TWI247989B - Method for protecting list disk and computer readable recording media - Google Patents

Method for protecting list disk and computer readable recording media Download PDF

Info

Publication number
TWI247989B
TWI247989B TW93120732A TW93120732A TWI247989B TW I247989 B TWI247989 B TW I247989B TW 93120732 A TW93120732 A TW 93120732A TW 93120732 A TW93120732 A TW 93120732A TW I247989 B TWI247989 B TW I247989B
Authority
TW
Taiwan
Prior art keywords
disk
encrypted
partition table
program
preventing
Prior art date
Application number
TW93120732A
Other languages
Chinese (zh)
Other versions
TW200602872A (en
Inventor
Horng-Ru Chen
Original Assignee
Fineart Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fineart Technology Co Ltd filed Critical Fineart Technology Co Ltd
Priority to TW93120732A priority Critical patent/TWI247989B/en
Publication of TW200602872A publication Critical patent/TW200602872A/en
Application granted granted Critical
Publication of TWI247989B publication Critical patent/TWI247989B/en

Links

Abstract

The invention is a method of protecting list disk. It can be applied in the first disk of computer system. The first disk has a function for turn on a computer. First, a master boot program of master boot record of the first disk is replaced to the substitutive master boot program of the first disk, which has a hoot program in operating system to turn on a computer. Secondly, the partition table of the first disk of master boot record is encryption to be the encryption master partition table of first disk. When an operation system is accessed in the encryption master partition of the first disk by hook program, the readable encryption master partition table of the first disk will be decrypted. When an operation system is written in the encryption master program of the first disk, the data will be encrypted.

Description

1247989 九、發明說明: 【發明所屬之技術領域】 本發明係關於一種防止磁碟串接的方法與電腦可讀 取之記錄媒體,特別關於一種替換主開機程式並將磁碟分 割表予以加密以防止磁碟串接的方法與電腦可讀取之記 錄媒體。 【先前技術】 於為訊科技咼度發展的今日,企業與個人對資訊設備 的倚賴日深,資訊安全順理成章地成為發展與運用電腦軟 硬艨的同時最為重要的課題。缺乏資訊安全,將造成種種 嚴重的後果,舉凡資料外洩、資料被增刪竄改、因電腦中 赛而造,與電腦相關的服務停擺、企業與個人日常工作無 涑進行等’無不造成企業或個人重大的損失與不便。 上述各種問題中,又以資料外洩所產生的不利影響最 為爹A。舉例而言,-旦企業的研發結果、營業秘密、財 廣狀况或客戶^料專資訊流落在外,輕則影響產品的研發 上平成造成客戶流失,重則使企業失去技術發展上策略性 的姨f優勢甚至使企業陷於財務危機。因此廣泛運用資訊 科技的企業以及研發資訊安全相關技術的廠商無不將防 止資科外洩視為建立企業資訊安全的首要之務。 針對上述情形,目前實務上已存在各種資料控管的方 涑,其中絕大多數係以帳號密碼之機制確保存取資訊之人 具有足夠=權限。透過驗證的手續,可規範使用者經由網 絡成其他二面傳輸資料、列印資料或將資料儲存於外接式 擁存装f等行為,徹底防堵可能造成資料㈣的各種途 5 1247989 徑 制需= 處詳機 =:f;:r機磁碟中並於開機 ==移除,並以串接的方式成為他電腦系 处碟(savedisk),而他電腦系統未安裝有押制 ^料存取之軟料,將使得制機磁碟便如同^ 料的磁碟-般,不具任何防護。使用者將可自由傳輪存二 印貝料或將資料複製於另—儲存裝置中,致使資料外矣 :=:==r_’仍無資料 【發明内容】 針對上述問題,本發明之目的為提供一種防止磁碟串 接的方法,其可防止磁碟自原電腦系統實體移除後,以串 接的方式成為他電腦糸統之從屬磁碟(slave (jisk )。 為達上述目的,本發明之防止磁碟串接的方法係應用 於一具有一第一磁碟之電腦系統中,其中該第一磁碟具有 開機的功能。上述方法首先將第一磁碟之一主開機紀錄 (MBR,Master Boot Record)之一第一磁碟主開機程式 (MBP,Master Boot Program )替換為一第一磁碟替代主 開機程式,其中第一磁碟替代主開機程式係用以開機,並 為作業糸統掛載一搁截(hook )程式。其次將主開機紀鮮^ 之一第一磁碟磁碟分割表(Partition Table )予以加密,使 1247989 之成為-帛—磁碟加密磁碟 於作業系統欲存取第一磁趨^ ^表,其中攔截程式係用以 之第-磁碟加密磁碟分割表予分割表…將所讀取 :第-磁碟加密磁碟分割表:f於作業系統欲寫 畨。 將所寫入之資料予以加 此外,本發明更提供一 記錄一防止磁碟串接的方法,可讀取之記錄媒體,其 一磁碟之電腦糸祕A 法係應用於一具有一笛 開依據上述步驟替換主* 1機私式麵主開機紀錄之 *開機紀錄之主 第-磁碟具有開機的功能。」表予以加密’其中該 由於存取磁碟所必需 截程式可將經加密之 二割:經加密,而惟有攔 ^磁碟’則由於經加密之磁碟電腦系统之從 為正確的磁碟分割表’故益法==他電腦系统而言非 方法可以有效填補磁、==目的。因此上述 體,於正常執行時可以有控制資料存取之軟 時則完全無用武之地的漏洞,使=的,被串接 俱到。 貝枓存取的控管更加面面 【實施方式】 以下將參照附隨的 方法與電腦可讀取二= 發:防止硬碟串接的 元件將以相同的參照:::=實施例。其中相同的 7 1247989 請參照圖1所示,於此實施例中,本發明係應用於一 企業内部電腦系統1〇〇中。此企業内部電腦系統1〇〇具有 一第一硬碟110,而此第一硬碟110具有開機的功能。 依據先前技術,使用者可於第一硬碟110中安裝控制 資料存取之軟體,而該軟體可設定為於開機時一併自動執 行。控制資料存取之功能隨該軟體之執行而啟動後,可依 據驗證使用者身份後所取得之使用者權限規範使用者經 由網路或其他介面傳輸、列印第一硬碟11〇或企業内部電 腦系統100中其他硬碟中之資料或將上述資料儲存於外 接式儲存裝置等行為。惟欲啟動上述功能必須以第一硬碟 110開機方可。 、 &quot; 4參照圖2所示,現存在一企業外部電腦系統2〇〇, 其具有-第二硬碟21〇’且此第二硬碟21〇亦具有開機的 功能,但其中並未安裝控制資料存取之軟體。若第一硬碟 自企業内部電腦系統100實體移除而安裝於企業: 電腦系統200中,且其係以串接的方式成為第二1碟2 = 之從屬硬碟(slave disk),則使用者可利用第-硬碟^ 2 執行開機的工作,且由於控制資料存取之敕體未一、/,、210 執行,第一硬碟110將如同單純儲存資料的硬碟一般動 具任何控制資料存取之功能。使用者將可自由傳輪,『 第一硬碟110中之資料或將上述資料複製於另」:列印 置中。 、乃一儲存裝 两解決上迷問題------〜下步驟。 同時參照圖3與圖4所示,首先將第一硬碟丨 # 之_ _|弟 主開機紀錄(MBR,Master Boot Record ) 4〇〇 一 # 〈一弟一 1247989 碟主開機程式(MBP,Master Boot Program) 410替換為 一第一硬碟替代主開機程式510(S301),其中第一硬碟 替代主開機程式510係用以開機,並為作業系統掛載一攔 載(hook)程式,攔截程式之作用容後再述。 其次將第一硬碟110之第一主開機紀錄400之第一硬 碟磁碟分割表(Partition Table) 420予以加密,使其成為 一第一硬碟加密磁碟分割表520 (S302)。其中第一硬碟 磁碟分割表420係記錄第一硬碟11〇中每個分割區域的起 始磁軌、終止磁軌、使用的作業系統等資訊。加密第一硬 碟磁碟分割表420將使得第一硬碟11〇中之資料無法讀 取,亦即無法串接硬碟。 第明參照圖5所示,執行上述步驟S301與S302後,h 500更碟U〇之第一主開機紀錄4〇0成為第二主開機紀金 並包含第一硬碟替代主開機程式51〇與第一硬碟力 時供ί分割表52〇°原本之第一硬碟主開機程式41〇可F 時備份於第-硬碟110中。 密磁;本方法之步驟後,若作業系統欲存取第一硬碟力 硬碟力I割表520,則前述攔截程式可將所讀取之該第一 礤碟分碟分割表520予以解密,使其回復為第-㈣ 中之資:斗。420,作業系統便可正確地存取第-硬碟11 分割表W同樣的’若作#系統欲變更第—硬碟加密磁碎 使第時⑽截程式可將所寫人之資料予以加密 磲加密磁碟分割表520保持加密的狀態。 需$主立 碟,則使=’若企業内部f腦系統1GG具有其它的碍 者亦可選擇是否於將第-硬碟110之第- 9 Ϊ247989 磁碟分割表420予以加密的同時,將該等硬碟各自、 分割表同步hx加密。若使用者選擇此功能,則依=碟 之運作方式,於作業系統欲存取該等硬碟經加密之礤^ 割表時,可利用前述攔截程式將所讀取之該等硬碟麵碟= 之磁碟分割表予以解密,並於作業系統欲寫入該等= 加密之磁碟分割表時,利用該攔截程式將所寫入之資=經 以加密,從而可將企業内部電腦系統1〇〇中其它的=料予 於本方法之保護範圍内。 碟置 队个货明較隹貫施例之電腦可讀取之記 體,係記錄一防止硬碟串接的方法。此防止硬碟串接的'方 法係應用於具有-開機硬碟之電腦系統中,依據上步 讀與S302替換主開機紀錄之主開機程式並將主開機= 錄之磁碟分割表予以加密(請參照圖3與圖4所示),同 時亦可依據使用者之需求,以同樣的運作 : 統中其他的硬碟。 隻^:&amp;糸 綜上所述,由於存取第一硬碟110所必需之第一硬碟 磁碟分㈣42G被加密成為第—硬碟加密磁碟分割表 520 ’而^有攔戴程式可將第一硬碟加密磁碟分割表520 予以解密。故若第—硬碟110自企業内部電腦系統議實 體移除’且如圖2所示般欲以串接的方式成為企孝外部電 2〇0 碟分割表520對企業外部電腦“ 200而5非為正確的磁碟分割表而無法達成串接的目的。 因此可以*效填補硬碟中雖安裝有控制資料存取之軟 體’於正4行時可以規範使用者之行為,但被串接時則 1247989 完全無用武之地的漏洞,使資料存取的控管更加面面倶 到。 以上所述僅為舉例性,而非為限制性者。任何未脫離 本發明之精神與範疇,而對其進行之等效修改或變更,均 應包含於後附之申請專利範圍中。 【圖式簡單說明】 圖1 係本發明較佳實施例之企業内部電腦系統示意圖; 圖2 係本發明較佳實施例之企業外部電腦系統示意圖; 圖3 係本發明之防止磁碟串接的方法之流程圖; 圖4 係本發明較佳實施例之第一硬碟開機磁區内容示 意圖; 圖5 係本發明較佳實施例之執行本方法後之第一硬碟 開機磁區内容示意圖。 【主要元件符號說明】 100 企業内部電腦系統 110 第一硬碟 200 企業外部電腦系統 210 第二硬碟 400 第一主開機紀錄 410 第一硬碟主開機程式 420 第一硬碟磁碟分割表 500 第二主開機紀錄 11 1247989 510 第一硬碟替代主開機程式 520 第一硬碟加密磁碟分割表 S301將第一硬碟之第一主開機紀錄之第一硬碟主開機 程式替換為一第一硬碟替代主開機程式。 S302將第一硬碟之第一主開機紀錄之第一硬碟磁碟分 割表加以加密,使其成為一第一硬碟加密磁碟分割 表0 121247989 IX. Description of the Invention: [Technical Field] The present invention relates to a method for preventing serial connection of a magnetic disk and a computer-readable recording medium, and more particularly to a method for replacing a main booting program and encrypting a disk partitioning table. A method of preventing the serial connection of a disk and a recording medium readable by a computer. [Prior Art] In today's development of Weixun Technology, enterprises and individuals rely on information equipment to become more and more important. Information security is the most important issue at the same time of developing and using computer software. The lack of information security will have serious consequences. Any data leakage, data additions and deletions, tampering due to computer competitions, computer-related service lock-outs, and daily work of enterprises and individuals will not cause enterprises or Personal loss and inconvenience. Among the above various problems, the adverse effects caused by data leakage are the most important. For example, if the company's research and development results, business secrets, financial status or customer information are in the flow, it will affect the research and development of the products, resulting in the loss of customers, and the loss of technological development. The advantage of f even puts the enterprise in financial crisis. Therefore, enterprises that make extensive use of information technology and those who develop information security-related technologies all regard the prevention of capital leakage as the primary task of establishing enterprise information security. In view of the above situation, there are various methods of data control in practice. Most of them use the mechanism of account password to ensure that the person accessing the information has sufficient = authority. Through the verification procedures, users can regulate the behavior of users to transmit data, print materials or store data in external storage devices via the network, and completely prevent the various channels that may cause data (4). = Part of the machine =: f;: r machine disk and boot == remove, and become his computer system save disk (savedisk), and his computer system is not installed with the stock Taking the soft material will make the machine disk like a disk, without any protection. The user will be able to freely transfer the second printed material or copy the data into another storage device, causing the data to be externally: =:==r_' still no data [invention] For the above problem, the object of the present invention is Providing a method for preventing serial connection of a disk, which prevents the disk from being physically connected to the slave computer (slave (jisk) after being removed from the original computer system entity. To achieve the above purpose, The invention discloses a method for preventing serial connection of a magnetic disk, which is applied to a computer system having a first magnetic disk, wherein the first magnetic disk has a function of starting up. The above method firstly records one of the first magnetic disks (MBR). , Master Boot Record) replaces the first disk master boot program (MBP, Master Boot Program) with a first disk instead of the main boot program, where the first disk replaces the main boot program for booting, and for the job SiS mounts a hook program. Secondly, the first disk partition table (Partition Table) is encrypted, so that 1247989 becomes a -帛-disk-encrypted disk for the job. The system wants to access the first The ^^ table, in which the interception program is used for the first-disk encrypted disk partition table to the partition table... will be read: the first-disk encrypted disk partition table: f is written in the operating system. In addition, the present invention further provides a method for preventing the serial connection of the magnetic disk, the readable recording medium, and the computer A system of the magnetic disk is applied to one having a flute opening according to the above. Steps to replace the main * 1 machine private surface master boot record * boot record master - disk has boot function. "Table is encrypted" which should be encrypted due to the necessary access to the disk can be encrypted : Encrypted, but only the ^Disk's because of the encrypted disk computer system from the correct disk partition table's profit method == his computer system is not a method can effectively fill the magnetic, == purpose Therefore, the above-mentioned body can have a loophole that is completely useless when controlling the soft access of data during normal execution, so that the control of the bei access is more uniform [embodiment] The following will refer to the accompanying method and computer readable 2 = hair: the components that prevent the hard disk serial connection will be the same reference:::= embodiment. The same 7 1247989 is shown in Figure 1, in this embodiment, the invention is applied to an enterprise internal computer The internal computer system 1 has a first hard disk 110, and the first hard disk 110 has a power-on function. According to the prior art, the user can install and control the first hard disk 110. The software for accessing the data, and the software can be set to be automatically executed at the time of booting. The function of controlling the data access is started after the execution of the software, and can be used according to the user permission specification obtained after verifying the identity of the user. The user transmits or prints data on the first hard disk 11 or other hard disk in the internal computer system 100 or stores the above data in an external storage device via a network or other interface. In order to activate the above functions, the first hard disk 110 must be turned on. &quot; 4 Referring to FIG. 2, there is an enterprise external computer system 2〇〇, which has a second hard disk 21〇' and this second hard disk 21〇 also has a boot function, but it is not installed. Software that controls data access. If the first hard disk is physically removed from the enterprise internal computer system 100 and installed in the enterprise: computer system 200, and it is connected in a serial manner to become the second disk 2 = slave disk, use The first hard disk can be used to perform the booting operation, and since the control data access is not performed, the first hard disk 110 will be like any hard disk that simply stores the data. Data access function. The user will be free to pass the wheel, "The data in the first hard disk 110 or copy the above data to another": in the printout. , is a storage device, two solutions to the problem ------ ~ next step. Referring to FIG. 3 and FIG. 4 at the same time, firstly, the first hard disk 丨# _ __ brother master boot record (MBR, Master Boot Record) 4 〇〇 one # <一弟一1247989 disk master boot program (MBP, The Master Boot Program 410 is replaced with a first hard disk replacement master boot program 510 (S301), wherein the first hard disk replaces the main boot program 510 for booting, and a hook program is mounted for the operating system. The role of the interception program will be described later. Next, the first hard disk partition table 420 of the first master boot record 400 of the first hard disk 110 is encrypted to become a first hard disk encrypted disk partition table 520 (S302). The first hard disk partition table 420 records information such as a start track, a terminating track, and an operating system used for each divided area in the first hard disk 11A. Encrypting the first hard disk partition table 420 will make the data in the first hard disk 11〇 unreadable, that is, the hard disk cannot be serially connected. Referring to FIG. 5, after performing the above steps S301 and S302, the first main boot record 4〇0 of the h 500 disc becomes the second main boot log and includes the first hard disk replacement main boot program 51〇. When the first hard disk is turned on, the first hard disk master booting program 41 is F backed up in the first hard disk 110. After the step of the method, if the operating system wants to access the first hard disk hard disk force I cut table 520, the intercepting program can decrypt the read first disk partition table 520 , to make it reply to the capital of the first - (four): fighting. 420, the operating system can correctly access the first-hard disk 11 partition table W the same 'if the system wants to change the first-hard disk encryption magnetic fragment so that the first (10) intercept program can encrypt the data of the written person. The encrypted disk partition table 520 remains in an encrypted state. If the main disc is required, then if the internal f-brain system 1GG has other obstacles, the user may choose whether to encrypt the ninth 247989 disk partition table 420 of the first hard disk 110. The hard disk is each, and the split table is synchronized with hx encryption. If the user selects this function, according to the operation mode of the disc, when the operating system wants to access the hard disk of the hard disk, the intercepting program can use the intercepting program to read the hard disk disk. = The disk partition table is decrypted, and when the operating system wants to write the = encrypted disk partition table, the interceptor is used to encrypt the written information, thereby enabling the internal computer system 1 The other materials in the 予 are within the protection scope of the method. The CD-ROM is a computer-readable record that is better than the usual example. It is a method of preventing hard disk serial connection. The method for preventing hard disk serialization is applied to a computer system having a boot-on hard disk, and the main boot program of the main boot record is replaced according to the previous step and S302, and the disk partition table of the main boot=record is encrypted ( Please refer to FIG. 3 and FIG. 4), and at the same time, according to the needs of the user, the same operation: other hard disks in the system. In addition, as described above, the first hard disk disk (4) 42G necessary for accessing the first hard disk 110 is encrypted to become the first hard disk encrypted disk partition table 520 'and the blocking program The first hard disk encrypted disk partition table 520 can be decrypted. Therefore, if the first-hard disk 110 is removed from the internal computer system of the enterprise, and as shown in FIG. 2, it is intended to be a serial connection to become a filial piety external power 2 〇 0 disk partition table 520 for the enterprise external computer "200 and 5 It is not the correct disk partition table and cannot achieve the purpose of concatenation. Therefore, it is possible to fill the hard disk with the software that controls the access of the data. The user can regulate the behavior of the user when it is in the positive 4 lines, but it is connected in series. At the time of the 1247989, the vulnerability of the use of the data is completely useless, so that the control of the data access is more versatile. The above is only an example and not a limitation. Any deviation from the spirit and scope of the present invention, The equivalent modifications and variations of the invention are included in the scope of the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic diagram of an internal computer system of a preferred embodiment of the present invention; FIG. 2 is a preferred embodiment of the present invention. FIG. 3 is a flow chart of a method for preventing serial connection of a disk according to the present invention; FIG. 4 is a schematic diagram showing contents of a boot disk area of a first hard disk according to a preferred embodiment of the present invention; Better invention Schematic diagram of the content of the first hard disk boot magnetic domain after the implementation of the method. [Main component symbol description] 100 enterprise internal computer system 110 first hard disk 200 enterprise external computer system 210 second hard disk 400 first master boot record 410 first hard disk master boot program 420 first hard disk disk partition table 500 second master boot record 11 1247989 510 first hard disk replacement master boot program 520 first hard disk encrypted disk partition table S301 first hard disk The first hard disk master booting program of the first master boot record is replaced with a first hard disk replacing the master booting program. The S302 encrypts the first hard disk partitioning table of the first master booting record of the first hard disk. Make it a first hard disk encrypted disk partition table 0 12

Claims (1)

1247989 十、申請專利範圍: 1. 一種防止磁碟串接的方法,其係應用於一具有一第一磁碟 之電腦系統中,其中該第一磁碟具有開機的功能,該防止 磁碟串接的方法包含: 將該第一磁碟之一主開機紀錄(MBR,Master Boot Record ) 之一第一磁碟主開機程式(MBP,Master Boot Program ) 替換為一第一磁碟替代主開機程式,其中該第一磁碟替代 主開機程式係用以開機,並為作業系統掛載一攔截(hook) 程式;以及 將該主開機紀錄之一第一磁碟磁碟分割表(Partition Table)予以加密,使之成為一第一磁碟加密磁碟分割表, 其中該搁截程式係用以於作業系統欲存取該第一磁碟加密 磁碟分割表時,將所讀取之該第一磁碟加密磁碟分割表予 以解密,並於作業系統欲寫入該第一磁碟加密磁碟分割表 時,將所寫入之資料予以加密。 2. 如申請專利範圍第1項之防止磁碟串接的方法,更包含備 份該主開機程式。 3. 如申請專利範圍第1項之防止磁碟串接的方法,更包含將 該電腦系統中一第二磁碟之一第二磁碟磁碟分割表予以加 密,使之成為一第二磁碟加密磁碟分割表。 4. 如申請專利範圍第3項之防止磁碟串接的方法,更包含於 作業系統欲存取該第二磁碟加密磁碟分割表時,利用該攔 截程式將所讀取之該第二磁碟加密磁碟分割表予以解密, 並於作業系統欲寫入該第二磁碟加密磁碟分割表時,利用 該攔截程式將所寫入之資料予以加密。 13 1247989 5. —種電腦可讀取之記錄媒體,其記錄一防止磁碟串接的方 法,而該防止磁碟串接的方法係應用於一具有一第一磁碟 之電腦系統中,其中該第一磁碟具有開機的功能,該防止 磁碟串接的方法之步驟包含: 將該第一磁碟之一主開機紀錄(MBR,Master Boot Record ) 之一第一磁碟主開機程式(MBP,Master Boot Program ) 替換為一第一磁碟替代主開機程式,其中該第一磁碟替代 主開機程式係用以開機,並為作業系統掛載一攔截(hook) 程式;以及 將該主開機紀錄之一第一磁碟磁碟分割表(Partition Table) 予以加密,使之成為一第一磁碟加密磁碟分割表,其中該 攔截程式係用以於作業系統欲存取該第一磁碟加密磁碟分 割表時,將所讀取之該第一磁碟加密磁碟分割表予以解 密,並於作業系統欲寫入該第一磁碟加密磁碟分割表時, 將所寫入之資料予以加密。 6·如申請專利範圍第5項之電腦可讀取之記錄媒體,其中該 防止磁碟串接的方法之步驟更包含備份該主開機程式。 7. 如申請專利範圍第5項之電腦可讀取之記錄媒體,其中該 防止磁碟串接的方法之步驟更包含將該電腦系統中一第二 磁碟之一第二磁碟磁碟分割表予以加密,使之成為一第二 磁碟加密磁碟分割表。 8. 如申請專利範圍第7項之電腦可讀取之記錄媒體,其中該 防止磁碟串接的方法之步驟更包含於作業系統欲存取該第 二磁碟加密磁碟分割表時,利用該攔截程式將所讀取之該 第二磁碟加密磁碟分割表予以解密,並於作業系統欲寫入 1247989 該第二磁碟加密磁碟分割表時,利用該攔截程式將所寫入 之資料予以加密。 151247989 X. Patent Application Range: 1. A method for preventing serial connection of a magnetic disk, which is applied to a computer system having a first magnetic disk, wherein the first magnetic disk has a function of turning on the disk, and the magnetic disk string is prevented. The method includes: replacing one of the first disk master drive record (MBR, Master Boot Record) with a first disk replacement master boot program (MBP) The first disk replaces the main booting program for booting, and mounts a hook program for the operating system; and the first disk partition table (Partition Table) of the master boot record is given Encrypting to become a first disk-encrypted disk partitioning table, wherein the intercepting program is used to read the first file when the operating system wants to access the first disk-encrypted disk partitioning table The disk encrypted disk partition table is decrypted, and the written data is encrypted when the operating system wants to write the first disk encrypted disk partition table. 2. For the method of preventing the serial connection of the disk in the first application of the patent scope, the backup program is also included. 3. The method for preventing serial connection of a disk in claim 1 further comprises encrypting a second disk partition table of a second disk in the computer system to make it a second magnetic Disc encrypted disk partition table. 4. The method for preventing the serial connection of the disk in the third application of the patent scope is further included when the operating system wants to access the second disk encrypted disk partition table, and the intercepting program is used to read the second The disk encrypted disk partition table is decrypted, and when the operating system wants to write the second disk encrypted disk partition table, the intercepted program is used to encrypt the written data. 13 1247989 5. A computer readable recording medium recording a method for preventing serial connection of disks, and the method for preventing serial connection of disks is applied to a computer system having a first disk, wherein The first disk has a power-on function, and the method for preventing the disk serial connection comprises: one of a first disk master boot record (MBR, Master Boot Record) MBP (Master Boot Program) is replaced with a first disk instead of the main boot program, wherein the first disk replaces the main boot program for booting, and mounts a hook program for the operating system; One of the boot records is encrypted by the first disk partition table (Partition Table) to be a first disk encrypted disk partition table, wherein the intercepting program is used by the operating system to access the first magnetic disk When the disc encrypts the disk partition table, the first disk encrypted disk partition table read is decrypted, and is written when the operating system wants to write the first disk encrypted disk partition table. The data is encrypted. 6. The computer-readable recording medium of claim 5, wherein the step of preventing the serial connection of the disk further comprises backing up the main booting program. 7. The computer-readable recording medium of claim 5, wherein the step of preventing the serial connection of the disk further comprises dividing the second disk of one of the second disks in the computer system. The table is encrypted to make it a second disk-encrypted disk partition table. 8. The computer-readable recording medium of claim 7, wherein the step of preventing the serial connection of the disk is further included when the operating system wants to access the second disk-encrypted disk partition table. The intercepting program decrypts the read second disk encrypted disk partition table, and when the operating system wants to write 1247989 the second disk encrypted disk partition table, the intercepting program is used to write the written file. The data is encrypted. 15
TW93120732A 2004-07-09 2004-07-09 Method for protecting list disk and computer readable recording media TWI247989B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW93120732A TWI247989B (en) 2004-07-09 2004-07-09 Method for protecting list disk and computer readable recording media

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW93120732A TWI247989B (en) 2004-07-09 2004-07-09 Method for protecting list disk and computer readable recording media

Publications (2)

Publication Number Publication Date
TW200602872A TW200602872A (en) 2006-01-16
TWI247989B true TWI247989B (en) 2006-01-21

Family

ID=37400700

Family Applications (1)

Application Number Title Priority Date Filing Date
TW93120732A TWI247989B (en) 2004-07-09 2004-07-09 Method for protecting list disk and computer readable recording media

Country Status (1)

Country Link
TW (1) TWI247989B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103198029A (en) * 2012-01-05 2013-07-10 精品科技股份有限公司 USB drive with protection mechanism and data storage system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9575885B2 (en) * 2013-06-11 2017-02-21 Silicon Motion, Inc. Data storage apparatus for scrambled data and management method thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103198029A (en) * 2012-01-05 2013-07-10 精品科技股份有限公司 USB drive with protection mechanism and data storage system
CN103198029B (en) * 2012-01-05 2016-06-29 精品科技股份有限公司 There is Portable disk and the data storage system of preventing mechanism

Also Published As

Publication number Publication date
TW200602872A (en) 2006-01-16

Similar Documents

Publication Publication Date Title
US8464354B2 (en) Content cryptographic firewall system
JP4089171B2 (en) Computer system
US20100153716A1 (en) System and method of managing files and mobile terminal device
CN100592313C (en) Electric document anti-disclosure system and its implementing method
JP4610557B2 (en) DATA MANAGEMENT METHOD, PROGRAM THEREOF, AND PROGRAM RECORDING MEDIUM
US20080184035A1 (en) System and Method of Storage Device Data Encryption and Data Access
JP2008072717A (en) Hard disc streaming cryptographic operations with embedded authentication
CN102948114A (en) Single-use authentication methods for accessing encrypted data
US20030221115A1 (en) Data protection system
JP2006155155A (en) Information leakage preventing device and method, and its program
US20070038827A1 (en) Use management method for peripheral device, electronic system and component device thereof
JP2008187718A (en) System and method of data encryption and data access of storage device via hardware key
US7949137B2 (en) Virtual disk management methods
WO2012094969A1 (en) Data protection method and apparatus
JP2007148466A (en) Portable storage device and os
CN101132275B (en) Safety system for implementing use right of digital content
JP2009059008A (en) File management system
US8086873B2 (en) Method for controlling file access on computer systems
TWI497342B (en) Policy group based file protection system, file protection method thereof, and computer readable medium
TWI247989B (en) Method for protecting list disk and computer readable recording media
TWI381285B (en) Rights management system for electronic files
JP2008129803A (en) File server, program, recording medium, and management server
JP2007220134A (en) License transfer device, storage medium and license transfer method
KR20040070382A (en) System and method for preventing outflow of document
JP3849465B2 (en) Information management method