CN106203142A - A kind of method and device of the Primary Hard Drive data protecting computer - Google Patents
A kind of method and device of the Primary Hard Drive data protecting computer Download PDFInfo
- Publication number
- CN106203142A CN106203142A CN201610580991.4A CN201610580991A CN106203142A CN 106203142 A CN106203142 A CN 106203142A CN 201610580991 A CN201610580991 A CN 201610580991A CN 106203142 A CN106203142 A CN 106203142A
- Authority
- CN
- China
- Prior art keywords
- computer
- hard drive
- key
- primary hard
- storage equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0629—Configuration or reconfiguration of storage systems
- G06F3/0637—Permissions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Human Computer Interaction (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses the method and device of a kind of Primary Hard Drive data protecting computer.In external mobile storage equipment, prestore the key of the Primary Hard Drive data for encryption and decryption computer, when computer to be used, computer is connected with external mobile storage equipment.The method includes: when the electric power starting of computer, and by the first os starting computer, the first operating system is installed in external mobile storage equipment in advance;After computer starting, obtain the key of storage in external mobile storage equipment, so that the Primary Hard Drive of computer enters encryption and decryption mode of operation;Generated by the first operating system and restart instruction;When restarting the computer, restart computer by the second operating system, so that computer enters normal operating conditions based on the second operating system.Application the method, by key storage in external mobile storage equipment, separates with the Primary Hard Drive of computer, improves the safe class of Primary Hard Drive data.
Description
Technical field
The present invention relates to technical field of data security, a kind of method particularly relating to Primary Hard Drive data protecting computer
And device.
Background technology
Computer, as the instrument that people's work and life are conventional, its problem of data safety gets growing concern for.
In the prior art, it is common that carry encryption function by the hard disk of computer and realize the protection to hard disc data.
In this method of prior art, data and key are required for storing in a hard disk, and key is easy to by illegally
Stealing, once key from stealing, hard disc data will be compromised so that the safety of hard disc data is low.
Summary of the invention
For solving above-mentioned technical problem, the present invention provides the method and device of a kind of Primary Hard Drive data protecting computer.
A kind of method of Primary Hard Drive data protecting computer, prestores for adding solution in external mobile storage equipment
The key of the Primary Hard Drive data of close computer, when to use described computer, deposits described computer with described external movement
Storage equipment connects, and described method includes:
When the electric power starting of described computer, the Primary Hard Drive of described computer is in the state of not being activated, by first
Computer described in os starting, described first operating system is installed in described external mobile storage equipment in advance;
After described computer starting, obtain the described key of storage in described external mobile storage equipment, so that described
The Primary Hard Drive of computer enters encryption and decryption mode of operation, and the Primary Hard Drive of described computer is active;
The described Primary Hard Drive the second operation system to being installed on described Primary Hard Drive in advance is ordered about by described first operating system
After the related data successful decryption of system, generate and restart instruction;
When described restarting the computer, restart described computer by described second operating system, so that institute
State computer and enter normal operating conditions based on described second operating system.
In a kind of detailed description of the invention of the present invention, in the described external mobile storage equipment of described acquisition, storage is described
Key, including:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it
The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, described subscriber identity information is in user name, password, biological characteristic
At least one.
In a kind of detailed description of the invention of the present invention, described method also includes:
The described key got is temporarily held in the buffer register of described Primary Hard Drive.
In a kind of detailed description of the invention of the present invention, the key in described external mobile storage equipment is at encryption
Reason and the hiding key processed.
In a kind of detailed description of the invention of the present invention, described external mobile storage equipment is USB flash disk, it is total to have general serial
The portable hard drive of line USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is external series advanced technology attachment
The portable hard drive of part eSATA interface and the one having in the card reader of storage card.
The device of a kind of Primary Hard Drive data protecting computer, prestores for adding solution in external mobile storage equipment
The key of the Primary Hard Drive data of close computer, when to use described computer, deposits described computer with described external movement
Storage equipment connects, and described device includes:
Computer starting module, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in not
Be activated state, and by computer described in the first os starting, described first operating system is installed on described external in advance
In movable storage device;
Key Acquisition Module, for after described computer starting, obtains storage in described external mobile storage equipment
Described key, so that the Primary Hard Drive of described computer enters encryption and decryption mode of operation, the Primary Hard Drive of described computer is in activation
State;
Instruction of restarting generation module, for ordering about described Primary Hard Drive to being installed on institute in advance by described first operating system
After the related data successful decryption of the second operating system stating Primary Hard Drive, generate and restart instruction;
Restart module, for when described restarting the computer, restarted by described second operating system
Described computer, so that described computer enters normal operating conditions based on described second operating system.
In a kind of detailed description of the invention of the present invention, described Key Acquisition Module, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it
The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, described device also includes:
Key preserves module, for the described key got is temporarily held in the buffer register of described Primary Hard Drive
In.
In a kind of detailed description of the invention of the present invention, the key in described external mobile storage equipment is at encryption
Reason and the hiding key processed.
The application technical scheme that provided of the embodiment of the present invention, when after the electric power starting of computer, the Primary Hard Drive of computer
It is in the state of not being activated, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage
The key prestored in equipment, so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in
State of activation, then restarts computer by the second operating system of Primary Hard Drive, and computer enters based on the second operating system
Enter normal operating conditions.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make close
Key separates with the Primary Hard Drive of computer, it is not easy to be stolen, and improves the safe class of Primary Hard Drive data.
Accompanying drawing explanation
For the clearer explanation embodiment of the present invention or the technical scheme of prior art, below will be to embodiment or existing
In technology description, the required accompanying drawing used is briefly described, it should be apparent that, the accompanying drawing in describing below is only this
Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to root
Other accompanying drawing is obtained according to these accompanying drawings.
Fig. 1 is the implementing procedure figure of a kind of method of Primary Hard Drive data protecting computer in the embodiment of the present invention;
Fig. 2 is the structural representation of the device of a kind of Primary Hard Drive data protecting computer in the embodiment of the present invention.
Detailed description of the invention
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with the accompanying drawings and detailed description of the invention
The present invention is described in further detail.Obviously, described embodiment be only a part of embodiment of the present invention rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, broadly falls into the scope of protection of the invention.
A kind of method embodiments providing Primary Hard Drive data protecting computer, when computer dispatches from the factory
One external mobile storage equipment of corresponding outfit.External mobile storage equipment needs prestore for encryption and decryption computer
The key of Primary Hard Drive data, computer coordinates the Primary Hard Drive data that can protect computer with external mobile storage equipment.
When user's computer to be used, computer can be connected with external mobile storage equipment.Electricity when computer
When source is opened, the Primary Hard Drive of computer is in the state of not being activated, and can first pass through the first os starting computer.First
Operating system is installed in external mobile storage equipment in advance.When, after computer starting, external mobile storage equipment being obtained
In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation
State, Primary Hard Drive uses this key Primary Hard Drive data to be read can be decrypted operation, the number to Primary Hard Drive to be written
According to being encrypted operation.The Primary Hard Drive the second operating system to being installed on Primary Hard Drive in advance can be ordered about by the first operating system
Related data successful decryption after, generate for the instruction that restarts of computer, and by the second operating system of Primary Hard Drive
Restarting computer, so, computer can enter normal operating conditions based on the second operating system.
By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key and calculating
The Primary Hard Drive of machine separates, and improves the safe class of Primary Hard Drive data, and can carry out systematized key setting and management, than
Relatively it is suitable for the application scenarios of enterprise or grouping of the world economy.
In embodiments of the present invention, external mobile storage equipment is USB flash disk, has the movement of general-purpose serial bus USB interface
Hard disk, there is the portable hard drive of thunder and lightning thunderbolt interface, there is the shifting of external series Advanced Technology Attachment eSATA interface
Dynamic hard disk and the one having in the card reader of storage card.
Shown in Figure 1, the method for a kind of Primary Hard Drive data protecting computer provided by the embodiment of the present invention
Implementing procedure figure, the method may comprise steps of:
S110: when the electric power starting of computer, the Primary Hard Drive of computer is in the state of not being activated, by the first operation
System start-up computer.
First operating system is installed in external mobile storage equipment in advance.
In actual applications, when user's computer to be used, the power supply of computer will be opened.Power supply at computer is opened
Qi Shi, computer i.e. enters startup program.Now, the Primary Hard Drive of computer is in the state of not being activated, can be by the first behaviour
Make this computer of system start-up.
First operating system is installed in external mobile storage equipment in advance, can be to the overall number of the Primary Hard Drive of computer
According to being encrypted, improve the safety of Primary Hard Drive data.
S120: after computer starting, obtains the key of storage in external mobile storage equipment, so that the master of computer is hard
Dish enters encryption and decryption mode of operation, and the Primary Hard Drive of computer is active.
In step S110, after the first os starting computer, can obtain and be stored in advance in external movement and deposit
Key in storage equipment.
In external mobile storage equipment, the enciphering and deciphering algorithm of the Primary Hard Drive data that the key of storage is computer is used
Key, after getting key, the Primary Hard Drive of computer can enter normal encryption and decryption mode of operation, and the Primary Hard Drive of computer is in
State of activation, it uses this key Primary Hard Drive data to be read can be decrypted operation, the number to Primary Hard Drive to be written
According to being encrypted operation.
In embodiments of the present invention, the key in external mobile storage equipment be encrypted and hide process close
Key.Concrete, it is possible to use key is encrypted by rivest, shamir, adelman, can by by key storage in external shifting
Key is hidden processing by the invisible area of dynamic storage device.As such, it is possible to increase key at external mobile storage equipment
In safety, it is to avoid by illegal operation and read-write.It addition, the data of the Primary Hard Drive of external mobile storage equipment and computer are led to
Road through encryption, can also further enhance the safety of cipher key delivery, it is to avoid is illegally stolen.
For the Primary Hard Drive data of computer, high-speed symmetric AES can be used, as used state close algorithm SM4, AES
(Advanced Encryption Standard, Advanced Encryption Standard), GOST (Gosudarstvennyi Standard, front
The block encryption algorithm of soviet design), one in DES (Data Encryption Standard, data encryption standards).When
So, it is also possible to use other enciphering and deciphering algorithms, such as rivest, shamir, adelman, this is not restricted by the embodiment of the present invention.
In actual applications, the first operating system is installed in external mobile storage equipment in advance, can be in external movement
Storage device is installed the first application software in advance.
After by the first os starting computer, this first application software can load accordingly and run.This is years old
One application software can by privately owned order respectively with Primary Hard Drive and the external mobile storage equipment communication of computer, at both
Between play a bridge beam action.Computer can obtain close by this first application software from external mobile storage equipment
Key.
In a kind of detailed description of the invention of the present invention, the method is further comprising the steps of:
The Primary Hard Drive of computer gets in external mobile storage equipment after the key of storage, the key that can will get
It is temporarily held in the buffer register of Primary Hard Drive.
So, when computer power down, this key also will disappear in buffer register.If user reopens calculating
During electromechanical source, then need to reacquire this key.So, further ensure key safety in a computer, can keep away
Exempt from illegally to be stolen.
S130: order about the Primary Hard Drive the second operating system relevant to being installed on Primary Hard Drive in advance by the first operating system
After data deciphering success, generate and restart instruction.
After step S120 computer gets key, Primary Hard Drive can be ordered about to installing in advance by the first operating system
Related data in the second operating system of Primary Hard Drive is decrypted, after successful decryption, by first operating system generate for
Computer restart instruction, so that computer can restart.
S140: when restarting the computer, restarts computer by the second operating system so that computer based on
Second operating system enters normal operating conditions.
When restarting the computer, can restart computer by the second operating system, so, computer is permissible
Normal operating conditions is entered based on the second operating system.
So far, user can normally use this computer.
User uses in computer procedures normal, and when computer receives data write instruction, Primary Hard Drive can make
The data being used in the double secret key write got in external mobile storage equipment are encrypted operation;When computer receives data
When reading instruction, the data that Primary Hard Drive can use the double secret key got in external mobile storage equipment to read are decrypted
Export to user after operation.
The method that the application embodiment of the present invention is provided, when, after the electric power starting of computer, the Primary Hard Drive of computer is in
Be not activated state, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage equipment
In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation
State, then restarts computer by the second operating system of Primary Hard Drive, and computer is just entering based on the second operating system
Often duty.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key with
The Primary Hard Drive of computer separates, it is not easy to is stolen, improves the safe class of Primary Hard Drive data.
In one embodiment of the invention, the step of the key of storage in external mobile storage equipment is obtained the most permissible
Including:
Receive external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards
The key sent.
In embodiments of the present invention, the first operating system is installed in external mobile storage equipment in advance.External movement is deposited
Storage equipment can provide the user subscriber identity information input interface, after user inputs corresponding subscriber identity information, external
Subscriber identity information can first be authenticated by movable storage device, to determine that whether user is as validated user.
If authentication is passed through, it may be determined that user is validated user, and now, external mobile storage equipment can be to computer
Send key, if authentication is not passed through, it may be determined that user is disabled user, in this case, external mobile storage equipment
Key can not be sent.
In embodiments of the present invention, subscriber identity information can be at least one in user name, password, biological characteristic.
In actual applications, can install the second application software in external mobile storage equipment in advance, user is by being somebody's turn to do
Second application software can input username and password, or individually enters the information such as password, and these information can be as user
Identity information.It should be noted that the first application software and the second application software can be with a application software, it is also possible to be
Different money application softwaries.
External mobile storage equipment is also provided with digital button, and user can input corresponding body by digital button
Part information such as identification code or password, these information can be as subscriber identity information.
External mobile storage equipment is also provided with biometric sensor, has biological characteristic identification function,
As being identified by biological characteristics such as fingerprint, pupil, faces, it is thus achieved that subscriber identity information.
After external mobile storage equipment receives the subscriber identity information of user's input, the user identity that can will receive
Information is mated with the registered subscriber identity information prestored in self, and the match is successful, then authentication is passed through.
In actual applications, subscriber identity information is authenticated by external mobile storage equipment, sets in external mobile storage
Standby middle need prestore registered subscriber identity information.The registered subscriber identity information prestored can be through encryption
Process and hide and process.As such, it is possible to avoid the registered subscriber identity information prestored illegally to be stolen further.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of Primary Hard Drive data protecting computer
Device.Below the device of a kind of Primary Hard Drive data protecting computer that the embodiment of the present invention provides is introduced, hereafter
The device of a kind of Primary Hard Drive data protecting computer described and above-described a kind of Primary Hard Drive data protecting computer
Method can be mutually to should refer to.
In embodiments of the present invention, external mobile storage equipment prestores the Primary Hard Drive for encryption and decryption computer
The key of data, when computer to be used, is connected computer with external mobile storage equipment.
Shown in Figure 2, this device can include with lower module:
Computer starting module 210, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in
Be not activated state, by computer described in the first os starting, described first operating system be installed in advance described outside
Put in movable storage device;
Key Acquisition Module 220, for after described computer starting, obtains in described external mobile storage equipment and stores
Described key so that described computer Primary Hard Drive enter encryption and decryption mode of operation, the Primary Hard Drive of described computer is in sharp
The state of living;
Instruction of restarting generation module 230, for ordering about described Primary Hard Drive to installing in advance by described first operating system
After the related data successful decryption of the second operating system of described Primary Hard Drive, generate and restart instruction;
Restart module 240, for when described restarting the computer, again opened by described second operating system
Dynamic described computer, so that described computer enters normal operating conditions based on described second operating system.
The device that the application embodiment of the present invention is provided, when, after the electric power starting of computer, the Primary Hard Drive of computer is in
Be not activated state, first passes through the first os starting computer, when, after computer starting, obtaining external mobile storage equipment
In the key that prestores so that the Primary Hard Drive of computer enters encryption and decryption mode of operation, the Primary Hard Drive of computer is in activation
State, then restarts computer by the second operating system of Primary Hard Drive, and computer is just entering based on the second operating system
Often duty.By the key storage of the Primary Hard Drive data of encryption and decryption computer in external mobile storage equipment, make key with
The Primary Hard Drive of computer separates, it is not easy to is stolen, improves the safe class of Primary Hard Drive data.
In a kind of detailed description of the invention of the present invention, Key Acquisition Module 220, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by it
The described key of rear transmission.
In a kind of detailed description of the invention of the present invention, subscriber identity information be in user name, password, biological characteristic extremely
Few one.
In one embodiment of the invention, this device can also include:
Key preserves module, for being temporarily held in the buffer register of Primary Hard Drive by the key got.
In a kind of detailed description of the invention of the present invention, the key in external mobile storage equipment be through encryption and
Hide the key processed.
In a kind of detailed description of the invention of the present invention, external mobile storage equipment is USB flash disk, has USB (universal serial bus)
The portable hard drive of USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is external series Advanced Technology Attachment
The portable hard drive of eSATA interface and the one having in the card reader of storage card.
In this specification, each embodiment uses the mode gone forward one by one to describe, and what each embodiment stressed is and other
The difference of embodiment, between each embodiment, same or similar part sees mutually.For filling disclosed in embodiment
For putting, owing to it corresponds to the method disclosed in Example, so describe is fairly simple, relevant part sees method part
Illustrate.
Professional further appreciates that, in conjunction with the unit of each example that the embodiments described herein describes
And algorithm steps, it is possible to electronic hardware, computer software or the two be implemented in combination in, in order to clearly demonstrate hardware and
The interchangeability of software, the most generally describes composition and the step of each example according to function.These
Function performs with hardware or software mode actually, depends on application-specific and the design constraint of technical scheme.Specialty
Technical staff specifically should can be used for using different methods to realize described function to each, but this realization should not
Think beyond the scope of this invention.
The method described in conjunction with the embodiments described herein or the step of algorithm can direct hardware, processor be held
The software module of row, or the combination of the two implements.Software module can be placed in random access memory (RAM), internal memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, depositor, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
Above the method and device of a kind of Primary Hard Drive data protecting computer provided by the present invention is carried out in detail
Introduce.Principle and the embodiment of the present invention are set forth by specific case used herein, the explanation of above example
It is only intended to help to understand method and the core concept thereof of the present invention.It should be pointed out that, the ordinary skill people for the art
For Yuan, under the premise without departing from the principles of the invention, it is also possible to the present invention is carried out some improvement and modification, these improve and
Modify in the protection domain also falling into the claims in the present invention.
Claims (10)
1. the method for the Primary Hard Drive data protecting computer, it is characterised in that deposit in advance in external mobile storage equipment
Storage is for the key of the Primary Hard Drive data of encryption and decryption computer, when to use described computer, by described computer with described
External mobile storage equipment connects, and described method includes:
When the electric power starting of described computer, the Primary Hard Drive of described computer is in the state of not being activated, by the first operation
Computer described in system start-up, described first operating system is installed in described external mobile storage equipment in advance;
After described computer starting, obtain the described key of storage in described external mobile storage equipment, so that described calculating
The Primary Hard Drive of machine enters encryption and decryption mode of operation, and the Primary Hard Drive of described computer is active;
The described Primary Hard Drive the second operating system to being installed on described Primary Hard Drive in advance is ordered about by described first operating system
After related data successful decryption, generate and restart instruction;
When described restarting the computer, restart described computer by described second operating system, so that described meter
Calculation machine enters normal operating conditions based on described second operating system.
Method the most according to claim 1, it is characterised in that storage in the described external mobile storage equipment of described acquisition
Described key, including:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards
The described key sent.
Method the most according to claim 2, it is characterised in that described subscriber identity information is user name, password, biological spy
At least one in levying.
Method the most according to claim 1, it is characterised in that described method also includes:
The described key got is temporarily held in the buffer register of described Primary Hard Drive.
5. according to the method described in any one of Claims 1-4, it is characterised in that close in described external mobile storage equipment
Key is through encryption and to hide the key processed.
Method the most according to claim 5, it is characterised in that described external mobile storage equipment is USB flash disk, has general string
The portable hard drive of row bus USB interface, there is the portable hard drive of thunder and lightning thunderbolt interface, there is the senior skill of external series
The portable hard drive of art adnexa eSATA interface and the one having in the card reader of storage card.
7. the device of the Primary Hard Drive data protecting computer, it is characterised in that deposit in advance in external mobile storage equipment
Storage is for the key of the Primary Hard Drive data of encryption and decryption computer, when to use described computer, by described computer with described
External mobile storage equipment connects, and described device includes:
Computer starting module, for when the electric power starting of described computer, the Primary Hard Drive of described computer is in and is not swashed
The state of living, by computer described in the first os starting, described first operating system is installed on described external movement in advance
In storage device;
Key Acquisition Module, for after described computer starting, obtains the described of storage in described external mobile storage equipment
Key, so that the Primary Hard Drive of described computer enters encryption and decryption mode of operation, the Primary Hard Drive of described computer is active;
Instruction of restarting generation module, for ordering about described Primary Hard Drive to being installed on described master in advance by described first operating system
After the related data successful decryption of the second operating system of hard disk, generate and restart instruction;
Restart module, for when described restarting the computer, restarted by described second operating system described
Computer, so that described computer enters normal operating conditions based on described second operating system.
Device the most according to claim 7, it is characterised in that described Key Acquisition Module, specifically for:
Receive described external mobile storage equipment the subscriber identity information received is being authenticated, and authentication is by sending out afterwards
The described key sent.
Device the most according to claim 7, it is characterised in that described device also includes:
Key preserves module, for being temporarily held in the buffer register of described Primary Hard Drive by the described key got.
10. according to the device described in any one of claim 7 to 9, it is characterised in that close in described external mobile storage equipment
Key is through encryption and to hide the key processed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610580991.4A CN106203142A (en) | 2016-07-20 | 2016-07-20 | A kind of method and device of the Primary Hard Drive data protecting computer |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610580991.4A CN106203142A (en) | 2016-07-20 | 2016-07-20 | A kind of method and device of the Primary Hard Drive data protecting computer |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106203142A true CN106203142A (en) | 2016-12-07 |
Family
ID=57491269
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610580991.4A Pending CN106203142A (en) | 2016-07-20 | 2016-07-20 | A kind of method and device of the Primary Hard Drive data protecting computer |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106203142A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107688756A (en) * | 2017-08-08 | 2018-02-13 | 深圳市海邻科信息技术有限公司 | Hard disk control method, equipment and readable storage medium storing program for executing |
CN114006695A (en) * | 2021-10-28 | 2022-02-01 | 杭州海康威视数字技术股份有限公司 | Hard disk data protection method and device, trusted platform chip and electronic equipment |
CN116597874A (en) * | 2023-05-13 | 2023-08-15 | 汇钜电科(东莞)实业有限公司 | Mobile hard disk with built-in static discharge sheet and method for preventing static accumulation |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101034355A (en) * | 2006-03-08 | 2007-09-12 | 金睿真 | Method for providing multi-user environment which varies source supply path of operating system, and computer system of the same |
CN101470789A (en) * | 2007-12-28 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Encryption and decryption method and device of computer |
CN102999725A (en) * | 2012-12-13 | 2013-03-27 | 北京奇虎科技有限公司 | Malicious code processing method and malicious code processing system |
CN103077350A (en) * | 2012-12-13 | 2013-05-01 | 北京奇虎科技有限公司 | Searching and killing method and system for malicious code |
CN103677887A (en) * | 2012-09-26 | 2014-03-26 | 联想(北京)有限公司 | Information processing method and electronic device |
US20150058637A1 (en) * | 2013-08-20 | 2015-02-26 | Janus Technologies, Inc. | Method and apparatus for transparently encrypting and decrypting computer interface data |
CN104572093A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller |
-
2016
- 2016-07-20 CN CN201610580991.4A patent/CN106203142A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101034355A (en) * | 2006-03-08 | 2007-09-12 | 金睿真 | Method for providing multi-user environment which varies source supply path of operating system, and computer system of the same |
CN101470789A (en) * | 2007-12-28 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Encryption and decryption method and device of computer |
CN103677887A (en) * | 2012-09-26 | 2014-03-26 | 联想(北京)有限公司 | Information processing method and electronic device |
CN102999725A (en) * | 2012-12-13 | 2013-03-27 | 北京奇虎科技有限公司 | Malicious code processing method and malicious code processing system |
CN103077350A (en) * | 2012-12-13 | 2013-05-01 | 北京奇虎科技有限公司 | Searching and killing method and system for malicious code |
US20150058637A1 (en) * | 2013-08-20 | 2015-02-26 | Janus Technologies, Inc. | Method and apparatus for transparently encrypting and decrypting computer interface data |
CN104572093A (en) * | 2014-12-30 | 2015-04-29 | 北京工业大学 | Method for realizing bi-operation system starting of terminal equipment by using USB (universal serial bus) controller |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107688756A (en) * | 2017-08-08 | 2018-02-13 | 深圳市海邻科信息技术有限公司 | Hard disk control method, equipment and readable storage medium storing program for executing |
CN107688756B (en) * | 2017-08-08 | 2019-09-13 | 深圳市海邻科信息技术有限公司 | Hard disk control method, equipment and readable storage medium storing program for executing |
CN114006695A (en) * | 2021-10-28 | 2022-02-01 | 杭州海康威视数字技术股份有限公司 | Hard disk data protection method and device, trusted platform chip and electronic equipment |
CN114006695B (en) * | 2021-10-28 | 2024-02-02 | 杭州海康威视数字技术股份有限公司 | Hard disk data protection method and device, trusted platform chip and electronic equipment |
CN116597874A (en) * | 2023-05-13 | 2023-08-15 | 汇钜电科(东莞)实业有限公司 | Mobile hard disk with built-in static discharge sheet and method for preventing static accumulation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103106372B (en) | For lightweight privacy data encryption method and the system of android system | |
CN109858265A (en) | A kind of encryption method, device and relevant device | |
WO2020192406A1 (en) | Method and apparatus for data storage and verification | |
CN101650693B (en) | Security control method for mobile hard disk and security mobile hard disk | |
CN102136048B (en) | Mobile phone Bluetooth-based ambient intelligent computer protection device and method | |
US20020066039A1 (en) | Anti-spoofing password protection | |
US8503674B2 (en) | Cryptographic key attack mitigation | |
CN103198247B (en) | A kind of computer safety protective method and system | |
CN104794388B (en) | application program access protection method and application program access protection device | |
TW201633207A (en) | Device keys protection | |
CN105117658B (en) | A kind of cryptosecurity management method and equipment based on finger print identifying | |
CN102262599A (en) | Trusted root-based portable hard disk fingerprint identification method | |
CN106100851B (en) | Password management system, intelligent wristwatch and its cipher management method | |
US20130322619A1 (en) | Information processing apparatus, ic chip, and information processing method | |
TWI476629B (en) | Data security and security systems and methods | |
CN108900296A (en) | A kind of code key storage device and method based on living things feature recognition | |
CN106203142A (en) | A kind of method and device of the Primary Hard Drive data protecting computer | |
CN105608775B (en) | A kind of method of authentication, terminal, access card and SAM card | |
CN114785503A (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
CN103370718B (en) | Use the data guard method of distributed security key, equipment and system | |
CN111628864A (en) | Method for carrying out secret key safety recovery by using SIM card | |
CN106095468B (en) | A kind of computer starting method and device | |
CN110855429A (en) | Software key protection method based on TPM | |
KR101214899B1 (en) | USB Security Device and Security Method thereof | |
CN101968773A (en) | Data storage system with biometric protection and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161207 |
|
RJ01 | Rejection of invention patent application after publication |