CN111222152A - Data writing method, device, equipment and storage medium - Google Patents

Data writing method, device, equipment and storage medium Download PDF

Info

Publication number
CN111222152A
CN111222152A CN202010004465.XA CN202010004465A CN111222152A CN 111222152 A CN111222152 A CN 111222152A CN 202010004465 A CN202010004465 A CN 202010004465A CN 111222152 A CN111222152 A CN 111222152A
Authority
CN
China
Prior art keywords
data
data block
plaintext
ciphertext
sector
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010004465.XA
Other languages
Chinese (zh)
Other versions
CN111222152B (en
Inventor
望声宜
韩朱忠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Dameng Database Co Ltd
Original Assignee
Shanghai Dameng Database Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Dameng Database Co Ltd filed Critical Shanghai Dameng Database Co Ltd
Priority to CN202010004465.XA priority Critical patent/CN111222152B/en
Publication of CN111222152A publication Critical patent/CN111222152A/en
Application granted granted Critical
Publication of CN111222152B publication Critical patent/CN111222152B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

The embodiment of the invention discloses a data writing method, a data writing device, data writing equipment and a storage medium. The method comprises the following steps: dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.

Description

Data writing method, device, equipment and storage medium
Technical Field
Embodiments of the present invention relate to database technologies, and in particular, to a data writing method, apparatus, device, and storage medium.
Background
The files constituting the database include: data files, rollback log files, redo log files, control files, and the like. The data is finally stored in a data file, including: table data, indices, etc. A data file is applied or extended for a logically contiguous piece of space in clusters (otherwise known as extents), a cluster containing multiple pages (otherwise known as chunks) of data.
The minimum unit of data storage is a data page, and data in the table is stored in the data page by rows. Common data page sizes include: 4KB, 8KB, 16KB or 32KB, a cluster may typically contain 16 or 32 pages. The minimum reading and writing unit of the file system of the operating system is a sector, and the size of one sector is 512B, 2048B and 4096B. The minimum space application unit of the file system of the operating system is a cluster (or a block), one cluster at least comprises one sector, and one cluster with the minimum 512B and the maximum 32 KB. And the database reads and writes the data file according to the data page, so that the read-write integrity of the data page is ensured. The operating system reads and writes data files according to sectors, the read-write integrity of the sectors is guaranteed, and clusters are logical concepts. Data files store sensitive data, which is typically stored encrypted to protect the data.
The data page size is different from the sector size, and one data page typically spans multiple sectors. When a data file is written after a data page is encrypted, a sudden power failure or other writing abnormal conditions may be encountered, and finally, a part of sectors are successfully written into a file system of an operating system, and data of the part of sectors are not written yet. When the operating system is restored, the sectors maintain data integrity, but the data integrity of the data page may be compromised, resulting in an inability to decrypt the original plaintext of the data page.
Disclosure of Invention
The invention provides a data writing method, a device, equipment and a storage medium, which are used for realizing complete writing of data.
In a first aspect, an embodiment of the present invention provides a data writing method, where the data writing method includes:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
In a second aspect, an embodiment of the present invention further provides a data writing apparatus, where the data writing apparatus includes:
the dividing module is used for dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block;
and the encryption module is used for encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into the sector.
In a third aspect, an embodiment of the present invention further provides an apparatus, where the apparatus includes:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement a data writing method according to any one of the embodiments of the present invention.
In a fourth aspect, the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement a data writing method according to any one of the embodiments of the present invention.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Drawings
FIG. 1 is a flow chart of a data writing method according to a first embodiment of the present invention;
FIG. 2 is a flowchart of a data writing method according to a second embodiment of the present invention;
fig. 3 is a structural diagram of a data writing apparatus according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus in the fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a data writing method according to an embodiment of the present invention, where the embodiment is applicable to a data writing situation in a database, and the method can be executed by a data writing device, and specifically includes the following steps:
step 110, dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block.
The first plaintext data block may be specifically understood as a plurality of data blocks into which the plaintext stored in one data page is divided according to the size of a sector.
Specifically, the data page size is an integer multiple of the sector, and how many data blocks the data page is divided into is determined according to the ratio of the data page size to the sector size. For example, a data page size of 4KB, a sector size of 512B, the data page 4KB being fragmented into eight data blocks 512B, the first plaintext data block being A1A2A3A4A5A6A7A8
And 120, encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
The ciphertext data block may be understood as a corresponding ciphertext data block obtained by encrypting the first plaintext data block according to an encryption algorithm.
In particular, each block of data is separately encrypted as a separate entity, e.g. plaintext data A1A2A3A4A5A6A7A8Performing encryption, wherein A1The encrypted ciphertext is E1,A2The encrypted ciphertext is E2,A3The encrypted ciphertext is E3,A4The encrypted ciphertext is E4,A5The encrypted ciphertext is E5,A6The encrypted ciphertext is E6,A7After encryption, the cipherIs described as E7,A8The encrypted ciphertext is E8And finally obtaining ciphertext data E1E2E3E4E5E6E7E8And writing the obtained ciphertext data blocks into the sectors respectively. I.e. each component EiCorresponding to a sector, and the plaintext data block is Ai
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Example two
Fig. 2 is a flowchart of a data writing method according to a second embodiment of the present invention. The technical scheme of the embodiment is further refined on the basis of the technical scheme, and specifically mainly comprises the following steps:
step 210, dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block.
And step 220, encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
Specifically, when encrypting the first plaintext data, the encryption mode may be an Electronic Codebook (ECB), a Cipher-block chaining (CBC), a Cipher-text feedback (CFB), and an Output Feedback (OFB). The ECB and the CBC are in a filling working mode, the ciphertext length and the plaintext length can be ensured to be the same only by ensuring that the original text length is integral multiple of an encryption BLOCK BLOCK _ SIZE (8Byte, 16Byte), and the data page SIZE (4KB, 8KB, 16KB or 32KB) just meets the condition; the CFB and the OFB do not change the length of the original text, and the length of the ciphertext is the same as that of the plaintext. Therefore, four working modes of ECB, CBC, CFB and OFB can be used for data page encryption. The encryption algorithm may be a symmetric encryption and decryption algorithm, such as Data Encryption Standard (DES), DES3, AES128, AES192, AES256, SM1, SM4, SM6, etc., which may be used for data page slice encryption. And respectively writing the encrypted ciphertext data blocks into the sectors.
Further, the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
And step 230, when the writing of the ciphertext data block is abnormal, reading the current ciphertext data block from the sector.
The current ciphertext data block may be specifically understood as a ciphertext data block currently stored in the sector; and the writing of the ciphertext data block fails due to the burst exception. A complete data page ciphertext is composed of a plurality of ciphertext data blocks, and the following exceptions may occur during writing: for example, the first few ciphertext data blocks are successfully written, and the last few ciphertext data blocks are unsuccessfully written; or, none of the ciphertext data blocks are successfully written. Therefore, the read current ciphertext data block may be the ciphertext data block corresponding to the old data before modification, or may be the ciphertext data block corresponding to the new data after modification.
Specifically, when data in the table is modified, the data page is used as the minimum read-write unit, and the corresponding data page needs to be modified, that is, new data is written. When data is written, data is written abnormally due to power-off, network abnormality, or other occurrence, and data block a is shifted according to the offset, assuming that a data page is located according to the page number8Partial content is modified, and the modified content is marked as C8If the plain text corresponds to the data page A1A2A3A4A5A6A7C8. The encryption is carried out by taking the fragments as units, and only E is obtained after the encryption8Is changed into F8If the contents of the sectors corresponding to other fragments remain unchanged, the cipher text after data page encryption after data modification is E1E2E3E4E5E6E7F8. Suppose E1E2E3E4E5E6E7F8Only partial sectors of the eight components are successfully written, for example: e1E2E3And if the writing is successful, the subsequent part is abnormally written and the sector is not normally written. At this time, the ciphertext stored in the first three sectors of the eight sectors is changed, and is newly written E1E2E3The latter five sectors are still the former E4E5E6E7E8. At this time, the cipher text data block read from the sector is E1E2E3E4E5E6E7E8That is, the old data before modification is read to correspond to the ciphertext data block.
And 240, decrypting the current ciphertext data block to obtain a second plaintext data block.
The second plaintext data block may be specifically understood as a plurality of data blocks into which the plaintext stored in one data page is divided according to the size of the sector.
Specifically, the current ciphertext data block is decrypted according to an encryption algorithm and a key to obtain a second plaintext data block. In the second plaintext data block at this time, a part of the data blocks may be new data after modification due to a write error, and a part of the data blocks may be old data before modification. Because the data is encrypted in a slicing way when being encrypted, namely the data is encrypted by taking the data block as a unit, and the ciphertext of one data block is complete, the normal decryption process can be realized at the moment. The problem that when the whole data page is taken as an encryption unit, as the data page spans a plurality of sectors, when abnormal conditions exist, part of the sectors are newly written ciphertext data, part of the sectors are old ciphertext data stored before, and the ciphertext data of the data page is incomplete, the data page cannot be decrypted normally to obtain the plaintext of the current data page is solved.
Step 250, modifying the second plaintext data block according to the plaintext modification record of the data page.
Wherein the plaintext is modifiedThe recording may specifically be understood as recording modified content of a plaintext, specifically, the plaintext modification record of the data page at least includes a specified offset, a modified byte number, and modified new data, the specified offset may specifically be understood as recording a modified position of the data page, and the modified byte number may specifically be understood as a byte length of the modified new data. The plaintext modification record records what the plaintext is modified by a few bytes from a specified offset, the offset is relative to the entire data page, and the modification record does not need to record what the old data is. For example, when the data page size is 4K, at offset 3584B (corresponding to the last second plaintext data block A)8Start offset) is modified by 1 byte, and the new data written is marked as "X", or may be at a8The other offsets modify the content.
Specifically, one data page is stored in a plurality of sectors, and the data stored in one sector corresponds to one data page; when a data modification occurs, it can be determined from the plaintext modification record for the data page what new data the second block of plaintext data is modified into. For example, locating the current data page offset 3584, modifying 1 byte, writing a new data "X", then the second block of plaintext data A8Is modified to C8If the plain text corresponds to the data page A1A2A3A4A5A6A7C8
And step 260, encrypting the modified second plaintext data block and writing the encrypted second plaintext data block into the sector.
Specifically, the modified second plaintext data block is A1A2A3A4A5A6A7C8If the encryption is performed in units of slices, only E is obtained after the encryption8Is changed into F8If the contents of the sectors corresponding to other fragments remain unchanged, the cipher text after data page encryption after data modification is E1E2E3E4E5E6E7F8. Encrypted ciphertext data E1E2E3E4E5E6E7F8And written into the sector.
Illustratively, eight components A in data page1A2A3A4A5A6A7A8Each part is changed as an example, and the data writing process is illustrated. The plaintext after the change is marked as C1C2C3C4C5C6C7C8. Cipher text slave E after slice encryption1E2E3E4E5E6E7E8Is converted into F1F2F3F4F5F6F7F8. Suppose F1F2F3F4F5F6F7F8Only partial sectors of the eight components are successfully written, for example: f1F2F3Has been successfully written, the subsequent part F4F5F6F7F8Write exception, no sectors are written normally. At this time, the ciphertext stored in the first three sectors of the eight sectors is changed, and is newly written F1F2F3The next five sectors are still previously stored E4E5E6E7E8. During exception handling, the data page is used as the minimum read-write unit, and the ciphertext data read from the file system of the operating system is F1F2F3E4E5E6E7E8Eight major components. Slicing as a minimum unit of encryption and decryption, according to F1Decrypting by the secret key and the encryption algorithm to obtain the original plaintext C of the data page1In the same way, will F2Decipher to C2Will F3Decipher to C3A 1 is mixing E4Decipher as A4A 1 is mixing E5Decipher as A5A 1 is mixing E6Decipher as A6A 1 is mixing E7Decipher as A7A 1 is mixing E8Decipher as A8And finally, plaintext C is obtained1C2C3A4A5A6A7A8. Then, according to the modification record, the data page is assigned with offset modificationChange to specified content, i.e. C1Heavy as C1Mixing C with2Heavy as C2Mixing C with3Heavy as C3A is4Heavy as C4A is5Heavy as C5A is6Heavy as C6A is7Heavy as C7A is8Heavy as C8Finally, the data page plaintext is modified to C1C2C3C4C5C6C7C8Encrypted ciphertext of F1F2F3F4F5F6F7F8And writing the data page cipher text into the data file.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
EXAMPLE III
Fig. 3 is a structural diagram of a data writing device according to a third embodiment of the present invention, where the device includes: a partitioning module 31 and an encryption module 32.
The dividing module 31 is configured to divide the plaintext of the data page according to the size of the sector to obtain a first plaintext data block; and the encryption module 32 is configured to encrypt the first plaintext data block to obtain a ciphertext data block and write the ciphertext data block into the sector.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Further, the apparatus further comprises:
and the reading module is used for reading the current ciphertext data block from the sector when the ciphertext data block is abnormally written.
And the decryption module is used for decrypting the current ciphertext data block to obtain a second plaintext data block.
And the modification module is used for modifying the second plaintext data block according to the plaintext modification record of the data page.
And the writing module is used for encrypting the modified second plaintext data block and writing the encrypted second plaintext data block into the sector.
Further, the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
Further, the plaintext modification record of the data page at least comprises a specified offset, a modified byte number and modified new data.
The data writing device provided by the embodiment of the invention can execute the data writing method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of an apparatus according to a fourth embodiment of the present invention, as shown in fig. 4, the apparatus includes a processor 40, a memory 41, an input device 42, and an output device 43; the number of processors 40 in the device may be one or more, and one processor 40 is taken as an example in fig. 4; the processor 40, the memory 41, the input means 42 and the output means 43 in the device may be connected by a bus or other means, as exemplified by the bus connection in fig. 4.
The memory 41, which is a computer-readable storage medium, may be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the data writing method in the embodiment of the present invention (for example, the dividing module 31 and the encryption module 32 in the data writing method apparatus). The processor 40 executes various functional applications of the device and data processing, i.e., implements the above-described data writing method, by executing software programs, instructions, and modules stored in the memory 41.
The memory 41 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 41 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, memory 41 may further include memory located remotely from processor 40, which may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 42 is operable to receive input numeric or character information and to generate key signal inputs associated with user settings and function controls. The output device 43 may include a display device such as a display screen.
EXAMPLE five
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, where the computer-executable instructions are executed by a computer processor to perform a data writing method, and the method includes:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
Of course, the storage medium provided by the embodiment of the present invention contains computer-executable instructions, and the computer-executable instructions are not limited to the operations of the method described above, and may also perform related operations in the data writing method provided by any embodiment of the present invention.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the data writing device, the included units and modules are merely divided according to functional logic, but are not limited to the above division as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A method of writing data, comprising:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
2. The method of claim 1, further comprising:
when the ciphertext data block is abnormally written, reading the current ciphertext data block from the sector;
decrypting the current ciphertext data block to obtain a second plaintext data block;
modifying the second plaintext data block according to the plaintext modification record of the data page;
and writing the modified second plaintext data block into the sector after encrypting the modified second plaintext data block.
3. The method of claim 1 or 2, wherein the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
4. The method of claim 1 or 2, wherein the plaintext modification records for the data page include at least a specified offset, a modified number of bytes, and modified new data.
5. A data writing apparatus, comprising:
the dividing module is used for dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block;
and the encryption module is used for encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into the sector.
6. The apparatus of claim 5, further comprising:
the reading module is used for reading the current ciphertext data block from the sector when the ciphertext data block is abnormally written;
the decryption module is used for decrypting the current ciphertext data block to obtain a second plaintext data block;
the modification module is used for modifying the second plaintext data block according to the plaintext modification record of the data page;
and the writing module is used for encrypting the modified second plaintext data block and writing the encrypted second plaintext data block into the sector.
7. The apparatus of claim 5 or 6, wherein the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
8. The apparatus of claim 5 or 6, wherein the plaintext modification records for the data page include at least a specified offset, a modified number of bytes, and modified new data.
9. An apparatus, characterized in that the apparatus comprises:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the data writing method of any one of claims 1-4.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a data writing method according to any one of claims 1 to 4.
CN202010004465.XA 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium Active CN111222152B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010004465.XA CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010004465.XA CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111222152A true CN111222152A (en) 2020-06-02
CN111222152B CN111222152B (en) 2022-10-14

Family

ID=70831018

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010004465.XA Active CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111222152B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112003859A (en) * 2020-08-21 2020-11-27 江苏徐工工程机械研究院有限公司 Data encryption method and device and data decryption method and device
CN115048657A (en) * 2021-03-09 2022-09-13 技术创新研究所 System, method, and computer-readable medium for protecting cryptographic keys
CN115357295A (en) * 2022-10-21 2022-11-18 荣耀终端有限公司 System rollback method, device and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060050889A1 (en) * 2004-09-09 2006-03-09 Lee Jae M Decrypting block encrypted data
CN101288065A (en) * 2005-03-28 2008-10-15 德塔勒哥若公司 Non-invasive encryption for relational database management systems
CN102930224A (en) * 2012-10-19 2013-02-13 华为技术有限公司 Hard drive data write/read method and device
CN104834835A (en) * 2015-05-13 2015-08-12 武汉大学 Universal digital rights protection method under Windows platform
US20180165012A1 (en) * 2016-12-12 2018-06-14 Megachips Corporation Memory device, controller, host apparatus, data processing system, computer-readable non-transitory recording medium, operation method of memory device, and operation method of host apparatus
CN109145639A (en) * 2018-07-27 2019-01-04 北京北信源信息安全技术有限公司 File encrypting method, decryption method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060050889A1 (en) * 2004-09-09 2006-03-09 Lee Jae M Decrypting block encrypted data
CN101288065A (en) * 2005-03-28 2008-10-15 德塔勒哥若公司 Non-invasive encryption for relational database management systems
CN102930224A (en) * 2012-10-19 2013-02-13 华为技术有限公司 Hard drive data write/read method and device
CN104834835A (en) * 2015-05-13 2015-08-12 武汉大学 Universal digital rights protection method under Windows platform
US20180165012A1 (en) * 2016-12-12 2018-06-14 Megachips Corporation Memory device, controller, host apparatus, data processing system, computer-readable non-transitory recording medium, operation method of memory device, and operation method of host apparatus
CN109145639A (en) * 2018-07-27 2019-01-04 北京北信源信息安全技术有限公司 File encrypting method, decryption method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112003859A (en) * 2020-08-21 2020-11-27 江苏徐工工程机械研究院有限公司 Data encryption method and device and data decryption method and device
CN115048657A (en) * 2021-03-09 2022-09-13 技术创新研究所 System, method, and computer-readable medium for protecting cryptographic keys
CN115048657B (en) * 2021-03-09 2023-09-15 技术创新研究所 System, method and computer readable medium for protecting cryptographic keys
CN115357295A (en) * 2022-10-21 2022-11-18 荣耀终端有限公司 System rollback method, device and storage medium

Also Published As

Publication number Publication date
CN111222152B (en) 2022-10-14

Similar Documents

Publication Publication Date Title
CN111222152B (en) Data writing method, device, equipment and storage medium
US8479304B1 (en) Selectively protecting against chosen plaintext attacks in untrusted storage environments that support data deduplication
CN109564553B (en) Multi-stage memory integrity method and apparatus
EP2016525B1 (en) Encryption apparatus and method for providing an encrypted file system
US8281143B1 (en) Protecting against chosen plaintext attacks in untrusted storage environments that support data deduplication
US9256499B2 (en) Method and apparatus of securely processing data for file backup, de-duplication, and restoration
US20140129848A1 (en) Method and Apparatus for Writing and Reading Hard Disk Data
CN102262721B (en) Data encryption for independent agency is changed
CN114327261B (en) Data file storage method and data security agent
WO2019231761A1 (en) Locally-stored remote block data integrity
CN115146318B (en) Virtual disk safe storage method
US7904489B2 (en) Database unload/reload of partitioned tables
KR102418090B1 (en) Computer program for dividing original file into multiple pieces, encrypting divided files and restoring original file by decrypting encrypted files, and method thereof
EP2998903B1 (en) System and method for robust full-drive encryption
CN110826099A (en) Safe storage method and system suitable for embedded real-time operating system
CN107861892B (en) Method and terminal for realizing data processing
US8046593B2 (en) Storage device controlled access
RU2580014C2 (en) System and method for changing mask of encrypted region during breakdown in computer system
CN105141643A (en) Document encryption management method and device
US11861374B2 (en) Batch transfer of commands and data in a secure computer system
CN114239091B (en) Disk encryption method and system based on trusted chip
CN114329607A (en) Method for realizing transparent encryption and decryption of WAL log in PostgreSQL database
CN114969781A (en) Method, device, processor and computer readable storage medium for realizing customized encryption of machining program in numerical control system
US20130036474A1 (en) Method and Apparatus for Secure Data Representation Allowing Efficient Collection, Search and Retrieval
CN117220985A (en) Data encryption interaction method and device based on isolated network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant