CN111222152B - Data writing method, device, equipment and storage medium - Google Patents

Data writing method, device, equipment and storage medium Download PDF

Info

Publication number
CN111222152B
CN111222152B CN202010004465.XA CN202010004465A CN111222152B CN 111222152 B CN111222152 B CN 111222152B CN 202010004465 A CN202010004465 A CN 202010004465A CN 111222152 B CN111222152 B CN 111222152B
Authority
CN
China
Prior art keywords
data
data block
plaintext
ciphertext
sector
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010004465.XA
Other languages
Chinese (zh)
Other versions
CN111222152A (en
Inventor
望声宜
韩朱忠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Dameng Database Co Ltd
Original Assignee
Shanghai Dameng Database Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Dameng Database Co Ltd filed Critical Shanghai Dameng Database Co Ltd
Priority to CN202010004465.XA priority Critical patent/CN111222152B/en
Publication of CN111222152A publication Critical patent/CN111222152A/en
Application granted granted Critical
Publication of CN111222152B publication Critical patent/CN111222152B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

The embodiment of the invention discloses a data writing method, a data writing device, data writing equipment and a storage medium. The method comprises the following steps: dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not affected mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.

Description

Data writing method, device and equipment and storage medium
Technical Field
Embodiments of the present invention relate to database technologies, and in particular, to a data writing method, apparatus, device, and storage medium.
Background
The files constituting the database include: data files, rollback log files, redo log files, control files, and the like. The data is finally stored in a data file, including: table data, indices, etc. A data file is applied or expanded in a logically contiguous piece of space in clusters (otherwise known as extents), one cluster containing multiple pages (otherwise known as blocks) of data.
The minimum unit of data storage is a data page, and data in the table is stored in the data page by rows. Common data page sizes include: 4KB, 8KB, 16KB or 32KB, a cluster may typically contain 16 or 32 pages. The minimum reading and writing unit of the file system of the operating system is a sector, and the size of one sector is 512B, 2048B and 4096B. The minimum space application unit of the file system of the operating system is a cluster (or a block), one cluster at least comprises one sector, and one cluster is 512B at the minimum and 32KB at the maximum. And the database reads and writes the data file according to the data page, so that the read-write integrity of the data page is ensured. The operating system reads and writes data files according to sectors, the read-write integrity of the sectors is guaranteed, and clusters are logical concepts. Data files store sensitive data, which is typically stored encrypted to protect the data.
The data page size is different from the sector size, and one data page typically spans multiple sectors. When a data file is written after a data page is encrypted, a sudden power failure or other writing abnormal conditions may be encountered, and finally, a part of sectors are successfully written into a file system of an operating system, and data of the part of sectors are not written yet. When the operating system is restored, the sectors maintain data integrity, but the data integrity of the data page may be corrupted, resulting in an inability to decrypt the original plaintext of the data page.
Disclosure of Invention
The invention provides a data writing method, a device, equipment and a storage medium, which are used for realizing complete writing of data.
In a first aspect, an embodiment of the present invention provides a data writing method, where the data writing method includes:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
In a second aspect, an embodiment of the present invention further provides a data writing apparatus, where the data writing apparatus includes:
the dividing module is used for dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block;
and the encryption module is used for encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into the sector.
In a third aspect, an embodiment of the present invention further provides an apparatus, where the apparatus includes:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement a data writing method according to any one of embodiments of the present invention.
In a fourth aspect, embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a data writing method according to any one of the embodiments of the present invention.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Drawings
FIG. 1 is a flow chart of a data writing method according to a first embodiment of the present invention;
FIG. 2 is a flowchart illustrating a data writing method according to a second embodiment of the present invention;
fig. 3 is a structural diagram of a data writing apparatus according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus in a fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a data writing method according to an embodiment of the present invention, where the embodiment is applicable to a data writing situation in a database, and the method can be executed by a data writing device, and specifically includes the following steps:
step 110, dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block.
The first plaintext data block may be understood as a plurality of data blocks, into which the plaintext stored in one data page is divided according to the size of the sector.
Specifically, the data page size is an integral multiple of the sector, and the number of data blocks into which the data page is divided is determined according to the ratio of the data page size to the sector size. For example, a data page size of 4KB, a sector size of 512B, the data page 4KB being fragmented into eight data blocks 512B, the first plaintext data block being A 1 A 2 A 3 A 4 A 5 A 6 A 7 A 8
And 120, encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
The ciphertext data block may be understood as a corresponding ciphertext data block obtained by encrypting the first plaintext data block according to an encryption algorithm.
In particular, each block of data is separately encrypted as a separate entity, e.g. plaintext data A 1 A 2 A 3 A 4 A 5 A 6 A 7 A 8 Carrying out encryption, wherein A 1 The encrypted ciphertext is E 1 ,A 2 The encrypted ciphertext is E 2 ,A 3 The encrypted ciphertext is E 3 ,A 4 The encrypted ciphertext is E 4 ,A 5 The encrypted ciphertext is E 5 ,A 6 The encrypted ciphertext is E 6 ,A 7 The encrypted ciphertext is E 7 ,A 8 The encrypted ciphertext is E 8 And finally obtaining ciphertext data E 1 E 2 E 3 E 4 E 5 E 6 E 7 E 8 And writing the obtained ciphertext data blocks into the sectors respectively. I.e. each component E i Corresponding to a sector, the plaintext data block is A i
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, part of sectors are successfully written into a file system of an operating system, and the data of part of sectors are not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Example two
Fig. 2 is a flowchart of a data writing method according to a second embodiment of the present invention. The technical scheme of the embodiment is further refined on the basis of the technical scheme, and specifically mainly comprises the following steps:
step 210, dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block.
And step 220, encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
Specifically, when the first plaintext data is encrypted, the encryption operating mode may be an Electronic Codebook (ECB), a Cipher Block Chaining (CBC), a Cipher text feedback (CFB), and an Output Feedback (OFB). The ECB and the CBC are in a filling working mode, the ciphertext length and the plaintext length can be ensured to be the same only by ensuring that the original text length is integral multiple of an encryption BLOCK BLOCK _ SIZE (8 Byte, 16 Byte), and the data page SIZE (4 KB, 8KB, 16KB or 32 KB) just meets the condition; the CFB and the OFB do not change the length of the original text, and the length of the ciphertext is the same as that of the plaintext. Therefore, the four operation modes of ECB, CBC, CFB and OFB can be used for data page encryption. The Encryption algorithm may be a symmetric Encryption and decryption algorithm, such as Data Encryption Standard (DES), DES3, AES128, AES192, AES256, SM1, SM4, SM6, etc., which may be used for Data page slice Encryption. And respectively writing the encrypted ciphertext data blocks into the sectors.
Further, the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
And step 230, when the writing of the ciphertext data block is abnormal, reading the current ciphertext data block from the sector.
The current ciphertext data block may be specifically understood as a ciphertext data block currently stored in the sector; and the writing of the ciphertext data block fails due to the burst exception. A complete data page ciphertext is composed of a plurality of ciphertext data blocks, and the following exceptions may occur during writing: for example, the first few ciphertext data blocks are successfully written, and the second few ciphertext data blocks are unsuccessfully written; alternatively, none of the ciphertext data blocks are successfully written. Therefore, the read current ciphertext data block may be the ciphertext data block corresponding to the old data before modification, or may be the ciphertext data block corresponding to the new data after modification.
Specifically, when data in the table is modified, the data page is used as a minimum read-write unit, and the corresponding data page needs to be modified, that is, new data is written. When data is written, due to power-off, network abnormality, or other occurrence, the data block A is positioned according to the page number, assuming that the data page is positioned according to the page number, according to the offset 8 Partial content modification is carried out, and the modified content is marked as C 8 If the plain text corresponds to the data page A 1 A 2 A 3 A 4 A 5 A 6 A 7 C 8 . The encryption is carried out by taking the fragments as units, and only E is obtained after the encryption 8 Is changed into F 8 If the contents of the sectors corresponding to other fragments remain unchanged, the cipher text after data page encryption after data modification is E 1 E 2 E 3 E 4 E 5 E 6 E 7 F 8 . Suppose E 1 E 2 E 3 E 4 E 5 E 6 E 7 F 8 Only partial sectors of the eight components are successfully written, for example: e 1 E 2 E 3 And if the writing is successful, the subsequent part is abnormally written and the sector is not normally written. At this time, the cipher texts stored in the first three sectors of the eight large sectors are changed and are newly written E 1 E 2 E 3 The next five sectors are still the previous E 4 E 5 E 6 E 7 E 8 . At this time, the cipher text data block read from the sector is E 1 E 2 E 3 E 4 E 5 E 6 E 7 E 8 That is, the old data before modification is read to correspond to the ciphertext data block.
And 240, decrypting the current ciphertext data block to obtain a second plaintext data block.
The second plaintext data block may be specifically understood as a plurality of data blocks, into which the plaintext stored in one data page is divided according to the size of the sector.
Specifically, the current ciphertext data block is decrypted according to an encryption algorithm and a key to obtain a second plaintext data block. In the second plaintext data block at this time, a part of the data blocks may be new data after modification due to a write error, and a part of the data blocks may be old data before modification. Because the data is encrypted in a slicing way when being encrypted, namely the data is encrypted by taking the data block as a unit, and the ciphertext of one data block is complete, the normal decryption process can be realized at the moment. The problem that when the whole data page is taken as an encryption unit, as the data page spans a plurality of sectors, when abnormal conditions exist, part of the sectors are newly written ciphertext data, part of the sectors are old ciphertext data stored before, and the ciphertext data of the data page is incomplete, the data page cannot be decrypted normally to obtain the plaintext of the current data page is solved.
Step 250, modifying the second plaintext data block according to the plaintext modification record of the data page.
Specifically, the plaintext modification record of the data page at least includes a specified offset, a modified byte number, and modified new data, the specified offset may be specifically understood as a modification position of the recorded data page, and the modified byte number may be specifically understood as a byte length of the modified new data. The plaintext modification record records what the plaintext has modified by a few bytes from a specified offset, what the modified content is, relative to the entire data page, and what the old data is not required to be recorded in the modification record. For example, when the data page size is 4K, at offset 3584B (corresponding to the last second plaintext data block A) 8 Start offset) is modified by 1 byte, and the new data written is marked as "X", or may be at a 8 The other offsets modify the content.
Specifically, one data page is stored in a plurality of sectors, and the data stored in one sector corresponds to one data page; when data modification occurs, second plaintext data can be determined according to the plaintext modification record of the data pageInto what new data the block is modified. For example, the location of the current data page offset 3584 is located, 1 byte is modified, the new data "X" is written, and then the second block of plaintext data A is written 8 Is modified to C 8 If the plain text corresponds to the data page A 1 A 2 A 3 A 4 A 5 A 6 A 7 C 8
And step 260, encrypting the modified second plaintext data block and writing the encrypted second plaintext data block into the sector.
Specifically, the modified second plaintext data block is A 1 A 2 A 3 A 4 A 5 A 6 A 7 C 8 If the encryption is performed in units of fragments, only E is obtained after the encryption 8 Is changed into F 8 If the contents of the sectors corresponding to other fragments remain unchanged, the cipher text after data page encryption after data modification is E 1 E 2 E 3 E 4 E 5 E 6 E 7 F 8 . Encrypted ciphertext data E 1 E 2 E 3 E 4 E 5 E 6 E 7 F 8 And written into the sector.
Illustratively, eight components A in data page 1 A 2 A 3 A 4 A 5 A 6 A 7 A 8 Each part is changed as an example, and the data writing process is illustrated. The plaintext after the change is marked as C 1 C 2 C 3 C 4 C 5 C 6 C 7 C 8 . Cipher text slave E after slice encryption 1 E 2 E 3 E 4 E 5 E 6 E 7 E 8 Is converted into F 1 F 2 F 3 F 4 F 5 F 6 F 7 F 8 . Suppose F 1 F 2 F 3 F 4 F 5 F 6 F 7 F 8 Only partial sectors of the eight components are successfully written, for example: f 1 F 2 F 3 Has been successfully written, the subsequent part F 4 F 5 F 6 F 7 F 8 Write exception, no sectors are written normally. At this time, the process of the present invention,the cipher text stored in the first three sectors of the eight large sectors is changed and is newly written F 1 F 2 F 3 The next five sectors are still previously stored E 4 E 5 E 6 E 7 E 8 . During exception handling, the data page is used as the minimum read-write unit, and the ciphertext data read from the file system of the operating system is F 1 F 2 F 3 E 4 E 5 E 6 E 7 E 8 Eight major components. Slicing as a minimum unit of encryption and decryption, according to F 1 Decrypting by the secret key and the encryption algorithm to obtain the original plaintext C of the data page 1 In the same way, the same procedure as described above is carried out for F 2 Decipher to C 2 Will F 3 Decipher to C 3 A 1 is mixing E 4 Decipher as A 4 A 1 is mixing E 5 Decipher as A 5 A 1 is mixing E 6 Decipher as A 6 A 1 is mixing E 7 Decipher as A 7 A 1 is mixing E 8 Decipher as A 8 And finally, plaintext C is obtained 1 C 2 C 3 A 4 A 5 A 6 A 7 A 8 . Then according to the modification record, modifying the specified offset of the data page into the specified content, namely C 1 Heavy as C 1 Mixing C with 2 Heavy as C 2 Mixing C with 3 Heavy as C 3 A is 4 Heavy as C 4 A is 5 Heavy as C 5 A is prepared by 6 Heavy as C 6 A is prepared by 7 Heavy as C 7 A is 8 Heavy as C 8 Finally, the data page plaintext is modified to C 1 C 2 C 3 C 4 C 5 C 6 C 7 C 8 Encrypted ciphertext of F 1 F 2 F 3 F 4 F 5 F 6 F 7 F 8 And writing the data page cipher text into the data file.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, the encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not affected mutually. The situation that when the ciphertext data block of the data page is abnormally written, the partial sector is successfully written into the file system of the operating system, and the data of the partial sector is not written into the file system, so that the data page cannot be correctly decrypted is avoided.
EXAMPLE III
Fig. 3 is a structural diagram of a data writing device according to a third embodiment of the present invention, where the device includes: a partitioning module 31 and an encryption module 32.
The dividing module 31 is configured to divide the plaintext of the data page according to the size of the sector to obtain a first plaintext data block; and the encryption module 32 is configured to encrypt the first plaintext data block to obtain a ciphertext data block and write the ciphertext data block into the sector.
According to the embodiment of the invention, a first plaintext data block is obtained by dividing the plaintext of a data page according to the size of a sector; and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector. When the data page occupies a plurality of sectors, the data page is divided into segments according to the size of the sectors, and each segment is independently encrypted and decrypted, namely, encryption and decryption are performed by taking the sectors as units. Each sector is an independent encryption and decryption data block relative to the data page, and the encryption and decryption data blocks are not influenced mutually. The situation that when the ciphertext data block of the data page is abnormally written, the partial sector is successfully written into the file system of the operating system, and the data of the partial sector is not written into the file system, so that the data page cannot be correctly decrypted is avoided.
Further, the apparatus further comprises:
and the reading module is used for reading the current ciphertext data block from the sector when the ciphertext data block is abnormally written.
And the decryption module is used for decrypting the current ciphertext data block to obtain a second plaintext data block.
And the modification module is used for modifying the second plaintext data block according to the plaintext modification record of the data page.
And the writing module is used for encrypting the modified second plaintext data block and writing the encrypted second plaintext data block into the sector.
Further, the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
Further, the plaintext modification record of the data page at least comprises a specified offset, a modified byte number and modified new data.
The data writing device provided by the embodiment of the invention can execute the data writing method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of an apparatus according to a fourth embodiment of the present invention, as shown in fig. 4, the apparatus includes a processor 40, a memory 41, an input device 42, and an output device 43; the number of processors 40 in the device may be one or more, and one processor 40 is taken as an example in fig. 4; the processor 40, the memory 41, the input means 42 and the output means 43 in the device may be connected by a bus or other means, as exemplified by a bus connection in fig. 4.
The memory 41, which is a computer-readable storage medium, may be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the data writing method in the embodiment of the present invention (for example, the dividing module 31 and the encryption module 32 in the data writing method apparatus). The processor 40 executes various functional applications of the device and data processing, i.e., implements the above-described data writing method, by executing software programs, instructions, and modules stored in the memory 41.
The memory 41 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 41 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, memory 41 may further include memory located remotely from processor 40, which may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 42 is operable to receive input numeric or character information and to generate key signal inputs associated with user settings and function controls. The output device 43 may include a display device such as a display screen.
EXAMPLE five
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, where the computer-executable instructions are executed by a computer processor to perform a data writing method, and the method includes:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
and encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector.
Of course, the storage medium provided by the embodiment of the present invention includes computer-executable instructions, where the computer-executable instructions are not limited to the method operations described above, and may also perform related operations in the data writing method provided by any embodiment of the present invention.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which can be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the data writing device, the included units and modules are merely divided according to functional logic, but are not limited to the above division, as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing description is only exemplary of the invention and that the principles of the technology may be employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (8)

1. A method of writing data, comprising:
dividing the plaintext of a data page according to the size of a sector to obtain a first plaintext data block;
encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector;
when the ciphertext data block is abnormally written, reading the current ciphertext data block from the sector;
decrypting the current ciphertext data block to obtain a second plaintext data block;
modifying the second plaintext data block according to the plaintext modification record of the data page;
encrypting the modified second plaintext data block and writing the second plaintext data block into a sector;
the plaintext modification record of the data page comprises a specified offset, a modified byte number and modified new data, the specified offset is a modification position of the recorded data page, and the modified byte number is a byte length of the modified new data.
2. The method of claim 1, wherein the ciphertext data block has a length that is the same as a length of a corresponding first plaintext data block.
3. The method of claim 1, wherein the plaintext modification records for the data page include at least a specified offset, a modified number of bytes, and modified new data.
4. A data writing apparatus, comprising:
the dividing module is used for dividing the plaintext of the data page according to the size of the sector to obtain a first plaintext data block;
the encryption module is used for encrypting the first plaintext data block to obtain a ciphertext data block and writing the ciphertext data block into a sector;
the reading module is used for reading the current ciphertext data block from the sector when the ciphertext data block is abnormally written;
the decryption module is used for decrypting the current ciphertext data block to obtain a second plaintext data block;
the modification module is used for modifying the second plaintext data block according to the plaintext modification record of the data page;
the writing module is used for encrypting the modified second plaintext data block and writing the second plaintext data block into the sector;
the plaintext modification record of the data page comprises a specified offset, a modified byte number and modified new data, the specified offset is a modification position of the recorded data page, and the modified byte number is a byte length of the modified new data.
5. The apparatus of claim 4, wherein the length of the ciphertext data block is the same as the length of the corresponding first plaintext data block.
6. The apparatus of claim 4, wherein the plaintext modification records for the data page include at least a specified offset, a modified number of bytes, and modified new data.
7. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a storage device to store one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the data writing method of any one of claims 1-3.
8. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a data writing method according to any one of claims 1 to 3.
CN202010004465.XA 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium Active CN111222152B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010004465.XA CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010004465.XA CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111222152A CN111222152A (en) 2020-06-02
CN111222152B true CN111222152B (en) 2022-10-14

Family

ID=70831018

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010004465.XA Active CN111222152B (en) 2020-01-03 2020-01-03 Data writing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111222152B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112003859B (en) * 2020-08-21 2023-04-07 江苏徐工工程机械研究院有限公司 Data encryption method and device and data decryption method and device
US11196558B1 (en) * 2021-03-09 2021-12-07 Technology Innovation Institute Systems, methods, and computer-readable media for protecting cryptographic keys
CN115357295B (en) * 2022-10-21 2023-03-31 荣耀终端有限公司 System rollback method, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101288065A (en) * 2005-03-28 2008-10-15 德塔勒哥若公司 Non-invasive encryption for relational database management systems
CN102930224A (en) * 2012-10-19 2013-02-13 华为技术有限公司 Hard drive data write/read method and device
CN109145639A (en) * 2018-07-27 2019-01-04 北京北信源信息安全技术有限公司 File encrypting method, decryption method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100624691B1 (en) * 2004-09-09 2006-09-15 삼성전자주식회사 Apparatus and method for decryption processing of block encrypted data
CN104834835B (en) * 2015-05-13 2017-09-22 武汉大学 A kind of general digital rights protection method under windows platform
JP6789788B2 (en) * 2016-12-12 2020-11-25 株式会社メガチップス Memory device, controller, host device, data processing system, control program, memory device operation method and host device operation method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101288065A (en) * 2005-03-28 2008-10-15 德塔勒哥若公司 Non-invasive encryption for relational database management systems
CN102930224A (en) * 2012-10-19 2013-02-13 华为技术有限公司 Hard drive data write/read method and device
CN109145639A (en) * 2018-07-27 2019-01-04 北京北信源信息安全技术有限公司 File encrypting method, decryption method and device

Also Published As

Publication number Publication date
CN111222152A (en) 2020-06-02

Similar Documents

Publication Publication Date Title
CN111222152B (en) Data writing method, device, equipment and storage medium
US8479304B1 (en) Selectively protecting against chosen plaintext attacks in untrusted storage environments that support data deduplication
CN100403281C (en) Dynamic key based hardware data enciphering method and device thereof
CN109564553B (en) Multi-stage memory integrity method and apparatus
JP4648687B2 (en) Method and apparatus for encryption conversion in data storage system
US8281143B1 (en) Protecting against chosen plaintext attacks in untrusted storage environments that support data deduplication
CN102262721B (en) Data encryption for independent agency is changed
US20140129848A1 (en) Method and Apparatus for Writing and Reading Hard Disk Data
JP2019514147A (en) Method and apparatus for handling cryptographic change failure of ciphertext in a database
CN115146318B (en) Virtual disk safe storage method
CN113221171A (en) Encrypted file reading and writing method and device, electronic equipment and storage medium
CN110650191A (en) Data read-write method of distributed storage system
US9235532B2 (en) Secure storage of full disk encryption keys
US7904489B2 (en) Database unload/reload of partitioned tables
EP2998903B1 (en) System and method for robust full-drive encryption
CN110826099A (en) Safe storage method and system suitable for embedded real-time operating system
CN107861892B (en) Method and terminal for realizing data processing
US7401255B1 (en) Mechanisms for recovering data from a backup by comparing transformed data to identify altered memory blocks
KR20090019484A (en) Clip board security method
RU2580014C2 (en) System and method for changing mask of encrypted region during breakdown in computer system
KR100948386B1 (en) Apparatus and method for saving original data in computer system
US11861374B2 (en) Batch transfer of commands and data in a secure computer system
CN114329607A (en) Method for realizing transparent encryption and decryption of WAL log in PostgreSQL database
CN114239091B (en) Disk encryption method and system based on trusted chip
CN114969781A (en) Method, device, processor and computer readable storage medium for realizing customized encryption of machining program in numerical control system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant