CN1272931C - Data storage method for ensuring data safety and safe storage device - Google Patents
Data storage method for ensuring data safety and safe storage device Download PDFInfo
- Publication number
- CN1272931C CN1272931C CN 02148904 CN02148904A CN1272931C CN 1272931 C CN1272931 C CN 1272931C CN 02148904 CN02148904 CN 02148904 CN 02148904 A CN02148904 A CN 02148904A CN 1272931 C CN1272931 C CN 1272931C
- Authority
- CN
- China
- Prior art keywords
- data
- public sign
- sign hurdle
- memory block
- write
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention discloses data storage method for ensuring data safety. Middle isolation regions are arranged between data intervals, and data and a command are sent by separate channels. When the data interchange is carried out, handshake is first carried out through a command channel, then, the data is arranged in the middle isolation region by a data transmitting party, and the data is taken out by a data receiving party from the middle isolation region. The present invention simultaneously discloses a safety storage device which comprises a public mark column, a controller, a data isolation region and a data safety storage region, wherein an operation command is read or written by an external system of the public mark column through a system control wire, or the controller in the device is used for reading / writing the operation command. An external system of the data isolation region is used for reading / writing data through a system data line, or the data is read / written by a data safety storage region controlled by the controller in the device. The controller of the data safety storage region is used for reading / writing data. The data safety can be ensured by the method and the device of the present invention when the data storage and data interchange are carried out.
Description
Technical field
The present invention relates to the data of information system security fields, particularly a kind of date storage method and safe storage device thereof of guaranteeing Information Security.
Background technology
Data security is the important topic of information system, and it comprises three aspects: data integrity, data privacy, data verification comprise the data falsfication.Data integrity is a crucial aspect of data security, and its problem to be solved is to guarantee data in transmission and storage, and the content of data, structure and capacity remain unchanged.Data privacy is to guarantee that privately owned data are not obtained by other people, and data verification is when data are not but known by people's modification, finds the misdata time update.The contact that is relative to each other of these three aspects, independent toward each other again.
At present, along with popularizing day by day and the fast development of internet (INTEIRNET) of computer, digital information presents explosive increase, and it not only is embodied on the capacity of data, and shows on the diversity of data.Simultaneously, thousands of virus at computer and the Internet vertical spread, is said nothing of numerous maleficent hackers as pestilence.The safety of data problem not only relates to the individual, and relates to department, company and country.Therefore, the importance of data security does not have the boundary.
To the hidden danger of data safety from two aspects: one is the reliability of data storage device; Its two, be the reliability of data storage mechanism.For first way to solve the problem generally is redundancy with equipment, normally data are backed up, yet, simple backup can not prevent data when exchanging or store by malicious sabotage.Normally read and write control for second way to solve the problem.Under present environment, read-write control is decided by operating system.This had not both stoped the read-write of computer virus to file, stopped incessantly hacker's lying in wait for and altering file yet.So, start with from data storage mechanism, be the key of guaranteeing Information Security.
Summary of the invention
In view of this, a main purpose of the present invention is to provide a kind of date storage method of guaranteeing Information Security, and this method can be guaranteed data safety of data when storage and exchange.
Another main purpose of the present invention is to provide a kind of safe storage device, and this device can be guaranteed data safety of data when storage and exchange wherein.
An aspect according to above-mentioned purpose the invention provides a kind of date storage method of guaranteeing Information Security, and this method may further comprise the steps:
1) in data storage device, the data security memory block is set, and between other data fields and data security memory block, data isolation district and command channel is set respectively;
2) when exchanges data is carried out in data security memory block and other data fields, other data fields send data operation commands by the command channel to the data security memory block;
3) according to step 2) described data operation commands, the data that the data receiver in data security memory block and other data fields will need to exchange write the data isolation district, and by command channel notification data recipient;
4) take data away from the data isolation district after the data receiver has notice, and finish by command channel notification data transmit leg data manipulation.
The described command channel that is provided with of this method can be for being provided with the public sign hurdle.
This method step 2) may further include the data security memory block and key authentication is carried out in other data fields.
This method step 2) process can for:
21) other data fields write the public sign hurdle with operational order and key;
22) the data security memory block is fetched key from the public sign hurdle and is verified;
23) if key is correct, the data security memory block will verify by information and write the public sign hurdle, otherwise will not verify and write the public sign hurdle by information;
24) other data fields learn by checking the public sign hurdle whether key authentication is passed through.
This method step 3) described process by command channel notification data recipient can for: data receiver writes the public sign hurdle with isolated area written data information, and the data receiver obtains this information by checking the public sign hurdle; The described process by command channel notification data transmit leg of step 4) can for: the data receiver has taken the isolated area data away information and has write the public sign hurdle, and data receiver obtains this information by checking the public sign hurdle.
The described operational order of this method can comprise carries out read/write operation order and deletion action order to data.This method may further include, when the data of deleted data secure storage areas are wanted in other data fields, the public sign hurdle is set to deleted data secure storage areas data command earlier, simultaneously key is write the public sign hurdle, after carrying out authentication, the data of data secure storage areas are deleted according to the delete command on public sign hurdle.
This method also may further include the data field and sends to the public sign hurdle and monopolize request, does not allow other data field that the public sign hurdle is operated when carrying out exchanges data, during data exchanging completed, discharges public sign hurdle exclusive right.
This method can further include data block when size that the size of data that need exchange has surpassed system default, and data are divided into more than one by the data block size of system default, and block-by-block is operated.
According to above-mentioned purpose on the other hand, the invention provides a kind of safe storage device, this device comprises: public sign hurdle, controller, data isolation district and data security memory block; Described controller links to each other respectively with public sign hurdle, data isolation district and data security memory block; Described public sign hurdle links to each other with external system by system's control line; Described data isolation district links to each other with external system by data wire;
Described controller writes the data isolation district from data security memory block sense data earlier when carrying out read operation, and data have been write isolated area information writes the public sign hurdle; And controller checks that the public sign hurdle gets primary data written data isolated area when carrying out write operation, then take data away from the data isolation district, stores the data security memory block into, and data taking-up information is write the public sign hurdle;
Described external system checks that the public sign hurdle gets primary data written data isolated area, then takes data away from the data isolation district, and data taking-up information is write the public sign hurdle when carrying out read operation; And external system writes the data isolation district with data when carrying out write operation, and data have been write isolated area information writes the public sign hurdle.
Public sign hurdle in this device can further be provided with the key port, and it is used for this public sign hurdle and external system or controller and carries out key authentication.
Data security memory block in this device can be divided into an above partition holding, and each partition holding can be provided with independently key.The partition holding of this device can be logical partition, Physical Extents or partitions of file.This device can further comprise system interface, and its control line with this device links to each other with system with data wire.This system interface can be standard USB interface.
By such scheme as can be seen, key of the present invention is: at data interval the intermediate isolating district is set, and data and order subchannel send, when exchanges data, shake hands by the command channel earlier, by after, data receiver is put into the intermediate isolating district with data, the data receiver fetches data in the isolated area between therefrom.
Therefore, this date storage method and the safe storage device thereof of guaranteeing Information Security of the present invention, between the data field, be provided with the intermediate isolating district, make data receiver and recipient separate, and adopt different passages to send data and order, and arranged the primitive rule of transregional data manipulation, set up Handshake Protocol, not only make the operation between the data field isolated fully, and limited operation types.So just reduced by two data fields and directly carried out the potential safety hazard that exchanges data is brought, guaranteed safety of data.Simultaneously, to the foundation of security mechanism in the transregional Handshake Protocol, can effectively prevent hacker and viral intrusion.
Description of drawings
Fig. 1 is for using the schematic diagram that the present invention guarantees the date storage method of Information Security;
Fig. 2 is the structured flowchart of first preferred embodiment of safe storage device of the present invention;
Fig. 3 is the structured flowchart of second preferred embodiment of safe storage device of the present invention;
Fig. 4 is the structured flowchart of the 3rd preferred embodiment of safe storage device of the present invention;
Fig. 5 is the structured flowchart of the 4th preferred embodiment of safe storage device of the present invention;
Fig. 6 is the workflow diagram of first embodiment;
Fig. 7 is the workflow diagram of second embodiment.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, below in conjunction with embodiment and accompanying drawing, the present invention is described in more detail.
Referring to Fig. 1, Fig. 1 as shown in Figure 1, in data storage device, is provided with data security memory block 104, data isolation district 102 and command channel 103 for using the schematic diagram that the present invention guarantees the date storage method of Information Security.104 carry out storage or when exchange with other data fields 101 in the data security memory block, and at first, data field 101 sends data operation commands by command channel 103 to data security memory block 104, can carry out key authentication simultaneously; Then, according to above-mentioned data operation commands, the data that the data receiver in data security memory block 104 and the data field 101 will need to exchange write data isolation district 102, and by command channel 103 notification data recipients; At last, take data away from data isolation district 102 after the data receiver has notice, and finish by command channel 103 notification data transmit leg data manipulations.
Wherein, the public sign hurdle can be arranged in command channel 103, data field 101 and data security memory block 104 process of carrying out key authentication is like this: data field 101 sends the request of monopolizing to the public sign hurdle earlier, when carrying out exchanges data, do not allow other data field that the public sign hurdle is operated, during data exchanging completed, discharge public sign hurdle exclusive right.By data field 101 operational order and key are write the public sign hurdle, promptly the command channel 103; Data security memory block 104 is fetched key from the public sign hurdle and is verified then; If key is correct, data security memory block 104 writes the public sign hurdle with authorization information, does not pass through information otherwise write checking; Then, data field 101 learns by checking the public sign hurdle whether key authentication is passed through; Continue to carry out by operational order if key authentication is passed through, otherwise this operational order will not be carried out.
After key authentication is passed through, data field 101 can write data data security memory block 104, its detailed process is: after key authentication was passed through, data field 101 write data isolation district 102 with data, and data have been write isolated area information write the public sign hurdle; Data security memory block 104 checks that the public sign hurdle gets primary data written data isolated area 102, then fetches data from data isolation district 102, and data taking-up information is write the public sign hurdle; Data field 101 checks that the public sign hurdle gets primary data and takes out, the end data exchange.
For example, the 101 data D that enliven will be stored in data security memory block 104 in the data field, are not the data security memory block 104 of writing direct.Data field 101 is sent out Handshake Protocol by the public sign hurdle and is sent the store data request to data security memory block 104.At first data security memory block 104 requires data field 101 to show the key of store data secure storage areas 104 data D.When data field 101 can not show or show the key of mistake, the store data D that send 104 refusal execution data fields 101, data security memory block was in the operation of data security memory block 104.If the key that data field 101 shows is justify by data security memory block 104, then data field 101 is placed on data isolation district 102 to data D, tells data security memory block 104 by Handshake Protocol.Data security memory block 104 learns have data D to leave data isolation district 102 in by Handshake Protocol.Data security memory block 104 is taken data D away from data isolation district 102, and by Handshake Protocol notification data district 101, data D takes away simultaneously.Data security memory block 104 is finished storage to the clear area that data D leaves local area in.Handshake Protocol described here realizes by read/write public sign hurdle, below identical.
For example, data field 101 D that will fetch data from data security memory block 104 sends the reading of data request by Handshake Protocol to data security memory block 104.At first data security memory block 104 requires to show the key of reading of data secure storage areas 104 data D.In the time can not showing or show the key of mistake, data security memory block 104 refusals are carried out the operation of the reading of data secure storage areas 104 data D that send data field 101.If the key that data field 101 shows is justify by data security memory block 104, data security memory block 104 copies to data isolation district 102 to data D, and tells data field 101: data D to be placed into data isolation district 102 by Handshake Protocol.After data field 101 got primary data D and has been placed into data isolation district 102 by Handshake Protocol, data field 101 can be taken data D away, and tell data security memory block 104 by Handshake Protocol then: data D takes away.
Data in the 101 all right deleted data secure storage areas 104 of data field, its detailed process is: when the data D of deleted data secure storage areas 104 is wanted in data field 101, send the deleted data request by Handshake Protocol to data security memory block 104, data security memory block 104 requires data field 101 to show the key of deleted data secure storage areas 104 data D.When data field 101 can not show or show the key of mistake, data security memory block 104 refusals were carried out the operation of the deleted data secure storage areas 104 data D that send data field 101.If the key that data field 101 shows is justify by data security memory block 104, the data D in the deleted data secure storage areas 104, the memory space that unrecoverable data D occupies are carried out in data security memory block 104 so.
Above-mentioned three elemental motions that process is a storage means of the present invention, all the other actions all are above-mentioned three motion combination, the user can further be provided with according to the actual needs of oneself.
In addition, in actual applications, the size of data that exchanges has if desired surpassed the data block size of General System acquiescence, then data is divided into more than one by the data block size of system default, and block-by-block is operated.Like this, can guarantee data integrity in the safety of data by moving of whole block.
Method of the present invention separate transmission with data and order, and the order in each data field is effective in the notebook data district, does not exist the order of a data field to handle the possibility of another data field, does not also have the possibility of a transregional operating data in data field.Exchanges data of the present invention relies on Handshake Protocol, also only transmits the state of order, and does not transmit order itself, and do not allow directly to carry out between the data field write operation and overlapping operation.Therefore, the operation of data interval is isolated fully, and limited operation types, this has just guaranteed safety of data.
Fig. 2 is the structured flowchart of first preferred embodiment of safe storage device of the present invention; As shown in Figure 2, safe storage device of the present invention can comprise: public sign hurdle 201, controller 202, data isolation district 203 and data security memory block 204; Public sign hurdle 201 passes through system's control line by external system read/write operation order, or inner by controller 202 read/write operation orders at device; Data isolation district 203 passes through the system data line by the external system read/write data, or controls by data security memory block 204 read/write data at the inner controlled device 202 of device; Data security memory block 204 is by controller 202 control read/write data.
Safe storage device embodiment illustrated in fig. 2 can be as the data security memory block in the foregoing invention method.The course of work of exchanges data is carried out referring to Fig. 6 in itself and other data field.Fig. 6 is the workflow diagram of first embodiment, as shown in Figure 6, step 601 at first, safe storage device starts; Step 602 then resets the public sign hurdle and waits for that other data fields operate; When other data fields had data to exchange, whether its execution in step 603, ambient systems detect the public sign hurdle idle, if not idle i.e. wait, up to the free time; Execution in step 604, it is busy that the public sign hurdle is set; According to foregoing inventive method the data of storage device are carried out read operation 605 or write operation 606 or deletion action 607 again; After finishing once-through operation 608; Storage device is execution in step 602 again, the public sign hurdle is resetted wait for that other data fields operate.
Wherein, the process of read operation 605 is: this device writes the data isolation district with data, and data have been write isolated area information writes the public sign hurdle; Ambient systems checks that the public sign hurdle gets primary data written data isolated area, then takes data away from the data isolation district, and data taking-up information is write the public sign hurdle; This device checks that the public sign hurdle gets primary data and takes out, the end data read operation.
The process of write operation 606 is: ambient systems writes the data isolation district with data, and data have been write isolated area information writes the public sign hurdle; This device checks that the public sign hurdle gets primary data written data isolated area, then takes data away from the data isolation district, and data taking-up information is write the public sign hurdle; Ambient systems checks that the public sign hurdle gets primary data and takes out, the end data write operation.
The process of deletion action 608 is: this device is deleted specific data and the data deleted information is write the public sign hurdle; Ambient systems checks that the public sign hurdle gets primary data and deletes, the end data deletion action.
Fig. 3 is the structured flowchart of second preferred embodiment of safe storage device of the present invention, this safe storage device is on basis embodiment illustrated in fig. 2, increased a key port 305, it can be set together with public sign hurdle 301, before ambient systems is carried out the read/write operation order to public sign hurdle 301, carry out key authentication with ambient systems, the checking by after carry out read/write/operations such as deletion again.
The safe storage device of present embodiment shown in Figure 3 also can be as the data security memory block in the foregoing invention method.The course of work of exchanges data is carried out referring to Fig. 7 in itself and other data field.Fig. 7 is the workflow diagram of second embodiment, as shown in Figure 7, step 701 at first, safe storage device starts; Step 702 then resets the public sign hurdle and waits for that other data fields operate; When other data fields have data to exchange, its execution in step 703, whether detect the public sign hurdle idle, if not idle i.e. wait, up to the free time; Execution in step 704, it is busy that the public sign hurdle is set; Then, execution in step 705, ambient systems are placed on key the key port on public sign hurdle; Then, whether 706 devices of execution in step detection key is correct; If it is correct then the data of storage device are carried out read operation 707 or write operation 708 or deletion action 709 according to the described method of front first embodiment; If incorrect then storage device is execution in step 702 again, the public sign hurdle resetted wait for that other data fields operate; After finishing once-through operation 710; Storage device is execution in step 702 again, the public sign hurdle is resetted wait for that other data fields operate.
Fig. 4 is the structured flowchart of the 3rd preferred embodiment of safe storage device of the present invention, and this safe storage device is on basis embodiment illustrated in fig. 3, and subregion has been carried out in the data security memory block in this device 405.Present embodiment is to be divided into 3 subregions, in actual applications, can carry out subregion according to user's requirement.Partitioned method can be logical partition, Physical Extents or partitions of file in the present embodiment.Subregion is carried out in data security memory block 405, can guarantee that destroyed other data fields of subregion of contingency still can keep the complete sum safety of data.
The safe storage device of present embodiment shown in Figure 4 also can be as the data security memory block in the foregoing invention method.The course of work of exchanges data is carried out in itself and other data field can be referring to Fig. 7.Fig. 7 is the workflow diagram of second embodiment.The difference of the course of work of present embodiment and the second embodiment course of work shown in Figure 7 is: whether step 706 shown in Figure 7 is correct for this storage device detection key, whether this storage device not only wants detection key correct in the embodiment shown in fig. 4, will judge also that simultaneously which subregion this key is; In addition, step 707 read operation shown in Figure 7, step 708 write operation and step 709 deletion action, these operations are all carried out at certain subregion in the embodiment shown in fig. 4.
Fig. 5 is the structured flowchart of the 4th preferred embodiment of safe storage device of the present invention, this safe storage device is on basis embodiment illustrated in fig. 4, increased a system interface 510, its control line with storage device links to each other with computer or other network equipments with data wire, this system interface can be a standard USB interface, and the storage device of present embodiment just can be used as the movable storage device use like this.
The safe storage device of present embodiment shown in Figure 5 also can be as the data security memory block in the foregoing invention method.It carries out the course of work of exchanges data with other data fields can be identical with the 3rd embodiment.
This shows, this method for secure storing of the present invention and safe storage device thereof, data receiver and recipient are separate, adopted data and order subchannel to send, arranged the primitive rule of transregional data manipulation, set up Handshake Protocol, not only made the operation between the data field isolated fully, and limited operation types.So just reduced by two data fields and directly carried out the potential safety hazard that exchanges data is brought, guaranteed safety of data.Simultaneously, to the foundation of security mechanism in the transregional Handshake Protocol, can effectively prevent hacker and viral intrusion.
Claims (16)
1, a kind of date storage method of guaranteeing Information Security is characterized in that, this method may further comprise the steps:
1) in data storage device, the data security memory block is set, and between other data fields and data security memory block, data isolation district and command channel is set respectively;
2) when exchanges data is carried out in data security memory block and other data fields, other data fields send data operation commands by the command channel to the data security memory block;
3) according to step 2) described data operation commands, the data that the data receiver in data security memory block and other data fields will need to exchange write the data isolation district, and by command channel notification data recipient;
4) take data away from the data isolation district after the data receiver has notice, and finish by command channel notification data transmit leg data manipulation.
2, date storage method as claimed in claim 1 is characterized in that: the described command channel that is provided with is for being provided with the public sign hurdle.
3, date storage method as claimed in claim 1 or 2 is characterized in that: comprise further that this method step 2) data security memory block and other data fields carry out key authentication.
4, date storage method as claimed in claim 3 is characterized in that step 2) process be:
21) other data fields write the public sign hurdle with operational order and key;
22) the data security memory block is fetched key from the public sign hurdle and is verified;
23) if key is correct, the data security memory block will verify by information and write the public sign hurdle, otherwise will not verify and write the public sign hurdle by information;
24) other data fields learn by checking the public sign hurdle whether key authentication is passed through.
5, date storage method as claimed in claim 2, it is characterized in that, the described process by command channel notification data recipient of step 3) is: data receiver writes the public sign hurdle with isolated area written data information, and the data receiver obtains this information by checking the public sign hurdle; The described process by command channel notification data transmit leg of step 4) is: the data receiver has taken the isolated area data away information and has write the public sign hurdle, and data receiver obtains this information by checking the public sign hurdle.
6, date storage method as claimed in claim 1 is characterized in that: described operational order comprises carries out read/write operation order and deletion action order to data.
7, date storage method as claimed in claim 4, it is characterized in that: this method further comprises, when the data of deleted data secure storage areas are wanted in other data fields, the public sign hurdle is set to deleted data secure storage areas data command earlier, simultaneously key is write the public sign hurdle, after carrying out authentication, the data of data secure storage areas are deleted according to the delete command on public sign hurdle.
8, date storage method as claimed in claim 2, it is characterized in that: this method comprises that further the data field sends the request of monopolizing to the public sign hurdle, when carrying out exchanges data, do not allow other data field that the public sign hurdle is operated, during data exchanging completed, discharge public sign hurdle exclusive right.
9, date storage method as claimed in claim 1, it is characterized in that: this method further comprises when the size of data that need exchange has surpassed the data block size of system default, data are divided into more than one by the data block size of system default, and block-by-block is operated.
10, a kind of safe storage device is characterized in that, this device comprises: public sign hurdle, controller, data isolation district and data security memory block;
Described controller links to each other respectively with public sign hurdle, data isolation district and data security memory block; Described public sign hurdle links to each other with external system by system's control line; Described data isolation district links to each other with external system by data wire;
Described controller writes the data isolation district from data security memory block sense data earlier when carrying out read operation, and data have been write isolated area information writes the public sign hurdle; And controller checks that the public sign hurdle gets primary data written data isolated area when carrying out write operation, then take data away from the data isolation district, stores the data security memory block into, and data taking-up information is write the public sign hurdle;
Described external system checks that the public sign hurdle gets primary data written data isolated area, then takes data away from the data isolation district, and data taking-up information is write the public sign hurdle when carrying out read operation; And external system writes the data isolation district with data when carrying out write operation, and data have been write isolated area information writes the public sign hurdle.
11, safe storage device as claimed in claim 10 is characterized in that: the public sign hurdle of this device further is provided with the key port, and it is used for this public sign hurdle and external system or controller and carries out key authentication.
12, as claim 10 or 11 described safe storage devices, it is characterized in that: described data security memory partitioning is an above partition holding.
13, safe storage device as claimed in claim 12 is characterized in that: each partition holding is respectively arranged with independently key.
14, safe storage device as claimed in claim 12 is characterized in that: described partition holding is logical partition, Physical Extents or partitions of file.
15, safe storage device as claimed in claim 10 is characterized in that: this device further comprises system interface, and its control line with this device links to each other with system with data wire.
16, safe storage device as claimed in claim 15 is characterized in that: described system interface is a standard USB interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02148904 CN1272931C (en) | 2002-11-08 | 2002-11-08 | Data storage method for ensuring data safety and safe storage device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02148904 CN1272931C (en) | 2002-11-08 | 2002-11-08 | Data storage method for ensuring data safety and safe storage device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1499771A CN1499771A (en) | 2004-05-26 |
| CN1272931C true CN1272931C (en) | 2006-08-30 |
Family
ID=34233392
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 02148904 Expired - Fee Related CN1272931C (en) | 2002-11-08 | 2002-11-08 | Data storage method for ensuring data safety and safe storage device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1272931C (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100555237C (en) * | 2004-08-02 | 2009-10-28 | 国际商业机器公司 | Be used to detect and prevent the method and system of replay attack |
| CN1976259B (en) * | 2006-11-20 | 2011-04-20 | 中网信息技术有限公司 | Directive non-feedback optical fiber one-way transmitting physical isolating method and one-way transmitting system therefor |
| CN107430527B (en) * | 2015-05-14 | 2021-01-29 | 株式会社日立制作所 | Computer system with server storage system |
| CN106100829B (en) * | 2016-05-23 | 2020-05-19 | 深圳市硅格半导体有限公司 | Method and device for encrypted storage |
| CN112783117B (en) * | 2020-12-29 | 2022-05-10 | 浙江中控技术股份有限公司 | Method and device for data isolation between safety control application and conventional control application |
-
2002
- 2002-11-08 CN CN 02148904 patent/CN1272931C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1499771A (en) | 2004-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8261068B1 (en) | Systems and methods for selective encryption of operating system metadata for host-based encryption of data at rest on a logical unit | |
| EP1158743B1 (en) | Computing system with remote copy facility | |
| US5481720A (en) | Flexible interface to authentication services in a distributed data processing environment | |
| US8966281B1 (en) | Systems and methods for accessing storage or network based replicas of encryped volumes with no additional key management | |
| US7269743B2 (en) | Method and apparatus for secure data mirroring a storage system | |
| JP4819644B2 (en) | Information processing system, information processing method, and information processing apparatus | |
| WO2002095588B1 (en) | Decentralized virus scanning for stored data | |
| CN1501234A (en) | Method for transmitting command and data to portable storage device | |
| CN1804810A (en) | Method and system of redirection for storage access requests | |
| JP2014530371A (en) | File encryption method and apparatus, file decryption method and apparatus | |
| CN110245515B (en) | Protection method and system for HDFS (Hadoop distributed File System) access mode | |
| JP2010539584A (en) | Data security device | |
| EP2081127A1 (en) | Controller for controlling logical volume-related settings | |
| US10354091B2 (en) | Data processing system capable of securing files | |
| CN110083399A (en) | Small routine operation method, computer equipment and storage medium | |
| JP2007524161A (en) | Separation multiplexed multidimensional processing in virtual processing space with virus, spyware and hacker protection features | |
| KR100922584B1 (en) | Distributed object-sharing system and method thereof | |
| CN1598848A (en) | System, apparatus and method of rescinding previously transmitted e-mail messages | |
| CN1272931C (en) | Data storage method for ensuring data safety and safe storage device | |
| CN114710263B (en) | Key management method, key management device, key management apparatus, and storage medium | |
| US8352726B2 (en) | Data storage and/or retrieval | |
| CN104965835A (en) | Method and apparatus for reading and writing files of a distributed file system | |
| JP2014517376A (en) | Secure data storage method and device | |
| JP2021090151A (en) | Storage system and data protection method thereof | |
| CN1317846C (en) | Method of realizing internal external network physical partition and its device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20060830 Termination date: 20201108 |