CN113221197A - Automatic erasing method and device of disk data, storage medium and electronic equipment - Google Patents

Automatic erasing method and device of disk data, storage medium and electronic equipment Download PDF

Info

Publication number
CN113221197A
CN113221197A CN202110500755.8A CN202110500755A CN113221197A CN 113221197 A CN113221197 A CN 113221197A CN 202110500755 A CN202110500755 A CN 202110500755A CN 113221197 A CN113221197 A CN 113221197A
Authority
CN
China
Prior art keywords
data
erasing
erased
disk
storage server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110500755.8A
Other languages
Chinese (zh)
Inventor
刘永刚
席荣武
邱星
张兴龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huijun Technology Co ltd
Original Assignee
Beijing Huijun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huijun Technology Co ltd filed Critical Beijing Huijun Technology Co ltd
Priority to CN202110500755.8A priority Critical patent/CN113221197A/en
Publication of CN113221197A publication Critical patent/CN113221197A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosed embodiment relates to a method and a device for automatically erasing disk data, a storage medium and electronic equipment, which relate to the technical field of big data processing, and the method comprises the following steps: receiving a data erasing request comprising the data type of data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type; acquiring a unique identifier of a data storage server where the data to be erased are located, and deploying the erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment; and guiding the memory operating system through the pre-starting execution environment, and erasing the data to be erased stored on the disk and/or the disk array of the data storage server. The disclosed example embodiments improve data erasure efficiency.

Description

Automatic erasing method and device of disk data, storage medium and electronic equipment
Technical Field
The embodiment of the disclosure relates to the technical field of big data processing, in particular to an automatic erasing method of disk data, an automatic erasing device of disk data, a computer readable storage medium and an electronic device.
Background
Massive business data are stored on a server disk of the data center, data safety protection is particularly important when data are erased, and when the server disk reaches the end of a service cycle, the disk data are erased to ensure that the disk data cannot be recovered.
At present, the commonly adopted data erasing method is manual erasing, and the specific erasing process is as follows: firstly, a data erasing solution is integrated into a U disk, the data is erased through manual execution of commands through the U disk guidance on the machine room site, and the servers are operated one by one.
However, the above method cannot implement automatic erasing, resulting in low data erasing efficiency.
Therefore, it is desirable to provide a new method and apparatus for automatically erasing data from a disk.
It is to be noted that the information invented in the background section above is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
An object of the present disclosure is to provide an automatic erasing method of disk data, an automatic erasing apparatus of disk data, a computer-readable storage medium, and an electronic device, thereby overcoming, at least to some extent, the problem of low data erasing efficiency due to the limitations and disadvantages of the related art.
According to one aspect of the present disclosure, there is provided an automatic erasing method of disk data, including:
receiving a data erasing request comprising the data type of data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type;
acquiring a unique identifier of a data storage server where the data to be erased are located, and deploying the erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment;
and guiding the memory operating system through the pre-starting execution environment, and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
In an exemplary embodiment of the disclosure, after determining an erasing rule required for erasing the data to be erased according to the data type, the method for automatically erasing the disk data further includes:
judging whether a data storage server where the data to be erased are located is in a preset state or not; wherein the preset state is a shutdown state;
and when the data storage server is determined to be in the preset state, downloading a driving mirror image required by the data storage server for driving and storing the data to be erased through a pre-starting execution environment.
In an exemplary embodiment of the present disclosure, acquiring the unique identifier of the data storage server where the data to be erased is located includes:
and sending a unique identifier acquisition request to the data storage server, and receiving a unique identifier which is sent by the data storage server in response to the unique identifier acquisition request and is generated according to a server serial number, a server physical address and a server IP address.
In an exemplary embodiment of the present disclosure, the data type includes one or more of public data, secret data, confidential data, and confidential data;
determining an erasing rule required for erasing the data to be erased according to the data type, wherein the erasing rule comprises the following steps:
when the data type is public data, an erasing rule required for erasing the data to be erased is a first preset rule; wherein the first preset rule is based on erasing;
when the data type is secret data, the erasing rule required for erasing the data to be erased is a first preset rule and/or a second preset rule; wherein the second preset rule is deep erasing;
and when the data types are confidential data and absolute confidential data, the erasing rule required for erasing the data to be erased is a second preset rule.
In an exemplary embodiment of the present disclosure, booting the memory operating system through the pre-boot execution environment to erase data to be erased stored in a disk and/or a disk array of the data storage server, includes:
when the data type is public data and/or secret data, the memory operating system is guided through the pre-starting execution environment, and data to be erased stored on a disk and/or a disk array of the data storage server are rewritten by using preset random information so as to complete data erasing.
In an exemplary embodiment of the present disclosure, booting the memory operating system through the pre-boot execution environment to erase data to be erased stored in a disk and/or a disk array of the data storage server, further includes:
and when the data type is confidential data and/or absolute confidential data, the memory operating system is guided through the pre-boot execution environment, and deep erasing is performed on the data to be erased stored on the disk and/or the disk array of the data storage server by using a preset erasing algorithm.
