CN116484350A - Hard disk verification method, hard disk and computing device - Google Patents
Hard disk verification method, hard disk and computing device Download PDFInfo
- Publication number
- CN116484350A CN116484350A CN202310268661.1A CN202310268661A CN116484350A CN 116484350 A CN116484350 A CN 116484350A CN 202310268661 A CN202310268661 A CN 202310268661A CN 116484350 A CN116484350 A CN 116484350A
- Authority
- CN
- China
- Prior art keywords
- hard disk
- computing device
- identification information
- instruction
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 95
- 238000012795 verification Methods 0.000 title claims abstract description 80
- 230000002159 abnormal effect Effects 0.000 claims description 24
- 238000004891 communication Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 description 21
- 238000010586 diagram Methods 0.000 description 10
- 230000009286 beneficial effect Effects 0.000 description 7
- 230000000694 effects Effects 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- TVZRAEYQIKYCPH-UHFFFAOYSA-N 3-(trimethylsilyl)propane-1-sulfonic acid Chemical compound C[Si](C)(C)CCCS(O)(=O)=O TVZRAEYQIKYCPH-UHFFFAOYSA-N 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a hard disk verification method, a hard disk and computing equipment, wherein the method comprises the following steps: the method comprises the steps that a hard disk sends a first instruction to computing equipment, wherein the first instruction is used for obtaining identification information stored by the computing equipment, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk; if the acquisition fails, powering down or locking the hard disk; if the acquisition is successful, the hard disk verifies the identification information; and if the verification is not passed, powering down or locking the hard disk. The method solves the problem that the method for effectively stealing the hard disk data aiming at the near-end attack mode is lacking in the prior art.
Description
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a hard disk verification method, a hard disk, and a computing device.
Background
At present, a large amount of data related to finance, personal information, schemes and the like is often stored in a hard disk of a network server, so that high requirements are put on confidentiality of the hard disk data. The prior art generally employs a way of preventing network attacks or encrypting hard disk data to prevent an attacker from stealing the data.
However, an attacker may directly steal the hard disk in the server by means of a near-end attack, and then insert the hard disk prepared in advance into the server, so that it is often difficult for a manager to find that the hard disk is replaced. Meanwhile, after an attacker steals the hard disk in the server, the content in the hard disk can be copied, and then the encrypted data in the hard disk is cracked by combining a key recovery means, so that the leakage of important data is caused.
Based on this, a way to effectively solve the problem of stealing the hard disk data against the near-end attack is needed.
Disclosure of Invention
The application provides a hard disk verification method, a hard disk and computing equipment, which are used for solving the problem that a method for effectively stealing hard disk data aiming at a near-end attack mode is lacking in the prior art.
In a first aspect, the present application provides a hard disk verification method, including: the method comprises the steps that a hard disk sends a first instruction to computing equipment, wherein the first instruction is used for obtaining identification information stored by the computing equipment, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk; if the acquisition fails, powering down or locking the hard disk; if the acquisition is successful, the hard disk verifies the identification information; and if the verification is not passed, powering down or locking the hard disk.
In one embodiment, before the hard disk sends the first instruction to the computing device, the method includes: the hard disk acquires the identification information sent by the computing equipment and stores the identification information in the hard disk; the hard disk verifies the identification information, and the method comprises the following steps: the hard disk verifies whether the obtained identification information of the computing device is the same as the identification information stored in the hard disk, and if not, the verification is not passed; if the verification is the same, the verification is passed.
In a specific embodiment, after the hard disk is powered down or locked, the method further includes: when the hard disk acquires a binding instruction sent by the computing device, the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
In one embodiment, the hard disk sends a first instruction to a computing device, including: the hard disk sends a first instruction to the computing device when detecting that the hard disk is inserted into the computing device.
In a second aspect, the present application provides a hard disk verification method, including: the computing device sends a second instruction to the hard disk, wherein the second instruction is used for acquiring identification information stored in the hard disk, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk; if the acquisition fails, the computing equipment outputs indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk; if the acquisition is successful, the computing equipment verifies the identification information; and if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
In one embodiment, before the computing device sends the second instruction to the hard disk, the method includes: the computing device generates identification information; the computing device sends the identification information to the hard disk so that the hard disk stores the identification information in the hard disk; the computing device validating the identification information, including: the computing equipment verifies whether the obtained identification information of the hard disk is the same as the identification information generated by the computing equipment, and if the obtained identification information is different from the identification information generated by the computing equipment, the verification is not passed; if the verification is the same, the verification is passed.
In one embodiment, the computing device generates identification information, including: the computing device obtains serial number information of the computing device and generates identification information by using the serial number information.
In a specific embodiment, after outputting the indication information if the verification is not passed, the method further includes: the computing device generates a binding instruction, and sends the binding instruction and the identification information generated by the computing device to the hard disk, so that the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
In one embodiment, the computing device sends a second instruction to the hard disk, including: the computing device sends a second instruction to the hard disk when detecting that the hard disk is inserted into the computing device; or the computing device sends a second instruction to the hard disk every preset time.
In a third aspect, the present application provides a hard disk comprising: a processor, a memory, a communication interface; the memory is used for storing executable instructions of the processor; wherein the processor is configured to perform the hard disk authentication method of the first aspect via execution of the executable instructions.
In a fourth aspect, the present application provides a hard disk comprising: the first acquisition module is used for sending a first instruction to the computing equipment, wherein the first instruction is used for acquiring identification information stored by the computing equipment, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk; the first processing module is used for carrying out power-down processing or locking if the acquisition fails; the first processing module is further configured to verify the identification information if the obtaining is successful; and if the verification is not passed, powering down or locking.
In a fifth aspect, the present application provides a computing device comprising: a processor, a memory, a communication interface; the memory is used for storing executable instructions of the processor; wherein the processor is configured to perform the hard disk authentication method of the second aspect via execution of the executable instructions.
In a sixth aspect, the present application provides a computing device comprising: the second acquisition module is used for sending a second instruction to the hard disk, wherein the second instruction is used for acquiring identification information stored by the hard disk, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk; the second processing module is used for outputting indication information if the acquisition fails, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk; the second processing module is further configured to verify the identification information if the obtaining is successful; and if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
The application provides a hard disk verification method, a hard disk and computing equipment, wherein the method comprises the following steps: the method comprises the steps that a hard disk sends a first instruction to computing equipment, wherein the first instruction is used for acquiring identification information stored by the computing equipment, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk; if the acquisition fails, the hard disk is powered down or locked; if the acquisition is successful, the hard disk verifies the identification information; if the verification is not passed, the hard disk is powered down or locked. Compared with the prior art, the method for preventing network attack or encrypting information data is adopted to prevent an attacker from stealing the data, the hard disk of the method for preventing network attack and encrypting information data acquires and verifies the identification information which is stored by the computing equipment and is used for indicating the corresponding relation between the computing equipment and the hard disk, and when the acquisition fails or the verification fails, the method for preventing network attack or encrypting information data is powered off or locked. The method can effectively verify whether the computing device is the computing device corresponding to the hard disk, and electrifies or locks the computing device when the computing device and the hard disk are determined to have no corresponding relation, so that important data in the hard disk are effectively prevented from being stolen, and the problem that a method for effectively solving the problem of stealing the hard disk data aiming at a near-end attack mode is lacking in the prior art is solved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, a brief description will be given below of the drawings that are needed in the embodiments or the prior art descriptions, it being obvious that the drawings in the following description are some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort to a person skilled in the art.
FIG. 1 is a block diagram of a server provided herein;
fig. 2 is a schematic flow chart of a first embodiment of a hard disk verification method provided in the present application;
fig. 3 is a schematic flow chart of a second embodiment of a hard disk verification method provided in the present application;
fig. 4 is a schematic flow chart of a third embodiment of a hard disk verification method provided in the present application;
fig. 5 is a schematic flow chart of a fourth embodiment of a hard disk verification method provided in the present application;
FIG. 6 is a schematic structural diagram of a hard disk embodiment provided in the present application;
FIG. 7 is a schematic diagram of another embodiment of a hard disk according to the present application;
FIG. 8 is a schematic diagram of an embodiment of a computing device provided herein;
fig. 9 is a schematic structural diagram of another embodiment of a computing device provided herein.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which a person of ordinary skill in the art would have, based on the embodiments in this application, come within the scope of protection of this application.
The terms "first," "second," "third," "fourth" and the like in the description and in the claims of this application and in the above-described figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that embodiments of the present application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
At present, a large amount of data related to finance, personal information, schemes and the like is often stored in a hard disk of a network server, so that high requirements are put on confidentiality of the hard disk data. The prior art generally employs a way of preventing network attacks or encrypting hard disk data to prevent an attacker from stealing the data.
However, an attacker may directly steal the hard disk in the server by means of a near-end attack, and then insert the hard disk prepared in advance into the server, so that it is often difficult for a manager to find that the hard disk is replaced. Meanwhile, after an attacker steals the hard disk in the server, the content in the hard disk can be copied, and then the encrypted data in the hard disk is cracked by combining a key recovery means, so that the leakage of important data is caused.
Based on this, a way to effectively solve the problem of stealing the hard disk data against the near-end attack is needed.
Based on the technical problems, the technical conception process of the application is as follows: how to effectively solve the problem of stealing hard disk data in a mode of aiming at near-end attack.
The hard disk verification scheme of the present application is described in detail below.
Fig. 1 is a structural diagram of a server provided in the present application, and as shown in fig. 1, the server 10 may include: a processor 11, a baseboard management controller 12, a memory 13, and a hard disk 14. The server 10 may be pre-bound to the hard disk 14 to identify the replacement hard disk that the attacker inserts. Specifically, the processor 11 may generate identification information for indicating the correspondence between the server and the hard disk. The processor 11 stores the identification information in the memory 13 and writes the identification information to the hard disk using the baseboard management controller 12.
The processor 11 may send an instruction to the hard disk for acquiring the identification information stored in the hard disk when detecting that there is the hard disk inserted into the server 10. If the acquisition fails, the hard disk is not bound with the server, and the server outputs indication information to indicate that the hard disk is an abnormal hard disk. The abnormal hard disk refers to a hard disk that is not bound with the server. If the acquisition is successful, the processor 11 verifies the identification information; if the verification is not passed, the hard disk is not bound with the server, and the indication information is output to indicate that the hard disk is an abnormal hard disk. Therefore, when an attacker steals the hard disk in the server and inserts the hard disk prepared in advance into the server, the server can timely identify and remind the manager.
The following describes the technical scheme of the present application in detail through specific embodiments. It should be noted that the following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments.
Fig. 2 is a schematic flow chart of an embodiment of a hard disk verification method provided in the present application, referring to fig. 2, the hard disk verification method may be executed by a hard disk, and specifically includes the following steps:
Step S201: the hard disk sends a first instruction to the computing device, wherein the first instruction is used for acquiring identification information stored by the computing device, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk.
Step S202: if the acquisition fails, the hard disk is powered down or locked. And (5) ending.
Step S203: if the acquisition is successful, the hard disk verifies the identification information; if the verification is not passed, the hard disk is powered down or locked.
In this embodiment, the hard disk may send, when detecting that the hard disk is inserted into the computing device, a first instruction to the computing device to obtain the identification information stored by the computing device. The identification information is used for indicating the corresponding relation between the computing device and the hard disk, is generated when the computing device and the hard disk are bound, and is respectively stored in the computing device and the hard disk. For example, the identification information may be generated from serial number information of the computing device or the hard disk when the computing device is bound to the hard disk.
The hard disk sends a first instruction to the computing device, wherein the first instruction is used for acquiring identification information stored by the computing device. If the acquisition fails, namely the hard disk cannot acquire the identification information stored by the computing device, the fact that the computing device is not the computing device bound with the hard disk is indicated, the hard disk is likely to be inserted into the computing device of an attacker, and the hard disk is powered down or locked, so that the attacker is prevented from stealing important data in the hard disk.
If the hard disk successfully acquires the identification information stored by the computing device, the identification information also needs to be verified. Specifically, the hard disk can compare the obtained identification information stored in the computing device with the identification information stored in the hard disk, if the identification information is the same, the computing device is the computing device bound with the hard disk, the verification is passed, and the data service is normally started between the computing device and the hard disk. If the identification information is different, it indicates that the computing device is not a computing device bound to the hard disk, and the verification is not passed, where it may be that the manager has misplaced the hard disk or is replacing the hard disk.
If the verification is not passed, the hard disk is powered down or locked. In some examples, the hard disk does not perform read-write data operations after locking; in other examples, the hard disk is not performing a read data operation after locking, but may also perform a write data operation. In some scenarios, the hard disk may also bind with the computing device after locking. After the hard disk is locked, a binding instruction sent by the computing device is obtained, so that the manager is indicated to replace the hard disk at the moment, and the replaced hard disk is bound with the computing device.
In this embodiment, a hard disk sends a first instruction to a computing device, where the first instruction is used to obtain identification information stored by the computing device, and the identification information is used to indicate a corresponding relationship between the computing device and the hard disk; if the acquisition fails, the hard disk is powered down or locked; if the acquisition is successful, the hard disk verifies the identification information; if the verification is not passed, the hard disk is powered down or locked. Compared with the prior art, the method for preventing network attack or encrypting information data is adopted to prevent an attacker from stealing the data, the hard disk of the method for preventing network attack and encrypting information data acquires and verifies the identification information which is stored by the computing equipment and is used for indicating the corresponding relation between the computing equipment and the hard disk, and when the acquisition fails or the verification fails, the method for preventing network attack or encrypting information data is powered off or locked. The method can effectively verify whether the computing device is the computing device corresponding to the hard disk, and electrifies or locks the computing device when the computing device and the hard disk are determined to have no corresponding relation, so that important data in the hard disk are effectively prevented from being stolen, and the problem that a method for effectively solving the problem of stealing the hard disk data aiming at a near-end attack mode is lacking in the prior art is solved.
Fig. 3 is a schematic flow chart of a second embodiment of a hard disk verification method provided in the present application, and referring to fig. 3, based on the embodiment shown in fig. 2, the hard disk verification method may be executed by a hard disk, and before step S201, the method further includes the following steps:
Step S301: the hard disk acquires the identification information sent by the computing device and stores the identification information in the hard disk.
In this embodiment, the hard disk may be pre-bound with the computing device. In one example, a computing device may obtain serial number information of the computing device or serial number information of the hard disk and generate identification information using the serial number information of the computing device or the hard disk. In one example, a computing device may generate a random number as the identification information. The identification information is used for indicating the corresponding relation between the computing device and the hard disk. The computing device stores the identification information in the computing device and sends the identification information to the hard disk. The hard disk acquires the identification information sent by the computing device and stores the identification information in the hard disk. Thus, the binding of the hard disk to the computing device is completed. The hard disk may, for example, obtain the identification information sent by the computing device via an integrated circuit bus (Inter-Integrated Circuit, IIC for short) and store the identification information in an encrypted area of the hard disk. In one example, the hard disk may also be unbound after the hard disk is successfully bound to the computing device.
After the hard disk is bound with the computing equipment, the hard disk verification program can be executed, and the method specifically comprises the following steps:
step S302: the hard disk sends a first instruction to the computing device, wherein the first instruction is used for acquiring identification information stored by the computing device, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk.
Step S303: if the acquisition fails, the hard disk is powered down or locked. And (5) ending.
Step S304: if the acquisition is successful, the hard disk verifies the identification information; if the verification is not passed, the hard disk is powered down or locked.
In this embodiment, the hard disk may send, when detecting that the hard disk is inserted into the computing device, a first instruction to the computing device, where the first instruction is used to obtain the identification information stored in the computing device.
If the acquisition fails, namely the hard disk cannot acquire the identification information stored by the computing device, the fact that the computing device is not the computing device bound with the hard disk is indicated, the hard disk is likely to be inserted into the computing device of an attacker, the hard disk is powered down, and important data in the hard disk are prevented from being stolen by the attacker.
If the acquisition is successful, the hard disk verifies the identification information. Specifically, the hard disk can verify whether the obtained identification information of the computing device is the same as the identification information stored in the hard disk, if not, the verification is not passed; if the verification is the same, the verification is passed. If the identification information is the same, the computing device is the computing device bound with the hard disk, verification is passed, and data service is normally started between the computing device and the hard disk. If the identification information is different, it indicates that the computing device is not a computing device bound to the hard disk, and the verification is not passed, where it may be that the manager has misplaced the hard disk or is replacing the hard disk. If the verification is not passed, the hard disk is powered down or locked.
If the scene that the manager changes the hard disk for the computing device at the moment, the changed hard disk can be bound with the computing device, and the method specifically comprises the following steps:
step S305: when the hard disk acquires a binding instruction sent by the computing device, the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
In one example, upon detecting that the hard disk is powered down or locked, the computing device sends a binding instruction to the hard disk, the binding instruction to instruct the hard disk to update the identification information. In one example, when detecting that the hard disk is not a hard disk bound with the computing device, the computing device outputs indication information, receives a binding operation triggered by a manager according to the indication information, generates a binding instruction according to the binding operation, and sends the binding instruction to the hard disk, wherein the binding instruction is used for indicating the hard disk to update identification information. When the hard disk acquires the binding instruction sent by the computing device, the identification information stored by the hard disk is replaced by the identification information sent by the computing device.
In this embodiment, the hard disk is bound with the computing device in advance, and the inserted computing device is verified by the identification information stored during binding, and when the identification information stored by the computing device cannot be obtained, it is determined that the hard disk is likely to be inserted into the computing device of the attacker, the hard disk is powered down or locked, so that the attacker is prevented from stealing important data in the hard disk. And when the verification of the acquired identification information is not passed, the hard disk is confirmed to be misplaced or replaced, and then the hard disk is powered down or locked. When a binding instruction sent by the computing device is obtained, the hard disk is confirmed to be replaced, and then the identification information stored in the hard disk is replaced by the identification information sent by the computing device, so that the binding of the replaced hard disk and the computing device is realized. Therefore, whether the computing device is the computing device corresponding to the hard disk can be effectively verified, corresponding processing is carried out according to different conditions when the fact that the corresponding relation between the hard disk and the computing device does not exist is determined, and the problem that a method for effectively solving the problem of stealing hard disk data according to a near-end attack mode is lacking in the prior art is further solved.
Fig. 4 is a schematic flow chart of a third embodiment of a hard disk verification method provided in the present application. Referring to fig. 4, the hard disk verification method may be executed by a computing device, and specifically includes the following steps:
step S401: the computing device sends a second instruction to the hard disk, wherein the second instruction is used for acquiring identification information stored by the hard disk, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk.
Step S402: if the acquisition fails, the computing device outputs indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk. And (5) ending.
Step S403: if the acquisition is successful, the computing equipment verifies the identification information; if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
In this embodiment, when detecting that there is a hard disk insertion, the computing device may send a second instruction to the hard disk to obtain the identification information stored by the hard disk. The identification information is used for indicating the corresponding relation between the computing device and the hard disk, is generated when the computing device and the hard disk are bound, and is respectively stored in the computing device and the hard disk. For example, the identification information may be generated from serial number information of the computing device or the hard disk when the computing device is bound to the hard disk.
And when the computing equipment detects that the hard disk is inserted, sending a second instruction to the hard disk, wherein the second instruction is used for acquiring the identification information stored by the hard disk. If the acquisition fails, that is, the computing device cannot acquire the identification information stored in the hard disk, the hard disk is indicated to be not the hard disk bound with the computing device, and the computing device outputs indication information at the moment to indicate that the hard disk is an abnormal hard disk so as to remind a manager that an attacker possibly steals the hard disk bound with the computing device and inserts a replacement hard disk.
In one example, the computing device may also send the indication information to the hard disk to indicate that the hard disk is powered down or locked.
In one example, if the acquisition fails, the computing device outputs an indication and refuses to write data to the hard disk.
If the computing device successfully acquires the identification information stored in the hard disk, the identification information also needs to be verified. Specifically, the computing device may compare the obtained identification information stored in the hard disk with the identification information stored in the computing device, and if the identification information is the same, the hard disk is indicated to be the hard disk bound with the computing device, and the verification is passed, so that the data service is started normally between the computing device and the hard disk. If the identification information is different, the hard disk is not bound with the computing device, verification is not passed, and the computing device outputs indication information to indicate that the hard disk is an abnormal hard disk so as to remind a manager that the hard disk may be misplaced or replaced.
The computing device may further send a second instruction to the hard disk at intervals of a preset time, where the second instruction is used to obtain the identification information stored in the hard disk. If the acquisition fails, namely the computing device cannot acquire the identification information stored in the hard disk, the fact that the hard disk in the computing device is likely to be stolen by an attacker is indicated, and the computing device outputs indication information to indicate that the hard disk is an abnormal hard disk so as to remind a manager that the hard disk bound with the computing device is likely to be stolen.
In this embodiment, the computing device sends a second instruction to the hard disk, where the second instruction is used to obtain identification information stored in the hard disk, and the identification information is used to indicate a correspondence between the computing device and the hard disk; if the acquisition fails, the computing equipment outputs indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk; if the acquisition is successful, the computing equipment verifies the identification information; if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk. Compared with the prior art, the method for preventing network attack or encrypting information data is adopted to prevent an attacker from stealing the data, the computing device acquires the identification information stored in the hard disk and used for indicating the corresponding relation between the computing device and the hard disk and verifies the identification information, and when the acquisition fails or the verification fails, the hard disk is indicated to be an abnormal hard disk. The method can effectively verify whether the hard disk is the hard disk corresponding to the computing equipment, and timely indicate when the corresponding relation between the hard disk and the computing equipment is not determined, so that a manager can timely find that the hard disk is replaced, and the problem that a method for effectively solving the problem of stealing hard disk data aiming at a near-end attack mode is lacking in the prior art is solved.
Fig. 5 is a schematic flow chart of a fourth embodiment of a hard disk verification method provided in the present application, and referring to fig. 5, on the basis of the embodiment shown in fig. 4, the hard disk verification method may be executed by a computing device, and before step S401, the method further includes the following steps:
step S501: the computing device generates identification information.
Step S502: the computing device sends the identification information to the hard disk to cause the hard disk to store the identification information in the hard disk.
In this embodiment, the computing device may be pre-bound to the hard disk. The computing device generates identification information and sends the identification information to the hard disk such that the hard disk stores the identification information in the hard disk. The identification information is used for indicating the corresponding relation between the computing device and the hard disk.
In one example, a computing device may obtain serial number information for the computing device and generate identification information using the serial number information. Specifically, the computing device may obtain serial number information of the computing device, and generate identification information from the serial number information using a signature algorithm. The signature algorithm may be, for example, a Rabin signature algorithm, a digital signature Standard algorithm (Digital signature standard, DSS for short), or a Livister-Samor-Adleman (Rivest-Shamir-Adleman, RSA for short) signature algorithm.
In one example, a computing device may obtain serial number information for the hard disk and generate identification information using the serial number information for the hard disk.
In one example, a computing device may generate a random number as the identification information.
The computing device sends the generated identification information to the hard disk to cause the hard disk to store the identification information in the hard disk. Specifically, the computing device may store the identification information in an encrypted area of the computing device and send the identification information to the hard disk via the integrated circuit bus IIC to cause the hard disk to store the identification information in the encrypted area of the hard disk. Thus, the binding of the computing device to the hard disk is completed. In one example, after the computing device is successfully bound to the hard disk, the binding may also be unbinding.
After the computing device is bound with the hard disk, a hard disk verification program can be executed, and the method specifically comprises the following steps:
step S503: the computing device sends a second instruction to the hard disk, wherein the second instruction is used for acquiring identification information stored by the hard disk, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk.
Step S504: if the acquisition fails, the computing device outputs indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk. And (5) ending.
Step S505: if the acquisition is successful, the computing equipment verifies the identification information; if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
In one example, a computing device may send a second instruction to a hard disk upon detecting that the hard disk is inserted into the computing device, the second instruction to obtain identification information stored by the hard disk.
If the acquisition fails, that is, the computing device cannot acquire the identification information stored in the hard disk, the hard disk is indicated to be not the hard disk bound with the computing device, and the computing device outputs indication information at the moment to indicate that the hard disk is an abnormal hard disk so as to remind a manager that an attacker possibly steals the hard disk bound with the computing device and inserts a replacement hard disk.
In one example, the computing device may also send the indication information to the hard disk to indicate that the hard disk is powered down or locked.
In one example, if the acquisition fails, the computing device outputs an indication and refuses to write data to the hard disk.
If the acquisition is successful, the computing device verifies the identification information. Specifically, the computing device can verify whether the obtained identification information of the hard disk is the same as the identification information generated by the computing device, and if the obtained identification information is different from the identification information generated by the computing device, the verification is not passed; if the verification is the same, the verification is passed. If the identification information is the same, the hard disk is indicated to be the hard disk bound with the computing equipment, the verification is passed, and the data service is normally started between the computing equipment and the hard disk. If the identification information is different, the hard disk is not bound with the computing device, verification is not passed, and the computing device outputs indication information to indicate that the hard disk is an abnormal hard disk so as to remind a manager that the hard disk may be misplaced or replaced.
If the scene that the manager changes the hard disk for the computing device at the moment, the computing device can be bound with the changed hard disk, and the method specifically comprises the following steps:
step S506: the method comprises the steps that a binding instruction is generated by a computing device, and the binding instruction and identification information generated by the computing device are sent to the hard disk, so that the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
In one example, upon detecting that the hard disk is powered down or locked, the computing device generates and sends a binding instruction to the hard disk, the binding instruction to instruct the hard disk to update the identification information. In one example, when detecting that the hard disk is not a hard disk bound with the computing device, the computing device outputs indication information, receives a binding operation triggered by a manager according to the indication information, generates a binding instruction according to the binding operation, and sends the binding instruction to the hard disk, wherein the binding instruction is used for indicating the hard disk to update identification information.
The computing device generates a binding instruction, and sends the binding instruction and the identification information generated by the computing device to the replaced hard disk, and the replaced hard disk replaces the identification information stored in the hard disk with the identification information sent by the computing device, so that the binding of the replaced hard disk and the computing device is realized.
In one example, the computing device may send the second instruction to the hard disk every preset time. The second instruction is used for acquiring the identification information stored in the hard disk. If the acquisition fails, namely the computing device cannot acquire the identification information stored in the hard disk, the fact that the hard disk in the computing device is likely to be stolen by an attacker is indicated, and the computing device outputs indication information to indicate that the hard disk is an abnormal hard disk so as to remind a manager that the hard disk bound with the computing device is likely to be stolen.
In the embodiment, the computing device is bound with the hard disk in advance, the hard disk inserted into the computing device is verified through the identification information generated during binding, and when the identification information stored in the hard disk cannot be acquired, an attacker of a manager is timely reminded of stealing the bound hard disk and inserting the hard disk into the replacement hard disk; when the acquired identification information fails to pass verification, a prompt message is output to remind a manager of misplacing the hard disk or replacing the hard disk, so that a binding instruction is generated, and the binding of the computing equipment and the replaced hard disk is realized. The computing device can also periodically acquire the identification information stored in the hard disk, and timely remind a manager that the hard disk bound with the computing device may be stolen when the acquisition fails. Therefore, whether the hard disk is the hard disk corresponding to the computing equipment can be effectively verified, and timely indication is carried out when the corresponding relation between the hard disk and the computing equipment is determined not to exist, so that a manager can timely carry out corresponding processing according to different conditions, and the problem that a method for effectively solving the problem of stealing hard disk data aiming at a near-end attack mode is lacking in the prior art is further solved.
The following are device embodiments of the present application, which may be used to perform method embodiments of the present application. For details not disclosed in the device embodiments of the present application, please refer to the method embodiments of the present application.
Fig. 6 is a schematic structural diagram of an embodiment of a hard disk provided in the present application. As shown in fig. 6, the hard disk 60 includes: a processor 61, a memory 62, and a communication interface 63; wherein the memory 62 is used for storing executable instructions of the processor 61; the processor 61 is configured to perform the technical solutions of any of the method embodiments described above via execution of executable instructions.
Alternatively, the memory 62 may be separate or integrated with the processor 61.
Alternatively, when the memory 62 is a device separate from the processor 61, the hard disk 60 may further include: bus 64 for connecting the above devices.
The hard disk is used for executing the technical scheme in any of the method embodiments, and the implementation principle and the technical effect are similar, and are not repeated here.
FIG. 7 is a schematic diagram of another embodiment of a hard disk according to the present application; as shown in fig. 7, the hard disk 70 includes: the first acquisition module 71 and the first processing module 72. The first obtaining module 71 is configured to send a first instruction to a computing device, where the first instruction is configured to obtain identification information stored by the computing device, where the identification information is used to indicate a correspondence between the computing device and the hard disk; the first processing module 72 is configured to perform power-down or locking if the acquisition fails; the first processing module 72 is further configured to verify the identification information if the acquisition is successful; if the verification is not passed, power-down or locking is performed.
The hard disk provided in the embodiment of the present application may execute the technical solution shown in the embodiment of the method, and its implementation principle and beneficial effects are similar, and will not be described in detail here.
In one possible implementation, the first processing module 72 is further configured to obtain identification information sent by the computing device and store the identification information in the hard disk before sending the first instruction to the computing device. The first processing module 72 is specifically configured to verify whether the obtained identification information of the computing device and the identification information stored in the hard disk are the same, and if not, the verification is failed; if the verification is the same, the verification is passed.
The hard disk provided in the embodiment of the present application may execute the technical solution shown in the embodiment of the method, and its implementation principle and beneficial effects are similar, and will not be described in detail here.
In a possible implementation manner, after the hard disk is powered down or locked, when the hard disk acquires a binding instruction sent by the computing device, the first processing module 72 replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
The hard disk provided in the embodiment of the present application may execute the technical solution shown in the embodiment of the method, and its implementation principle and beneficial effects are similar, and will not be described in detail here.
In one possible implementation, the first obtaining module 71 is specifically configured to send the first instruction to the computing device when detecting that the hard disk is inserted into the computing device.
Fig. 8 is a schematic structural diagram of a computing device provided in the present application. As shown in fig. 8, the computing device 80 includes: a processor 81, a memory 82, and a communication interface 83; wherein the memory 82 is used for storing executable instructions of the processor 81; the processor 81 is configured to perform the solution of any of the method embodiments described above via execution of executable instructions.
Alternatively, the memory 82 may be separate or integrated with the processor 81.
Optionally, when the memory 82 is a device separate from the processor 81, the computing device 80 may further include: bus 84 for connecting the above devices.
The computing device is configured to execute the technical scheme in any of the foregoing method embodiments, and its implementation principle and technical effects are similar, and are not described herein again.
FIG. 9 is a schematic diagram of another embodiment of a computing device provided herein; as shown in fig. 9, the computing device 90 includes: the second acquisition module 91 and the second processing module 92. The second obtaining module 91 is configured to send a second instruction to the hard disk, where the second instruction is used to obtain identification information stored in the hard disk, and the identification information is used to indicate a corresponding relationship between the computing device and the hard disk; the second processing module 92 is configured to output indication information if the acquisition fails, where the indication information is used to indicate that the hard disk is an abnormal hard disk; the second processing module 92 is further configured to verify the identification information if the acquisition is successful; if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
The computing device provided in the embodiment of the present application may execute the technical solution shown in the foregoing method embodiment, and its implementation principle and beneficial effects are similar, and are not described herein again.
In one possible embodiment, the second processing module 92 is further configured to generate the identification information before sending the second instruction to the hard disk; and sending the identification information to the hard disk so that the hard disk stores the identification information in the hard disk. The second processing module 92 is specifically configured to verify whether the obtained identification information of the hard disk and the identification information generated by the computing device are the same, and if they are not the same, the verification is failed; if the verification is the same, the verification is passed.
In one possible implementation, the second processing module 92 is specifically configured to obtain serial number information of the computing device and generate identification information using the serial number information.
The computing device provided in the embodiment of the present application may execute the technical solution shown in the foregoing method embodiment, and its implementation principle and beneficial effects are similar, and are not described herein again.
In a possible implementation manner, the second processing module 92 is further configured to, after outputting the indication information if the verification is not passed, generate a binding instruction, and send the binding instruction and the identification information generated by the computing device to the hard disk, so that the hard disk replaces the identification information stored in the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
The computing device provided in the embodiment of the present application may execute the technical solution shown in the foregoing method embodiment, and its implementation principle and beneficial effects are similar, and are not described herein again.
In a possible embodiment, the second obtaining module 91 is specifically configured to send a second instruction to the hard disk when detecting that the hard disk is inserted into the computing device; or sending a second instruction to the hard disk every preset time.
The computing device provided in the embodiment of the present application may execute the technical solution shown in the foregoing method embodiment, and its implementation principle and beneficial effects are similar, and are not described herein again.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the method embodiments described above may be performed by hardware associated with program instructions. The foregoing program may be stored in a computer readable storage medium. The program, when executed, performs steps including the method embodiments described above; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features can be replaced equivalently; such modifications and substitutions do not depart from the spirit of the corresponding technical solutions from the scope of the technical solutions of the embodiments of the present application.
Claims (10)
1. A hard disk authentication method, comprising:
the method comprises the steps that a hard disk sends a first instruction to computing equipment, wherein the first instruction is used for obtaining identification information stored by the computing equipment, and the identification information is used for indicating the corresponding relation between the computing equipment and the hard disk;
if the acquisition fails, powering down or locking the hard disk;
if the acquisition is successful, the hard disk verifies the identification information; and if the verification is not passed, powering down or locking the hard disk.
2. The method of hard disk authentication of claim 1, wherein before the hard disk sends the first instruction to the computing device, the method comprises:
the hard disk acquires the identification information sent by the computing equipment and stores the identification information in the hard disk;
the hard disk verifies the identification information, and the method comprises the following steps:
the hard disk verifies whether the obtained identification information of the computing device is the same as the identification information stored in the hard disk, and if not, the verification is not passed; if the verification is the same, the verification is passed.
3. The hard disk authentication method of claim 2, wherein after the hard disk is powered down or locked, the method further comprises:
When the hard disk acquires a binding instruction sent by the computing device, the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
4. A method of authenticating a hard disk as in any one of claims 1 to 3, wherein the hard disk sending a first instruction to a computing device comprises:
the hard disk sends a first instruction to the computing device when detecting that the hard disk is inserted into the computing device.
5. A hard disk authentication method, comprising:
the computing device sends a second instruction to the hard disk, wherein the second instruction is used for acquiring identification information stored in the hard disk, and the identification information is used for indicating the corresponding relation between the computing device and the hard disk;
if the acquisition fails, the computing equipment outputs indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk;
if the acquisition is successful, the computing equipment verifies the identification information; and if the verification is not passed, outputting indication information, wherein the indication information is used for indicating that the hard disk is an abnormal hard disk.
6. The hard disk authentication method of claim 5, wherein before the computing device sends the second instruction to the hard disk, the method comprises:
the computing device generates identification information;
the computing device sends the identification information to the hard disk so that the hard disk stores the identification information in the hard disk;
the computing device validating the identification information, including:
the computing equipment verifies whether the obtained identification information of the hard disk is the same as the identification information generated by the computing equipment, and if the obtained identification information is different from the identification information generated by the computing equipment, the verification is not passed; if the verification is the same, the verification is passed.
7. The hard disk authentication method of claim 6, wherein the computing device generates identification information comprising:
the computing device obtains serial number information of the computing device and generates identification information by using the serial number information.
8. The method for verifying a hard disk according to claim 6, wherein after outputting the indication information if the verification is not passed, the method further comprises:
the computing device generates a binding instruction, and sends the binding instruction and the identification information generated by the computing device to the hard disk, so that the hard disk replaces the identification information stored by the hard disk with the identification information sent by the computing device; the binding instruction is used for indicating the hard disk update identification information.
9. The hard disk authentication method of any one of claims 5 to 8, wherein the computing device sending a second instruction to the hard disk comprises:
the computing device sends a second instruction to the hard disk when detecting that the hard disk is inserted into the computing device;
or alternatively, the process may be performed,
and the computing equipment sends a second instruction to the hard disk every preset time.
10. A computing device, comprising:
a processor, a memory, a communication interface;
the memory is used for storing executable instructions of the processor;
wherein the processor is configured to perform the hard disk authentication method of any one of claims 1 to 9 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310268661.1A CN116484350A (en) | 2023-03-17 | 2023-03-17 | Hard disk verification method, hard disk and computing device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310268661.1A CN116484350A (en) | 2023-03-17 | 2023-03-17 | Hard disk verification method, hard disk and computing device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116484350A true CN116484350A (en) | 2023-07-25 |
Family
ID=87214561
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310268661.1A Pending CN116484350A (en) | 2023-03-17 | 2023-03-17 | Hard disk verification method, hard disk and computing device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116484350A (en) |
-
2023
- 2023-03-17 CN CN202310268661.1A patent/CN116484350A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111723383B (en) | Data storage and verification method and device | |
| EP2434683A1 (en) | Electronic device, key generation program, recording medium, and key generation method | |
| EP3316160A1 (en) | Authentication method and apparatus for reinforced software | |
| CN112231647A (en) | Software authorization verification method | |
| CN101968834A (en) | Encryption method and device for anti-copy plate of electronic product | |
| CN110362427A (en) | A kind of processing method of image file, system, BMC and readable storage medium storing program for executing | |
| JP2007535054A (en) | Method for backing up and restoring data on a computer device | |
| CN109445705B (en) | Firmware authentication method and solid state disk | |
| EP2503482A1 (en) | Electronic device with flash memory component | |
| US8880904B2 (en) | System and method for securing data | |
| CN112104627A (en) | Block chain-based data transmission method and device, electronic equipment and storage medium | |
| EP2804341A1 (en) | Information storage device, information processing system, information processing method, and program | |
| CN105550071B (en) | System file upgrades and detection method, communication equipment | |
| CN110737725A (en) | Electronic information inspection method, device, equipment, medium and system | |
| CN101447009A (en) | Method, device and system for installing software | |
| CN108256351B (en) | File processing method and device, storage medium and terminal | |
| CN108765786A (en) | Quick Response Code withdrawal safe verification method and its system, computer storage media | |
| CN101403985B (en) | Software permission backup method for software protection apparatus | |
| CN116484350A (en) | Hard disk verification method, hard disk and computing device | |
| JP2008542941A (en) | ITSOVC2 application monitor | |
| CN103105783B (en) | embedded element and control method | |
| CN113779511A (en) | Software authorization method, device, server and readable storage medium | |
| JP2008257279A (en) | Integrity enhancement method for file system | |
| CN116431189B (en) | Board card upgrading method, device, equipment and storage medium based on PCIE link | |
| US9280666B2 (en) | Method and electronic device for protecting data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |