JP2007148566A - Data writing device and data reading device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a data writing device capable of enhancing the security protection property of data to be written in a memory. <P>SOLUTION: When secret data are written in a memory card 300, an attribute setting part 103 and an entry writing part 104 assign a specific attribute to a directory entry corresponding to the secret data. An information writing part 102 and a data writing part 105 write the secret data in the memory card 300 from a data writing start position designated by the directory entry with the specific attribute. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a data writing device and a data reading device for writing and reading secret data on a memory.

  For example, when data in a file operating on MS-DOS (registered trademark) is kept secret except for a specific qualified person, the conventional data access device is the first cluster in the directory entry that holds the attribute information of the file. Is rewritten according to a certain rule, and the correct leading cluster number before rewriting is transmitted only to qualified persons (for example, see Patent Document 1).

JP-A-7-13872

  As a result, the data in the file is concealed. However, in such a conventional method, the existence of the file and the continuity of the data in the file can be controlled even by a person other than a specific qualified person. It was possible to infer the start cluster number of a file from a FAT (File Allocation Table) to be managed and the file size. As a result, the correlation between the file name and the data content cannot always be specified, but since the continuity of the FAT area and the file size are retained, the data content can be obtained in units of files, and the data security can be secured. There were problems such as low.

  The present invention has been made to solve the above-described problems, and an object of the present invention is to provide a data writing device and a data reading device that can improve the security of data.

  In the data writing device according to the present invention, when secret data is written to the memory, the attribute information writing means for giving a specific attribute to the directory entry corresponding to the secret data, and the directory entry to which the specific attribute is given are designated. Data writing means for writing secret data into the memory from the data writing start position.

  According to the data writing apparatus of the present invention, since the secret data is written using the directory entry to which the specific attribute is given, it is possible to improve the security of the data written to the memory.

Embodiment 1 FIG.
FIG. 1 is a block diagram showing a data access apparatus according to Embodiment 1 of the present invention.
As shown in the figure, the data access device is composed of a data writing device 100 and a data reading device 200, and is a device for writing and reading data to and from the memory card 300. The data access device is mounted on, for example, a portable information terminal or a mobile phone, and the memory card 300 is a memory that can be inserted into and removed from the mobile phone. Note that the present invention is not limited to such a memory card 300 as a memory, and can be similarly applied to a recording medium such as a floppy (registered trademark) disk.

  The data writing device 100 includes an unused area detection unit 101, an information writing unit 102, an attribute setting unit 103, an entry writing unit 104, and a data writing unit 105. The data reading device 200 includes an entry reading unit 201, An attribute analysis unit 202, an information reading unit 203, and a data reading unit 204 are provided. Further, an information input / output control unit 106 is provided as a configuration common to the data writing device 100 and the data reading device 200.

  The unused area detection unit 101 is a functional unit for detecting an unused area from the data of the memory card 300 read by the data reading unit 204 regardless of general information or secret data. Here, the general information is information that does not need to be concealed, and is information that can be read and written even in a data access device that does not have the configuration of the data writing device 100 or the data reading device 200 of the present invention. . The information writing unit 102 is a functional unit that sends the general information and secret data passed from the information input / output control unit 106 to the data writing unit 105 as write data. For example, when new writing is performed, general information or secret data is written in an empty cluster detected by the unused area detection unit 101.

  The attribute setting unit 103 is a functional unit that performs setting so that the attribute set by the information input / output control unit 106 is written in the volume label of the directory entry. The entry writing unit 104 is a functional unit that places the attribute information set by the attribute setting unit 103 at a predetermined position in the cluster and sends data to the data writing unit 105 in units of writing. When the secret data is written into the memory by the attribute setting unit 103, the entry writing unit 104, and the information input / output control unit 106, attribute information writing means for giving a specific attribute to the directory entry corresponding to the secret data Is configured. The data writing unit 105 is a functional unit that writes to the memory card 300 based on the writing information of the information writing unit 102 and the entry writing unit 104. The data writing unit 105 and the information writing unit 102 constitutes a data writing means for writing the secret data into the memory from the data writing start position designated by the directory entry to which the specific attribute is assigned. The information input / output control unit 106 is a functional unit that performs control of writing general information and secret data to the memory card 300 and control of reading general information and secret data from the memory card 300.

  The entry reading unit 201 is a functional unit that acquires a list of directory entries from the data read by the data reading unit 204. The attribute analysis unit 202 is a functional unit that analyzes the entry information acquired by the entry reading unit 201 and determines whether there is confidential data or obtains attribute information of a file when the confidential data exists. Then, the entry reading unit 201, the attribute analysis unit 202, and the information input / output control unit 106 acquire directory entry information from the memory, and determine that the data is confidential data when a specific attribute is given to the directory entry. It constitutes attribute information acquisition means. The information reading unit 203 is a functional unit that reads data from the memory card 300 after the attribute analysis unit 202 acquires file attributes. The information reading unit 203 is configured to pass the read data to the information input / output control unit 106 as confidential data when the attribute analysis unit 202 determines that the attribute has confidential data. The data reading unit 204 is a functional unit that reads data from the memory card 300 based on an instruction from the information input / output control unit 106. The data reading unit 204 and the information reading unit 203 constitute data reading means for reading data from the reading start position specified by the directory entry when the attribute information acquisition means determines that the data is confidential. .

FIG. 2 is an explanatory diagram showing directory entries for managing attribute information of files and directories in a FAT file system based on MS-DOS.
The directory entry of FIG. 2 is composed of 32 bytes, and stores file and directory attribute information stored in the memory card 300.
The directory entry includes a file name uniquely identified in the directory, an extension indicating the type of the file, an attribute indicating the nature of the directory entry, a reserved area indicating the area where the file is stored, a file area It consists of an update date and time indicating the date and time of creation and an update date and time, a start cluster number indicating the storage location of the file, and a file size indicating the size of the file.

Next, the operation of the first embodiment will be described.
First, an operation when the data reading device 200 reads general information already stored in the memory card 300 will be described.
When the user specifies a file name with a path related to the general information, the information input / output control unit 106 acquires the file name with the path and specifies that the reading process is executed.
Assume that the following character string is input as a file name with a path, for example.
/ AAA / BBB. DOC
“AAA” is a directory hanging from the root directory, and “BBB.DOC” is a name of a file in which general information is stored in the “AAA” directory.

  When a file name with a path is input to the information input / output control unit 106, the search is started from the search of the root directory in order to search the directory entry of the directory to which the file storing the general information belongs. In order to search for the root directory, first, the information input / output control unit 106 instructs the data reading unit 204 to read the cluster in which the root directory is stored from the memory card 300. Expands to the reading unit 201. Next, the attribute analysis unit 202 analyzes a file name with a path, and searches for a directory entry by comparing a directory that matches “AAA” in the path name from the data acquired as the root directory.

  The directory searched from the root directory corresponds to the first character string divided by “/” in the character string specified by the file name with the path, so the directory name “AAA” as the first character string, Compare directory entries stored in the root directory. There are as many directory entries to be compared as the number of files and directories stored in the root directory, and all are compared.

  The attribute analysis unit 202 identifies the directory entry by comparing the character string specified by the information input / output control unit 106 with the file name of the directory entry to identify the directory entry, and starts from the directory entry. Get the cluster number.

  Since the starting cluster number can be specified, it becomes possible to search for files and directories stored in the directory AAA. The information input / output control unit 106 instructs the data reading unit 204 to read the acquired start cluster number from the memory card 300, and expands the contents of the directory AAA to the entry reading unit 201. The attribute analysis unit 202 analyzes the file name acquired with the file name with path, and acquires the file or directory name stored in the directory AAA in the root directory. The character string divided by “/” following / AAA is the name of the directory entry to be searched for next, and from the input character string, the next is the last character string delimited by “/”. DOC ".

  If there is a file name that matches “BBB.DOC” in the directory entry in the directory AAA, the storage location of the data of the input file with path is determined by acquiring the start cluster number. As a result, the information input / output control unit 106 instructs the information reading unit 203 to read the file of the start cluster number from the memory card 300, and the information reading unit 203 uses the data read by the data reading unit 204 as general information. The data is passed to the input / output control unit 106.

Next, the operation when the data access device newly writes general information to the memory card 300 will be described.
When the user designates a file writing position with respect to the memory card 300 with a file name with a path, the information input / output control unit 106 acquires the file name with a path and designates that a writing process is executed. A file with a path is configured by a path name and a file name as in reading general information, and a character string is separated by “/”. Assume that the following character string is input as a file name with a path, for example.
/ AAA / CCC. DOC
“AAA” is a directory hanging from the root directory, and “CCC.DOC” is a name of a newly created file in the “AAA” directory. “AAA” must already exist in the root directory. If it does not exist, a write error occurs.

When a file name with a path is input to the information input / output control unit 106, the specified file name with a path is analyzed and compared with "AAA" from the directory entry stored in the root directory. The entry reading unit 201 stores a list of directory entries of files and directories stored in the root directory entry. The name is uniquely determined regardless of the file or the directory.
The attribute analysis unit 202 analyzes the attribute of the directory entry, and even if the file names match, if the attribute is not a directory, the write process is terminated as an error.

If the attribute analysis unit 202 can identify the matched directory entry, the information input / output control unit 106 acquires a start cluster number from the directory entry in order to acquire a file or directory stored in the directory AAA.
The information input / output control unit 106 instructs the data reading unit 204 to read the data in the directory AAA based on the start cluster number, and the entry reading unit 201 expands the stored contents of the directory AAA. From the list of directory entries of the read directory AAA, the directory entry corresponding to “CCC.DOC”, which is the last character string divided by “/”, is searched out of the specified file name with path.

  When a new file is created, it is premised that there is no directory entry with a matching file name in the directory AAA. If there is a matching directory entry, the process ends with an error. If there is no match in the directory AAA, a directory entry area of “CCC.DOC” is secured.

  The information input / output control unit 106 manages the used cluster of the memory card 300 in the unused area detection unit 101 in order to acquire the data storage area from the memory card 300 when the entry is confirmed to be secured. To obtain a free cluster number.

  The data input to the information input / output control unit 106 is set in the information writing unit 102 as data to be written in the acquired empty cluster. After the setting, the empty cluster number to be written and the set data are passed to the data writing unit 105, so that the data writing unit 105 writes to the corresponding position of the memory card 300 to the data writing unit 105. Pass data. If the data size to be written is larger than the cluster size, the unused area detection unit 101 secures a necessary number of necessary free clusters and sequentially writes data in units of the cluster size. When storing all the data input to the information input / output control unit 106, if the necessary number of free clusters cannot be secured, the process ends as an error.

  After confirming that all unused cluster numbers acquired in the unused area detection unit 101 are used by the information input / output control unit 106, they are added to the FAT to ensure data continuity as a file, and the information document Data is written into the memory card 300 by the data writing unit 105 from the loading unit 102.

  In order to guarantee the data written to the memory card 300, the attribute setting unit 103 and the entry writing unit 104 use the file CCC. The attribute information of the directory entry reserved for DOC is set. In order to configure the directory entry, the file name is CCC, the extension is DOC, the attribute is 0x20 if the file is an archive file, the update date / time is the update time, and the start cluster number is first acquired by the unused area detection unit 101 For the empty cluster number and file size, the size written by the information input / output control unit 106 is set as attribute information.

The same contents as the directory AAA read by the entry reading unit 201 are stored in the entry writing unit 104, and the file CCC. The directory entry in which the attribute information is set is overwritten on the area reserved for storing the DOC directory entry. The overwritten directory entry is transferred to the data writing unit 105 in units of clusters and written to the memory card 300.
The writing of general information instructed to the information input / output control unit 106 is completed by writing the directory entry.

Next, an operation when new confidential data is written to the memory card 300 will be described.
Writing is started when the user informs the information input / output control unit 106 that secret data is to be written to the memory card 300 and passes all the data to be written to the information input / output control unit 106. First, the data reading unit 204 reads the root directory from the memory card 300. A list of directory entries in the read root directory is stored in the entry reading unit 201.

  For the entry reading unit 201 in which a list of root directories is stored, the attribute analysis unit 202 searches for an area for writing the secret data entry. When writing to the memory card 300, the general information is created by adding attribute information to the file name and extension of the directory entry so that the specific directory entry in the specific directory can be uniquely determined by the file name. However, a directory entry that stores confidential data is a directory entry having a volume label attribute.

Of the directory entries stored in the entry reading unit 201, the attribute analysis unit 202 focuses only on attribute information and detects a directory entry that matches 0x08, that is, an attribute whose lower 4th bit is 1.
The volume label of the memory card 300 is a value that is generally not created unless set by the user, and may not exist in the root directory. If the directory entry that indicates the volume label by the attribute value already exists, the existing directory entry is targeted, but if it does not exist in the root directory entry, the directory entry can be stored to create a new one. Secure areas.

  When creating a new directory entry, the attribute setting unit 103 arbitrarily sets the file name of the corresponding directory entry. In addition, the lower 4 bits indicating that the attribute value is also a volume label is set to 1. The set file name is set as the volume label name of the memory card 300 as it is.

  When a directory entry having a volume label attribute is secured, the information input / output control unit 106 requests an unused cluster number from the unused region detection unit 101 in order to secure an area for storing confidential data. Get free cluster number.

  The data input to the information input / output control unit 106 is set in the information writing unit 102 as confidential data to be written to the acquired empty cluster. After the setting, the empty cluster number to be written and the set secret data are transferred to the data writing unit 105, so that the data writing unit 105 writes the secret data to the corresponding position of the memory card 300. If the data size to be written is larger than the cluster size, the unused area detection unit 101 secures a necessary number of necessary free clusters and sequentially writes data in units of the cluster size. In addition, when all the confidential data input to the information input / output control unit 106 is stored, if the necessary number of free clusters cannot be secured, the process ends as an error.

  All the empty cluster numbers acquired in the unused area detection unit 101 are added to the FAT so as to ensure the continuity of the confidential data as a file, and written from the information writing unit 102 to the memory card 300 by the data writing unit 105. I do.

In order to guarantee the confidential data written in the memory card 300, the attribute setting unit 103 and the entry writing unit 104 are used to store the start cluster number and the file size in the directory entry secured as a volume label, Set as. The directory entry of the volume label for which attribute information is set is overwritten in the area reserved in the root directory. The overwritten directory entry is transferred to the data writing unit 105 in units of clusters and written to the memory card 300.
The writing of the confidential data instructed to the information input / output control unit 106 is completed by the writing of the directory entry.

Next, an operation when reading confidential data from the memory card 300 will be described.
Reading is started when the user tells the information input / output control unit 106 to read the secret data to the memory card 300. The file name with path specified when reading general information is not required.
When the information input / output control unit 106 recognizes that the confidential data is to be read, the attribute of the volume label is selected from the directory entry list in the root directory entry in the entry reading unit 201 in the same procedure as when the confidential data is written. Search for directory entries that are.

  When the attribute analysis unit 202 finds a directory entry having a volume label attribute, the start cluster number and the file size are acquired from the directory entry. Since the information input / output control unit 106 can specify the start cluster number, the secret data stored as data within the start cluster number read by the data reading unit 204 can be acquired via the information reading unit 203. become.

  The size of the confidential data is analyzed by the attribute analysis unit 202 and acquired by the information input / output control unit 106. If the size is larger than the cluster size, the FAT is read by the data reading unit 204 and connected from the start cluster number. Get information about the cluster number that is registered. When the information input / output control unit 106 acquires all the secret data, the reading of the secret data is completed.

  In the first embodiment, since only the volume label in the root directory entry is valid in the conventional data access apparatus in the directory entry having the attribute of the volume label, the volume label in the root directory will be described. However, a volume label may be set in a directory configured under the root directory. In the conventional data access apparatus, since the directory entry having the attribute of the volume label stored other than the root directory is ignored, there is no problem in operation. For specifying a volume label that exists in a directory other than the root directory, a file name with a path may be specified as in the case of specifying general information. Of course, if there is only one volume label in the directory, only the path name may be used.

  Moreover, the data handled as confidential data does not depend on the presence or absence of encryption irrespective of formats, such as a text and a binary. If it is encrypted information, there is an effect of further improving confidentiality.

  In the first embodiment, the delimiter of the file name with the path is designated by “/”, but it may be designated by “¥”. In addition, the file name with the path is indicated by the absolute path, but it may be specified by the relative path.

Also, as a procedure, when creating a new file, the directory entry is guaranteed to be secured, and then the existence of a cluster for securing data is checked, but the directory entry is confirmed after the cluster is secured. There is no problem even if it is secured.
Furthermore, after writing data to the memory card 300, a directory entry storing attribute information is written to the memory card 300. However, there is no problem if data is written after the directory entry is written.

  In addition, it is assumed that a data handling unit is a cluster, and one cluster is composed of a plurality of sectors. However, there is no problem even if one cluster is composed of one sector.

  As for the start cluster number and the file size stored in the volume label, the position value arbitrarily set by the attribute setting unit 103 in the position including the reserved area is not required, without the need to match the writing position with the position of the other directory entry. If the attribute analysis unit 202 acquires and defines what the value indicates as attribute information, there is no problem.

  The start class number stored in the volume label is assumed to be a logical block number, but there is no problem even if it can be read from the memory card 300 by specifying the physical block number. In the memory card 300, there is an alternative block that is a physical block that can be used although a logical block number is not assigned in order to compensate for a decrease in capacity when the memory card 300 is damaged. . By designating an alternative block, in a conventional data access device, data is written in a block that cannot be accessed when data is operated, and the effect of data confidentiality is further enhanced.

  Furthermore, in the first embodiment, the directory entry of the volume label is used as the directory entry corresponding to the confidential data. However, the present invention is not limited to this, and a directory entry having a specific attribute is determined in accordance with the confidential data. By doing so, the same effect can be obtained.

  As described above, according to the data writing device of the first embodiment, in the data writing device that manages the data on the memory using the contents described in the directory entry, Attribute information writing means for assigning a specific attribute to a directory entry corresponding to data, and data writing means for writing secret data to a memory from a data writing start position specified by the directory entry to which the specific attribute is assigned Therefore, the security of data written to the memory can be improved.

Further, according to the data writing device of the first embodiment, since the directory entry to which the specific attribute is assigned is the directory entry of the volume label, even if the data reading device of the present invention does not recognize the confidential data, the reading error The data security can be improved without adversely affecting such a data reading apparatus.
Further, in the conventional data access device, since only the file name and extension area are data used in the directory entry for the volume label, values other than the remaining attributes are described. Therefore, there is no problem as a data access device.

Further, according to the data writing device of the first embodiment, since the start cluster number and the file size that are not originally described in the directory entry of the volume label are utilized, even if the volume label is deleted, the secret data attribute It is possible to obtain more attribute information.
When the volume label is deleted, 0xE5 is set at the head of the directory entry to indicate that the directory entry is invalid. Since the remaining data constituting the directory entry remains described, even a deleted directory entry is an attribute indicating a volume label, and secret data can be obtained from the start cluster number and file size. is there.

  For directory entries having volume label attributes, only one existing in the root directory is valid. In the first embodiment, there is one directory entry having a volume label attribute in the root directory. However, in the conventional data access apparatus, only the directory entry of the volume label detected first is valid, and the rest is normally. Even if written, it is ignored, and there is no problem even if a plurality of information is created by the information input / output control unit 106. In this case, a plurality of confidential data can be managed by grasping all directory entries having the attribute of the volume label detected by the information input / output control unit 106 from the root directory.

  Further, according to the data writing device of the first embodiment, since the memory can be inserted and removed, the confidential data can be written into the memory that can be inserted into and removed from the data writing device.

  Further, according to the data reading device of the first embodiment, in the data reading device that manages the data on the memory using the contents described in the directory entry, the directory entry information is acquired from the memory and specified as the directory entry. Attribute information acquisition means for determining that the data is confidential data, and data reading means for reading data from the read start position specified by the directory entry if the attribute information acquisition means determines that the data is confidential data Even if secret data is indicated by a directory entry having a specific attribute on the memory, such secret data can be read, and data with improved security can be read. it can.

  Further, according to the data reading apparatus of the first embodiment, since the directory entry having a specific attribute is the volume label directory entry, for example, even when confidential data and general information are mixed in the memory, it is easy. Each data can be read.

Embodiment 2. FIG.
In the first embodiment, information not related to the management of the memory card is assumed as the confidential data to be handled. However, for example, information for managing the storage position of data on the memory such as FAT can be used as the confidential data. This will be described below as a second embodiment.

  In the second embodiment, since the configuration of the data access device in the drawing is the same as that in the first embodiment, description will be made with reference to FIG. That is, the data writing apparatus according to the second embodiment uses FAT as confidential data, and manages the confidential data using the directory entry of the volume label as in the first embodiment. Further, the data reading device is configured to determine the storage location of the file based on the FAT when the confidential data is FAT.

FIG. 3 is an explanatory diagram showing the contents of the FAT operated by the data access device according to the second embodiment of the present invention.
The confidential FAT shown in FIG. 3A is a FAT indicating the contents that the data access device obtains as confidential data in the memory card 300 and held in the information input / output control unit 106, and is shown in FIG. 3B. The public FAT is a FAT indicating the contents described in the area of the memory card 300 that stores the FAT.

  The secret FAT and the public FAT shown in FIGS. 3A and 3B show a state in which the clusters of the file A and the file B are managed, and the number in each FAT is the cluster number that follows. Shows what number. The FFF number indicates that there is no subsequent cluster and is an end, and the number 0 indicates that it is not used at all.

Next, the operation of the second embodiment will be described.
When the memory card 300 is inserted into the data access device, the information input / output control unit 106 uses, as initial information of the memory card 300, the FAT stored in the memory card 300 from the data reading unit 204, that is, the public FAT. Obtain and instruct the information reading unit 203 to expand. The developed FAT is held in the information input / output control unit 106 as a FAT for recording in the memory card 300.

  Further, in order to obtain the FAT stored as the confidential data, that is, the confidential FAT, the information input / output control unit 106 instructs the data reading unit 204 to read the information of the root directory entry from the memory card 300, and Expands to the reading unit 201. Next, the attribute analysis unit 202 searches the directory entry list acquired by the entry reading unit 201 for a directory entry whose attribute indicates a volume label. When the corresponding directory entry can be acquired, the attribute analysis unit 202 further acquires information on the start cluster number and the file size from the directory entry. Since the number of clusters managed for the FAT is determined by the capacity of the memory card 300, there is no problem even if the size of the FAT exceeds the cluster size depending on the file size.

  The information input / output control unit 106 instructs the data reading unit 204 to expand the contents of the designated cluster to the information reading unit 203 from the obtained start cluster number and file size. Since the confidential FAT is defined in the contents developed in the information reading unit 203, it is held in the information input / output control unit 106 in the same manner as the public FAT.

  When writing data to the memory card 300, the information input / output control unit 106 has two FATs, and decides whether or not to make a file that can be read as a file even by a conventional data access device. Data to be written to the FAT is determined.

In order to correctly read a file with a conventional data access device, it is necessary to make the same for the confidential FAT and the public FAT, as indicated by the number stored in the FAT associated with the file A.
When writing data, the cluster number secured by the unused area detection unit 101 is used as it is, and the same number is written at the same position in both FATs. The attribute information set for the directory entry set by the attribute setting unit 103 is the same as the procedure for setting the general information in the attribute setting unit 103.

When a file is accessed by a conventional data access device, the continuity of the file is not guaranteed and the file cannot be read correctly. As shown in the example of the file B, the number stored in the associated FAT Are different numbers for the confidential FAT and the public FAT.
When writing data of a file, a FAT that can correctly read a file continuously with a conventional data access device is used as a confidential FAT, and a number in the confidential FAT is operated as a public FAT. The information input / output control unit 106 performs operations on numbers in the FAT.

  The information input / output control unit 106 expands and holds the confidential FAT and the public FAT. Therefore, when writing a file, first, a FAT that can be read by a conventional data access device is expanded to a secret FAT. When the data input / output control unit 106 receives the data write data as an input, the information input / output control unit 106 acquires a free cluster number from the confidential FAT to be held, sets the data to be written to the information writing unit 102, and sets the data writing unit 105. To write to the memory card 300. In order to indicate that the acquired empty cluster number has already been secured in the confidential FAT for writing data, an end value of 0xFFF number is set to indicate that there is no subsequent cluster.

  However, when the information to be written is larger than the cluster size, an empty cluster is further acquired from the confidential FAT, and data is continuously written by the information writing unit 102. In order to ensure continuity with the cluster secured before the confidential FAT, the number of the newly secured free cluster is stored, and 0xFFF indicating the end value is stored in the newly secured free cluster. .

  In FIG. 3A, the clusters secured by the confidential FAT in creating the file B are the fourth, fifth, sixth and seventh clusters. If there is a number 0 indicating a free space in the confidential FAT, a free space is searched from the front, so a free cluster is found from the beginning of the FAT. In this example, 4 clusters can be secured from the front, and finally this The information input / output control unit 106 stores all data in the cluster.

  After completing the data writing, the information input / output control unit 106 sets the start cluster number and the file size as attribute information to the attribute setting unit 103, and sets the attribute information at a predetermined position by the entry writing unit 104. The directory entry is overwritten and written to the memory card 300 from the data writing unit 105.

  Next, an area is secured for the public FAT held by the information input / output control unit 106. The unused area detection unit 101 secures the same number of clusters as the number of clusters secured by the confidential FAT for storing data from the public FAT. As for the cluster number secured in the public FAT, a part that is not used is searched, and a cluster different from the confidential FAT is extracted. In FIG. 3A, the file B starts with the starting cluster number 4 and continues with the fifth, sixth, and seventh. However, the fourth starting cluster number is the same, and the ninth, fifth, and seventh are the same. No. clusters are linked and the public FAT held in the information input / output control unit 106 is updated. The last class number of the file is the same cluster number as the start cluster.

  When updating of the public FAT is completed for a file that needs to be concealed, the public FAT is written into the memory card 300. The position where the FAT for writing is written is a fixed area where the FAT is written in the memory card 300, which is expanded in the information writing unit 102 and stored in the memory card 300 from the data writing unit 105.

When all operations are completed and the memory card 300 is read by the conventional data access device, the content of the secret data is composed of discontinuous data, and depending on the location, the content of another file, or no data at all It is composed of data that has not been written.
In the case of the file B shown in FIG. 3, the continuity of the file is originally guaranteed in the order of the cluster numbers 4, 5, 6, and 7, but the cluster is provided by the public FAT shown in FIG. Therefore, the fourth cluster, the ninth cluster, the fifth cluster, and the seventh cluster are empty data, and the second cluster shows the second data of the original file.

  In the second embodiment, there is one directory entry indicating the volume label in the root directory. However, there is no problem if a plurality of directory entries exist. In addition, although only the files are concealed, if a large number of files and directories are stored in one directory and not all directory entries can be stored in one cluster, the directory can be used continuously. Since the FAT is secured and connected, the same processing may be performed on the directory to conceal the contents of the directory.

  Further, when writing the public FAT to the memory card 300 from the data writing unit 105, it was performed prior to the writing of the entry writing unit 104. If the configuration stored in the memory card 300 is finally the same, The writing procedure does not matter.

  In addition, when the unused area detection unit 101 searches for a free cluster of the confidential FAT, it is assumed that it is used from the top of the free space. There is no problem because there is no dependency. Further, when setting the free cluster number in the public FAT, the same cluster number is set in the confidential FAT and the public FAT as the final cluster of the file, but they may not be the same. However, since the end of the file is guaranteed by making the position of the last cluster the same, the stability of the operation when accessing a file whose data is concealed by a conventional data access device is improved.

  If the size of the file to be concealed increases, the number of connected clusters increases. However, it is not necessary to change the public FAT so that the storage position changes for all clusters. Depending on the system, the specific number from the starting cluster may not be changed. In that case, since the specific byte from the top can be read as a normal file in the conventional data access device, the header information of the file may be described.

  As described above, according to the data writing device of the second embodiment, as confidential data, the information for managing the storage position of data on the memory is used, so the security of data written to the memory can be improved. In addition, even a data reading device that does not recognize confidential data according to the present invention does not cause a reading error or the like, and does not adversely affect such a data reading device.

  Further, according to the data reading device of the second embodiment, when the secret data is information for managing the storage position of the data on the memory, the attribute information acquisition unit is configured to store the data based on the information. Since the data reading means reads from the data storage position determined by the attribute information acquisition means, even if the secret data is information for managing the data storage position on the memory, Confidential data can be read reliably.

  Further, according to the data access device of the second embodiment, the information input / output control unit 106 manages the confidential FAT and the public FAT so that the files of the memory card 300 can be continuously written when the files are written. By writing back the public FAT whose performance is not guaranteed to the original FAT position of the memory card 300 and storing the confidential FAT, which is the original FAT of the file, in the start cluster number stored in the volume label, In this data access apparatus, it is possible to create a discontinuous file whose contents are not guaranteed regardless of whether it exists as a file. As a result, in the data access device having the configuration of the second embodiment, although the file can be normally operated, the data access device cannot be operated in the conventional data access device, so that there is an effect of improving the confidentiality of the data in the memory card. . In addition, it is possible to make a single memory card coexist with a file that is concealed and a file that is not concealed, and can be selected according to the intention of the user. It also increases convenience.

1 is a configuration diagram showing a data writing device and a data reading device according to Embodiment 1 of the present invention; FIG. It is explanatory drawing of a directory entry. It is explanatory drawing which shows the content of FAT operated with the data writing device and data reading device by Embodiment 2 of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Data writing apparatus, 101 Unused area | region detection part, 102 Information writing part, 103 Attribute setting part, 104 Entry writing part, 105 Data writing part, 106 Information input / output control part, 200 Data reading apparatus, 201 entry Reading unit, 202 attribute analysis unit, 203 information reading unit, 204 data reading unit, 300 memory card.

Claims (7)

In a data writing apparatus that performs management of data on a memory using contents described in a directory entry,
When writing secret data to the memory, attribute information writing means for giving a specific attribute to the directory entry corresponding to the secret data;
A data writing device comprising: data writing means for writing the secret data into the memory from a data writing start position specified by the directory entry to which the specific attribute is assigned.   2. The data writing apparatus according to claim 1, wherein the directory entry to which the specific attribute is given is a volume label directory entry.   3. The data writing apparatus according to claim 1, wherein the memory is configured to be insertable / removable.   4. The data writing apparatus according to claim 1, wherein the secret data is information for managing a storage position of data on a memory. In a data reading device that performs management of data on a memory using contents described in a directory entry,
Attribute information acquisition means for acquiring directory entry information from the memory and determining that the directory entry is confidential data when a specific attribute is given to the directory entry;
A data reading device comprising data reading means for reading data from a reading start position designated by the directory entry when the attribute information acquisition means determines that the data is confidential.   6. The data reading apparatus according to claim 5, wherein the directory entry having a specific attribute is a directory entry of a volume label. If the confidential data is information for managing the storage location of the data on the memory, the attribute information acquisition means determines the storage location of the data based on the information,
7. The data reading apparatus according to claim 5, wherein the data reading means reads from the data storage position determined by the attribute information acquisition means.

Images