticated by movable storage device, to determine that whether user is as validated user.
If authentication is passed through, it may be determined that user is validated user, and now, external mobile storage equipment can be to computer Send key, if authentication is not passed through, it may be determined that user is disabled user, in this case, external mobile storage equipment Key can not be sent.
In embodiments of the present invention, subscriber identity information can be at least one in user name, password, biological characteristic.
In actual applications, can install the second application software in external mobile storage equipment in advance, user is by being somebody's turn to do Second application software can input username and password, or individually enters the information such as password, and these information can be as user Identity information.It should be noted that the first application software and the second application software can be with a application software, it is also possible to be Different money application softwaries.
External mobile storage equipment is also provided with digital button, and user can input corresponding body by digital button Part information such as identification code or password, these information can be as subscriber identity information.
External mobile storage equipment is also provided with biometric sensor, has biological characteristic identification function, As being identified by biological characteristics such as fingerprint, pupil, faces, it is thus achieved that subscriber identity information.
After external mobile storage equipment receives the subscriber identity information of user's input, the user identity that can will receive Information is mated with the registered subscriber identity information prestored in self, and the match is successful, then authentication is passed through.
In actual applications, subscriber identity information is authenticated by external mobile storage equipment, sets in external mobile storage Standby middle need prestore registered subscriber identity information.The registered subscriber identity information prestored can be through encryption Process and hide and process.As such, it is possible to avoid the registered subscriber identity information prestored illegally to be stolen further.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of Primary Hard Drive data protecting computer Device.Below the device of a kind of Primary Hard Drive data protecting computer that the embodiment of the present invention provides is introduced, hereafter The device of a kind of Primary Hard Drive data protecting computer described and above-described a kind of Primary Hard Drive data protecting computer Method can be mutually to should refer to.
In embodiments of the present invention, external mobile storage equipment prestores the Primary Hard Drive for encryption and decryption computer The key of data, when computer to be used, is connected computer with external mobile storage equipment.
Shown in Figure 2, this device can include with lower module:
Computer starting module 210, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in Be not activated state, by computer described in the first os starting, described first operating system be installed in advance described outside Put in movable storage device;
Key Acquisition Module 220, for after described computer starting, obtains in described external mobile storage equipment and stores Described key so that described computer Primary Hard Drive enter encryption and decryption mode of operation, the Primary Hard Drive of described computer is in sharp The state of living;
Instruction of restarting generation module 230, for ordering about described Primary Hard Drive to installing in advance by described first operating system After the related data successful decryption of the second operating system of described Primary Hard Drive, generate and restart instruction;
Restart module 240, for when described restarting the computer, again opened by described second operating system Dynamic described computer, so that described computer enters normal operating conditions based on described second operating system.
The device that the application embodiment of the present invention is provided, when, after the electric power starting of computer, the Primary Hard Drive of computer is in Be not activated state, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage equipment In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation State, then restarts computer by the second operating system of Primary Hard Drive, and computer is just entering based on the second operating system Often duty.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key with The Primary Hard Drive of computer separates, it is not easy to is stolen, improves the safe class of Primary Hard Drive data.
In a kind of detailed description of the invention of the present invention, Key Acquisition Module 220, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, subscriber identity information be in user name, password, biological characteristic extremely Few one.
In one embodiment of the invention, this device can also include:
Key preserves module, for being temporarily held in the buffer register of Primary Hard Drive by the key got.
In a kind of detailed description of the invention of the present invention, the key in external mobile storage equipment be through encryption and Hide the key processed.
In a kind of detailed description of the invention of the present invention, external mobile storage equipment is USB flash disk, has USB (universal serial bus) The portable hard drive of USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is external series Advanced Technology Attachment The portable hard drive of eSATA interface and the one having in the card reader of storage card.
In this specification, each embodiment uses the mode gone forward one by one to describe, and what each embodiment stressed is and other The difference of embodiment, between each embodiment, same or similar part sees mutually.For filling disclosed in embodiment For putting, owing to it corresponds to the method disclosed in Example, so describe is fairly simple, relevant part sees method part Illustrate.
Professional further appreciates that, in conjunction with the unit of each example that the embodiments described herein describes And algorithm steps, it is possible to electronic hardware, computer software or the two be implemented in combination in, in order to clearly demonstrate hardware and The interchangeability of software, the most generally describes composition and the step of each example according to function.These Function performs with hardware or software mode actually, depends on application-specific and the design constraint of technical scheme.Specialty Technical staff specifically should can be used for using different methods to realize described function to each, but this realization should not Think beyond the scope of this invention.
The method described in conjunction with the embodiments described herein or the step of algorithm can direct hardware, processor be held The software module of row, or the combination of the two implements.Software module can be placed in random access memory (RAM), internal memory, read-only deposit Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, depositor, hard disk, moveable magnetic disc, CD-ROM or technology In any other form of storage medium well known in field.
Above the method and device of a kind of Primary Hard Drive data protecting computer provided by the present invention is carried out in detail Introduce.Principle and the embodiment of the present invention are set forth by specific case used herein, the explanation of above example It is only intended to help to understand method and the core concept thereof of the present invention.It should be pointed out that, the ordinary skill people for the art For Yuan, under the premise without departing from the principles of the invention, it is also possible to the present invention is carried out some improvement and modification, these improve and Modify in the protection domain also falling into the claims in the present invention.

Claims (10)

1. the method for the Primary Hard Drive data protecting computer, it is characterised in that deposit in advance in external mobile storage equipment Storage is for the key of the Primary Hard Drive data of encryption and decryption computer, when to use described computer, by described computer with described External mobile storage equipment connects, and described method includes:
When the electric power starting of described computer, the Primary Hard Drive of described computer is in the state of not being activated, by the first operation Computer described in system start-up, described first operating system is installed in described external mobile storage equipment in advance;
After described computer starting, obtain the described key of storage in described external mobile storage equipment, so that described calculating The Primary Hard Drive of machine enters encryption and decryption mode of operation, and the Primary Hard Drive of described computer is active;
The described Primary Hard Drive the second operating system to being installed on described Primary Hard Drive in advance is ordered about by described first operating system After related data successful decryption, generate and restart instruction;
When described restarting the computer, restart described computer by described second operating system, so that described meter Calculation machine enters normal operating conditions based on described second operating system.
Method the most according to claim 1, it is characterised in that storage in the described external mobile storage equipment of described acquisition Described key, including:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards The described key sent.
Method the most according to claim 2, it is characterised in that described subscriber identity information is user name, password, biological spy At least one in levying.
Method the most according to claim 1, it is characterised in that described method also includes:
The described key got is temporarily held in the buffer register of described Primary Hard Drive.
5. according to the method described in any one of Claims 1-4, it is characterised in that close in described external mobile storage equipment Key is through encryption and to hide the key processed.
Method the most according to claim 5, it is characterised in that described external mobile storage equipment is USB flash disk, has general string The portable hard drive of row bus USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is the senior skill of external series The portable hard drive of art adnexa eSATA interface and the one having in the card reader of storage card.
7. the device of the Primary Hard Drive data protecting computer, it is characterised in that deposit in advance in external mobile storage equipment Storage is for the key of the Primary Hard Drive data of encryption and decryption computer, when to use described computer, by described computer with described External mobile storage equipment connects, and described device includes:
Computer starting module, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in and is not swashed The state of living, by computer described in the first os starting, described first operating system is installed on described external movement in advance In storage device;
Key Acquisition Module, for after described computer starting, obtains the described of storage in described external mobile storage equipment Key, so that the Primary Hard Drive of described computer enters encryption and decryption mode of operation, the Primary Hard Drive of described computer is active;
Instruction of restarting generation module, for ordering about described Primary Hard Drive to being installed on described master in advance by described first operating system After the related data successful decryption of the second operating system of hard disk, generate and restart instruction;
Restart module, for when described restarting the computer, restarted by described second operating system described Computer, so that described computer enters normal operating conditions based on described second operating system.
Device the most according to claim 7, it is characterised in that described Key Acquisition Module, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards The described key sent.
Device the most according to claim 7, it is characterised in that described device also includes:
Key preserves module, for being temporarily held in the buffer register of described Primary Hard Drive by the described key got.
10. according to the device described in any one of claim 7 to 9, it is characterised in that close in described external mobile storage equipment Key is through encryption and to hide the key processed.
CN201610580991.4A 2016-07-20 2016-07-20 A kind of method and device of the Primary Hard Drive data protecting computer Pending CN106203142A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610580991.4A CN106203142A (en) 2016-07-20 2016-07-20 A kind of method and device of the Primary Hard Drive data protecting computer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610580991.4A CN106203142A (en) 2016-07-20 2016-07-20 A kind of method and device of the Primary Hard Drive data protecting computer

Publications (1)

Publication Number Publication Date
CN106203142A true CN106203142A (en) 2016-12-07

Family

ID=57491269

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610580991.4A Pending CN106203142A (en) 2016-07-20 2016-07-20 A kind of method and device of the Primary Hard Drive data protecting computer

Country Status (1)

Country Link
CN (1) CN106203142A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107688756A (en) * 2017-08-08 2018-02-13 深圳市海邻科信息技术有限公司 Hard disk control method, equipment and readable storage medium storing program for executing
CN114006695A (en) * 2021-10-28 2022-02-01 杭州海康威视数字技术股份有限公司 Hard disk data protection method and device, trusted platform chip and electronic equipment
CN116597874A (en) * 2023-05-13 2023-08-15 汇钜电科(东莞)实业有限公司 Mobile hard disk with built-in static discharge sheet and method for preventing static accumulation

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034355A (en) * 2006-03-08 2007-09-12 金睿真 Method for providing multi-user environment which varies source supply path of operating system, and computer system of the same
CN101470789A (en) * 2007-12-28 2009-07-01 中国长城计算机深圳股份有限公司 Encryption and decryption method and device of computer
CN102999725A (en) * 2012-12-13 2013-03-27 北京奇虎科技有限公司 Malicious code processing method and malicious code processing system
CN103077350A (en) * 2012-12-13 2013-05-01 北京奇虎科技有限公司 Searching and killing method and system for malicious code
CN103677887A (en) * 2012-09-26 2014-03-26 联想(北京)有限公司 Information processing method and electronic device
US20150058637A1 (en) * 2013-08-20 2015-02-26 Janus Technologies, Inc. Method and apparatus for transparently encrypting and decrypting computer interface data
CN104572093A (en) * 2014-12-30 2015-04-29 北京工业大学 Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034355A (en) * 2006-03-08 2007-09-12 金睿真 Method for providing multi-user environment which varies source supply path of operating system, and computer system of the same
CN101470789A (en) * 2007-12-28 2009-07-01 中国长城计算机深圳股份有限公司 Encryption and decryption method and device of computer
CN103677887A (en) * 2012-09-26 2014-03-26 联想(北京)有限公司 Information processing method and electronic device
CN102999725A (en) * 2012-12-13 2013-03-27 北京奇虎科技有限公司 Malicious code processing method and malicious code processing system
CN103077350A (en) * 2012-12-13 2013-05-01 北京奇虎科技有限公司 Searching and killing method and system for malicious code
US20150058637A1 (en) * 2013-08-20 2015-02-26 Janus Technologies, Inc. Method and apparatus for transparently encrypting and decrypting computer interface data
CN104572093A (en) * 2014-12-30 2015-04-29 北京工业大学 Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107688756A (en) * 2017-08-08 2018-02-13 深圳市海邻科信息技术有限公司 Hard disk control method, equipment and readable storage medium storing program for executing
CN107688756B (en) * 2017-08-08 2019-09-13 深圳市海邻科信息技术有限公司 Hard disk control method, equipment and readable storage medium storing program for executing
CN114006695A (en) * 2021-10-28 2022-02-01 杭州海康威视数字技术股份有限公司 Hard disk data protection method and device, trusted platform chip and electronic equipment
CN114006695B (en) * 2021-10-28 2024-02-02 杭州海康威视数字技术股份有限公司 Hard disk data protection method and device, trusted platform chip and electronic equipment
CN116597874A (en) * 2023-05-13 2023-08-15 汇钜电科(东莞)实业有限公司 Mobile hard disk with built-in static discharge sheet and method for preventing static accumulation

Similar Documents

Publication Publication Date Title
CN103106372B (en) For lightweight privacy data encryption method and the system of android system
CN109858265A (en) A kind of encryption method, device and relevant device
WO2020192406A1 (en) Method and apparatus for data storage and verification
CN101650693B (en) Security control method for mobile hard disk and security mobile hard disk
CN102136048B (en) Mobile phone Bluetooth-based ambient intelligent computer protection device and method
US20020066039A1 (en) Anti-spoofing password protection
US8503674B2 (en) Cryptographic key attack mitigation
CN103198247B (en) A kind of computer safety protective method and system
CN104794388B (en) application program access protection method and application program access protection device
TW201633207A (en) Device keys protection
CN105117658B (en) A kind of cryptosecurity management method and equipment based on finger print identifying
CN102262599A (en) Trusted root-based portable hard disk fingerprint identification method
CN106100851B (en) Password management system, intelligent wristwatch and its cipher management method
US20130322619A1 (en) Information processing apparatus, ic chip, and information processing method
TWI476629B (en) Data security and security systems and methods
CN108900296A (en) A kind of code key storage device and method based on living things feature recognition
CN106203142A (en) A kind of method and device of the Primary Hard Drive data protecting computer
CN105608775B (en) A kind of method of authentication, terminal, access card and SAM card
CN114785503A (en) Cipher card, root key protection method thereof and computer readable storage medium
CN103370718B (en) Use the data guard method of distributed security key, equipment and system
CN111628864A (en) Method for carrying out secret key safety recovery by using SIM card
CN106095468B (en) A kind of computer starting method and device
CN110855429A (en) Software key protection method based on TPM
KR101214899B1 (en) USB Security Device and Security Method thereof
CN101968773A (en) Data storage system with biometric protection and method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20161207

RJ01 Rejection of invention patent application after publication