In an exemplary embodiment of the present disclosure, the method for automatically erasing data from a disk further includes:
generating an erasure report according to the data erasure result of the disk and/or the disk array, and establishing a mapping relation between the erasure report and a server serial number of the data storage server;
and storing the mapping relation and the erasure report into a relational database, so that a server manager can check the erasure report according to the server serial number and the mapping relation, and analyze the reason of data erasure failure according to the erasure report.
In an exemplary embodiment of the present disclosure, after erasing data to be erased stored on a disk and/or a disk array of the data storage server, the method for automatically erasing disk data further includes:
calling out-of-band management to initialize the attribute information of the data storage server; wherein the attribute information comprises one or more of a user name, a user password and an access network.
According to one aspect of the present disclosure, there is provided an automatic erasing apparatus of disk data, comprising:
the erasing rule determining module is used for receiving a data erasing request comprising the data type of the data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type;
the erasing rule deployment module is used for acquiring the unique identifier of the data storage server where the data to be erased are located, and deploying the erasing rule to the memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment;
and the data erasing module is used for guiding the memory operating system through the pre-starting execution environment and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
According to an aspect of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method for automatically erasing data on a magnetic disk according to any one of the above.
According to an aspect of the present disclosure, there is provided an electronic device including:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to execute any one of the above described automatic erasing methods of disk data via execution of the executable instructions.
In one aspect, by receiving a data erasure request including a data type of data to be erased, in response to the data erasure request, determining an erasure rule required for erasing the data to be erased according to the data type; acquiring a unique identifier of a data storage server where data to be erased are located, and deploying an erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment; finally, the memory operating system is guided through the pre-starting execution environment to erase the data to be erased stored on the disk and/or the disk array of the data storage server, so that the automatic erasing of the data to be erased stored on the disk and/or the disk array is realized, the problem of low data erasing efficiency caused by the fact that the automatic erasing cannot be realized in the prior art is solved, and the data erasing efficiency is improved; on the other hand, the corresponding erasing rule can be determined according to the data type of the data to be erased, so that the problem that classified erasing cannot be performed due to the fact that the security level of the data not to be erased is divided in the prior art is solved; on the other hand, the memory operating system can be guided to erase the data to be erased through the pre-starting execution environment, so that the data can be erased without depending on a system of a server hard disk, the aim of completely erasing the data to be erased is fulfilled, and the safety of data erasing is further improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
Fig. 1 schematically shows a flowchart of a method for automatic erasure of disk data according to an example embodiment of the present disclosure.
FIG. 2 schematically illustrates a block diagram of an automatic erasure system of disk data, according to an example embodiment of the present disclosure.
Fig. 3 schematically illustrates a scene example diagram of automatic erasure of disk data according to an example embodiment of the present disclosure.
FIG. 4 schematically illustrates a flow chart of another method for automatic erasure of disk data according to an example embodiment of the present disclosure.
Fig. 5 schematically illustrates an example diagram of an erasure report according to an example embodiment of the present disclosure.
FIG. 6 schematically illustrates a flow chart of another method for automatic erasure of disk data, according to an example embodiment of the present disclosure.
FIG. 7 is a flow chart that schematically illustrates another method of automatically erasing disk data, in accordance with an exemplary embodiment of the present disclosure.
Fig. 8 schematically shows a block diagram of an apparatus for automatically erasing disk data according to an example embodiment of the present disclosure.
Fig. 9 schematically illustrates an electronic device for implementing the above-described automatic erasing method of disk data according to an exemplary embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
In some service data erasing schemes, disk data is not erased according to the importance and sensitivity of service data in a classified manner, so that the data erasing scene is single, the efficiency is low, and multiple scenes cannot be dealt with.
Based on this, in the present exemplary embodiment, first, an automatic erasing method for disk data is provided, and the method may be executed in a terminal device, a server cluster, a cloud server, or the like; of course, those skilled in the art may also operate the method of the present disclosure on other platforms as needed, which is not particularly limited in the exemplary embodiment. Referring to fig. 1, the method for automatically erasing data on a magnetic disk may include the following steps:
step S110, receiving a data erasing request comprising a data type of data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type;
s120, acquiring a unique identifier of a data storage server where the data to be erased are located, and deploying the erasure rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment;
and S130, guiding the memory operating system through the pre-starting execution environment, and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
In the automatic erasing method of the disk data, on one hand, by receiving a data erasing request including a data type of the data to be erased, in response to the data erasing request, an erasing rule required for erasing the data to be erased is determined according to the data type; acquiring a unique identifier of a data storage server where data to be erased are located, and deploying an erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment; finally, the memory operating system is guided through the pre-starting execution environment to erase the data to be erased stored on the disk and/or the disk array of the data storage server, so that the automatic erasing of the data to be erased stored on the disk and/or the disk array is realized, the problem of low data erasing efficiency caused by the fact that the automatic erasing cannot be realized in the prior art is solved, and the data erasing efficiency is improved; on the other hand, the corresponding erasing rule can be determined according to the data type of the data to be erased, so that the problem that classified erasing cannot be performed due to the fact that the security level of the data not to be erased is divided in the prior art is solved; on the other hand, the memory operating system can be guided to erase the data to be erased through the pre-starting execution environment, so that the data can be erased without depending on a system of a server hard disk, the aim of completely erasing the data to be erased is fulfilled, and the safety of data erasing is further improved.
Hereinafter, the automatic erasing method of the magnetic disk data according to the exemplary embodiment of the present disclosure will be explained and explained in detail with reference to the drawings.
First, terms referred to in example embodiments of the present disclosure are explained and explained.
PXE, Preboot execution Environment, which can support a workstation to download images from a remote server through a network, and thus support to start an operating system through the network, during the starting process, a terminal requires the server to allocate an IP address, and then a TFTP (Trivisual File Transfer Protocol) or MTFTP (Multi-case Trivisual File Transfer Protocol) is used to download a starting software package into a local memory for execution, and the starting software package completes the automatic basic software setting of a Client terminal, thereby guiding the terminal operating system pre-installed in the server. PXE can boot a variety of operating systems, such as: windows95, Windows98, Windows 2000, Windows 2003, Windows 2008, WinXP, Win7, Win8, Win10, Linux, and the like.
The BMC, the Baseboard Management Controller, is a Baseboard Management Controller, and can perform operations such as firmware upgrade, checking of machine devices, and the like on a machine in a state where the machine is not powered on.
OOB, out-of-band, centralized management of the room network devices (routers, switches, firewalls, etc.), server devices (minicomputers, servers, workstations), and the room power system is done through dedicated management channels independent of the data network.
The System comprises RAMOS, an RAM Operation System and a memory operating System, wherein the RAM is operated in the memory, and the System is independent of a hard disk after being started.
Next, the objects of the exemplary embodiments of the present disclosure are explained and explained. The technical scheme provided by the embodiment of the disclosure can realize efficient and automatic batch data erasure of the disks of the data center server through a whole set of disk data erasure scheme, deal with business multi-scene classification erasure, save labor cost, improve efficiency and ensure data security.
Further, an automatic erasing system of disk data according to an exemplary embodiment of the present disclosure is explained and illustrated. Referring to fig. 2, the automatic disk data erasing system may include a data destruction control center 210, a PXE server 220, and a data storage server 230; the PXE server is respectively connected with the service party and the data storage server through a network.
Specifically, the data destruction control center, which may also be referred to as a service side, may be configured to generate a data erasure request including a data type of data to be erased, and send the data erasure request to the PXE server, where the PXE server may be configured to implement the automatic erasure method for disk data described in the exemplary embodiment of the present disclosure, and the data storage server may be configured to store the data to be erased. The system for automatically erasing data on a magnetic disk may include a plurality of data storage servers, such as server1 (data storage server 1), server2 (data storage server 2), server3 (data storage server 3), and server4 (data storage server 4), and may specifically refer to fig. 3. The server1, the server2, the server3 and the server4 can respectively store data to be erased with different data types, for example, the server1 stores public data, the server2 stores secret data, the server3 stores secret data, and the server4 stores absolute secret data; of course, the data to be erased with the same data type may also be stored, and this example is not limited to this specifically.
In an automatic erasing method of disk data of an exemplary embodiment of the present disclosure:
in step S110, a data erasure request including a data type of data to be erased is received, and in response to the data erasure request, an erasure rule required for erasing the data to be erased is determined according to the data type.
In this exemplary embodiment, first, a data erasure request including a data type of data to be erased, which is sent by a service party, may be received; the service party may be, for example, a client where the data destruction control center is located, and after receiving the data erasure request, the PXE server determines, in response to the data erasure request, an erasure rule required for erasing the data to be erased according to the data type.
Wherein the data types include one or more of public data, secret data, confidential data, and confidential data; specifically, determining an erasing rule required for erasing the data to be erased according to the data type includes: when the data type is public data, an erasing rule required for erasing the data to be erased is a first preset rule; wherein the first preset rule is based on erasing; when the data type is secret data, the erasing rule required for erasing the data to be erased is a first preset rule and/or a second preset rule; wherein the second preset rule is deep erasing; and when the data types are confidential data and absolute confidential data, the erasing rule required for erasing the data to be erased is a second preset rule.
For example, public data refers to data which is disclosed or can be obtained through a public channel through a legal way, such as data which is abused, leaked, tampered, damaged and does not cause any adverse effect on company business and data main bodies, and the data can be shared and transferred through application;
the secret data refers to data which are allowed to be used by official staff or third parties and trainees who sign corresponding confidentiality agreements in a company within a specified range, such as misuse, leakage, tampering and damage, and can cause small negative influence on company business and data bodies, and reputation damage, economic loss or legal liability cannot be caused; the data transferred or transmitted can be shared under the real, minimum necessary and reasonable condition of the requirement;
confidential data refers to data that is used within a limited scope, such as misuse, disclosure, tampering, a major negative impact on a company, a data subject after being destroyed, reputation damage, economic loss, or subjecting the company to potential legal liability, and is limited to only those persons, users or employees involved in a specific business of the company or to a limited extent by company approval; the transferred or transmitted data can be shared only after meeting the requirements of compliance, contracts and company privacy protection systems and passing through corresponding approval processes of companies;
the confidential data refers to the data which is approved by a company data decision-making organization and is limited to be used by individual key personnel, direct work related personnel, users or employees or the minimum specific range, and comprises the most important confidentiality of the company, the future fate and the fundamental benefits of the development of the related company, such as abuse, leakage, tampering, and causing great negative influence on the company and data main bodies (users, employees, external data providers or the company itself and other bodies having legal rights on the data) after being damaged, reputation or reputation damage, great economic loss or the company can bear great legal responsibility; data sharing, transfer or transmission is prohibited principally for internal and external use.
That is, for public data and general secret data, a basic erasing rule can be adopted for erasing, and then erasing efficiency can be improved; of course, in order to further improve the security of the data, the secret data may also be erased by adopting a deep erase rule; further, for confidential data as well as for top-secret data, deep erasure rules must be employed to perform erasure to ensure complete erasure of the data. It should be further added that most of data in an enterprise belong to public data and general secret data, and the proportion of confidential data and secret data is very small, so that the automatic erasing method of disk data provided by the present disclosure can further improve the data erasing efficiency on the basis of ensuring the data security, and save the time cost for the enterprise.
In step S120, a unique identifier of the data storage server where the data to be erased is located is obtained, and the erasure rule is deployed to the memory operating system of the data storage server corresponding to the unique identifier through a pre-boot execution environment.
In this example embodiment, in order to deploy the erasure rule to the memory operating system through the pre-boot execution environment and the unique identifier of the data storage server, the unique identifier of the data storage server needs to be acquired first. Specifically, the process of acquiring the unique identifier may include: and sending a unique identifier acquisition request to the data storage server, and receiving a unique identifier which is sent by the data storage server in response to the unique identifier acquisition request and is generated according to a server serial number, a server physical address and a server IP address.
Specifically, after receiving the acquisition request, the data storage server may complete an automatic boot configuration of the unique identifier through the scheduling center, that is, perform binding of a server serial number-a server physical address (MAC address) and a server IP address, and further obtain and feed back the unique identifier to the PXE server. Wherein the content of the first and second substances,
the specific logic implementation of the partial server serial number-MAC address-IP address can be as follows:
Figure BDA0003056120710000101
it should be further added here that other ways to generate the unique identifier may also be adopted, and this example is not particularly limited thereto. And only under the condition that the unique identifier exists, the erasing rule can be deployed to the corresponding memory operating system, so that the whole data erasing process is completed.
Further, after the unique identifier is received, the erasing rule can be deployed to a memory operating system of the data storage server through the pre-starting execution environment and the unique identifier of the data storage server; the memory operating system may be, for example, ROMos, so that the subsequent erasing process can be completely run in the memory RAM without depending on a system of a hard disk of the data storage server, and thus, the data to be erased can be completely erased.
In step S130, the memory operating system is booted through the pre-boot execution environment, and the data to be erased stored in the disk and/or the disk array of the data storage server is erased.
In this exemplary embodiment, on one hand, when the data type is public data and/or secret data, the memory operating system is booted by the pre-boot execution environment, and data to be erased, which is stored on a disk and/or a disk array of the data storage server, is rewritten by using preset random information, so as to complete data erasure.
Wherein, the duplication principle (Overwriting) is specifically as follows: overwriting is to use information with a predefined meaningless and irregular format to overwrite the originally stored data on the hard disk, which is an effective and operable method of erasing data; if the data is completely overwritten "successfully", the data may be considered unrecoverable even if it is overwritten only once; meanwhile, because the data on the hard disk are stored in the form of binary 0 and 1, the original data of 0 or 1 cannot be known after the data are completely rewritten, and the purpose of erasing the data is achieved. Further, the related commands for the implementation of the carbon copy may be as follows:
Figure BDA0003056120710000111
Figure BDA0003056120710000121
on the other hand, when the data type is confidential data and/or absolute confidential data, the memory operating system is guided through the pre-boot execution environment, and deep erasing is performed on the data to be erased stored on the disk and/or the disk array of the data storage server by using a preset erasing algorithm.
The deep erasing is to erase the disk data by adopting professional erasing software, and the deep erasing can support various different types of disks, such as SATA interface HDD disks, SSD disks, SAS disks, NVMe disks and the like.
Relevant criteria for deep erase implementation may include: NIST Clear secure erase was used on the disks, which was specifically required to remove the hidden drive (HPA/DCO if present) by the National Institute of Standards and Technology Clear, and then to overwrite and validate the data.
Specifically, in the process of erasing data to be erased stored in a disk and/or a disk array, a PXE server performs a memory operating system through network boot, deletes the disk array from the disk through a tool script integrated with the above-mentioned erasing rule, and then erases data from a single physical disk; the basic erasing is used for erasing data of the disk for one time by a command, and the deep erasing automatically calls a professional erasing software tool to perform professional erasing of the disk.
FIG. 4 is a flow chart that schematically illustrates another method of automatically erasing disk data, in accordance with an exemplary embodiment of the present disclosure. Referring to fig. 4, the method for automatically erasing data on a magnetic disk may further include the following steps:
in step S410, an erasure report is generated according to the data erasure result of the disk and/or the disk array, and a mapping relationship between the erasure report and the server serial number of the data storage server is established;
in step S420, the mapping relationship and the erasure report are stored in a relational database, so that a server administrator can view the erasure report according to the server serial number and the mapping relationship, and analyze the reason of the data erasure failure according to the erasure report.
In the automatic disk data erasing method schematically illustrated in fig. 4, after the data storage server finishes erasing the disk data, the data erasing result may be sent to the PXE server, so that the PXE server automatically generates an erasing report according to the data erasing result and writes the erasing report in batch into the distributed cluster for later data analysis service call, where the distributed cluster may be an ElasticSearch cluster or other distributed clusters, and this example does not specially limit this; further, a mapping relationship between a server serial number corresponding to the data storage server and a disk erasure result of the data storage server may be established, and the disk erasure result and the mapping relationship are written into a relational database (for example, Mysql, or other relational databases, which is not particularly limited in this example) for storage, and report statistics is performed at a later stage, which is also convenient for a server administrator to check an erasure report, and analyze the reason of data erasure failure according to the erasure report, so as to repair the data storage server and/or the disk according to the analysis result.
The generated erasure report may specifically refer to fig. 5. In the erasure report shown in fig. 5, it may specifically include a Disk number (e.g., Disk: 1(1-1)), specific attribute information of the data storage server (e.g., server brand, server model, server serial number, server storage space, server bus, etc.), data erasure start time and end time, time taken for data erasure, data erasure rule, number of data erasures, and data erasure status (whether successfully erased or not, etc.).
Further, in order to facilitate secondary use of the disk and/or the disk array in the data storage server, the method for automatically erasing the disk data further includes: calling out-of-band management to initialize the attribute information of the data storage server; wherein the attribute information comprises one or more of a user name, a user password and an access network. Specifically, an out-of-band management module of the PXE server may be called to configure a baseboard management controller of the data storage server, so as to initialize a user name, a user password and a connection network in the data storage server, so as to facilitate subsequent use.
FIG. 6 is a flow chart that schematically illustrates another method of automatically erasing disk data, in accordance with an exemplary embodiment of the present disclosure. Referring to fig. 6, the method for automatically erasing data on a magnetic disk may further include the following steps:
in step S610, it is determined whether the data storage server where the data to be erased is located is in a preset state; wherein the preset state is a shutdown state;
in step S620, when it is determined that the data storage server is in the preset state, a drive mirror image required for driving the data storage server storing the data to be erased is downloaded through a pre-boot execution environment.
In the method for automatically erasing the disk data schematically shown in fig. 6, the PXE server may check the power-on/off state of the data storage server by means of out-of-band management, and if the PXE server is in the power-off state, the driver image is downloaded through the pre-boot execution environment. By the method, when the data storage server is in a shutdown state, data can be erased without depending on the current state of the server, so that efficient and automatic batch erasing of the data to be erased stored on the disk and/or the disk array in the data storage server is realized, multi-scene classification erasing can be dealt with, and the purposes of saving labor cost and improving erasing efficiency are achieved.
Hereinafter, the automatic erasing method of the disk data according to the exemplary embodiment of the present disclosure will be further explained and explained with reference to fig. 7. Specifically, referring to fig. 7, the method for automatically erasing data from a magnetic disk may include the following steps:
step S701, receiving a data erasing request and checking the state of a data storage server;
step S702, if the data storage server is in a closed state, downloading a drive mirror image, determining an erasing rule according to the data type, and deploying the erasing rule to a memory operating system of the data storage server through a pre-starting execution environment;
step S703, the memory operating system is guided to erase the data to be erased stored in the disk and/or the disk array through the pre-boot execution environment, and an erase report is generated according to the erase result;
step S704, storing the erasure report, and calling out-of-band management to initialize the attribute information of the data storage server;
step S705, shutdown is performed on the server through the pre-boot execution environment.
Based on the above-mentioned recorded solutions, it can be known that the automatic erasing method for disk data provided in the exemplary embodiment of the present disclosure implements online batch automatic erasing by booting the data storage server through the pre-boot execution environment, and can also implement data erasing support to a scene according to the data security level (data type); and by loading the memory operating system, the system which does not depend on the hard disk of the data storage server is started, and all the physical hard disks of the data storage server are directly operated, so that the very thorough and safe erasing is realized.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
The present disclosure also provides an automatic erasing device for disk data. Referring to fig. 8, the apparatus for automatically erasing data on a disk may include an erase rule determining module 810, an erase rule deploying module 820, and a data erasing module 830. Wherein:
the erasure rule determining module 810 can be configured to receive a data erasure request including a data type of data to be erased, and determine, in response to the data erasure request, an erasure rule required for erasing the data to be erased according to the data type;
the erasure rule deployment module 820 may be configured to obtain a unique identifier of a data storage server where the data to be erased is located, and deploy the erasure rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-boot execution environment;
the data erasing module 830 may be configured to boot the memory operating system through the pre-boot execution environment, and erase data to be erased stored in a disk and/or a disk array of the data storage server.
In an exemplary embodiment of the present disclosure, the automatically erasing of the disk data further includes:
the server state judgment module can be used for judging whether the data storage server where the data to be erased is located is in a preset state; wherein the preset state is a shutdown state;
and the drive image downloading module can be used for downloading the drive image required by the data storage server for driving and storing the data to be erased through a pre-starting execution environment when the data storage server is determined to be in the preset state.
In an exemplary embodiment of the present disclosure, acquiring the unique identifier of the data storage server where the data to be erased is located includes:
the unique identifier obtaining module may be configured to send a unique identifier obtaining request to the data storage server, and receive a unique identifier, which is sent by the data storage server in response to the unique identifier obtaining request and is generated according to a server serial number, a server physical address, and a server IP address.
In an exemplary embodiment of the present disclosure, the data type includes one or more of public data, secret data, confidential data, and confidential data;
determining an erasing rule required for erasing the data to be erased according to the data type, wherein the erasing rule comprises the following steps:
when the data type is public data, an erasing rule required for erasing the data to be erased is a first preset rule; wherein the first preset rule is based on erasing;
when the data type is secret data, the erasing rule required for erasing the data to be erased is a first preset rule and/or a second preset rule; wherein the second preset rule is deep erasing;
and when the data types are confidential data and absolute confidential data, the erasing rule required for erasing the data to be erased is a second preset rule.
In an exemplary embodiment of the present disclosure, booting the memory operating system through the pre-boot execution environment to erase data to be erased stored in a disk and/or a disk array of the data storage server, includes:
when the data type is public data and/or secret data, the memory operating system is guided through the pre-starting execution environment, and data to be erased stored on a disk and/or a disk array of the data storage server are rewritten by using preset random information so as to complete data erasing.
In an exemplary embodiment of the present disclosure, booting the memory operating system through the pre-boot execution environment to erase data to be erased stored in a disk and/or a disk array of the data storage server, further includes:
and when the data type is confidential data and/or absolute confidential data, the memory operating system is guided through the pre-boot execution environment, and deep erasing is performed on the data to be erased stored on the disk and/or the disk array of the data storage server by using a preset erasing algorithm.
In an exemplary embodiment of the present disclosure, the apparatus for automatically erasing data on a disk further includes:
the mapping relation establishing module can be used for generating an erasing report according to a data erasing result of the disk and/or the disk array and establishing a mapping relation between the erasing report and a server serial number of the data storage server;
and the erasure report storage module can be used for storing the mapping relation and the erasure report to a relational database, so that a server manager can check the erasure report according to the server serial number and the mapping relation and analyze the reason of data erasure failure according to the erasure report.
In an exemplary embodiment of the present disclosure, the automatically erasing and transposing of the disk data further includes:
the data storage server initialization module can be used for calling out-of-band management to initialize the attribute information of the data storage server; wherein the attribute information comprises one or more of a user name, a user password and an access network.
The specific details of each module in the above automatic erasing apparatus for disk data have been described in detail in the corresponding automatic erasing method for disk data, and therefore are not described herein again.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
In an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 900 according to this embodiment of the disclosure is described below with reference to fig. 9. The electronic device 900 shown in fig. 9 is only an example and should not bring any limitations to the functionality or scope of use of the embodiments of the present disclosure.
As shown in fig. 9, the electronic device 900 is embodied in the form of a general purpose computing device. Components of electronic device 900 may include, but are not limited to: the at least one processing unit 910, the at least one storage unit 920, a bus 930 connecting different system components (including the storage unit 920 and the processing unit 910), and a display unit 940.
Wherein the storage unit stores program code that is executable by the processing unit 910 to cause the processing unit 910 to perform steps according to various exemplary embodiments of the present disclosure described in the above section "exemplary method" of the present specification. For example, the processing unit 910 may execute step S110 as shown in fig. 1: receiving a data erasing request comprising the data type of data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type; step S120: acquiring a unique identifier of a data storage server where the data to be erased are located, and deploying the erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment; step S130: and guiding the memory operating system through the pre-starting execution environment, and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
The storage unit 920 may include a readable medium in the form of a volatile storage unit, such as a random access memory unit (RAM)9201 and/or a cache memory unit 9202, and may further include a read only memory unit (ROM) 9203.
Storage unit 920 may also include a program/utility 9204 having a set (at least one) of program modules 9205, such program modules 9205 including but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 930 can be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 900 may also communicate with one or more external devices 1000 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 900, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 900 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interface 950. Also, the electronic device 900 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet) via the network adapter 960. As shown, the network adapter 960 communicates with the other modules of the electronic device 900 via the bus 930. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 900, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the "exemplary methods" section above of this specification, when the program product is run on the terminal device.
According to the program product for implementing the above method of the embodiments of the present disclosure, it may employ a portable compact disc read only memory (CD-ROM) and include program codes, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
Furthermore, the above-described figures are merely schematic illustrations of processes included in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (11)

1. An automatic erasing method of disk data, characterized by comprising:
receiving a data erasing request comprising the data type of data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type;
acquiring a unique identifier of a data storage server where the data to be erased are located, and deploying the erasing rule to a memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment;
and guiding the memory operating system through the pre-starting execution environment, and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
2. The automatic erasing method of magnetic disk data according to claim 1, wherein after determining an erasing rule required for erasing said data to be erased according to said data type, said automatic erasing method of magnetic disk data further comprises:
judging whether a data storage server where the data to be erased are located is in a preset state or not; wherein the preset state is a shutdown state;
and when the data storage server is determined to be in the preset state, downloading a driving mirror image required by the data storage server for driving and storing the data to be erased through a pre-starting execution environment.
3. The method according to claim 1, wherein obtaining the unique identifier of the data storage server where the data to be erased is located comprises:
and sending a unique identifier acquisition request to the data storage server, and receiving a unique identifier which is sent by the data storage server in response to the unique identifier acquisition request and is generated according to a server serial number, a server physical address and a server IP address.
4. The method of claim 1, wherein the data type includes one or more of public data, secret data, and confidential data;
determining an erasing rule required for erasing the data to be erased according to the data type, wherein the erasing rule comprises the following steps:
when the data type is public data, an erasing rule required for erasing the data to be erased is a first preset rule; wherein the first preset rule is based on erasing;
when the data type is secret data, the erasing rule required for erasing the data to be erased is a first preset rule and/or a second preset rule; wherein the second preset rule is deep erasing;
and when the data types are confidential data and absolute confidential data, the erasing rule required for erasing the data to be erased is a second preset rule.
5. The method according to claim 4, wherein booting the memory operating system through the pre-boot execution environment to erase the data to be erased stored on the disk and/or disk array of the data storage server includes:
when the data type is public data and/or secret data, the memory operating system is guided through the pre-starting execution environment, and data to be erased stored on a disk and/or a disk array of the data storage server are rewritten by using preset random information so as to complete data erasing.
6. The method according to claim 4, wherein the pre-boot execution environment boots the memory operating system to erase data to be erased stored on the disk and/or disk array of the data storage server, and further comprising:
and when the data type is confidential data and/or absolute confidential data, the memory operating system is guided through the pre-boot execution environment, and deep erasing is performed on the data to be erased stored on the disk and/or the disk array of the data storage server by using a preset erasing algorithm.
7. The method of automatically erasing data from a magnetic disk of claim 1, further comprising:
generating an erasure report according to the data erasure result of the disk and/or the disk array, and establishing a mapping relation between the erasure report and a server serial number of the data storage server;
and storing the mapping relation and the erasure report into a relational database, so that a server manager can check the erasure report according to the server serial number and the mapping relation, and analyze the reason of data erasure failure according to the erasure report.
8. The method according to claim 1, wherein after erasing data to be erased stored on the disk and/or disk array of the data storage server, the method further comprises:
calling out-of-band management to initialize the attribute information of the data storage server; wherein the attribute information comprises one or more of a user name, a user password and an access network.
9. An apparatus for automatically erasing data from a magnetic disk, comprising:
the erasing rule determining module is used for receiving a data erasing request comprising the data type of the data to be erased, responding to the data erasing request, and determining an erasing rule required for erasing the data to be erased according to the data type;
the erasing rule deployment module is used for acquiring the unique identifier of the data storage server where the data to be erased are located, and deploying the erasing rule to the memory operating system of the data storage server corresponding to the unique identifier through a pre-starting execution environment;
and the data erasing module is used for guiding the memory operating system through the pre-starting execution environment and erasing the data to be erased stored on the disk and/or the disk array of the data storage server.
10. A computer-readable storage medium on which a computer program is stored, the computer program, when being executed by a processor, implementing the automatic erasure method of magnetic disk data according to any one of claims 1 to 8.
11. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of automatically erasing disk data of any of claims 1-8 via execution of the executable instructions.
CN202110500755.8A 2021-05-08 2021-05-08 Automatic erasing method and device of disk data, storage medium and electronic equipment Pending CN113221197A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110500755.8A CN113221197A (en) 2021-05-08 2021-05-08 Automatic erasing method and device of disk data, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110500755.8A CN113221197A (en) 2021-05-08 2021-05-08 Automatic erasing method and device of disk data, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN113221197A true CN113221197A (en) 2021-08-06

Family

ID=77094087

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110500755.8A Pending CN113221197A (en) 2021-05-08 2021-05-08 Automatic erasing method and device of disk data, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN113221197A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114816269A (en) * 2022-05-31 2022-07-29 苏州浪潮智能科技有限公司 Method, device, system, server and medium for erasing server data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006024078A (en) * 2004-07-09 2006-01-26 Konica Minolta Photo Imaging Inc Erasing program and recording medium
WO2008117467A1 (en) * 2007-03-27 2008-10-02 Mitsubishi Electric Corporation Secret information storage device, secret information erasing method, and secret information erasing program
CN105934751A (en) * 2014-01-30 2016-09-07 惠普发展公司,有限责任合伙企业 Data erasure of a target device
CN109214204A (en) * 2018-07-13 2019-01-15 深圳大普微电子科技有限公司 Data processing method and storage equipment
CN112269547A (en) * 2020-10-26 2021-01-26 武汉轻工大学 Active and controllable hard disk data deleting method and device without operating system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006024078A (en) * 2004-07-09 2006-01-26 Konica Minolta Photo Imaging Inc Erasing program and recording medium
WO2008117467A1 (en) * 2007-03-27 2008-10-02 Mitsubishi Electric Corporation Secret information storage device, secret information erasing method, and secret information erasing program
CN105934751A (en) * 2014-01-30 2016-09-07 惠普发展公司,有限责任合伙企业 Data erasure of a target device
CN109214204A (en) * 2018-07-13 2019-01-15 深圳大普微电子科技有限公司 Data processing method and storage equipment
CN112269547A (en) * 2020-10-26 2021-01-26 武汉轻工大学 Active and controllable hard disk data deleting method and device without operating system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王雪飞 等: "基于PXE的数据擦除系统研究及其在军事领域中的应用", 《微型机与应用》, vol. 36, no. 02, 14 February 2017 (2017-02-14), pages 1 - 4 *
郁红英 等: "机载信息系统存储安全问题研究", 《北京信息科技大学学报(自然科学版)》, vol. 27, no. 04, 15 August 2012 (2012-08-15), pages 56 - 58 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114816269A (en) * 2022-05-31 2022-07-29 苏州浪潮智能科技有限公司 Method, device, system, server and medium for erasing server data
CN114816269B (en) * 2022-05-31 2024-06-21 苏州浪潮智能科技有限公司 Method, device, system, server and medium for erasing server data

Similar Documents

Publication Publication Date Title
US10616194B2 (en) Secure data destruction in a distributed environment using key protection mechanisms
CN110727954B (en) Data authorization desensitization automation method, device and storage medium
US10178077B2 (en) Preventing persistent storage of cryptographic information using signaling
CN105556478A (en) Systems and methods for protecting virtual machine data
KR102195344B1 (en) Security system and method for computer using usb storage medium
CN105453102A (en) Systems and methods for identifying private keys that have been compromised
US20220398321A1 (en) Data management
TWI737172B (en) Computer system, computer program product and computer implement method for incremental decryption and integrity verification of a secure operating system image
CN104484625A (en) Computer with dual operating systems and implementation method thereof
US10645073B1 (en) Systems and methods for authenticating applications installed on computing devices
US20230334127A1 (en) System and method for protecting software licensing information via a trusted platform module
US10223538B1 (en) Preventing persistent storage of cryptographic information
CN109582238B (en) Hard disk binding and matching method and system, electronic equipment and storage medium
CN113221197A (en) Automatic erasing method and device of disk data, storage medium and electronic equipment
US20190278918A1 (en) Protecting cognitive code and client data in a public cloud via deployment of data and executables into a secure partition with persistent data
US10685106B2 (en) Protecting cognitive code and client data in a public cloud via deployment of data and executables into a stateless secure partition
US10203944B1 (en) Systems and methods for dynamically customizing software programs
CN101088094B (en) Protecting privacy of networked devices containing management subsystems
CN113721837A (en) BIOS-based storage medium information elimination method and device
US11182492B2 (en) Secure portable data apparatus
JP2018139025A (en) Data erasing method, data erasing program, computer with data erasing program and data erasing management server
CN110197071B (en) Boot sector data processing method and device, computer storage medium and electronic equipment
EP4147149A1 (en) Systems and methods for identifying software vulnerabilities in embedded device firmware
US11392704B2 (en) Apparatus for LAN booting environment-based file security and centralization, method therefor, and computer-readable recording medium on which program for performing same method is recorded
CN114692229B (en) Hard disk unauthorized access detection method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination