CN1506853A - Method of utilizing hidden hard disc sector in protecting data under Windows system - Google Patents
Method of utilizing hidden hard disc sector in protecting data under Windows system Download PDFInfo
- Publication number
- CN1506853A CN1506853A CNA021555117A CN02155511A CN1506853A CN 1506853 A CN1506853 A CN 1506853A CN A021555117 A CNA021555117 A CN A021555117A CN 02155511 A CN02155511 A CN 02155511A CN 1506853 A CN1506853 A CN 1506853A
- Authority
- CN
- China
- Prior art keywords
- hpa
- disk
- hard disc
- windows
- hard disk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention provides method of utilizing hidden hard disc sector in protecting data under Windows system and belongs to the field of computer safety technology. The implementation includes the following steps: the step A of operation on hard disc HPA under Windows system including creating HPA in the hard disc, adding the back-up to hard disc HPA operation to Windows disc driving program, and creating interface for realizing hard disc HPA operation in Windows system; and the step B of saving the back-up data in HPA of hard disc for protection via the features of PHA via opening hard disc HPA, accessing hard disc HPA to protect back-up data, and shutting HPA. The method has the advantages of high safety, convenient operation, low cost, etc.
Description
Technical field
The present invention relates to the guard method of the relevant Backup Data in a kind of computer security technique field, refer to a kind of method of utilizing hard disk HPA (hiding the sector) that backed up data is protected that can under the Windows system, realize especially.
Background technology
Along with popularizing of computing machine, the quantity of computer virus also grows with each passing day, and harmfulness is also increasing; Adding the perfect day by day of INTERNET, online becomes the part of computer user's daily life, but online hacker's wildness further threatens the safety and normal use of computer user's data again.
With regard to the computer security technique field:
The means that extensively adopted by masses roughly have computer security softwares such as antivirus software and fire wall at present.But up to the present, there is not theoretical model to show that antivirus software can remove all unknown virus or Hacker Program as yet, though therefore antivirus software can be removed most of virus, but it has certain hysteresis quality, the user often also needs (general antivirus software company usually can per about the 15 days once new viral codes of the issue) viral code of upgrading to the website, also has the new virus of PI when upgrading inconvenience and online or becomes the object of assault; And, can not guarantee to remove all viruses and Hacker Program.And fire wall has certain effect for the safety of network but neither very reliable (particularly to taking precautions against the hacker).And after virus killing, the installation of fire wall two class softwares, generally all have real-time monitor (RTM) in system, to move, and can take the system resource of a part, reduce the performance of computing machine.And because be both system monitor, sometimes also have compatible problem, can clash and cause more serious consequences (for example KV3000, Rising, KILL and NORTON are installed on same the computing machine, will make the frequent blue screen of computing machine) such as systemic breakdown with other software.The file that this two classes software loss that misoperation of users is caused simultaneously or system crash cause is lost and is had no idea to avoid.
The technology of the computer safety field that another kind is widely used is that system and significant data are backed up.The software that improves computer security by redundancy technique just occurred as far back as the epoch that large scale computer, medium-sized machine are ruled business market, and after PC popularized, redundancy technique also began to be used for PC.
With regard to redundancy technique:
Backup tool at present commonly used often need be by External memory equipment, as disk drive, CD writer, MO, and ZIP driver, floppy disk etc.Safety coefficient height (the non-constant of diskette backup and reliability), but cost is also high, and speed is slow, inconvenient operation.This kind technology is mainly used in enterprises such as large server, PC server relatively on the core computer of core departments or partly high-end user and professional user.
Another kind of redundancy technique based on hard disk mainly is to use on PC, and the major product that is operated on the windows platform has the Ghost of Symantec company, the Drive Image of PowerQuest company and the savior of Legend Company etc.
With regard to regard to the redundancy technique of hard disk:
The Ghost of Symantec company: data are backuped in the ordinary file, and the shortcoming of this method is that ordinary file is dangerous, and the user may delete backup file because of maloperation, and perhaps backup file is by the program crash of some malice.
The Drive Image of PowerQuest company: data are backuped in the hidden partition.With Drive Image 3.0 is example, be in the extended partition of hard disk, to create the subregion of a specific type as hidden partition, WINDOWS hard disk instrument FDISK commonly used can't see this subregion, if the user does not have other special-purpose instruments just can not see this subregion, thereby partly realized subzone hiding, but some are the hard disk tool software of specialty relatively: the softwares such as " computer managements " that carries as the PartitionMagic or the Windows 2000/XP of PowerQuest company just could be seen and this hidden partition is operated, even delete this subregion! Equally, general WINDOWS/DOS environment Virus also can have access to this hidden partition, and destroys all data in this subregion.
The QDI new edition of Legend Company " Recovery Easy II ", the backup mode of employing HPA: this kind mode adopts the mode of the HPA protected location of ATA-5 specification hard disk support; Having on the hard disk of HPA, hard disk is divided into UDA (user data area) and HPA two parts, and it is last that HPA is positioned at hard disk; Comprise that the operating system of Windows and the hard disk size that Disk Tool Software is seen are equal to the UDA size, and can only visit the data in the UDA; And can't see HPA, and the operation of any visit HPA all can be ended.But " Zeus's shield " can only create a mirror to subregion on hard disk, the data that back up subregion are done a backup at mirror in subregion.The shortcoming of this method is a mirror once to be arranged to backup, if the user wishes to back up a plurality of subregions, can not once realize so by this method.
Above-mentioned backup product can not directly be realized backup and recover under Windows when backup, when back up or restore, need vectoring computer again, switching to the DOS environment from Windows backs up, backup finishes, need vectoring computer again equally, switch back the Windows inconvenient operation from DOS.Bring a lot of inconvenience to user operation except that meeting like this, waste the plenty of time but also can cause when switching in system, above-mentioned in addition software also can't be realized the file of NTFS form subregion is backed up.Particularly when switching from the Windows system to the DOS system, need to end the program of other normal operations in the Windows system, this program can not be ended if the user is moving very important application program, then can't realize backup.And the main function of these softwares is subregion backup, but for the user, and the backup of frequent use is own important data backup, rather than the backup of whole subregion or DISK to Image.So use the backup product of above-mentioned backup method all to have certain limitation.
Summary of the invention
The invention provides a kind of method of safe, easy and simple to handle, economical and practical realization data protection; realize utilizing the method for hidden hard disc sector protected data under a kind of Windows system, the user is directly backuped to required backed up data among the HPA of hard disk under the Windows system according to this kind method.
To achieve these goals, the present invention is by the following technical solutions: realize utilizing the method for hard disk HPA protected data under the Windows system, it may further comprise the steps:
A, under the Windows system, realize operation to hard disk HPA;
A1, create HPA at hard disk;
A2, will the support of hard disk HPA operation be joined in the Windows disk driver;
A3, be programmed under the Windows system interface of realizing hard disk HPA operation.
B, Backup Data is saved among the HPA of hard disk, utilizes the characteristic of HPA, realize protection it;
B1, open hard disk HPA;
B2, to the hard disk HPA operation that conducts interviews, realize protection to Backup Data;
B3, close HPA.
Wherein, described steps A 1 further may further comprise the steps:
(1) the HPA size of determining according to the user calculates the logical number of last sector of non-HPA of disk;
(2) this logical number is set to the maximum reference address of disk, and permanent the preservation;
(3), password is left in the storage area of disk self for HPA is provided with password.
Described step B1 further may further comprise the steps:
(1) obtains the HPA access code;
(2) password obtained of the password that will call the application program of this function and provide is compared;
(3) obtain the original maximum address value of corresponding disk;
(4) the maximum accessible address of disk is set to original maximum address, so that all data on the visit disk.
Described step B2 further may further comprise the steps:
(1) obtains Lawful access process record;
Whether what (2) judge that current requirement conducts interviews to HPA is the legal process that has write down;
(3) judge whether operation is the operation that is allowed to HPA;
(4) lower floor's driver is finished corresponding work in the call driver hierarchy.
Described step B3 further may further comprise the steps:
(1) the maximum accessible address of disk is re-set as the maximum accessible address of disk before opening, all disk sectors that are in after this address are become can not be accessed;
(2) finish maximum accessible address setting, and close HPA.
Since realize under the Windows of the present invention system utilizing the method for hard disk HPA protected data to adopt above technical scheme, so it has following beneficial effect:
1, safe.The operation of most virus and Hacker Program is all based on file system, and be to carry out in the Physical layer of hard disk to the operation of HPA subregion, it is lower than file system, so utilize HPA to preserve data, the data of preservation are difficult for being found or destroying by system or other programs; HPA yet can not found or revise by various hard disk instruments, thereby has guaranteed to be stored in the safety of Backup Data wherein.
2, easy to operate.This method can be implemented under the Windows system operation that data is backuped among the hard disk HPA, the user need not restart computing machine, need not switch to and just can finish backup operation under the DOS, not only make operation become simple, convenient, also saved the time that starts computer.This backup simultaneously can be carried out under the Windows system at any time, finishes at any time; In backup, the user can also carry out other work with computer, backup can interference user other important procedure of operation.
3, economical and practical.The hard disk that uses is all very big usually at present; and the general shared hard drive space mostly very little (approximately 100M) of data important for the user; the user can create the HPA of a 1G as required; significant data in the different subregions that selection will be backed up backs up; so just can buy other memory devices, cost performance is very high when using the method protection to need Backup Data.
Description of drawings
Fig. 1 is for realizing the process flow diagram of the inventive method
Fig. 2 creates the process flow diagram of HPA for the present invention
Fig. 3 opens the process flow diagram of HPA for the present invention
Fig. 4 is the process flow diagram of the present invention's realization to the accessing operation of HPA
Fig. 5 closes the process flow diagram of HPA for the present invention
Fig. 6, Fig. 7 are the interface of the present invention to the HPA operation
Embodiment
Be to realize the present invention, the hardware supported that needs is: support ATA-5 (or more than the ATA-5: the ATA-6) hard disk of standard, support a certain section space that the hard disk of this characteristic can be last with hard disk to protect, system or other programs can't conduct interviews to this space.(reference documents: ANSI " Information Technology-AT Attachment with PacketInterface-5 (ATA/ATAPI-5) ")
As shown in Figure 1, realize utilizing the method for hard disk HPA protected data under the Windows of the present invention system, it may further comprise the steps:
A, under the Windows system, realize operation to hard disk HPA;
A1, create HPA at hard disk;
A2, will the support of hard disk HPA operation be joined in the Windows disk driver;
A3, be programmed under the Windows system interface of realizing hard disk HPA operation.
B, Backup Data is saved among the HPA of hard disk, utilizes the characteristic of HPA, realize protection it;
B1, open hard disk HPA;
B2, to the hard disk HPA operation that conducts interviews, realize protection to Backup Data;
B3, close HPA.
As shown in Figure 2, described steps A 1 further may further comprise the steps:
1, the user determines the size of HPA according to what of own data to back up; According to the size of disk, calculate the size of non-HPA part; According to the size of non-HPA part, calculate the logical number of last sector of the non-HPA of disk again;
2, the logical number that calculates is set to the maximum reference address of disk, and permanent the preservation;
According to the ATAPI standard, the sector part greater than maximum reference address in the disk is HPA, and HPA can not be employed program addressing visit; When not using the function that the maximum reference address of disk is set that the ATAPI standard provides to make amendment, no matter disk powers up again or resets, and it all will keep the setting of this maximum reference address, thus the establishment of realization HPA.
3, use the password setting function that provides in the ATAPI standard,, this access code is left in the storage area of disk self for HPA is provided with specific access code.
Described steps A 2, its implementation and operating system are closely related, under Windows 2000/XP, can realize by writing WDM (Windows driving model) driver; Under Windows 98/98SE, can realize by writing VxD (" Microsoft " virtual device driver) driver.
Described steps A 3, writing of the interface that realization hard disk HPA operates under the Windows system can be used interface that is similar to window explorer of Visual C++ exploitation, as shown in Figure 6.Under the Windows system, list user's All Files; After the user selects to need the file of backup, the backup parameter is set, back up; List the file that the user has backed up, the file that the user can select wherein to need to recover carries out recovery operation.
As shown in Figure 3, described step B1 further may further comprise the steps:
1, uses the cryptographic function that reads that provides in the ATAPI standard, from disk, obtain the HPA access code that completing steps A1 was provided with during the 3rd step;
2, the password that will call the application program of this function and provide is compared with the HPA access code that reads, and only just enters next step when two passwords are identical;
3, the function of the original maximum sector of the acquisition address that provides in the ATAPI standard is provided, is obtained the original maximum address value of corresponding disk;
4, use the function that original maximum sector address is set that provides in the ATAPI standard, the maximum reference address of the disk that steps A 1 was determined in the 2nd step is set to original maximum address, so that all data on the visit disk.
According to the ATAPI standard; interim setting is appointed as in this setting; after disk powers up (power up) or replacement (reset) again; the disk addressable size of maximum automatically is set to the last permanent address that is provided with; can guarantee like this failing correctly to close under the situation of HPA; disk is closed HPA automatically, realizes Data Protection among the HPA.
As shown in Figure 4, described step B2 further may further comprise the steps:
1, obtains Lawful access process record;
Whether what 2, judge that current requirement conducts interviews to HPA is the legal process that has write down, if then enter next step, otherwise refusal is carried out this process;
3, executable process in the last step is judged judge whether its operation to HPA is the operation that is allowed to, and described operation specifically comprises: whether whether the operation in read-only data district crossed data rewriting, data access actual area of HPA etc.;
4, be allowed to as operation, then lower floor's driver (referring to Windows DriverDevelop Kits, Windows driver hierarchy) complete operation in the call driver hierarchy.
As shown in Figure 5, described step B3 further may further comprise the steps:
1, the maximum accessible address of disk is re-set as the maximum accessible address of disk before opening, all disk sectors that are in after this address are become can not be accessed;
According to the ATAPI standard, this time be provided with and should be appointed as interim setting, from powering up in the process of cut off the power supply, can only use once, and the disk of must resetting immediately by setting forever at every turn for disk, is provided with temporarily and can uses repeatedly, and need not reset disk and come into force immediately.Use interim setting can not cause hardware system to restart back HPA as seen herein, this is that disk can recover the permanent address that maximum addressable size is set to the last setting because hardware system restarts the back, so just can guarantee the safety of data among the HPA.
2, finish maximum accessible address setting, and close HPA.
In addition, under the Windows system, carry out operation to HPA for the ease of the user, the present invention also provide under Windows system functions of use key operation, backup operation provided by the invention can be directly used in this operation.In the right-click menu of the normal explorer that uses of user, add backup functionality.The user is after having selected one or more files, and at this moment the right button of clicking the mouse " backup " function can occur in the right-click menu, if the user has selected " backup " function, can be directly with the file backup of selection in the HPA of disk.
Claims (6)
1, realize utilizing the method for hidden hard disc sector protected data under a kind of Windows system, it is characterized in that: it may further comprise the steps:
A, under the Windows system, realize operation to hard disk HPA;
A1, create HPA at hard disk;
A2, will the support of hard disk HPA operation be joined in the Windows disk driver;
A3, be programmed under the Windows system interface of realizing hard disk HPA operation.
B, Backup Data is saved among the HPA of hard disk, utilizes the characteristic of HPA, realize protection it;
B1, open hard disk HPA;
B2, to the hard disk HPA operation that conducts interviews, realize protection to Backup Data;
B3, close HPA.
2, realize utilizing the method for hidden hard disc sector protected data under the Windows according to claim 1 system, it is characterized in that: described steps A 1 further may further comprise the steps:
(1) the HPA size of determining according to the user calculates the logical number of last sector of non-HPA of disk;
(2) this logical number is set to the maximum reference address of disk, and permanent the preservation;
(3), password is left in the storage area of disk self for HPA is provided with password.
3, realize utilizing the method for hidden hard disc sector protected data under the Windows according to claim 1 system, it is characterized in that: described step B1 further may further comprise the steps:
(1) obtains the HPA access code;
(2) password obtained of the password that will call the application program of this function and provide is compared;
(3) obtain the original maximum address value of corresponding disk;
(4) the maximum accessible address of disk is set to original maximum address, so that all data on the visit disk.
4, realize utilizing the method for hidden hard disc sector protected data under the Windows according to claim 1 system, it is characterized in that: described step B2 further may further comprise the steps:
(1) obtains Lawful access process record;
Whether what (2) judge that current requirement conducts interviews to HPA is the legal process that has write down;
(3) judge whether operation is the operation that is allowed to HPA;
(4) lower floor's driver is finished corresponding work in the call driver hierarchy.
5, realize utilizing the method for hidden hard disc sector protected data under the Windows according to claim 1 system, it is characterized in that: described step B3 further may further comprise the steps:
(1) the maximum accessible address of disk is re-set as the maximum accessible address of disk before opening, all disk sectors that are in after this address are become can not be accessed;
(2) finish maximum accessible address setting, and close HPA.
6, realize utilizing the method for hidden hard disc sector protected data under the Windows according to claim 1 system; it is characterized in that: this method also provides the operation that function key is set under the Windows system; in the right-click menu of the normal explorer that uses of user, add backup functionality.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021555117A CN1308845C (en) | 2002-12-09 | 2002-12-09 | Method of utilizing hidden hard disc sector in protecting data under Windows system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021555117A CN1308845C (en) | 2002-12-09 | 2002-12-09 | Method of utilizing hidden hard disc sector in protecting data under Windows system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1506853A true CN1506853A (en) | 2004-06-23 |
| CN1308845C CN1308845C (en) | 2007-04-04 |
Family
ID=34235933
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021555117A Expired - Fee Related CN1308845C (en) | 2002-12-09 | 2002-12-09 | Method of utilizing hidden hard disc sector in protecting data under Windows system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1308845C (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049223A (en) * | 2012-12-28 | 2013-04-17 | 厦门市美亚柏科信息股份有限公司 | System, device and method for relieving hidden partition of hard disk |
| CN104036201A (en) * | 2014-06-25 | 2014-09-10 | 电子科技大学 | Application-layer file hiding method on Windows operating system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5966732A (en) * | 1996-12-02 | 1999-10-12 | Gateway 2000, Inc. | Method and apparatus for adding to the reserve area of a disk drive |
| EP1225583A3 (en) * | 2001-01-16 | 2002-08-07 | Gateway, Inc. | Host protected area (HPA) duplication process |
| US6748511B2 (en) * | 2001-03-06 | 2004-06-08 | Phoenix Technologies Ltd. | Resizing a protected area on a hard disk |
-
2002
- 2002-12-09 CN CNB021555117A patent/CN1308845C/en not_active Expired - Fee Related
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049223A (en) * | 2012-12-28 | 2013-04-17 | 厦门市美亚柏科信息股份有限公司 | System, device and method for relieving hidden partition of hard disk |
| CN103049223B (en) * | 2012-12-28 | 2016-01-20 | 厦门市美亚柏科信息股份有限公司 | A kind of release method of hard disc hidden area, device and system |
| CN104036201A (en) * | 2014-06-25 | 2014-09-10 | 电子科技大学 | Application-layer file hiding method on Windows operating system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1308845C (en) | 2007-04-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8607342B1 (en) | Evaluation of incremental backup copies for presence of malicious codes in computer systems | |
| US7665123B1 (en) | Method and apparatus for detecting hidden rootkits | |
| CN1286012C (en) | Method for recovering and backing up information in hard disc of computer | |
| CN1277211C (en) | Repair method for computer operation system | |
| EP1434135B1 (en) | Method for backing up and recovering data in the hard disk of a computer | |
| JP4627547B2 (en) | Secure storage tracking for antivirus acceleration | |
| US7392541B2 (en) | Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments | |
| CN1205555C (en) | Hard disk data backup and restore method | |
| US7313726B2 (en) | Operating system and data protection | |
| CN1296835C (en) | Apparatus and method for controlling booting operation of computer system | |
| CN1417689A (en) | Fixed disk data enciphering back-up and restoring method | |
| US20060242381A1 (en) | Systems, methods, and computer readable media for computer data protection | |
| US6907524B1 (en) | Extensible firmware interface virus scan | |
| JP2003162452A (en) | System and method for protecting data stored in storage medium device | |
| US20040148478A1 (en) | Method and apparatus for protecting data in computer system in the event of unauthorized data modification | |
| CN1285038C (en) | System and method for handling device accesses to a memory providing increased memory access security | |
| CN1866225A (en) | Mapping method for mobile memory device | |
| US8307175B2 (en) | Data recovery and overwrite independent of operating system | |
| JP2007524161A (en) | Separation multiplexed multidimensional processing in virtual processing space with virus, spyware and hacker protection features | |
| CN1308845C (en) | Method of utilizing hidden hard disc sector in protecting data under Windows system | |
| CN1920786A (en) | System and method for implementing safety control of operation system | |
| US20070073792A1 (en) | System and method for removing residual data from memory | |
| Hsu et al. | Data concealments with high privacy in new technology file system | |
| CN1308848C (en) | Industrial production process of main hard disc protection area | |
| CN100424652C (en) | Had disk self-recovery protecting method based on embedded operation system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070404 Termination date: 20201209 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |