TWI234074B - Device and method for protecting data records in recording media - Google Patents

Abstract

The present invention discloses a data record protection control device for protecting data record in recording media. In a system configuration mode, a single physical data storage device is divided into a protected data storage area, a virtual data storage area and an unprotected data storage area. Then, the protected data storage area and the unprotected data storage area are simulated as two independent physical data storage device and the virtual data storage area is hidden. The two data storage devices provide equal storage spaces for the protected data storage area and the unprotected data storage area respectively. A set of protected data containing software and data are loaded in the protected data storage area in the first place. In regular operating procedures, data to be stored in the data storage area are transmitted to the data record protection control device and only loaded in the virtual data storage area. Data can be read from the virtual data storage area or the protected data storage area and the accessed location depends on if the virtual data storage area stores the specified data to be accessed. In a preferred embodiment, when a computer system at which a processor is located starts a new operation, the data in the virtual data storage area will be deleted. In another preferred embodiment, data in the virtual data storage area are deleted only when the data record protection control device instructs to do so, and the virtual data can be stored by duplicating the virtual data to the protected data storage area. The protected and the virtual data storage areas can be located at different data storage device. The data record protection control device can also receive the access command of the unprotected data to permanently store the data without involvement of the protected and the virtual data storage areas.

Description

1234074 Case number 90110603 V. Description of the invention (1) Field of invention

The recording method is used to protect the transmitted data from being recorded. The present invention relates to a data record for protecting data stored in the storage medium to improper modification, deletion or damage. Background of the Invention Item 2: All computers and electronic machines use data sets, which are common data records, including ==, application software, and various information. In the present invention, * == Kind of data records. The most common problem with electronic recording is the improper modification or deletion of records. These changes in the records of the asset department are sometimes intentional by the user, such as changing the settings of soft programs or storing new data. In this case, even if it is not malicious, the user often causes unexpected undesired consequences' and must restore the original setting state before the data record is changed. These data memorized electronically can be maliciously damaged by others. Data records may be altered or deleted due to computer viruses or unauthorized use of audio, resulting in serious losses. Unauthorized changes to computer systems may cause loss of productivity, revenue and profits for individual or business users. In the computer system shared by many people in the enterprise, each computer has the same settings, which is more conducive to maintenance and use. If each computer user arbitrarily changes the settings of each end, it will

Page 6

1234074 __ Case No. 90110603 V. Description of the invention (2) Causes: Incompatibility between users on various systems, inconsistent user interface between users, and instability of computer operation, etc., not only aggravated = The work load is more likely to damage the productivity of the business or the individual. Although improper changes in data records may cause computer users to lose, it is still necessary to allow legitimate users to update the data. Therefore, considering the stability of the computer system and the variability of the data, the computer system must be able to provide each user with the latest correct data and the computer system default values, and allow legitimate users to update the data content according to their needs , = When the data is improperly changed, the correct record state before the change can be restored. At present, there are many tools on the market to prevent the data records on the hard disk from being altered improperly. Some of these data record protection tools are software, and some combine software and hardware. Reading or when using memory space data records, specific records or reopening data records are very intrusive, making it possible to read protected data records. Those who write to hard disks issue write-in data without being recorded. When the reader is in the memory space, it will disappear when stored in the record, and it is easy to be cracked. Because this kind of intrusive program can write the software data recorded in the memory space, it will be written into the hard disk when the incoming command. The user wants to read it, not the specific one mentioned above. Moreover, it is not that the software cannot protect the data as long as the data is beneficial. Therefore, this software can be used to read the data space in the hard disk. These software can prevent the use of the aforementioned special low-level and further Entering by data records will not take more data. Then there is no provided encephalovirus fixed memory input wheel for further repair to prevent user recording purpose. When a specific recording of the hard disk is performed, the user shuts down, mounts the hard disk, protects the data, and other malicious spaces are hidden.

1IIIH Page 7 1234074 Fifth invention description (3) f material records. There are operational issues on this platform. Combining hardware and software ~ card-type components, the slot intercepts the card-type component, intercepts the memory used by the processor for processing & type detection and adds to this, the invention of the present invention. Amend

In addition, security, so the use of weekly components and data are stored in this block, in order to crack the software that the people have to provide the processor to protect the data records, usually designed to easily generate and operate the system and The compatibility protection means of the processor usually includes a software program and a side-piece connection interface (PCI) or other extended computer links. This software part is used to set the data acquisition method of the card fetching instruction and transfer it to the card component. It can not hide the hard disk. Therefore, it is easy to be malicious as it is the software method described above. After the test, there is a record protection device for this material, so that it can not be restricted by the valley, and it is not easy to be maliciously invaded. Summary of the invention is in a storage area. The system of the Ming Dynasty is made and treated as a device. The power supply provides a data record protection control device. A processor and a storage device maintain a protective data storage area and the processor hides the virtual data storage. Next, the processing will set all available places of the storage device ^ system administrators ^ other 柃 =, which is used for virtual domains, and the protection of funds is linked to the stored data stored in the data storage user to perform the

1234074 ------- 9011 ORn ^ One amendment V. Description of the invention (4) System configuration provided by the method ^ ^ Material loading protection data storage system loading mode, the system software and application software to be protected Or e 1 ^ 3, where the data may be ^ -like poor materials in the operating system data storage area. Among them, the information is in the watch. The sub address is recorded in a protected data storage. The data protection is used to put the protective data device into a data protection mode, which can be read and cannot be rewritten. The data recorded in the output / area can only be the data, and the virtual data storage area to be read in the data storage area of the protection data rough protection data storage area. The data in the order storage area will be loaded with some data access actions, both are; in the operation section, the virtual data recording can be performed by the storage area, and when the new operation section is started, it is selected or rewrite. When the computer system protection data storage table ::::: :: == Setting will; record == first = division, making the second; the proposed data will be moved without causing adverse effects. The improper recording of the lean material is even worse in the second implementation mode. When the computer system starts-a new operation section of the virtual data Ia a # ^ is loaded into the virtual lean material storage area. Will be removed. The data record protection: data: the address of the data record in the storage area is stored in a virtual data plan 2j at the beginning of each new operating paragraph, the virtual data storage table is read. The data protection control device can instruct the deletion of its internal data, the contents of the virtual data, 'read only the protection data, and the storage of the left, 1111 postal coffee ___________ —-------- page 9 call number 90110603_ 1234074 correction day five Records of invention description (5). In another implementation aspect, the ancestral position will be loaded into the virtual data storage area in order to save the virtual data in the storage area according to the instruction. The data protection control device can also reserve a helmet-proof test zone, so that computer users can access the helmet's storage area: the protection data records can be stored in different locations, and the virtual Data-like is deleted. In this fact ::: Baofen ’, but not with the area and unprotected data storage area, θ = 7, the protective data storage device will be controlled and protected by the data protection device. The two data stores considered as independent ^ The data protection control device in the present invention is compatible with the fault tolerance method, and provides support for data integration such as RAID for further data protection. π 贝 杆 Detailed description of the invention A picture shows a computer system 22, J: surname 4. ^ 保护 控制 装置 20. Among them, two, one is a data storage device 26 according to the present invention. ^ k a system 22 includes-brain system 2 2 series can be any device that requires a hard disk. For example, the computer “mf data storage is a microcomputer, computer or other storage device that controls the computer. The storage device 26 can be 22 and the system 22 can be _ Page 10 No. 901 infirm V. Description of the invention (6) 1234074 Correct control operation I ’m crying, but I ’m crying at 9 ”, Zou Zuo Liu Zhuang is 24 for the micro-processing of the control console to protect the control data bus 30 and the data record protection of the data reading means“; 2 8 8 link ”makes processing The device 24 sends out a row 3 and transmits it to the data record ^. The command can be transmitted through the processor resource department to include a sword-suppressing agent into the β-pro-protection control device 20. The data storage device 26 packs two, which are used to pass through the library Storage device data confluence of surnames:,: Data storage device interface 32 on the heart-smelling control device 20, data A = protection control device 20, can be fixed according to the processor 24, 1 t ^:-7, via storage The device data bus 36 will refer to the access data from the data storage device 26. Crystal 3 "Sun" In a more fancy situation, the processor interface 28 and the control device interface are the same, so that the data record protection control ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ And lean storage Between 26.乂 Place on processor 24

The if 5 storage device 26 includes a data storage area 38, which is sub-determined A; :: storage block 39. The plurality of data storage blocks; J = =; =: = storage, and the virtual data storage i is three data storage funds; area; 2 storage area 42 and an unprotected data storage area 43. Among them, the defense $: wide = domain 40 includes a plurality of protected data storage blocks 44 ′ virtual data storage two areas J area 42 includes a plurality of virtual data storage blocks, and the sub-region 43 includes a plurality of unprotected data storage blocks. --Two years = Year: Protected data storage block 44 and the above-mentioned data storage == Page 11 1S_90U0603 1234074

V. Description of the Invention (7) ___ The number of blocks is the same, and each of the protection data storage blocks corresponds to the data storage block 46. 44 and a virtual storage area 40 includes a protection data storage table 50, 1 is used to record a protection data storage area about the parent, including: whether the protection data storage block has data such that 7j = 'package The content of the data records in the block, a protective data store; 'disc two materials, the association of the block where the relevant data is stored, etc. The data stored in it is called "protected data". The virtual data storage area 42 in the Mamba storage area 40 includes a virtual data storage ::: Protection: material storage table 5. similar. In addition: The validity of the data records in the virtual material storage block 46 of the virtual data with valid data stored in Ba Yucha (f ...): The virtual use table 52 uses a single-bit record to indicate that Virtual data record Erbei: Ercun Yan block does not contain valid data. Storage Unprotected data: Call it "virtual data." The Beco storage Q field 43 contains one Ap *. This function is similar to that of the aforementioned precautionary data erosion table = the second anti-corrosive material storage table 53, which is similar to the above. The library is stored in I protection f_ ^ and virtual data storage table 51. " The data in the Beijian health storage area 43 is called "No defense 48, set to 2 °, including a protective data area. When using the watchmaking device to keep the operation, use the control area in the control area on page 12 V. Description of the invention ( 8) 49, which is used to keep a record with the same content in the control table 52 when the data record protection system is set up and the operation of virtual assets. The record protection is controlled in the Gongyi and virtual shell materials blocks. The device 20 does not record: in the preferred embodiment, the data address in the data, but in the present invention, the 20 can be stored in the unprotected data storage area and stored in the unprotected ^ lean material record protection control device for recording. Μ丨 Fang Zunbei's data address in the storage area plus data record protection control device ^ ^ 4 is used to protect the data self-protection data. The end memory area 54, when it is accessed in the domain 42, as the /, domain 40 or The capacity of the virtual data storage area must be at least equal to the -data storage block. The right is enough to prepare: the capacity of multiple data storage blocks is better to occupy the slot of multiple lean storage blocks. Describe one practical embodiment of the computer system 22- A computer system that can be used in an office-like environment. It is used by U Microsoft Windows ™, ^ 24 Λ-^ ^, industry, and charger. The processor 24 of the computer system is a microprocessor. The data storage device 26, which is used to execute software and control the surrounding computer system, is a type of hard disk drive, which is controlled by an IDE controller connected between the hard disk drive and the processor. In this embodiment, the data record protection control device 20 is connected between the IDE controller and the hard disk drive, and the data record protection control device / transparent to the IDE control, the IDE control and The data circulation status between the hard disk drives is as if the two are directly connected, and w does not have the data. The protection control device exists. However, in practice, the 1234074 amendment " — ----- case number 90110603 month Month: 5. Description of the invention (9) Poor record protection control device 20 will hide at least a part of the hard drive from the DE controller, and simulate the single hard drive as two independent hard drives Player, presented to the IDE controller. The computer system in the embodiment includes only a single IDE hard disk drive 1 It should be noted here that a computer system may include a plurality of IDE hard disk drives controlled by a single IDE controller, wherein each disk ^ j The designated "drive number" is zone / minute, 'the disc number usually starts with 0. If a computer system has only a single hard disk ^, the hard disk drive's disk serial number is 0. An IDE controller can be controlled by a single ribbon cable and two IDE hard disk drives controlled by the IDE cable. The ribbon cable includes a plurality of control lines, which are used for data access based on the magnetic properties of the two hard disk drives. The serial number of the disc is accessed separately. The data storage area 38 in an IDE hard disk drive is actually located on the surface of one or more disks. One of the disk surfaces can be divided into: Divided into a plurality of data, the memory is divided into relative :: is a block: plural: logical division, which is respectively designated with different English = parent, so that the processor can operate the plural compilation discs without logical division, It is regarded as only and-: the disc is logically divided, and it is also assigned a letter as its code. -Magnetic domain 4. 、-Care page 14 1234074) Amendment —-_ 9〇ιι〇βη? Ί 9 ’V. Description of the invention (10) 43. In the IDE disk drive, which contains the protection data ^ knife 刼 contains a plurality of logical blocks 39, 44; included in the virtual data wide :; the second of 40 is the protection data storage area == 7. The aforementioned three data stores: 42 are located in the data storage area of the hard disk drive = 43, which can be interleaved. As mentioned above, the number of blocks 46 may be the same as each other in the configuration of the workplace, that is, the correspondence relationship between f = data storage area to one. ^ It is best to have one 11} beta hard disk drive between the two Beco blocks, including a file allocation table (FAT), which is used ^ allocation table is used by each logical block 39; μ, Each disk in the hard disk drive logically divides the file configuration table to further record that the logical block contains data, and other file names of the data block that belong to the file. In the protection data storage, Area 4 related information. In the storage table 50 of this embodiment, the slot configuration table in the virtual data is called the protection data virtual data storage table 51, and in = 342 ^ Protection data; storage: use the contents in storage area 43 ^ =; = = Γ control device 2 ° operation mode. = Ϊ change or delete. Each protection data storage system administrator loads protection data 2 = 0. Usually the protection information is used and used by the user. It is provided in the iC, and the computer systems 100 and 200 are provided. The method of the farmer's method will be described later, as shown in the figure 1234074. A correction --MM 9011080 ^ V. Description of the Invention (11) ^ When the brain system 22 starts every new operating paragraph, the data section will 鍈The control devices 20 all set the virtual data storage area to "evaluate ^ ° and pro 10", indicating that the effective value of the Λ f / Λ human shell material block 42 is set to ^ 镔 The virtual lean material block does not contain valid data Η When the content of the protective data block 44 is copied in a protective data storage block 44, the virtual data storage area corresponding to the protective data block 44 is stored in the f data area 42. Block 46 is stored in the virtual data store, and the same value S has been recorded as 1, to indicate that the virtual data is valid. The data content in the fragment storage block 46 is written into the data area 40 when the processor 24 transmits a data. When the data is recorded, the protective data storage area 40 is modified or modified, and will not be recorded in the "protected data storage block" relative == area 4 ", and the virtual data storage table 52 is updated. The data record of block 46 is valid. The data record of block 46 is valid. "," ,; word ~ virtual data storage, that is, when the processor 24 issues a certain anti-tank time l, the data record protection control device 2 ^^ Read the protection data in the file read command block 44 Jf: Protected data storage, poor material record protection control device 20, the finger ^ 24. At the same time, the virtual data storage block ^ in the storage area 42 ^: the poor section loads the virtual data storage table 52 The record of the virtual data i and the update of the virtual data are valid. The data record of block 46 is the changed data record and will be stored in the data storage device 26 in the data storage device 26.丨 Langu l delete Gang Lian Sui 2 ~ 1---- 2 + stomach changed information page 1623474

Case No. 90110603 V. Description of Invention (12) The record is treated as virtual data and recorded in the virtual data storage area 乜. Since the computer system 22 treats the data storage area 42 as vacant and unused at the beginning of each operation section, it will not be retained in this operation section ^ Kai wai = all breeding changes'. The original data record in the protected data store ‘domain 40’ is considered to be the latest data-content. For the data access data record protection control device 2G for the unprotected data storage area 43, the command is only forwarded to f material 26: When reading the unprotected data, f material records the county security device's purchase data, and Of it is transmitted to the processor 24. That is, access, the data record protection control device 20 is only used as the data; 4 the buffer area for fetching data. It is assumed here that the data = Ϊ one, the IDE hard disk drive 'can complete the data access instructions by itself 2: the storage device 26 cannot complete the data access instructions independently The data record protection control device 20 can also:

= Control the access operation of the data storage device; ::: == J = 2 ° operation mode, continued as shown in the figure: Recording security = = A method of setting the data storage device 26 system configuration of the present invention 1 0 0 'enables access to the data in the domain 38, which is stored by the system administrator. After the method is set, the user is provided with a computer to make the computer system 22 properly configured. ^ ^ ^ £ 2 ° ^ ^ ^ Use data records to protect and control 20 places: 官 The official of the system usually orders the data. To protect a system configuration software, order —, ... a —-— “wi 20 to enter system configuration mode, and,

Page 17 1234074 ^ M ^ mm〇3}, ψ m 5. Description of the invention (13) ...........: IL. It's best to configure the control records in the system with software. It's best to configure the software's control records to protect the control: Provide a password mechanism so that under the data, the user should enter the correct password to record the protection control device. = 、、 Configure the fork type first. Then enter: to enter the system configuration mode. Yuan to indicate its asset storage plant 7] 04. Any storage device 26 uses bit 104 as the maximum storage space in the data storage / I area 38. Steps of the virtual data storage area: 42 ^] 8: Cut off: Data storage area 40, steps of data record protection control "H: 43. The system administrator sets the unprotected data area = box 'to let the system protect the control device 2 〇Into the size of the two storage rooms, the data storage area is designated as the storage area; in the data storage area data: π storage area 38, the virtual storage area of the virtual data that has not been specified in the storage area 38 is the best protection, and The large storage block 46 of the Beco storage area 42 can be stored in a one-to-one, / = storage block 44 and the virtual data storage device 20, and it is best to store the data. The health storage space of domain 4 is evenly divided to belong to the unprotected data area storage area 42, so that the protection data / coverage sub-area 40 and the virtual data storage 46 can have an equal number. Storage & Block 44 and Virtual Data Storage Block In this embodiment, step i 〇 above three, # storage area. The 'storage area 38 is divided into pages 18, 1234074, 1234074, and case number 9011〇fin ^ V. Description of the invention (14) Step' 106 of amending 'Μ Λ Electric r ί = 〇 / single is for data record protection and control. The earlier data storage device 22 of the electric system 22 presents the storage device to the processor 24. The independent data is to be referred to as a "virtual data storage device." The two data storage devices are called The nature of the quasi-segmentation is not communicated to the server's device == data storage, the device's virtual storage space and protective data storage area 40: shells, and the storage space of the storage device is the same as the non-anti-skid asset + phase 4 , The other storage protection control device 20 does not set the virtual data: "43 equal. Data record output agreement, data record protection; some of the specific data transmission of the data rotation storage device used: 2 ° ^ page will be described the number of tracks each of the two data storage devices contains: magnetic two: data record protection control The device can rely on the two virtual assets. The data record space (that is, the storage of the data storage area to prevent spreading 2 i) is calculated for the two virtual data storage devices: Guan Man storage area) 'device 24. All this 4b information is sent to the processing part. The data record protection control J :: J stores the relevant information in area 42. The only information that must be provided is to provide a large storage space for the above-mentioned protected data storage area 43. The data storage device 40, the data storage device 40, and the dataless record protection control device 20 can be used separately from the data storage device 26 == virtual / pseudo-shell material storage = the material input / output protocol used by the chest system 22, the same The parameter values are used to set different virtual data. In the computer system 22 in 1: 1, the two virtual data are set by the serial number and letters of this implementation. Data discipline; the system is different —---- Because has been recorded. The control device 20 receives page 1234074 on page 19 ------- Tiger V. Description of the invention (15) Μ Correction of the second storage device Data access command, and convert the specified ^ to the corresponding partition on the 1 DE hard disk. The data processor M regards the virtual data storage area 42 as non-existent, so the effective storage space in the storage office ^ / bu] is all AUh ^ / in the storage device, there is a 10Mb king, and the protection data storage area 40 is: The secondary protection data storage area 40 and the virtual data storage area 42 each include a processor Π, and the remaining 2Mb belongs to the unprotected data storage area 43. There are two doors for oblique protection of data storage. Second, the virtual data storage area 42 is non-existent, and there is a hall for data storage without protection. Method Two ί: i1 real 00 body is complete ^ In the embodiment, the electric and electronic hardware: the machine comes and operates. In this real disk code. S π slave, branch knife J knife is not accused of this treatment ^ 24 is not set to be hidden from the processor 24, because U4 is not the logical partition of the hidden disk directly because the method 100 can be repeatedly implemented to change "Protected" data storage area 42 and unprotected data, second storage area 4., = empty ST head: in-the hard domain 40 that already contains data or the unprotected data storage area 43, if the poor material storage area is stored, load On other storage media. When the method 不足 is insufficient, you can change J 'and protect the data storage area 40 and Wuji again 3: Page 20 1234474 5. Description of the invention (16) \ ^… " ……. In the protected data storage area 40 or the unprotected data storage area 43, the data record may be partially lost or copied to a non-storage location. Figure 2A shows a method 1 10, which is used to format the protected data storage area 40 and the unprotected data storage area 43 so that data can be stored in the two data storage areas. Method 110 is stored by a system administrator in the computer so that the computer The system 22 is properly configured to provide the user with The U2 step of the system management system is the data record protection control device 20, which uses the data according to the system ^: Enter the system format mode of the system. The system administrator is usually assigned to the 20 control system. Provided-system formatting software ^. ^ The second step of the record protection control device 20 entering the system formatting mode storage area 4 'It is based on the adjustment of the characteristics of the protection data storage 22 according to its The own computer system and the protection data storage step generate a protection data storage table, a protection data storage block 47, an unprotected data storage table 53, and a non-defense may include

The Format utility can be used in 1, or private mode. Fdisk and storage block 44 in Wlndows, unprotected data ^ two parties ^ data storage table 50, protection data block 47. Save Table 5 3 and the unprotected data storage area Method 110 ends here. Method 200 The third figure shows 1234074 MM 9〇ιιββ ^ correction according to the present invention. 5. Description of the invention (17): The protection data in the storage device 26 is implemented by the system administrator. The storage material is loaded into the storage area 40, which is usually the step 3 of the manager's diagram 202, which is the data record protection control device 2 ... The data record protection control device I is used. So: For :: The system manager is usually profitable. What is the best way to load software? Progress: system loading mode. The "setting 20" is only entered when the user loses two notes: protection control, protection recording, protection control, and setting 20 into the system == condition: 'The data recording device 20 is preferably only used in computer mode. When the material is recorded and protected by the control software: the ability can only be activated when the system is loaded ^ Λ till 121L4 5 ^ α ^^ f 11 # Also Tt enters the anti-overlap storage area 40. For example, system j : Operating system software that controls the processor or other parts of the system, "Τί application software, game software, communication software, or data S / ,. The content of the data stored in the protective data storage area 40, depends on the power and use. When the system administrator adds, deletes, or modifies the data records in the anti-4 material storage area 40, the data storage device 26 will update the contents of the protection data storage table 50, so that the table 50 can have all the data in the storage area 40. Record relevant information, such as addresses. In step 204, the system manager does not load any data into the virtual data storage area 42. In the computer system of this embodiment, step 204 may involve installation or recording of operating system software such as Microsoft Windows, application software such as Micro soft Word, other software, or data on an ide hard disk. Place

Page 22 1234074! |: "One day correction" (Description (, ^ 3-the processor 24 named the disk partition as c or 1) he maintains a FAT table for this disk partition, beans & = 娆, and IDE The hard disk loads the location of all the data loaded by the needle and the name in the system management disk partition. When the data file field specified by the person and the responder finish loading the data, the method 200 ends. This H storage The data recorded in the area 40 is equal to the material, which is referred to as the protection data in the storage area 40. After the data is loaded into the protection data storage area 40, it is used by ordinary users. System management : At this time, the person will mention 2000 to change the content of the data in the Zizi area a field 40 of the data storage area 40. The data content is protected by data protection. The contents of the health storage device 26 5. The system manager; f will be new: protect the data storage table into the virtual data storage area 42 ^ will be any data loading instructions that require long-term protection of the operation method. The recipient issued by 24 said that the data record of the data storage device 26 was added The data to be read; the one who wants to read it; the one who reads it is called the designated write data. %% is the write and 7 and the written target data is protected: step by step when the electric shock 3 :: data record protection The control device 2 ° enters the non-data record protection control dream 2 When a new operation paragraph is started, division 100) or Li 'Si Gong enters the lift, sets 20 and is ordered to enter the system configuration mode (square;-^ ΐΔ ,, Load the mode first (method? Ηη ^, otherwise the data record protection is on page 23123274

Case No. 901106⑽ V. Description of the invention (19) The control device 20 will automatically enter the person's guide # > The new operation of the computer system is started by restarting or restarting the computer. The method 300 then proceeds to step 303, which initializes the virtual data storage area 42 for the data record protection device 20. Data record ^ 噌 二!, Set 20 to record each bit of the virtual data block usage table: 2 ~ Control 2 :: There is a virtual lean storage block 46 that does not contain valid data: data record 3 = device 2 〇 All virtual lean storage blocks 46 in the virtual data storage table 51 are also in an unused state. The cost of the separation process is as follows: all of the dummy data are removed. To avoid starting ί; ί =: ί =? Store the data in Block 46. The data in Table 52 is not necessary. As shown in Table 51 in the use of virtual data, every two "= 3 is not valid, and the virtual data storage device 20 will not be used for this purpose, so see the data record protection control. Β Luo began to save the existing virtual data Regardless of 26 access; :: Worker 2 2 processor 24 can convey a low-level data by directing a specific position in the input rotation of the data storage device to take a specific: two rows, for example, a processor 24 can guide One IDE hard disk read, combined to half, middle and 15 24 can be accessed by the magnetic drive and magnetic zone protection funds "" in step 10 of the designated protection data storage area 40 and no protection = Limitation of storage area 43. Attempts to access virtual data with low-level I / O commands

Page 24, 1234774, said amendment _______ case said 90110603 V. Description of the invention (20) When the data in storage area 42 is connected, the data record protection control device 2 connected to the processor 2 will receive the storage ^ Mission = storage ^ Set the target of the designated access to the location marked as unused. If the storage block is in place, the data record protection controls the farmer's 20u ::: storage order. Therefore, even if a malicious user is aware of the existence of the data record 20 and the virtual data storage area 42, what is not controlled is to enter the virtual data storage in the operation section. 1 two standard can be accessed. If it is not clear, otherwise the method 300 then proceeds to step 3G4, which is that the data record protection device 20 loads the contents of the anti-compliance material storage table 50 into its internal protection resource use table 48. The data record protection control device 20 initializes the internal county data area using table 49 so that it looks like virtual data storage = 51 and virtual data block usage table 52. Each virtual data storage block 46 is marked as Not valid and not used. The guard data area use table 48 is used to enable the contents of the guard data storage table 50 to be read more quickly during the implementation of the method 300. The virtual data area use table 49 is used to enable the contents of the virtual data block use table 52 to be read more quickly during the implementation of method 300. Since the data recorded in the protection data area use table 48 and the virtual data area use table 49 can be obtained from their basic tables (that is, tables 50 and 52), the use of tables 48 and 49 is Selective. The method 300 then returns to step 306, waiting for the next instruction from the processor. The method 300 then proceeds to step 308. If a data read instruction is received in step 306, then step 310 is performed, otherwise step 340 is performed.

Page 25 1234074 A amendment __ Case No. 90110603 V. Description of the invention (21) Step 3 10 is to review the received data. $ The target is located in the unprotected data storage area 43. Read the order. Otherwise, go to step 312. . Step 33: Use the LT12 material record protection control device 2 ° to check the virtual data. Use Table 49 'to confirm that the processor 24 specifies to read the pseudo-jitter = store please 2. If it is the material line 32Q', use Γ14. The data record control device 20 checks the protection data using table 48 to determine the storage of the specified read data block 4 4 and reads the information carefully and sets up the remaining area of the material. ^. μ, 埒 and transfer to the near-end memory area 54. The data read in the yak step is in step 204, and in this step, the data storage area 40 is protected. The loader transfers the protection from the guard to the processor 24 in step 314. It loads the virtual data storage area 4 2 by the protection in step 314. The method 300 proceeds to step 316 > the data read in the material storage area 40. The method 300 proceeds to step 318 > the data read in the material storage area 40. ,:. The data record protection control device 20 according to step 31:, τ has been stored in the storage block 44 to determine the virtual value corresponding to it = 4 ° β ^. = 1 specifies that the read data is copied to the virtual data storage block / shell material storage device 26 and the virtual data storage table 51 is updated accordingly, and the = virtual data storage block 46 is marked as used 'and recorded within 5; Γ The record protection control device 20 also updates the virtual block using i to mark the virtual data storage block 46 as containing valid data. The f data record protection control device 20 is used to update the virtual data area with the contents of the virtual data storage table 51 and _ ^ pseudo shell material table 52 to update III fU »VllLJ · _ · · · ^ ---- ---- Page 26 1234074

Case No. 90110603 V. Description of Invention (22) Use the contents of Table 49. The instruction method 3G0 then returns to step 306 and waits for the next person issued by the processor. Step 32 is to process a data record for the data record protection control device 20, and it specifies that the read target is an electrode that has been stored in g ^,. Seven from ^ 廿 y, the virtual storage area 42 ... 枓 己 has been recorded, which may be stored in the following steps: (0 step to read the specified information in the storage area 42 of the designated data storage area 40 Data; (li) = Copy to the data writing instruction conveyed by the virtual asset 24, and write the instruction ^ according to the processor storage area 42. The material is written into the virtual data. 〇Identify the virtual where the specified data is located and read it and send it to the processor. = 300 Receiver returns to step 306 'and waits for the next instruction issued by the processor. Step 330 is the data record protection control # 々, which The designated reading target is the data record in the first and the first fetching index 43. The data 2 is directly transmitted to the read command in the storage area without anti-scratch material ^ = = 3 The control device 20 will receive the result. To Behr storage device 26. Method 300 then proceeds Infantry device 20 receives the unprotected data from the gastric material storage 6 and records the protection protection records, and stores the protective data storage area 43, method 30 0, and then returns to step 24. Order. ^ Step 306, waiting for the next pointing step issued by the processor 3 4 0 is the sister ^

Enter the instruction, if the write instruction § Recording security 2 Man control device 20 processes a write "is an unprotected data, enter 1234074 j No. 9011. Fifth, the description of the invention (23) Enter step 350, otherwise the designation Write the data into the domain 42 and proceed to step 342., ': Load the virtual data storage area. Step 342 is the virtual data storage block 4 6 that should be loaded for data record protection and control. 6. Specify the read Retrieving data previously written in the protected data storage area 40 loads the specified written data with the second fetched protective data, and then stores the virtual data in the block 46. The second corresponding to the recorded block 44 The user's new system of materials, data, then the data: Two: A poor material is the computer system owed μ μ person * r tremble 5 has recorded security control device 2 0 will; 枓 a storage table 52 and In the virtual data area G = virtual block, select Yirong ~ from the clothing 49 铩 is not "unused". The material recording protection control device 20 is also Beco. The content will be stored in the internal block of the table 52 in the new virtual frame. Therefore, the data area marked as valid by the 'Bai' and Asia's pseudo-storage block 46. The Lu-shou protection control device 20 updates the virtual data region usage table with the contents of the virtual data storage tables 51 and ^ ^ 2 4 using the update of the table 52. 49 content. If a virtual data storage block 46 which previously contained virtual data, s, the lean data file is deleted so that the block 46 is vacant, the data storage device 26 will update the virtual data storage table 51 to indicate the Block 46 is the “evil evil” and the virtual data block uses Table 52 to mark the block as a valid area. So, a 'virtual data block that once contained virtual data 4 6 is deleted in f After 'can be regarded as a vacant block, used to record other virtual materials. The sum of the meanings of the used / unused marks in the virtual data storage table 51 and the used / unused marks in the virtual data block use table 52 are summarized in the following table: Page 28 1234074 9〇ηηβ〇3 5. Description of the invention ( 24) In one of the operating sections of the computer system, a virtual effect: ί ί ΐ Data block usage table 52 is marked as valid ::] shirt two i X will be maintained until the end of the operating section, that is, in the step In the computer system of the embodiment, the 1D Ε hard disk will be targeted for anti-ceremony = '4 storage area 40 and The virtual data storage area 42 executes the data writing instruction, and then accompanies the FAT table with the rain. In step 304, the virtual data storage area holds two or two /: /: 'Yes. Since the data of the step control device 20 is stored Λ. Data record protection II BMVJ D'J; MilM l ^ PU II. ... ».., .. MJPlIfA ·» !. -------- # 表 48, so the protection data storage table 48 in mm a * / NiiM j ^ .pu I * .... »..,., .... ---------- V. Description of the invention U5) and virtual data storage table 5 1 The contents of the method are independent from each other and then return to step 3 06, waiting for the next instruction from the processor. Step 350 is an order for data record protection control, and the target of writing is an unprotected data record to be stored in the unprotected data area 43. The data record protection control device 20 directly transfers the received write finger 1 to the data storage device 26. If the data storage device 26 returns a private message: If the message or instruction is an error message that was successfully executed, the data a is recorded. The security control device 20 directly forwards the received message to the processor 24 ° Method 300 then returns to step 3 〇6, Waiting for the next instruction from the processor. In the lean material protection mode of the method 300, the data record protection control device 2 writes any breeding material into the protected data storage area 40. Therefore, the anti-shy data storage area 40 has the same data content at the end of the method 2000 or the last update. In the computer system 22-operation, any user wants to access or modify the protection data, in step I42, load the virtual data storage in the form of virtual data. As far as the processor 24 is concerned, it can convey general data storage, and the instruction can also be completed in a general manner. However, when the computer starts a new operation, all the data changes made in the asset compliance mode will not exist through step 303.

In step 318 on page 30, the data record protection control device should read one data = ί request, and when it is read hundreds times-to protect the data, it will read the specified reading ^ 5 shell ^ 1 to virtual ^^^ Area 42. As the information contained

1234074 --- Case No. 9Q110603 V. Description of the invention (26) Enter the virtual data storage area 42 so that the data record protection control device 2 can proceed from step 312 to step 320, further making the data record protection and protection device 2 0 This information can be read later more quickly. This copying step can create a virtual data storage area 42 containing a copy of the protection data, and gradually make it contain more protection data content and any data access, modification and other changes made during the operation paragraph. In the longer operation section of computer system 22, more and more data reading instructions can be completed by reading the virtual data area 42 without reading the protective data area 40. Step 318 is optional, and all data reading instructions can also be completed by directly reading the protected data area. At this time, the virtual data in the virtual data storage area 42 only includes the protection data with additions, deletions, and modifications. 3 The brain body is made more powerful by the EEG. 20 One of the inventions described above. The user operates in the brain system. The user is mainly responsible for the operation. Generally, it can be permanently changed, or the material can be permanently stored and reset by the computer system. The same ca n’t be moved, only the data exists, and the system will be shut down when using the system. ^ ~ Heart net, SM ′ V, package_indication, which is preset in method 100 and method 200, so that all the electrical system needs The data has been loaded in advance. This common pattern is commonly used in general office computer systems. The existing application tools in the computer system are used to protect the data in the data storage area 40. The virtual data storage area is used to achieve temporary protection data storage. Area, so that the passage through different operating paragraphs can still exist. = Newly activated the data record protection control device. The computer system protects all kinds of data. The data protection mode under the protection data protection mode can be borrowed without protection.

Page 31 1234074-Case No. 901〗 〇fi ^ Revision 5. The description of the invention (27) has been changed, so any consideration will be invalid. In the general office? The use of a virus or malicious device 20 can make the system management "two: the amount and complexity of record protection control is greatly reduced. J The number of user requests for help 100 sets two virtual data in the computer system of this embodiment Chu t and Lu, method disk C and disk D. In the method 2G {), the examples are respectively magnetic. In method 300, the lean material for the magnetic male Γ is to be loaded into the disk C operation section. It disappears at the end, and the changes made to the material will end in this operating paragraph ::: Disc 7 is intended to = see. The various operations that are carried out completely hide the data record protection control device 20 for Protected data storage Protected data provides a powerful & only addiction, tremble storage & record protection control body in domain 40 :; data;;!; Where data = what software program to protect against: == ;, Whether the call of iJdn data access instruction is blocked to know the existence of the recording protection control device 20. = The recording protection control device 20 completely hides the planned data storage part from the processor, and Operation of negative storage devices. Due to data record protection The control device 20 is completely transparent to the processor (ransparent), so its use is the same as the operating system used by the computer system: Off: and any device or other hardware with the same controller interface 34 and the same protocol can use the same Data record protection control II II ________ ---- page 32 V. Description of the invention (28) 1234074 Θ Correction ... I .., I ..--- "Device 20. At present, the two interfaces of Dingmen and Dingmen have made it possible for the same electronic devices to use standard memory devices and electronic devices, and to access the Internet, such as electronic game machines, handheld data storage devices and protocol electronics. The machines can all share the same device. The recording protection control device 20 will actively control the storage access in the data storage device 6. Therefore, the control and the use of the appropriate rotation into the Sheshan Gong—from the iZU to the α and the horse. In order to communicate with each other, the lean storage device of the cooperative association will be able to communicate with each other, and the coordinated control command of the cooperative association will be provided. + System A, data # 1 ^: Κ 唬. In this embodiment, the computer = the capacity of two hard disk controllers to control two: a disk = controller two == again ^^! 2 :; and, the hard disk drive is integrated: two independent physical storage devices . Question 'is considered a lower cost method. Compared with any kind of hard disk or other data storage devices, they have the same data storage dream department: i It is feasible to purchase a data storage device with 4_ ', and configure a dummy = protect the same amount of protection data in it Quite reasonable. The present invention can provide a variety of implementation modes, examples are as follows: Figure: The figure shows an embodiment of the present invention, which is not intended to be used in the JL, a picture of a JL in the picture, a boat, 4L — secluded : 4 4 ZO —--- ~ "Picture ㈣ or equivalent elements, whose labeling is on the back side J side J ⑽ ----- * ------—— Page 33 1234074 I msms Amendment --- Case No. 9011 fifing, one by one, five, invention description (29) The two digits are the same, only in the computer system 422 of FIG. Eclipse II storage devices 426 and 460. Data storage area 440, one defense spectrum time = area 438, which includes a protection data storage area 443,-unprotected data table 450,-unprotected data storage method, all with the Schematic diagram—Medium vinegar storage / sub-table, and the operation data storage device of the above components :: package: —I components are the same. ΓΞΤ Α η λ ^ ^ Controller interface 462 and an asset +. Domain 464. Data storage device 4 Qiaobei storage 436 and control device 42〇 逵 9 9 storage device-shell material bus t # „# # ^ # ^ 442 ^ ^ ^ domain 442 and virtual data storage Equivalent components in storage 426 are the same. Method and Lean Material Storage Device Lean material record protection control device 42 and devices 426 and 460. Data 9 is used for data storage. Jianliu Factory ^ Beco 5 has recorded the security control device 420 to maintain the data record of the virtual asset = area 442, in a manner similar to 1 of the aforementioned electronic machine 22 ::: data storage device 460 All of the data storage area 464 is the body storage area 442, so the control device 420 stores the entire data m Λ Λ41〇S 11424 ^ ^ ^ ^ 4420 ^ H 'domain = present: a physical library storage device, one of which corresponds to An unprotected lean material storage area 443 is installed in the data storage area of the protected data storage area. Both are located in the computer system 422. The advantage is that the data storage area 438 is not part of the f data storage area 442, so the processor 424 Access to the entire data storage area 438 can be performed. aEarth invention is implemented in an existing electronic device. This embodiment can be implemented in CU! i (kL2aUtlllUM.i | Piun «aiL > u > j» kihu .m —IIIBUΑΒΙ, ι 丨 丨 ι «" ι ·, _ Page 34 1234074 If ~ ---- 90110RQ3 丨 Electric V. Invention Secretary " Month. Day J-fe- so that the storage space that can be used by the processor 424 will not be due to lean storage area 438 or storage area 443, so the data storage H injury as an unprotected data storage ". Equal size can be. Because: storage; and the data storage area can be smaller than the data storage device 426. If the storage capacity of the material 60 can be compared with the storage capacity of the device 426 Storage device 46〇 and data storage ^ ^ ^ ^ 460 t ^! The storage area will not be hidden, but the two ^ = j = the first unprotected data error storage device type will be presented to the 4 of the processing 4 The poor material 20 is shown, the computer system 22 and the data record protection control device make various changes to the protection data by the user, and the newly opened poor material storage area 42 is newly opened; when the virtual data storage table 51 and the virtual block , Oh -i? ^-. The initialization of Table 5 2 with melon disaster will go to = ::! ' The changes made are eliminated: to protect the stomach in the operation paragraph, and at the same time, the data can be changed according to the μ jm at different days. To achieve == 'read virtual data storage during step 304 Table 51 uses table 52, and loads the contents of the two tables into the control device virtual data area. Use table 49 at the same time, and read the protection data 1 = content. At this time, the control device 20 provides-"Delete virtual, / " * domain "tool, so that the system administrator can delete the data storage table in the control device 20 and the control device 20, and the data storage installation tool is preferably stored in a different location. ^ Read the protection data storage table 50. The "delete virtual data area" is on the storage device of the data storage device 26, and

Page 35 1234074 Case No. 90110603 V. Description of the invention (31) ^ Application should be used in data protection mode, and the startup of the tool is best prepared with a fork code protection mechanism to prevent malicious programs such as viruses or other uses This tool causes damage to data records in the virtual data storage area 42. The "data area" tool is best used only at-computer system start-up = operating%. This implementation is particularly useful in teaching settings. After a middle school student-during the study period-after using a computer, the computer can be reset for other people to use:… recorded in the virtual data storage area 42 The content of the data may be combined with the two parties to protect the data storage area 40, so that it can be permanent: bismuth :: 3 'It is used to copy the virtual data to the protection data = The copy tool allows the system administrator to copy the virtual data ； 工; # 料 录 'in the domain is used to edit the protection data storage area ^ ΐ f 4 Storage table 5G and protection data area = Table 48. The tool should be equipped with a password-protected dib to prevent its device 2 =: ^ from being moved. If necessary, you can also control the key in this control, to ensure that an unauthorized user does not make improper permanent data changes. In combination with the above (1) retain two virtual data storage areas, data tools; (iil) _copy virtual data = (op.) —Electricity: The configuration settings of the system may be changed in a situation that is very useful: because: the system settings If the system is unstable or needs to be removed due to changes, it can be removed by deleting the retention time and purpose of the virtual data storage area η. The settings on the right-hand side of the computer system need to be permanently protected, which can be copied to Protected data storage area 40. System 22 contains-Unprotected data storage area 43. When the computer is installed Page 36 1234074 Correction

Case No. 90110603 V. Description of the invention (32) The device is made in an independent state. This design is not only ". Assuming that the computer system 22 is used in a network environment, the network: network power, : The user may be required to store data on a web server & ΐ Wide poverty: Ϊ Unprotected data storage area 43 and data storage area 43 in the device 26. The service ... are implemented as unprotected as described above The aspect is directed to an IDE hard disk drive. The present invention can also be used in conjunction with other storage devices, such as ISA, ΑΑΑ, Ει, and:: type = disk drive 2 In addition, the present invention is also applicable to other data storage J ,, ρ The card J .. solid sad 圮 fe devices such as magnetic memory devices, flash memory cards, the invention can also be used with other data protection errors (Raid, redundant array 〇f two distribution port f, such as in the disk capacity system ' Similar to the control device 2 or 42.-Data control: so that the RAID controller and-or multiple standby side control devices connected to the hard disk to reinforce the RAID provided by the standby control: the data protection technology invented Let's protect the ^ ▲ in the magnetic disk The Raid technology does not guarantee the protection of the I ^ 4 instrument, the n, the pro, but only ensures that the error of the poor material record is repaired by using the spare disk data. If there is a master ^ wood system, the disease spleen It is not necessary to enter the system with a RAID mechanism to provide the inscription. The master is not loaded into all the spare hard drives. RAID technology does not have a mechanism for removing viruses. It is recommended by TT Guard to limit the i Ming has disclosed the above with several preferred embodiments, but it is not

Within the spirit and scope of HHII, it is possible to make both without departing from the present invention ~ ----- Although various changes and modifications are made, so the present invention

1234074 Case No. 90110603: Month Day Amendment V. Description of Invention (33) The scope of protection shall be determined by the scope of the attached patent application

IBM Page 38

No. 1234074 --- ^ Simple illustration of the diagram Simple illustration of the diagram = ^ = According to the present invention, the structure of the electronic device with f material record protection is%. < Equipment-System configuration of the data record protection control device according to the present invention :: 1 Figure: Two systems according to the present invention The system stream of the data record protection control device of the present invention ^ Data record protection not according to the present invention Figure 4A and 4B of the system loading mode of the device show the data protection of the protection control device according to the first embodiment. The fifth figure shows the -electronic of the device according to the second 3rd process of the present invention. Machine structure; the second example has the data record protection control main component number 2 0 data record protection control 22 computer system, i 24 processor 26 negative material storage device 1234074 y _ case number 90110603_ year month revision _ simple diagram Description 2 8 processor interface 3 0 processor data bus 32 data storage device interface 34 data record protection control device interface 3 6 data storage bus 3 8 lean storage area 39 data storage block 40 protected data storage area 4 2 virtual Tribute storage area

4 3 Unprotected lean material storage area 44 Protected data storage block 46 Virtual material storage block 4 7 Unprotected data storage block 48 Protected data area use table 49 Virtual data area use table 5 0 Protected data storage table 51 Virtual data Storage table

5 2 Virtual lean block use table 5 3 Unprotected data storage table 5 4 Near-end memory 1 0 0 System configuration mode flow 1 0 2 Data record protection control device steps to enter system configuration mode 1 0 4 Data record protection control Steps for the device to divide the data store into different areas

Page 1234074 --Ά ^ 90110603 Simple explanation of the diagram '-^ I, date __correction-I 0 6 data records you $ α 果 传 逆 ^ _ 蠖 蠖 蠖 蠖 褽 褽 步骤 步骤 步骤 步骤 完成 完成 完成 完成 completed completed in η Steps of Nine Fruits to the processor Steps to take the storage area partition II 0 ^ System format mode flow 112 Corruption record protection control device enters the system 格式化 4 Steps to format the protection data and '^ ^ ... Step 2 0 0 in the Bembe storage area System loading mode process 202 The data record protection control device enters 2.4 Steps to prevent the data record protection control device from recording in steps ° Beam storage area changes data 30 0 Data protection mode flow 302 Data record protection control device enters data protection = The data record protection control device uses the virtualized protective data area use table and 30 6 steps to receive data read or data write instructions 3 0 8 steps to determine the type of received instructions: Judgment: Steps of specifying the protection type of data in the material reading instruction

Step 2: Whether the data specified in the material reading instruction is stored in the virtual data storage area. IP 314 Load the protection data to be read into the near-end memory area. Step to load the data to be read from the near-memory area. Step 318, which is transmitted to the processor, loads the designated read data into the virtual data storage block. Step 1234074 〆Read _ Case No. 90110603 & Year: Month μ Amendment _ Schematic description ... ......... ”— 320 Step of loading the data to be read from the virtual data storage block into the processor 330 Step of the data record protection control device receiving the instruction of reading the unprotected data 3 3 2 Step 34 of the record protection control device reading the specified unprotected lean material and transmitting it to the processor. Step 34 The data record protection control device determines the type of data protection involved in the write data instruction. Step 342 loads the specified write data into the virtual data storage area. Step 35 of the block 0 Load the specified write data into the unprotected data storage block 42 0 Data record protection control device 422 Computer system 424 Processor 426 Data storage device 436 Data storage bus 438 Data Storage area 440 Protected data storage area 4 4 2 Virtual data storage area 443 Unprotected material storage area 45 0 Protected data storage table 4 5 1 Virtual lean material storage table 45 3 Unprotected data storage table 46 0 Data storage device 4 6 2 Data record protection control interface

Page 12 1234074

Simple illustration 4 6 4 Lean material storage area iBii Page 43

Claims (1)

1234074 SS_9〇ll〇603 Six, patent application scope 1 · A method for recording benzene on a storage medium:, 贫, 贫, and a method of recording, including the following cattle (A) in the system configuration mode to protect the data storage area, a robber and a μ-body storage device divided into a storage Area; shellfish storage area and one unprotected material (B) under the system loading mode. (I) The protected data store is intended to be stored as two separate entities: two and the unprotected shell material storage. region. γ) hide the virtual data storage area; 濩 _ shell material is stored in the protected data storage area (C) in data protection mode: (1) the virtual data storage; & ^ ^ ^ ^ month simulation Set up two independent physical domains and the unprotected data storage area / .., two, | ") to hide the protected data storage area; Execution data, from the virtual capital: the designated reading data in the storage area is transmitted to the processor; the data is read in the storage area, and the data is not stored in the storage area. processor. Read it from the storage and send the data to ιΗ Page 44 Zheng 1234474 VI. Application Types Fan® t "-two ^ Dou-Amendment 2. As described in the scope of the patent application No. 1JS, ~ included in the virtual data storage area, the middle step jc) (ii) Package steps. 3. Read the copy of the data 3. Steps as described in item 丨 of the scope of patent application: In this data protection mode, 'further-steps include the following materials: When instructed, specify the: Area. Zhuma into the virtual data storage 4. A device for protecting data on a storage medium-a data record protection control device, which: There is a thunder between the storage device and a storage device # Α Μ β One of the computer system processors has one less protection data Storage / A physical storage device is divided into the virtual data storage area of the m Λ storage domain; in the system loading mode, the protection data storage area to be added is stored; the shellfish to be protected is stored in the victim's capital Λ In the protection mode, 'receive the data transmitted by the processor', take the buckle and perform the following steps to process the instruction ... (0 if the virtual data storage area has the designation in it! Ϊ; ί; read the data in the data storage area) Data, and if the designated read data does not exist in the virtual data storage area, the data is read from the protected data storage area and the data is transmitted to the processor. 5 · The method as described in claim 4 of the patent scope, wherein step ([) (丨 丨) includes a step of loading the designated read data copy in the virtual data storage area on page 45 1234074% s _ Case No. 6. Scope of patent application. The application method described in the item 1 of the range 1 2 3 4 further includes the following two. In the protection mode, when the instruction = instruction transmitted by the processor, the specified write data is written. Enter the virtual data = ϋι: Please refer to the method described in item 4 of the patent scope, wherein the data record protection J control device is connected to the processor in steps ⑻ and (C, 中, ϋ, 记录 料 record protection controller will The virtual data storage area is the method described in item 4 of the patent application scope, wherein the protection data includes a plurality of protection data storage blocks ... The virtual data 1 = the second domain includes a plurality of virtual data storage blocks And each of the plurality of anti-secondary storage blocks can correspond to a specific one of the plurality of virtual data storage blocks. As described in item 9 of the patent scope of Shen Qing Method, wherein in step (c) (丨 i), the private read data can be fetched from one or more protected data storage areas ^ times', and this step further copies the specified read data to the virtual poverty Corresponding virtual data in the material storage area Storage block. · 11 kinds of data protection recording method, comprising the steps of Page 46 1 〇 > The method as described in item 4 of the scope of the patent application, wherein the data record 2 $ Control Control Set includes a virtual data use table for recording the aforementioned 3 & virtual data The read and write records of each block in the storage block enable 4 to distinguish the validity of the data recorded in the plurality of virtual data storage blocks. P: i 1234074 -------- 9〇ηπκπ ^ Amend the scope of patent application for (A) to provide a protective data storage area, J: material storage block; / 包含 contains multiple protective funds (B) Provide a virtual caution roving-r-, material storage block, and the plural number. Two products =, which contains a plurality of virtual data protection data storage block correspondences = quasi-shell material storage block and the plural number (C) Stores the data to be protected. Several protected data storage areas. ^ Hai anti-thin-bei material storage area Zhen Zhongyi or re-identify the virtual data storage intended data storage block; the virtual (E) with valid shellfish receives the The processor communicates * — π to process the instruction in a snap: Beware of the private order, and enter the following steps; 1 Make sure ... one or more Lu Que holds one or more protective data stores containing the data to be read Corresponds to the virtual lean storage block corresponding to the aforementioned protected data storage block; Nepal (111) confirms the nature of the data stored in the aforementioned virtual data storage block, and if the data is valid, proceeds to step (iv), if the data is not valid , Then proceed to step (v); (iv) from the virtual Read the designated read data from the intended data storage area and transmit the designated read data to the processor; (v) read the designated read data from the protected data storage area and send the designated read data Send to the processor; (F) receive the data writing instruction transmitted by the processor, and perform the following steps to process the instruction: P. 47 1234074 ^ 〆 points __Case No. 90110603: 'The scope of the patent in the U.S.C. selects one or more virtual asset storage areas and writes the written data into the selected virtual asset effect "i⑴ the written virtual data remaining area The block is marked as having the square storage area as described in item u of the scope of the patent application and the anti-slip material. The virtual storage area is owned by the entity data storage device. The method described in item 1, wherein the protection data-sub-area and the virtual lean material storage area are provided by a magnetic disk drive. The method described in claim 13 of the patent scope, wherein the protection data storage area and The virtual data storage area exists in different partitioned disks in a magnetic disk drive. 1 5 · The method as described in item 丨 3 of the patent application scope, wherein the magnetic disk drive is an IDE-type hard disk drive.