CN114091084A - Encryption storage control system and method based on multi-core processor safety solid state disk - Google Patents
Encryption storage control system and method based on multi-core processor safety solid state disk Download PDFInfo
- Publication number
- CN114091084A CN114091084A CN202111443706.1A CN202111443706A CN114091084A CN 114091084 A CN114091084 A CN 114091084A CN 202111443706 A CN202111443706 A CN 202111443706A CN 114091084 A CN114091084 A CN 114091084A
- Authority
- CN
- China
- Prior art keywords
- user
- disk
- module
- encryption
- rnd
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses an encryption storage control system and method based on a multi-core processor secure solid state disk, wherein the system comprises a secure SSD algorithm matching module, a main boot record reading module, a secure start control module and a configuration management module; the safety SSD algorithm matching module provides encryption algorithm support for full-disk safety strategy calling and data protection; the safety starting control module is used for controlling and obtaining a safety SSD algorithm matched module to generate an SM2 secret key pair PK | SK and generate a user Rnd, and SK 'is generated after MKey protection SK and packed together with the user Rnd into SK' | PK | Rnd for storage. The invention solves the defects of low efficiency and weak safety of the traditional software encryption storage scheme, the full disk encryption scheme is weakly coupled with the BIOS of the main board, a BIOS manufacturer is not required to participate in the design of the safety scheme, and the full disk encryption scheme can be freely adapted in various domestic platforms.
Description
Technical Field
The invention relates to the technical field of storage, in particular to an encryption storage control system and method based on a multi-core processor secure solid state disk.
Background
The solid State disk (ssd) is mainly composed of a hard disk control chip and a memory chip, and the electronic device performs read/write operations in a block write and erase manner to store data by using the conventional NAND Flash characteristics. The solid state disk based on the flash memory particles has the characteristics of low power consumption, small volume, high performance, high stability and the like, and is widely applied to the fields of military, industrial control, electric power, medical treatment, aviation, consumer electronics and the like.
With the rapid development of new-generation information technology, the potential safety problems in the field of data storage are more and more serious, so that the design, development and application of a high-performance safe solid-state storage module become a very important core technology breakthrough point in the problems of the related technologies and products of the solid-state hard disk in China which are urgently needed to be solved.
The existing data encryption storage technology has some defects or shortcomings:
1. and the encryption storage of the user data is realized by adopting application software on the operating system level. The soft-realized cryptographic algorithm has low performance, and data leakage is easy to occur when the operating system shares the memory of the host during multi-process calling, so that great potential safety hazard exists;
2. although the storage encryption is realized by hardware, the security scheme is deeply bound with the BIOS of the host machine, and a security authentication firmware needs to be implanted into the BIOS in the starting stage, so that high-security-level authentication login based on an asymmetric algorithm is difficult to realize, and meanwhile, the scheme is not beneficial to the cross-platform transplantation and use of the solid state disk, so that the product popularization is limited;
3. the encryption and decryption technology used by many solid state disks still adopts TCG Opal scheme and AES algorithm, and does not adopt commercial cipher algorithm independently developed in China;
4. most solid state disk encryption technologies can only encrypt user data partitions, and cannot effectively and safely implement full disk encryption technologies including system partitions.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides an encryption storage control system and method based on a multi-core processor secure solid state disk.
The purpose of the invention is realized by the following technical scheme:
the encryption storage control system based on the multi-core processor secure solid state disk comprises a secure SSD algorithm allocation module, a main boot record reading module, a secure start control module and a configuration management module;
the safety SSD algorithm matching module is used for providing SM2, SM3 and SM4 algorithm support of the national secret standard for full disk safety strategy calling and data protection;
the master boot record reading module is used for starting equipment hardware self-checking by a BIOS (basic input/output system) after the safe solid-state disk is electrified, and acquiring a corresponding master boot record MBR according to a boot sequence after the equipment hardware self-checking is finished;
the safety starting control module is used for controlling and obtaining a safety SSD algorithm matched module to generate an SM2 secret key pair PK | SK and generate a user Rnd, and SK 'is generated after MKey protection SK and packed together with the user Rnd into SK' | PK | Rnd for storage;
the configuration management module is used for carrying out partition management, user configuration and user login on the hard disk after the Boot OS is started.
Furthermore, the configuration management module comprises a partition management unit, a user configuration unit and a user login unit, wherein the function of the user configuration unit is enabled after the administrator logs in, the addition and deletion operations are carried out on the ordinary user, the user authority is required to be configured when the user is added, the hard disk space accessible to the user is appointed, and the user login function supports the login of a legal user and acquires the corresponding space use authority.
Further, the configuration management module directly starts the User OS after the User successfully logs in the Boot OS, and finishes automatic loading after the User OS is successfully started; the configuration management module under the User OS only has a User login function and supports User login and logout operations; after the User successfully enters the User OS, various normal operations can be executed; after the operation is finished, the user should log out in the configuration management module in time and clear the corresponding authority; after the user logs out, the configuration management module supports any legal user to log in, enables corresponding user authority after other users log in, and displays corresponding storage space.
Further, the partition management unit partitions the disk, generates a work key WK required by each partition, and stores the work key WK after the work key WK is protected by the PK.
Further, the controller also comprises NorFlash externally hung on a controller security chip; the NorFlash is used for storing the work key WK protected by the PK and the packed SK' | PK | Rnd.
Further, the SM2 algorithm of the national encryption standard is used for encrypting a protection root key; the SM3 algorithm is used for deriving a root key after random scrambling of a user password; the SM4 is used to encrypt and protect private keys, store data encryption and decryption.
Further, the encryption storage control method of the encryption storage control system based on the multi-core processor secure solid state disk comprises the following steps:
step 1: a User at a host end inputs a User ID and a PWD at a User OS stage, and at the moment, a security chip in the security SSD controller generates an SM2 key pair PK | SK and generates a User Rnd; after the SK is protected by the MKey, SK ' is generated and packed together with the user Rnd to be SK ' | PK | Rnd, and the SK ' | PK | Rnd is written into a Norflash plug-in controller security chip to be stored;
step 2: the configuration management module is used for partitioning a disk and generating a work key WK required by each partition, and the WK is protected by PK and then is stored in NorFlash hung on a Sec CPU;
and step 3: managing user information and disk numbers through a configuration management module, and opening access rights of corresponding disk spaces for different system users; configuring a work key WK to a key space used by a data encryption and decryption channel of a secure solid-state storage control chip, and encrypting and storing the WK corresponding to a frame index with effective data after SATA bus data is processed by a front-end protocol stack of the secure solid-state storage control chip; during reading, after the ciphertext of the FTL processing module is decrypted, the restored frame and the plaintext flow to the protocol processing module.
The invention has the beneficial effects that: based on a home-made SSD control chip, an autonomous controllable technical path of nationwide production of hardware, a cryptographic algorithm, a security firmware and an adaptive operating system software is realized. The defects of low efficiency and weak safety of the traditional software encryption storage scheme are overcome, the full disk encryption scheme is weakly coupled with the BIOS of the main board, a BIOS manufacturer is not required to participate in the design of the safety scheme, and the full disk encryption scheme can be freely adapted in various domestic platforms. Based on a login mechanism which is provided with identity division and is authenticated by SM2 algorithm security authentication of Boot OS + User OS, the system has very high disk level security control capability; the configuration management module developed independently is friendly in interface, simple to operate, convenient to transplant across platforms and high in expandability. The real full disk encryption strategy is matched with a hardware-level one-key rapid destruction function in an emergency state, and the data security is perfectly protected.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1 is a schematic block diagram of the system of the present invention.
FIG. 2 is a flow diagram of a secure solid state disk state jump.
Fig. 3 is a general execution flow diagram of a secure solid state disk.
Fig. 4 is a flow chart of secure solid state drive boot control.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this embodiment, as shown in fig. 1, the encryption storage control system based on the multi-core processor secure solid state disk includes a secure SSD algorithm allocation module, a master boot record reading module, a secure start control module, and a configuration management module;
the safety SSD algorithm matching module is used for providing SM2, SM3 and SM4 algorithm support of the national secret standard for full disk safety strategy calling and data protection;
the master boot record reading module is used for starting equipment hardware self-checking by a BIOS (basic input/output system) after the safe solid-state disk is electrified, and acquiring a corresponding master boot record MBR according to a boot sequence after the equipment hardware self-checking is finished;
the safety starting control module is used for controlling and obtaining a safety SSD algorithm matched module to generate an SM2 secret key pair PK | SK and generate a user Rnd, and SK 'is generated after MKey protection SK and packed together with the user Rnd into SK' | PK | Rnd for storage;
the configuration management module is used for carrying out partition management, user configuration and user login on the hard disk after the Boot OS is started.
Furthermore, the configuration management module comprises a partition management unit, a user configuration unit and a user login unit, wherein the function of the user configuration unit is enabled after the administrator logs in, the addition and deletion operations are carried out on the ordinary user, the user authority is required to be configured when the user is added, the hard disk space accessible to the user is appointed, and the user login function supports the login of a legal user and acquires the corresponding space use authority.
Further, the configuration management module directly starts the User OS after the User successfully logs in the Boot OS, and finishes automatic loading after the User OS is successfully started; the configuration management module under the User OS only has a User login function and supports User login and logout operations; after the User successfully enters the User OS, various normal operations can be executed; after the operation is finished, the user should log out in the configuration management module in time and clear the corresponding authority; after the user logs out, the configuration management module supports any legal user to log in, enables corresponding user authority after other users log in, and displays corresponding storage space.
Further, the partition management unit partitions the disk, generates a work key WK required by each partition, and stores the work key WK after the work key WK is protected by the PK.
Further, the controller also comprises NorFlash externally hung on a controller security chip; the NorFlash is used for storing the work key WK protected by the PK and the packed SK' | PK | Rnd.
Further, the SM2 algorithm of the national encryption standard is used for encrypting a protection root key; the SM3 algorithm is used for deriving a root key after random scrambling of a user password; the SM4 is used to encrypt and protect private keys, store data encryption and decryption.
In this embodiment, as shown in fig. 2, the SSD state jumping process of the secure solid state disk in this scheme is as follows.
Factory preparation:
when the safe solid state disk leaves a factory, a boot OS is installed, and a configuration management tool is installed in the front-end system; installing the Sec firmware, initializing an administrator and configuring a factory default password;
user configuration:
after the user takes the secure solid-state disk, the user logs in through a default administrator password, and performs hard disk partitioning, installs a user operating system and creates a common user through a configuration management tool in the boot OS. In the disk partition, user creation binding, and partition encryption processes, the SecCPU symmetrically encrypts each disk partition by using the corresponding WK according to the security policy shown in fig. 4. After the user system installation and the user creation are completed, the secure solid state disk enters a shutdown/entire disk secret state of a left 1 in fig. 2;
the user uses:
after the user is powered on again, the secure solid-state disk enters a Boot OS/whole disk secret state of the left 2 of the figure 2, after a configuration management tool interface of the Boot OS inputs a correct user name and a correct password, the user successfully logs in an operating system, the SecCPU obtains a disk partition corresponding to WK decryption in the user authority, at the moment, the user can access the disk partition in the user authority, and other partitions are invisible. The secure solid state disk enters a "User OS/User area bright state" shown in the right 2 of fig. 2; when the User logs out, the configuration management tool takes over the User interface, the SecCPU clears the User WK, and all disk partitions are in a ciphertext state, such as a User OS/whole disk ciphertext state shown in a right 1 of FIG. 2; when the User OS is logged in and logged out, the secure solid state disk is powered off, and both the states enter a shutdown/entire disk secret state shown in the left 1 of FIG. 2.
In the present embodiment, as shown in fig. 3, the execution flow of the control system is as follows:
1. powering up;
2. BIOS starts the hardware self-check of the equipment;
3. reading MBR; if the OS is firstly entered after the power is on, entering a Boot OS for authentication, and returning to the previous step; if the Boot OS is authenticated, entering a User OS;
4. entering a configuration management module for management and control;
5. the configuration management module exits from the user; after exiting, the user can perform user authentication again in the configuration management module and then enter the configuration management module for management and control;
6. and powering down.
In this embodiment, as shown in fig. 4 (where authkey shown by a dotted line is a policy option, and if necessary, Usb peripherals can be flexibly configured and driven in a boot OS stage), the encryption storage control method for the encryption storage control system based on the secure solid state disk with the multi-core processor includes the following steps:
step 1: a User at a host end inputs a User ID and a PWD at a User OS stage, and at the moment, a security chip in the security SSD controller generates an SM2 key pair PK | SK and generates a User Rnd; after the SK is protected by the MKey, SK ' is generated and packed together with the user Rnd to be SK ' | PK | Rnd, and the SK ' | PK | Rnd is written into a Norflash plug-in controller security chip to be stored;
step 2: the configuration management module is used for partitioning a disk and generating a work key WK required by each partition, and the WK is protected by PK and then is stored in NorFlash hung on a Sec CPU;
and step 3: managing user information and disk numbers through a configuration management module, and opening access rights of corresponding disk spaces for different system users; configuring a work key WK to a key space used by a data encryption and decryption channel of a secure solid-state storage control chip, and encrypting and storing the WK corresponding to a frame index with effective data after SATA bus data is processed by a front-end protocol stack of the secure solid-state storage control chip; during reading, after the ciphertext of the FTL processing module is decrypted, the restored frame and the plaintext flow to the protocol processing module.
On the basis of an autonomously developed high-performance disk control processor, the invention adopts a multi-core embedded CPU technology and innovatively realizes the safety encryption solid-state storage control function on the basis of realizing SATA interface control of a front-end host, FTL management control at the rear end and health control of a disk control level.
The invention is based on a home-made SSD control chip, and realizes an autonomous controllable technical path from nationwide production of hardware, cryptographic algorithm, security firmware and adaptive operating system software. The defects of low efficiency and weak safety of the traditional software encryption storage scheme are overcome, the full disk encryption scheme is weakly coupled with the BIOS of the main board, a BIOS manufacturer is not required to participate in the design of the safety scheme, and the full disk encryption scheme can be freely adapted in various domestic platforms. Based on a login mechanism which is provided with identity division and is authenticated by SM2 algorithm security authentication of Boot OS + User OS, the system has very high disk level security control capability; the configuration management module developed independently is friendly in interface, simple to operate, convenient to transplant across platforms and high in expandability. The real full disk encryption strategy is matched with a hardware-level one-key rapid destruction function in an emergency state, and the data security is perfectly protected.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts or combinations, but those skilled in the art should understand that the present application is not limited by the order of acts described, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and elements referred to are not necessarily required in this application.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a ROM, a RAM, etc.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (7)
1. The encryption storage control system based on the multi-core processor secure solid state disk is characterized by comprising a secure SSD algorithm allocation module, a main boot record reading module, a secure start control module and a configuration management module;
the safety SSD algorithm matching module is used for providing SM2, SM3 and SM4 algorithm support of the national secret standard for full disk safety strategy calling and data protection;
the master boot record reading module is used for starting equipment hardware self-checking by a BIOS (basic input/output system) after the safe solid-state disk is electrified, and acquiring a corresponding master boot record MBR according to a boot sequence after the equipment hardware self-checking is finished;
the safety starting control module is used for controlling and obtaining a safety SSD algorithm matched module to generate an SM2 secret key pair PK | SK and generate a user Rnd, and SK 'is generated after MKey protection SK and packed together with the user Rnd into SK' | PK | Rnd for storage;
the configuration management module is used for carrying out partition management, user configuration and user login on the hard disk after the Boot OS is started.
2. The encryption storage control system based on the multicore processor secure solid state disk according to claim 1, wherein the configuration management module includes a partition management unit, a user configuration unit and a user login unit, the user configuration unit function is enabled after the administrator logs in, the addition and deletion operations are performed on the ordinary user, when the user is added, the user authority needs to be configured, the hard disk space accessible to the user is designated, and the user login function supports the login of a legal user to obtain the corresponding space usage authority.
3. The encryption storage control system based on the multicore processor secure solid state disk of claim 2, wherein the configuration management module directly starts the User OS after the User logs in successfully on the Boot OS, and finishes automatic loading after the User OS is started successfully; the configuration management module under the User OS only has a User login function and supports User login and logout operations; after the User successfully enters the User OS, various normal operations can be executed; after the operation is finished, the user should log out in the configuration management module in time and clear the corresponding authority; after the user logs out, the configuration management module supports any legal user to log in, enables corresponding user authority after other users log in, and displays corresponding storage space.
4. The encryption storage control system based on the multicore processor secure solid state disk of claim 2, wherein the partition management unit partitions the disk and generates a work key WK required by each partition, and the WK is protected by PK and then stored.
5. The encrypted storage control system based on the secure solid state disk of the multi-core processor according to claim 1, further comprising NorFlash externally attached to the secure chip of the controller; the NorFlash is used for storing the work key WK protected by the PK and the packed SK' | PK | Rnd.
6. The encrypted storage control system based on the secure solid state disk with the multi-core processor as claimed in claim 1, wherein the SM2 algorithm of the national encryption standard is used for encrypting a protection root key; the SM3 algorithm is used for deriving a root key after random scrambling of a user password; the SM4 is used to encrypt and protect private keys, store data encryption and decryption.
7. The encryption storage control method of the encryption storage control system based on the multi-core processor secure solid state disk, according to any one of claims 1 to 6, comprising the steps of:
step 1: a User at a host end inputs a User ID and a PWD at a User OS stage, and at the moment, a security chip in the security SSD controller generates an SM2 key pair PK | SK and generates a User Rnd; after the SK is protected by the MKey, SK ' is generated and packed together with the user Rnd to be SK ' | PK | Rnd, and the SK ' | PK | Rnd is written into a Norflash plug-in controller security chip to be stored;
step 2: the configuration management module is used for partitioning a disk and generating a work key WK required by each partition, and the WK is protected by PK and then is stored in NorFlash hung on a Sec CPU;
and step 3: managing user information and disk numbers through a configuration management module, and opening access rights of corresponding disk spaces for different system users; configuring a work key WK to a key space used by a data encryption and decryption channel of a secure solid-state storage control chip, and encrypting and storing the WK corresponding to a frame index with effective data after SATA bus data is processed by a front-end protocol stack of the secure solid-state storage control chip; during reading, after the ciphertext of the FTL processing program is decrypted, the frame and the plaintext flow to the protocol processing program.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111443706.1A CN114091084A (en) | 2021-11-30 | 2021-11-30 | Encryption storage control system and method based on multi-core processor safety solid state disk |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111443706.1A CN114091084A (en) | 2021-11-30 | 2021-11-30 | Encryption storage control system and method based on multi-core processor safety solid state disk |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114091084A true CN114091084A (en) | 2022-02-25 |
Family
ID=80305861
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111443706.1A Pending CN114091084A (en) | 2021-11-30 | 2021-11-30 | Encryption storage control system and method based on multi-core processor safety solid state disk |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114091084A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117633753A (en) * | 2024-01-25 | 2024-03-01 | 深圳市领德创科技有限公司 | Operating system and method based on solid state disk array |
-
2021
- 2021-11-30 CN CN202111443706.1A patent/CN114091084A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117633753A (en) * | 2024-01-25 | 2024-03-01 | 深圳市领德创科技有限公司 | Operating system and method based on solid state disk array |
CN117633753B (en) * | 2024-01-25 | 2024-03-29 | 深圳市领德创科技有限公司 | Operating system and method based on solid state disk array |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017041603A1 (en) | Data encryption method and apparatus, mobile terminal, and computer storage medium | |
AU2012204448B2 (en) | System and method for in-place encryption | |
US9342713B2 (en) | Unlocking a storage device | |
CN103020493B (en) | A kind of software protection of anti-copy and running gear and method | |
EP1953669A2 (en) | System and method of storage device data encryption and data access via a hardware key | |
US20090046858A1 (en) | System and Method of Data Encryption and Data Access of a Set of Storage Devices via a Hardware Key | |
JP2008257691A (en) | System and method for storage device data encryption and data access | |
US7818567B2 (en) | Method for protecting security accounts manager (SAM) files within windows operating systems | |
CN112560058B (en) | SSD partition encryption storage system based on intelligent password key and implementation method thereof | |
RU2015101734A (en) | PROTECTED ACCESS METHOD AND APPLIED PROTECTED ACCESS DEVICE | |
CN109190389A (en) | A kind of solid state hard disk data guard method based on USB flash disk authentication | |
JP2008219871A (en) | System and method of storage device data encryption and data access via hardware key | |
CN103336746A (en) | Safety encrypted USB (Universal Serial Bus) flash disk and data encryption method thereof | |
CN103186479A (en) | Double hard disc isolation encryption device, method and computer based on single operating system | |
CN102693399A (en) | System and method for on-line separation and recovery of electronic documents | |
WO2010126695A1 (en) | Memory device and method for adaptive protection of content | |
CN114091084A (en) | Encryption storage control system and method based on multi-core processor safety solid state disk | |
CN103207976B (en) | Mobile storage file prevents the method for divulging a secret and the secret USB flash disk based on the method | |
CN111008390A (en) | Root key generation protection method and device, solid state disk and storage medium | |
CN109190365A (en) | A kind of solid state hard disk data protection system based on USB flash disk authentication | |
CN201780792U (en) | Self-starting multi-functional safety universal serial bus (USB) flash drive based on Linux kernel | |
CN103020538B (en) | A kind of terminal data protection method and terminal | |
CN109033812B (en) | Device and method for controlling UKEY to log in multi-partition operating system through UEFI | |
CN114091082A (en) | Solid state hard drives safety configuration management tool | |
TWI789291B (en) | Module and method for authenticating data transfer between a storage device and a host device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |