CN106599701A - Hard disk encryption method, hard disk and hard disk encryption equipment - Google Patents

Hard disk encryption method, hard disk and hard disk encryption equipment Download PDF

Info

Publication number
CN106599701A
CN106599701A CN201611110235.1A CN201611110235A CN106599701A CN 106599701 A CN106599701 A CN 106599701A CN 201611110235 A CN201611110235 A CN 201611110235A CN 106599701 A CN106599701 A CN 106599701A
Authority
CN
China
Prior art keywords
hard disk
physical address
data
written
entry
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611110235.1A
Other languages
Chinese (zh)
Inventor
蒋中斌
于传帅
张程伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201611110235.1A priority Critical patent/CN106599701A/en
Publication of CN106599701A publication Critical patent/CN106599701A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)

Abstract

The scheme of the invention discloses a hard disk encryption scheme. In the scheme, a hard disk controller selects a physical address for data to be written from a nonvolatile storage medium of a hard disk, the data to be written is stored to the physical address, a mapping relationship of a logic address of the data to be written and the physical address into an entry, and the entry is encrypted, and thus, when safety of data in the hard disk is ensured, consumption on calculation resources of the hard disk is reduced, so that performance of the hard disk is improved.

Description

A kind of hard disk encryption method, hard disk and HD encryption equipment
Technical field
The present invention relates to areas of information technology, more particularly to a kind of hard disk encryption method, hard disk and HD encryption equipment.
Background technology
The memory space of hard disk is rendered as continuous logical address to main frame or array control unit, and logical address is generally by solid Block (Block) composition of sizing.By taking main frame as an example, on the block that main frame only needs to store data into hard disk, hard disk meeting By the physical address of data actual storage to hard disk.In order to protect data safety, hard disk, can be by data when data storage Encryption, is then stored in physical address, during HD encryption data, can consume the computing resource of hard disk, so as to reduce hard disk Performance.
The content of the invention
First aspect present invention discloses a kind of HD encryption scheme, and specific implementation is as follows:
Hard disk controller selects the first physical address for the first data to be written from the non-volatile memory medium of hard disk, will First first physical address of data Cun Chudao to be written, by the first first logical address of data to be written and reflecting for the first physical address Relation record is penetrated to first entry (Entry), first entry is encrypted.Optionally, hard disk can be solid state hard disc (Solid State Disk, SSD), then the entry for recording the first logical address with the mapping relations of the first physical address is flash translation layer (FTL) Entry in (Flash Translation Layer, FTL).In the implementation, because the data volume of first entry is far little In the data volume of the first data to be written, therefore, when hard disk controller encrypts first entry, in the safety for ensureing data in hard disk While property, the consumption to hard disk computing resource is reduced, so as to improve the performance of hard disk.First is read in hard disk controller During data, it is only necessary to which first entry is decrypted, due to reducing the consumption to computing resource, decryption speed is accelerated, from And improve the data reading performance of hard disk.
Further, HD encryption scheme also includes:Hard disk controller is the from the non-volatile memory medium of hard disk Two data to be written select the second physical address, by the second physical address described in the second data Cun Chudao to be written, by the second number to be written According to the mapping relations of the second logical address and the second physical address recorded second entry, encrypt the second entry.It is optional , the first data to be written and the second data to be written belong to same data flow, wherein, same data flow is referred to same characteristic features Data, such as have identical update frequency, are such as sequential write data, or are random write data;Same data flow can also For the data of identical file.Optionally, the first physical address and the second physical address be hard disk controller according to random algorithm from The physical address of selection.So ensure the randomness that is distributed on physical address of data, after preventing the entry encrypted to be cracked from It is continuous on physical address to read data, can further improve the safety of data.
Optionally, HD encryption scheme also includes next bit conduct of the hard disk controller to the first physical address end position Random number is write in first length physical address of initial address, so as to improve Information Security.Further, hard disk controller Random number is write in the second length physical address of the next bit as initial address of the second physical address end position.It is optional , the first length is different with the second length, i.e. random number of the random number for variable-length.So can further improve data to exist Randomness on hard disc physical address, after preventing the entry encrypted to be cracked, from physical address continuously can read data, enter One step improves the safety of data.
Correspondingly, second aspect present invention additionally provides a kind of hard disk, and hard disk includes hard disk controller and non-volatile deposits Storage media, hard disk controller are used to realize the various implementations of first aspect.
Third aspect present invention provides a kind of HD encryption equipment, including for realizing the various realizations of first aspect The construction unit of mode.
Correspondingly, present invention also offers non-volatile computer readable storage medium storing program for executing and computer program, when this The hard disk controller that invention implementation is provided is performed in non-volatile computer readable storage medium storing program for executing and computer program Comprising computer instruction when, make hard disk perform the various possible implementation of implementation first aspect of the present invention respectively.
Description of the drawings
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to making needed for embodiment description Accompanying drawing is briefly described.
Fig. 1 is embodiment of the present invention hard disc structure schematic diagram;
Fig. 2 is the entry schematic diagram of the FTL of SSD in the embodiment of the present invention;
Fig. 3 is embodiment of the present invention flow chart of data processing figure;
Fig. 4 is embodiment of the present invention HD encryption apparatus structure schematic diagram.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly retouched State.
Shown in Fig. 1 for a kind of hard disc structure schematic diagram of the embodiment of the present invention, including hard disk controller 101 and non-volatile Storage medium 102.Hard disk controller 101 specifically can be by CPU (Central Processing Unit, CPU) Constitute with internal memory, CPU performs the function that hard disk controller 101 is realized in the instruction in internal memory.In addition, the calculating money to save CPU Source, field programmable gate array (Field Programmable Gate Array, FPGA) or other hardware can be used for holding CPU all operationss in the row embodiment of the present invention, or, FPGA or other hardware are respectively used to perform the embodiment of the present invention with CPU The part operation of CPU, to realize the technical scheme of embodiment of the present invention description.For convenience of describing, embodiment of the present invention unification is retouched Stating is used to realize the technical scheme of the embodiment of the present invention for hard disk controller.Another kind of to realize, the computer instruction in internal memory can In the form of being firmware, CPU performs the function that the computer instruction in firmware realizes controller.It is hard described by the embodiment of the present invention The interface of disk can add (Serial Advanced Technology Attachment, SATA) to connect for serial advanced technology attachment Mouthful, Serial Attached Small machine system interface (Serial Attached Small Computer System Interface, SAS), peripheral component at a high speed interconnection (Peripheral Component Interconnect Express, PCIe) interface, non- Volatile memory high speed (Non-Volatile Memory Express, NVMe) interface or ether (Ethernet) interface Can be the hard disk of different medium Deng, hard disk, such as mechanical hard disk, SSD etc..
Hard disk is rendered as continuous logical address to main frame or array control unit, and logical address is generally by the block of fixed size (Block) constitute.By taking main frame as an example, on the block that main frame only needs to store data into hard disk, hard disk controller 101 can be by Physical address of the data actual storage to the non-volatile memory medium 102 of hard disk.Hard disk controller 101 by data logically Location is recorded in entry with the mapping relations of physical address, is generally also referred to as the metadata that the entry have recorded data.The unit of data Packet contains but can be not limited to the logical address of data and the mapping relations of physical address, and the embodiment of the present invention is not limited to this It is fixed.It can be LBA (Logical Block Address, LBA) that logical address is implemented.
By taking SSD as an example, SSD controller stores data into physical address, sets up the LBA of data and the mapping of physical address The mapping relations recorded entry by relation.The entry is commonly stored in FTL.Wherein, FTL structures are as shown in Fig. 2 wherein, Physical address 1, physical address 2, physical address 3 and physical address 4 in Fig. 2 not necessarily represents between this four physical address and is Continuous physical address, i.e., not necessarily represent that the physical address between physical address 1 and physical address 2 is continuous, 2 and of physical address Physical address between physical address 3 is continuously and the physical address between physical address 3 and physical address 4 is continuous.SSD is controlled Entry in FTL is encrypted by device, and when main frame or array control unit read the data in SSD, SSD controller is firstly the need of inquiry Continue the corresponding physical address of the LBA for fetching data, that is, need the entry inquired about in FTL.SSD controller is needed the bar in FTL Mesh is decrypted, and obtains the mapping relations of LBA and physical address, inquires about corresponding physical address according to the LBA for reading data, so as to protect The safety of data in card physical address.Entry in SSD controller encryption FTL, can be with different cipher modes, such as using special Hardware encryption chip, it is also possible to realized using software.The embodiment of the present invention is not limited to cipher mode and AES It is fixed.
During HD encryption data, the computing resource of hard disk can be consumed, and the data volume of encryption is bigger, and the computing resource of consumption is got over Greatly, equally, the process of data deciphering is also such.Therefore, the data itself of hinge structure encryption storage, the present invention are implemented In example, the logical address of hard disk controller scrambled record data storage and the entry of the mapping relations of physical address, are ensureing hard In disk while the safety of data, the consumption to hard disk computing resource is reduced, so as to improve the performance of hard disk.Reading During data, the embodiment of the present invention accelerates decryption speed due to reducing the consumption to computing resource, so as to improve hard disk Data reading performance.
Embodiment of the present invention HD encryption data flow as shown in figure 3, including:
301:Hard disk controller 101 selects physical address to write data from the non-volatile memory medium 102 of hard disk;
302:Hard disk controller 101 is by data Cun Chudao physical address to be written;
303:Mapping relations of the hard disk controller 101 by the logical address of data to be written with physical address recorded entry;
304:Hard disk controller 101 encrypts entry.
In the implementation of the HD encryption data shown in Fig. 3, step 302 and step 303 are not indicated that and limit step Precedence relationship.In the implementation of the HD encryption data shown in Fig. 3, the data to be written in same data flow can be write In different physical address, such as hard disk controller 101 is that different data to be written select physical address using random algorithm.This The randomness that data in the same data flow of sample guarantee are distributed on hard disc physical address, after preventing the entry encrypted to be cracked, Data can be read continuously from physical address, can further improve the safety of data.Wherein, same data flow refers to have The data of same characteristic features, such as have identical update frequency, are such as sequential write data, or are random write data.Same number Can also be the data of identical file according to stream.
In the implementation of the HD encryption data shown in Fig. 3, hard disk controller 101 is to physical address end position Next bit as random number is write in the certain length physical address of initial address, so as to improve Information Security.Random number is The random number of variable-length.I.e. hard disk controller 101 to the next bit of the first physical address end position as initial address Random number, next bit conduct of the hard disk controller 101 to the second physical address end position are write in first length physical address Random number is write in second length physical address of initial address, the first length is different from the second length.So can be further Randomness of the data on hard disc physical address is improved, after preventing the entry encrypted to be cracked, can be continuous from physical address Data are read, the safety of data is can further improve.
Accordingly, the embodiment of the invention discloses HD encryption equipment as shown in Figure 4, HD encryption equipment includes selecting Unit 401, memory element 402, recording unit 403 and ciphering unit 404.Wherein, select unit 401 is for from the non-easy of hard disk The first physical address is selected for the first data to be written in the property lost storage medium;Memory element 402 is for the first data to be written are deposited Store up the first physical address;Recording unit 403 is for by the first logical address of the first data to be written and the first physical address Mapping relations recorded first entry;Ciphering unit 404 is used to encrypt the first entry.
Further, select unit 401 is additionally operable to from the non-volatile memory medium of hard disk as the second data choosing to be written Select the second physical address;Memory element 402 is additionally operable to the second second physical address of data Cun Chudao to be written;Recording unit 403 It is additionally operable to the mapping relations by the second logical address of the second data to be written with the second physical address and recorded second entry;Encryption Unit 404 is additionally operable to encrypt second entry.
Optionally, memory element 402 is additionally operable to the next bit to the first physical address end position as initial address Random number is write in first length physical address.Further, memory element 402 is additionally operable to the second physical address end position Next bit as writing random number in the second length physical address of initial address.Optionally, the first length and the second length It is different.
In HD encryption equipment as shown in Figure 4, between memory element 402 and ciphering unit 403, do not indicate that restriction is performed Sequencing.HD encryption equipment as shown in Figure 4, can apply in hard disk, perform foregoing embodiments of the present invention Content, specific embodiment and effect refer to the detailed description of previous embodiments, will not be described here.
HD encryption equipment as shown in Figure 4, a kind of implementation are to be provided with said units on HD encryption equipment, on State unit to be loaded in the internal memory of HD encryption equipment, the instruction in internal memory is performed by the CPU in HD encryption equipment, it is real Function in existing corresponding embodiment of the invention;Another kind of to realize, the unit included in HD encryption equipment can be come by hardware Realize, or the instruction performed by CPU in internal memory is realized with hardware combinations.Said units are also referred to as construction unit.One of which Implementation, HD encryption equipment can apply to hard disk controller.
The embodiment of the present invention, additionally provides non-volatile computer readable storage medium storing program for executing and computer program, non-easy The computer instruction included in the property lost computer-readable recording medium and computer program, when implementation of the present invention is provided Hard disk controller perform non-volatile computer readable storage medium storing program for executing and computer program in the computer instruction that includes When, make hard disk perform the present invention respectively and realize the various possible implementation described by the above embodiment of the present invention.
In several embodiments provided by the present invention, it should be understood that disclosed device, method, which can be passed through Its mode is realized.For example, the division of unit described in device embodiment described above, only a kind of logic function are drawn Point, can there are other dividing mode, such as multiple units or component combine or be desirably integrated into separately when actually realizing One system, or some features can ignore, or do not perform.It is another, shown or discussed coupling each other or straight It can be INDIRECT COUPLING or communication connection by some interfaces, device or unit to connect coupling or communication connection, can be it is electrical, Mechanical or other forms.
The unit as separating component explanation can be or may not be it is physically separate, it is aobvious as unit The part for showing can be or may not be physical location, you can local to be located at one, or can also be distributed to multiple On NE.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, it is also possible to It is that unit is individually physically present, it is also possible to which two or more units are integrated in a unit.

Claims (20)

1. a kind of hard disk encryption method, it is characterised in that:
Hard disk controller selects the first physical address for the first data to be written from the non-volatile memory medium of hard disk;
The hard disk controller is by the first physical address described in the described first data Cun Chudao to be written;
Mapping of the hard disk controller by the first logical address of the described first data to be written with first physical address is closed System recorded first entry;
The hard disk controller encrypts the first entry.
2. method according to claim 1, it is characterised in that methods described also includes:
The hard disk controller selects second physically for the second data to be written from the non-volatile memory medium of the hard disk Location;
The hard disk controller is by the second physical address described in the described second data Cun Chudao to be written;
Mapping of the hard disk controller by the second logical address of the described second data to be written with second physical address is closed System recorded second entry;
The hard disk controller encrypts the second entry.
3. method according to claim 2, it is characterised in that first data to be written and the second data category to be written In same data flow.
4. method according to claim 3, it is characterised in that first physical address and second physical address are The physical address that the hard disk controller is selected according to random algorithm.
5. method according to claim 2, it is characterised in that methods described also includes:The hard disk controller is to described The next bit of the first physical address end position is used as writing random number in the first length physical address of initial address.
6. method according to claim 5, it is characterised in that methods described also includes:The hard disk controller is to described The next bit of the second physical address end position is used as writing random number in the second length physical address of initial address.
7. method according to claim 6, it is characterised in that first length is different from second length.
8. method according to claim 1, it is characterised in that the hard disk is solid state hard disc, the first entry is institute State the entry in solid state hard disc flash translation layer (FTL).
9. a kind of hard disk, it is characterised in that:The hard disk includes hard disk controller and non-volatile memory medium;
The hard disk controller is for selecting the first physical address for the first data to be written from the non-volatile memory medium;
By the first physical address described in the described first data Cun Chudao to be written;
Mapping relations of first logical address of the described first data to be written with first physical address be recorded into first Mesh;
Encrypt the first entry.
10. hard disk according to claim 9, it is characterised in that the hard disk controller is additionally operable to:
The second physical address is selected for the second data to be written from the non-volatile memory medium;
By the second physical address described in the described second data Cun Chudao to be written;
Mapping relations of second logical address of the described second data to be written with second physical address be recorded into Article 2 Mesh;
Encrypt the second entry.
11. hard disk according to claim 10, it is characterised in that first data to be written and second data to be written Belong to same data flow.
12. hard disks according to claim 11, it is characterised in that first physical address and second physical address For the physical address that the hard disk controller is selected from the non-volatile memory medium according to random algorithm.
13. hard disks according to claim 10, it is characterised in that the hard disk controller is additionally operable to:To first thing The next bit of reason end of address (EOA) position is used as writing random number in the first length physical address of initial address.
14. hard disks according to claim 13, it is characterised in that the hard disk controller is additionally operable to:To second thing The next bit of reason end of address (EOA) position is used as writing random number in the second length physical address of initial address.
15. hard disks according to claim 14, it is characterised in that first length is different from second length.
16. hard disks according to claim 9, it is characterised in that the hard disk is solid state hard disc, and the first entry is institute State the entry in solid state hard disc flash translation layer (FTL).
17. a kind of HD encryption equipment, it is characterised in that include:
Select unit, for selecting the first physical address for the first data to be written from the non-volatile memory medium of hard disk;
Memory element, for by the first physical address described in the described first data Cun Chudao to be written;
Recording unit, for by the mapping relations of the first logical address of the described first data to be written and first physical address Recorded first entry;
Ciphering unit, for encrypting the first entry.
18. HD encryption equipment according to claim 17, it is characterised in that the select unit is additionally operable to from described hard The second physical address is selected for the second data to be written in the non-volatile memory medium of disk;
The memory element is additionally operable to the second physical address described in the described second data Cun Chudao to be written;
The recording unit, is additionally operable to the described second second logical address of data to be written and reflecting for second physical address Relation record is penetrated to second entry;
The ciphering unit is additionally operable to encrypt the second entry.
19. HD encryption equipment according to claim 18, it is characterised in that the memory element is additionally operable to described The next bit of one physical address end position is used as writing random number in the first length physical address of initial address.
20. HD encryption equipment according to claim 19, it is characterised in that the memory element is additionally operable to described The next bit of two physical address end positions is used as writing random number in the second length physical address of initial address.
CN201611110235.1A 2016-12-06 2016-12-06 Hard disk encryption method, hard disk and hard disk encryption equipment Pending CN106599701A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611110235.1A CN106599701A (en) 2016-12-06 2016-12-06 Hard disk encryption method, hard disk and hard disk encryption equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611110235.1A CN106599701A (en) 2016-12-06 2016-12-06 Hard disk encryption method, hard disk and hard disk encryption equipment

Publications (1)

Publication Number Publication Date
CN106599701A true CN106599701A (en) 2017-04-26

Family

ID=58597159

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611110235.1A Pending CN106599701A (en) 2016-12-06 2016-12-06 Hard disk encryption method, hard disk and hard disk encryption equipment

Country Status (1)

Country Link
CN (1) CN106599701A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108197483A (en) * 2017-12-29 2018-06-22 北京联想核芯科技有限公司 Data guard method, solid state disk
CN108958666A (en) * 2018-07-26 2018-12-07 浪潮电子信息产业股份有限公司 Data processing method and main control chip
WO2019127018A1 (en) * 2017-12-26 2019-07-04 华为技术有限公司 Memory system access method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105074676A (en) * 2013-03-15 2015-11-18 西部数据技术公司 Multiple stream compression and formatting of data for data storage systems
CN105700830A (en) * 2016-02-26 2016-06-22 湖南国科微电子股份有限公司 Solid-state disk master control supporting WORM storage, solid-state disk and WORM storage method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105074676A (en) * 2013-03-15 2015-11-18 西部数据技术公司 Multiple stream compression and formatting of data for data storage systems
CN105700830A (en) * 2016-02-26 2016-06-22 湖南国科微电子股份有限公司 Solid-state disk master control supporting WORM storage, solid-state disk and WORM storage method

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019127018A1 (en) * 2017-12-26 2019-07-04 华为技术有限公司 Memory system access method and device
US11436157B2 (en) 2017-12-26 2022-09-06 Huawei Technologies Co., Ltd. Method and apparatus for accessing storage system
US12038851B2 (en) 2017-12-26 2024-07-16 Huawei Technologies Co., Ltd. Method and apparatus for accessing storage system
CN108197483A (en) * 2017-12-29 2018-06-22 北京联想核芯科技有限公司 Data guard method, solid state disk
CN108958666A (en) * 2018-07-26 2018-12-07 浪潮电子信息产业股份有限公司 Data processing method and main control chip

Similar Documents

Publication Publication Date Title
JP5662037B2 (en) Data whitening to read and write data to non-volatile memory
CN104424016B (en) Virtual tape concentration for self-encrypting drives
US20230195654A1 (en) Namespace encryption in non-volatile memory devices
US7930494B1 (en) Storage area network (SAN) switch multi-pass erase of data on target devices
CN104205070B (en) The safety deleting of data is stored in memory
US20140331061A1 (en) Drive level encryption key management in a distributed storage system
CN111131130B (en) Key management method and system
KR20120098505A (en) Efficient buffering for a system having non-volatile memory
US9665501B1 (en) Self-encrypting data storage device supporting object-level encryption
US20140325235A1 (en) Decrypt and encrypt data of storage device
US20120096281A1 (en) Selective storage encryption
US20130073870A1 (en) Secure relocation of encrypted files
US20130305061A1 (en) Data storage device and data protection method
CN106599701A (en) Hard disk encryption method, hard disk and hard disk encryption equipment
CN110163011B (en) High-speed safe hard disk design method
US10540505B2 (en) Technologies for protecting data in an asymmetric storage volume
US10985916B2 (en) Obfuscation of keys on a storage medium to enable storage erasure
CN113420308A (en) Data access control method and control system for encryption memory
Sassani et al. Evaluating encryption algorithms for sensitive data using different storage devices
US9058295B2 (en) Encrypt data of storage device
CN107608825A (en) A kind of method and device of cloud backup snapshot data
US9898208B2 (en) Storage system with hybrid logical volumes utilizing in-band hinting
CN110765498A (en) Encryption computer
CN110765497A (en) Data processing method of encryption computer
Hsieh et al. PRESS: Persistence Relaxation for Efficient and Secure Data Sanitization on Zoned Namespace Storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170426

RJ01 Rejection of invention patent application after publication