WO2013131363A1 - Apparatus and method for implementing secure storage area - Google Patents

Apparatus and method for implementing secure storage area Download PDF

Info

Publication number
WO2013131363A1
WO2013131363A1 PCT/CN2012/081767 CN2012081767W WO2013131363A1 WO 2013131363 A1 WO2013131363 A1 WO 2013131363A1 CN 2012081767 W CN2012081767 W CN 2012081767W WO 2013131363 A1 WO2013131363 A1 WO 2013131363A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
area
identity authentication
memory
memory controller
Prior art date
Application number
PCT/CN2012/081767
Other languages
French (fr)
Chinese (zh)
Inventor
邵通
Original Assignee
Shao Tong
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shao Tong filed Critical Shao Tong
Priority to CN201280071278.7A priority Critical patent/CN104169894A/en
Publication of WO2013131363A1 publication Critical patent/WO2013131363A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1433Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a module or a part of a module

Definitions

  • the invention belongs to the field of information security.
  • the present invention relates to an apparatus and method for implementing a secure storage area. Specifically, it relates to an apparatus and method for how to hide or compatible identity authentication using a secure storage area.
  • USB disk storage Due to the portability and convenience of use, USB disk storage has received widespread attention and use. However, portability brings problems that are easy to lose. Therefore, how to use technical means to secure the information stored on the USB disk becomes an important issue.
  • the secure area 122 when used for storage, the information stored in the secure area 122 can also be encrypted and decrypted when read out; this method is called medium encryption.
  • the essence of this scheme is that when the memory controller 11 verifies by the identity authentication device 111 that the PIN code received from the computer 2 is correct, the use or transparent use of the secure area 122 (write encryption, read decryption) is opened.
  • computer 2 is also referred to as the host computer of memory 1.
  • the prior art problem with concealment is that a user who illegally obtains the memory can be sure whether the memory has a hidden area or a secure area.
  • a memory with a security zone you need to hide the fact that there is a security zone to improve security.
  • a further requirement is that there is a need for an information hiding memory with a secure hidden area;
  • At the software level there is no reliable way to detect if the memory has this hidden function.
  • This is a new information security issue and a technical issue that needs to be addressed.
  • the memory must have more than two areas.
  • the Patriot L8250 security U disk is implemented in exactly the same way as Figure 1; it has a security zone and a public zone.
  • the technical solution to be solved can be borrowed from the undisclosed "value-driven bomb” conceived by the inventors to hide the technical solution of attacking the computer system.
  • the "value-driven bomb” technical solution is simply that the internal logic of the computer CPU can be designed not to pass the privileged instruction to make the CPU enter the privilege level; or the CPU can analyze the data used by the CPU, and directly enter after satisfying the specific requirements. Privilege level. For example, if you extract a "good day” MP3 song from the CPU, the CPU enters the privilege level. So, it is a "value” driver. Something that was originally CPU was decompressed, but after encountering a specific "value", it entered the privilege level.
  • the "value-driven bomb” technology concept can be used for information security, especially in the field of information hiding. From hidden attacks to hidden protection.
  • the background art related to the present invention has an information setting technique.
  • the BIOS of a PC personal computer has a CMOS setting function.
  • the BIOS program When the PC is turned on, press the F2 key to enter the CMOS setup program.
  • the user can use the BIOS program to set various functions and status of the PC. For example, the order in which the hardware is booted, the time of the PC, the power-on password, and the configuration of various hardware.
  • a CMOS file is a configuration file. From a macro perspective, the value of a CMOS file is used to change the function or state of the computer. Configuring CMOS data is the PC itself.
  • the patented method does not include security means such as identity authentication, and anyone can set it up.
  • security means such as identity authentication
  • the most important point is that, like the CMOS settings of the PC, this setting can only be effective once when the USB flash drive is initialized; it cannot be changed or set after the USB flash drive enters the normal use state.
  • the difference from the PC CMOS setting is that the configured data comes from the host computer.
  • the host computer When the host computer uses these memories, it usually sends commands and then the memory responds; these commands are generally specified by the protocol of the external interface of the memory, or some special commands designed by the designer of the memory, called private commands;
  • the data in the read/write memory is a command from the host computer to read and write the address, and then the memory CPU dominates the reading and writing of the data of the storage medium, and transmits the data to (read) the host computer through the interface, or receives the upper computer. Data is written to the storage medium. That is, the host computer is MASTER (HOST), and the memory is SLAVE (DEVICE).
  • the external interface of the memory it can be divided into a U disk, an SD card, a SATA hard disk, an ATA hard disk, a TF card, an MMC card, and the like.
  • the DDR RAM memory memory
  • the basic function is also to read data through the address; however, there is basically no CPU-like independent computing capability chip inside it, and generally there is no programming chip for computing power in DDR RAM. Possible and necessary. Therefore, the memory in the specification of the present invention specifically means that in this type of memory, it has a CPU that operates independently, a corresponding software and a storage medium that runs on the CPU.
  • the CPU is simply referred to as a disk control or disk control chip, which we call a memory controller; the corresponding software running on the CPU is generally called disk control software or disk control firmware, or directly referred to as firmware.
  • the meaning of curing is not that it cannot be modified, but generally does not need to be modified.
  • the identity authentication device means that the device or person requesting the authentication exchanges data with the identity authentication device, so that the identity authentication device confirms that the device or person requiring authentication has special data or knowledge, and then gives the authentication result.
  • These exchanged data conform to certain protocols, called authentication protocols.
  • authentication protocols In the authentication protocol, there is a zero-knowledge authentication protocol that does not disclose information.
  • a relatively simple authentication protocol is the PIN authentication protocol.
  • the user has a PIN code, and the identity authentication device also has the same PIN code, or a converted PIN code (the cryptographic term is called salt).
  • the authentication process is that the user transmits the PIN code to the identity authentication device; then the identity authentication device compares and receives the PIN code and the identity authentication device.
  • the PIN code (or the transformed PIN code) stored in the middle gives the authentication result; the authentication is unanimously passed, and the inconsistent authentication fails. That is, the PIN code identity authentication device includes: a stored PIN code and a device for comparing the PIN code. Obviously, the PIN code authentication device may also include means for PIN code conversion.
  • an authentication protocol such as the "challenge-answer" mode. That is, the identity authentication device generates a random number and transmits it to the user; the user calculates the response number according to the random number, and transmits the response number back to the identity authentication device; the identity authentication device determines whether the random number is consistent or related according to the number of responses; Pass the relevant certification, otherwise it will not pass the certification. In fact, the identity authentication device can completely predict the correct number of responses, so the final step of this type of protocol is similar to PIN code identity authentication, which is to compare the user response data with the data in the identity authentication device; consistently or transformed to pass the authentication.
  • the PIN code identity authentication device in the present invention includes all of the types of identity authentication devices, which perform response comparisons in the last step of the protocol, and determine the authentication result based on the result of the comparison.
  • a normal memory (such as a USB flash drive) has only one zone, which we call a public zone.
  • a public zone can be multiple public areas. Public areas can also require identity authentication before they can be used.
  • the requirement of the invention is to add a security zone to the existing memory.
  • the security zone can be a logical area, a volume, a directory, a file, etc.; for convenience in the present invention, the security zone is a logical area or a logical disk.
  • the host computer uses the memory, it is a completely normal normal memory, that is, only the public area. This creates technical problems and how to solve the technical problems of using the safe area.
  • the existing conventional memory U disk is the memory 1 of FIG. 1 for canceling the identity authentication device 111 and the security area 122.
  • the method of implicitly giving the identity authentication data in the process of normal memory operation should be adopted; and after the identity authentication data passes the identity authentication, the hidden zone is opened for use.
  • Identity authentication is performed according to the order in which the upper computer reads and writes the sector address data of the common area of the memory.
  • the order can constitute authentication data, that is, "address value drive”. That is to say, the memory controller receives the read/write sector address data required by the host computer, and determines whether the order of the read/write address data satisfies the requirements of the identity authentication data and performs identity authentication while the read/write command is normally completed.
  • the solution generally requires special memory sector read/write software to enable reading and writing of these areas, the presence or absence of the read/write software may also indicate whether the memory has a security zone.
  • the corresponding reading and writing software must be developed according to different computer operating systems, otherwise it can not be used, and there is also a problem that compatibility is not ideal. That is, the solution is a technical solution for information hiding security zones, and there is great progress in hiding and compatibility compared with the prior art, but it is not the best solution.
  • a better method is to read the special sector of the common area or check the data of the special sector written by the host computer in the public area. For example, reading or checking the data written by the upper computer to the directory area in the file system of the storage common area; if the data contained in a file name (or directory name) in the directory area meets the data required for identity authentication, Identity authentication can be implemented; for example, if a file name (or directory name) is used as the PIN code, the memory controller can check the file name (or directory name) in the directory that meets the PIN code required by the security zone authentication. Authentication.
  • the method of inputting the authentication data is relatively simple and normal, and meets the requirements of the hidden identity authentication; that is, the host computer creates a file (or directory name) of a file name that satisfies the identity authentication requirement in the root directory area of the file system of the storage common area. To hide the identity authentication data or PIN code.
  • An apparatus for implementing a secure storage area comprising: a memory controller; a common area; at least one security area; an identity authentication device matching the security zone; wherein, when the memory controller checks operation data for the public zone, There is data conforming to the identity authentication requirements of the identity authentication device that matches the security zone, and the memory controller opens the use of the security zone; wherein the memory controller checks operational data for the public zone, including but not limited to: write data to the public zone Data read from the public area, existing data in the common area, data in the normal operation command of the public area (for example, address data in the read/write sector command), check on the status of the common area or the memory controller Data, etc.; that is, all data that the memory controller can obtain from the host computer and can check.
  • the security zone includes but is not limited to: a logical area, volume, directory, file Wait.
  • the memory controller checks the operation data for the common area, and may check the write data to the common area, or may check the data read from the public area, or may check the existing data of the public area, or may be The data in the normal operation command of the upper computer to the public area.
  • the identity authentication device matching the security zone is a PIN code authentication device, and when the memory controller checks the write data to the common area, the read data, the existing data, or the data in the normal operation command of the upper computer to the public area, The PIN code that matches the authentication device or the PIN code that is consistent after the conversion is included, and the memory controller uses the open security zone;
  • the memory controller also has cascaded trigger means for checking write data to a common area or data read from a public area;
  • the identity authentication device that matches the security zone is a PIN code authentication device.
  • the memory controller checks the data of the file system directory area of the public area, it finds that the PIN code that matches the authentication device or the PIN code that is consistent after the conversion is included.
  • the memory controller can be reset before it can be checked accordingly;
  • a method of using a secure storage area comprising: a memory controller checking operational data for a public area; and using an open security area when the operational data of the public area is authenticated by the identity;
  • the memory controller checks operational data for the common area, including but not limited to: write data to the public area, data read from the public area, existing data in the public area, data in normal operation commands to the public area (eg, , the address data in the read/write sector command), the data for checking the status of the common area or the memory controller, etc.; that is, all the data that the memory controller can obtain from the host computer and can check.
  • the security zone includes but is not limited to: a logical area, volume, directory, file, etc.
  • the memory controller checks the operation data for the common area, and may check the write data to the common area, or may check the data read from the public area, or may check the existing data of the public area, or may be Data in the normal operation command of the public area
  • the memory controller checks the write data to the common area or the data read from the common area, using a cascade trigger;
  • the memory controller checks that the operation data for the common area is performed when the memory controller is initialized; Further, the memory controller checks that the operation data for the common area is data of the public area file system directory area, and the data includes the existing data or the write data of the upper computer;
  • the memory controller checks the operation data of the common area to check the existing file data of the file in the public area, the write data of the upper computer to the memory, or the data read by the upper computer from the memory;
  • the memory controller checks that the operational data for the common area is all types of data obtained by checking the memory controller;
  • all types of data obtained by the memory controller include write data of the host computer to the memory, read data, state exchange data, address data in the read/write command, and data in a normal operation command of the common area;
  • identity authentication is PIN code authentication
  • the public area here is not an area where data cannot be hidden. Just for the convenience of description, it means that it is not the same area as the safe area. If the public area and the security area are in the same logical disk, it only means that they do not belong to the same logical area, folder or file.
  • the public area 121 has no functions such as read/write restrictions and media encryption, and the security area 122 needs to be authenticated by the identity authentication device 111 before it can be used normally;
  • Figure 2 shows a schematic view of a preferred embodiment 1, 4;
  • Figure 3 is a schematic view showing a preferred embodiment 2
  • Fig. 4 is a view showing a preferred embodiment 3.
  • a secure storage area device is shown as "secure memory 1" in FIG.
  • a device for secure memory 1 comprising: a memory controller 11; a common area 121; a security area 122; an identity authentication device 111 matching the security zone; a memory external interface 110; 11 is connected to the common area 121 and the secure area 122, and is connected to the computer 2 through the memory external interface 110; wherein, when the memory controller 11 checks the write data of the computer 2 to the common area 121 through the memory interface 110 (eg, directory data) It is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the security zone, and the memory controller 11 opens the use of the security zone 122, that is, the computer 2 can read and write the security zone.
  • the memory controller 11 checks the write data of the computer 2 to the common area 121 through the memory interface 110 (eg, directory data) It is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the security zone, and the memory controller 11 opens the use of the
  • the identity authentication device 111 is a PIN code identity authentication device.
  • the data required for the identity authentication of the identity authentication device 111 matching the security zone is the file name (or directory name) data in the root directory area of the public zone file system, and the data is used as the PIN code for identity authentication. It is apparent that as long as a certain file name (or directory name) is authenticated by the PIN code of the identity authentication device 111 in the root directory area, the memory controller 11 opens the use of the secure area 122 to the computer 2. Of course, the use of the open security zone 122 can use the public zone 121 at the same time, so that a logical disk must be added. You can also use the public area temporarily when using the security zone.
  • the identity authentication device 111 matching the security zone is a PIN code authentication device, and the legal PIN code is PSWD.TXT to further illustrate Embodiment 1.
  • a file named PSWD.TXT can be written by the computer 2 (or host computer) to the root directory of the secure memory 1 public area 121 file system; the computer 2 will be based on the public area 121 of the secure memory 1.
  • the file system specifies that the file name named PSWD.TXT and other related data are written to the root directory area of the public area 121 of the secure memory 1; the memory controller 11 obtains the root directory area according to the file system specification of the public area.
  • the memory controller 11 can obtain the names of all the files written in the root directory by checking the data written in the root directory area of the file system of the public area 121 of the secure memory 1, including the name of the PSWD.TXT file; The memory controller 11 sends all the obtained file names in the root directory to the identity authentication device 111 matching the security zone for identity authentication. Obviously, this also has the file name PSWD.TXT; since the file name of PWSD.TXT is bound to be It is sent to the identity authentication device 111 that matches the security zone, so the identity authentication device 111 However it will pass authentication; the memory controller 11 in accordance with the authentication result of the authentication device 111, 122 open the safe areas. Of course, the memory controller 11 also performs the same operation when writing a normal normal root file file, but since there is no PSWD.TXT file, it does not pass authentication; this is like writing a root directory file normally.
  • this check can be started only when the computer 2 writes the root directory to save the workload of the memory controller 11. Further, the memory controller 11 can also cause the PSWD.TXT file to be deleted in accordance with the provisions of the common area file system to prevent the PIN code from being leaked. That is to say, if the file or directory name of the directory area is read and read, the PIN code is given in a hidden manner. It is generally required that after using this PIN code, the PIN code should be cancelled; the essence is to delete or modify the file name or directory as the PIN code.
  • the user wants to change the password of PSWD.TXT to the 123456.TXT password.
  • the file with the file name of 123456.SET can be written first in the root directory of the file system of the public area 121 of the secure memory 1; then the computer 2 (or the host computer) is directed to the root directory of the file system of the secure memory 1 public area 121.
  • the computer 2 writes the name to the root directory area of the public area 121 of the secure memory 1 according to the definition of the common area 121 file system of the secure memory 1.
  • the data of the root directory area of the system can get the names of all the files written in the root directory, including the name of the PSWD.TXT file; the memory controller 11, sends the file names of all the obtained root directories to the identity matching the security zone.
  • the authentication device 111 performs identity authentication. Obviously, there is also a file name of PSWD.TXT. Since the file name of PWSD.TXT is necessarily sent to the identity authentication device 111 matching the security zone, the identity authentication device 111 must pass the identity authentication.
  • the memory controller 11 searches the root directory area for the file with the suffix ".SET" according to the result of the authentication by the authentication of the identity authentication device 111; when it finds that there is a file with the file name of 123456.SET, the memory control The device 11 changes the PIN code or the authentication for authentication in the identity authentication device 111 that matches the security zone.
  • the PIN code is 123456.TXT. This completes the replacement of the PIN code.
  • the hidden core problem is the identification of where and how to obtain the data required for authentication. It can be solved by checking the file name or directory name data of the directory area used in Embodiment 1, or other means can be used. Such as: data written to the public area, data read from the public area, status check of the public area or the memory controller, and the like.
  • the security zone 122 to be presented in the form of a logical disk. That is, the hidden disk is presented in the form of a logical disk. It is also possible to display two logical disks first, one of which is a public area and the other is a security zone; when it is not authenticated, security is not readable and writable; after authentication, the use of the security zone is directly opened. In this way, it is possible to use two zones at the same time, but the advantage of hiding the security zone is lost.
  • the user usage of this embodiment is: inserting a USB flash drive on the computer; using a computer to create a PIN code file on the root directory of the USB flash drive, is to create a file named PSWD.TXT; since PSWD.TXT is the security zone PIN code And passed the identity certification.
  • the computer can then use the security zone. That is, the security disk can be used on the computer.
  • a method of using a secure storage area comprising: a storage controller checking for a public The operational data of the zone; the use of the open security zone when the operational data of the public zone passes the identity authentication. It is the core of this method to check the use of "normal" data in public areas to achieve the use of open or secure areas after hidden or compatible authentication.
  • the operation data for the public area is checked, including but not limited to: write data to the public area, data read from the public area, existing data of the public area, data of status check of the public area or the memory controller, etc.; That is, it includes all the data that the memory controller can get from the host computer.
  • the security zone includes but is not limited to: a logical area, a volume, a directory, a file, etc. For security and convenience, checking the operational data for the public area may be performed when the memory controller is initialized. This also reduces the difficulty and strength of the memory controller.
  • a method of using a secure storage area comprising the steps of: entering initialization after power-on; reading data of a root directory area in a public area file system; providing all file names (or directory names) of the root directory area as a PIN code
  • the PIN code identity authentication device performs identity authentication; if there is a file name (or directory name) authenticated by the PIN code identity authentication device, it means that the authentication is performed, the open security zone is read and written (used); if there is not one in the root directory
  • the file name (or directory name) can be authenticated by the identity authentication device as the PIN code, and the authentication is not performed. Only the public area is read and written (used).
  • USB flash drive Secure Memory 1 consisting of a Z8HM2 chip (memory controller 11) and a MT29F32G08BA memory chip (4G, storage medium 12).
  • the storage space of the memory chip (MT29F32G08BA) of the USB flash drive is divided into two areas, a common area 121 (1G) and a security area 122 (3G).
  • the public area is formatted as a FAT16 file system and the security area is formatted as a FAT32 file system.
  • the format and standards of the FAT16 and FAT32 file systems are not described here.
  • the U disk control program in the Z8HM2 After powering up the U disk of the present invention, the U disk control program in the Z8HM2 first enters the initialization program module of the chip; in the initialization program module, the U disk control program is calculated according to the standard specification of the public area 121 file system (FAT16).
  • the location of the root directory of the public area in the memory chip (MT29F32G08BA); read the data of the root directory sector stored in the memory chip (MT29F32G08BA); then the U disk control program, all file names in the root directory of the file system (or directory name) is compared with the pre-stored PIN code (the file name is submitted as a PIN code to the PIN code identity authentication device 111 for identity authentication); if equal (the existence of a certain file name is authenticated by the PIN code identity authentication device 111, it indicates By authentication), the read/write function (use) of the open security zone 122; if none of the file names (or directory names) in the root directory are equal (as the PIN code does not pass the identity authentication of the identity authentication device 111), the authentication is not passed.
  • Open only public areas 121 read and write (use); then the U disk control program enters the wait state, waits for the USB command issued by the computer, and performs corresponding work according to the command; when the computer 2 connected to the U disk issues an inquiry according to the USB protocol, the U disk has When several logical disks (LUNs) and types are used, the U disk control program performs corresponding data echo according to the initialization result. If there is no identity authentication, the answer is only one LUN. At this time, the computer 2 considers that the U disk has only one logical disk. After passing the identity authentication, the U disk controller answers that there are 2 LUNs. At this time, the computer 2 considers that the U disk has 2 logical disks; and displays two drive letters, that is, the public area 121 and the security area 122. At the same time, the reading and writing and other operations of these two areas are opened.
  • LUNs logical disks
  • the above process is the work of the U disk initialization module. Then, the U disk controller enters the working module and waits. When the computer connected to the USB flash drive 2 issues a command according to the USB protocol format, the USB flash drive responds to the execution.
  • the U disk control program also has the function of checking the boundary according to the command of the computer to read and write the U disk, so that the USB command for reading and writing the public area cannot take the method of reading and writing across the boundary, and the data of the security zone is read to provide better security.
  • the user usage of this embodiment is: inserting a USB flash drive on the computer; using the operating system on the computer to create a PIN code file on the root directory of the USB flash drive (in the first embodiment, the file named PSWD.TXT is created); U disk; Insert U disk, because PSWD.TXT is the PIN code of the security zone, and passed the identity authentication.
  • the computer can then use the security zone. That is, you can see 2 mobile hard disks on the computer 2: security disk and security disk.
  • the PIN code can also be replaced by the method in Embodiment 1.
  • the file system of the security zone has nothing to do with the embodiment, that is, it can be any file system that can be used by the upper computer.
  • the core of identity authentication based on directory data in the public area is that the firmware of the memory controller must be able to analyze the directory data of the public zone, ie the firmware must be compatible with the file system.
  • the corresponding U disk public area file system includes but is not limited to FAT12, VFAT, FAT16, FAT32, CDFS, NTFS.
  • the corresponding file system includes but is not limited to EXT2, EXT3, JFS, NFS, RAMFS HPFS, CRAMFS FAT12, VFAT, FAT16, FAT32.
  • the USB flash drive may be a flash disk, a CF card, an MMC card, an SM card, an SD card, etc., but is not limited to the above mobile storage device.
  • the essence of the method of the present invention is that the data of the directory area is used as a PIN code to be provided to the identity authentication device; after the identity authentication, the use of the security zone is opened. Further, a plurality of security zones may be set; each security zone has a corresponding identity authentication method and device. Simply, they can all be PIN code authentication devices. In this way, the directory area data is checked, and the corresponding security zone is opened according to the corresponding PIN code authentication result. This increases the security scheme that implements multiple security zones, and achieves the hiding of the number of security zones. Embodiment 3 details the technical solution.
  • a device using a secure area is as described in connection with the secure memory 1 of FIG. Shown.
  • the secure area 121 corresponds to the identity authentication device 111; the secure area 122 corresponds to the identity authentication device 112.
  • the identity authentication devices 111 and 112 are both PIN code authentication devices, that is, the identity authentication devices 111 and 112 store PIN codes or PIN codes after salting.
  • the memory controller 11 checks the write data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the secure area 121, the memory controller 11 opens the use of the secure area 121; when the memory is controlled When the device 11 checks the write data or the existing data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 112 matching the secure area 122, and the memory controller 11 opens the use of the secure area 122.
  • the data "when the memory controller 11 checks the write data or the existing data to the common area 123" in this embodiment may also be a file directory name or file name data.
  • the method of Embodiment 1 can also be adopted to replace the PIN: After passing the identity authentication, search for the root directory; look for the file with the suffix ".SET" to replace the PIN code.
  • the scenario shows the case of only two security zones, and it is clear that the authentication scheme applies to more than two security zones. For example, 5 security zones, so there are corresponding 5 PIN code authentication devices. This allows multiple security zones to be hidden, and there is no way for an attacker to confirm the actual number of security zones. Regarding the situation of multiple security zones, we will not go into details.
  • the security zone 121 may be opened by using the file name PIN code of the public zone, and then the security zone 122 may be opened by the file name PIN code of the security zone 121. This way, you can hide more safely.
  • this hidden method is to achieve multi-identity hidden authentication. It is a matter of course to choose a safe area based on the results of the certification. Of course, a more advanced identity authentication protocol such as zero-knowledge authentication can be used to implement multi-identity concealment authentication.
  • a device for using a secure area is as shown in the associated secure memory 1 of Figure 2.
  • the secure area 122 corresponds to the identity authentication device 111.
  • the identity authentication device 111 is a PIN code authentication device, that is, the identity authentication device 111 stores a PIN code or a salted PIN code.
  • the memory controller 11 checks the write data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the secure area 122, and the memory controller 11 opens the use of the secure area 122.
  • the write data here can be the content written in the file.
  • directly checking the write data of all files is a very time consuming task and has no practical value.
  • a hardware engine can be used to speed up this inspection.
  • a more feasible approach is to check using the hardware of the cascade trigger. For example, suppose the cascade trigger of the memory controller It is Ql, Q2, Q3 and Q4; these four triggers constitute a cascade trigger device; we need to check whether there are 01H, 53H, 67H, 23H, 12H PIN code data sequences in all written data.
  • the hardware sets the Q1 flip-flop; when the Q1 flip-flop is set, checks the data that is subsequently written; if the data to be subsequently written is 53H, the Q2 flip-flop is set, otherwise the Q1 is reset. Trigger; When the Q1 and Q2 flip-flops are set, the data to be written is checked; if the data to be subsequently written is 67H, the Q3 flip-flop is set, otherwise the Q1 and Q2 flip-flops are reset. When the Ql, Q2, and Q3 flip-flops are set, the data that is subsequently written is checked.
  • the Q4 flip-flop is set, otherwise the Ql, Q2, and Q3 flip-flops are reset.
  • the Ql, Q2, Q3, and Q4 flip-flops are set, check the data that is subsequently written. If the data to be written next is not 12H, reset the Ql, Q2, Q3, and Q4 flip-flops; if the data to be written next is 12H, Indicates that the PIN code data sequence of 01H, 53H, 67H, 23H, 12H appears in the write data, and the memory controller 11 opens the use of the security zone 122. Any data mismatch will necessarily reset all triggers, and the write sequence check must be restarted. This realizes the work of judging whether there are 01H, 53H, 67H, 23H, 12H PIN code data sequences from all the written data, and realizes identity authentication.
  • the hardware that implements the above functions is very simple, so checking all the write data of the host computer to implement identity authentication is a technically fully implementable technical solution. For example, it is possible to write an MP3 song containing identity authentication data to the public area of the secure memory for identity authentication and use of an open secure area.
  • identity authentication can be implemented when the host computer reads the file containing the identity authentication data in the public area of the secure memory. For example, a song of a specific MP3 stored in a secure memory is played to implement identity authentication.
  • the essence of the invention is to use the various data of the public area to achieve identity authentication, and then open the use of the security zone.
  • the public area data that can be used is not limited to the data of the root directory, but also the data of a specific subdirectory, or the file name in a specific directory, or a file in a specific directory. Content, or even a specific version of a particular singer's song in a particular directory.
  • the specified data of any public area can be used as the identity authentication data for identity authentication; and the use of open security zones after authentication.
  • the data of any public area also includes any normal data for the operation of the public area, such as copying a specific song to the public area, the memory controller can check the written data of the song, such as the file path stored, the song title, The content of the song and so on. These data can be used as data for identity authentication.
  • the above method is described by using the PIN code authentication identity authentication device and the public zone directory area data for identity authentication. It also illustrates how to check the contents of the public area file to read and write, to illustrate the method of the present invention.
  • the present invention is not limited to use only one security zone; nor is it limited that the public zone and the security zone must be in different file systems; the undefined security zone must be a logical zone, which may be a volume, a directory, a file, etc.; Only use PIN code authentication; it is not limited to use only public area directory data for identity authentication; nor is it limited to use only the read and write data of the memory for identity authentication; nor is it limited to U disk, obviously can also be applied to TF card , SD card, memory in the phone, hard disk, and memory in the computer.

Abstract

The objective of the present invention is to provide an apparatus and a method for implementing a secure memory. A secure area exists in a secure memory, so that an uninformed user cannot obtain information about whether the memory has a hidden area. In addition, normal operating data on a public area is adopted to open and use the hidden area. The method can protect the security of information in the memory, improve the privacy protection capability of the memory, and can be widely applied to various memories such as an SD card, a TF card, a mobile phone, and a computer hard disk. At the same time, because the method is independent of the operating system, the method can be compatible with any device that can use these memories.

Description

一种实现安全存储区的装置及方法  Device and method for realizing safe storage area
技术领域 Technical field
本发明属于信息安全领域。本发明涉及的是一种实现安全存储区的装置及方法。具体地说, 涉及如何隐藏或兼容地进行身份认证使用安全存储区的装置及方法。  The invention belongs to the field of information security. The present invention relates to an apparatus and method for implementing a secure storage area. Specifically, it relates to an apparatus and method for how to hide or compatible identity authentication using a secure storage area.
背景技术 Background technique
由于使用的便携性及方便性, USB 盘存储器受到大家的普遍重视及使用。 但是, 便携性 带来了其容易丢失的问题。 所以如何用技术手段保障 USB盘所存储信息的安全性就成为一个 重要的问题。  Due to the portability and convenience of use, USB disk storage has received widespread attention and use. However, portability brings problems that are easy to lose. Therefore, how to use technical means to secure the information stored on the USB disk becomes an important issue.
事实上, 所有的存储器和移动存储器 (包括硬盘、 USB盘、 SD卡、 TF卡、 手机等等) 都存在丢失、 盗窃、 抢劫及强迫公开所存储信息内容的安全风险。 现有技术采用 "介质加密" 存储的方法, 来降低信息泄露的风险。 这些方案采用的基本技术手段 (参考说明书附图 1 ) 就 是,在存储器 1上设置一个安全区 122,当需要使用该安全区 122时;通过存储器对外接口 110, 与存储器 1连接的计算机 2传送 PIN码到存储器控制器 11。当 PIN码被存储器控制器 11中的 身份认证装置 111确认正确后, 存储器控制器 11开放该安全区 122的使用。 进一步, 在使用 安全区 122进行存储时, 还可以把存储到安全区 122中的信息加密, 读出时被解密; 这种方式 称为介质加密。 该方案的本质就是, 当存储器控制器 11通过身份认证装置 111验证, 从计算 机 2接收到的 PIN码正确后, 开放安全区 122的使用或透明使用 (写入加密, 读出解密)。 在 图 1 中计算机 2 也称为存储器 1 的上位机。 关于现有技术的描述, 可以参考专利: (ZL200510108566.7) 具有保密功能的可携式存取装置及存取方法。  In fact, all memory and removable storage (including hard drives, USB drives, SD cards, TF cards, mobile phones, etc.) are at risk of loss, theft, robbery, and forced disclosure of stored information content. The prior art uses a "media encryption" storage approach to reduce the risk of information leakage. The basic technical means adopted by these schemes (refer to FIG. 1 of the specification) is that a security zone 122 is provided on the memory 1, when the security zone 122 is required to be used; and the computer 2 connected to the memory 1 transmits the PIN through the memory external interface 110. The code is to the memory controller 11. When the PIN code is confirmed by the identity authentication device 111 in the memory controller 11, the memory controller 11 opens the use of the secure area 122. Further, when the secure area 122 is used for storage, the information stored in the secure area 122 can also be encrypted and decrypted when read out; this method is called medium encryption. The essence of this scheme is that when the memory controller 11 verifies by the identity authentication device 111 that the PIN code received from the computer 2 is correct, the use or transparent use of the secure area 122 (write encryption, read decryption) is opened. In Figure 1, computer 2 is also referred to as the host computer of memory 1. For a description of the prior art, reference may be made to the patent: (ZL200510108566.7) Portable access device and access method with security function.
另夕卜, 还可以参考专利申请(ZL201110051151.6) —种分区隐藏及读取的方法、 专利申请 ( ZL201110108695.1 ) USB 嵌入式可信赖私有信息处理装置及系统、 专利申请 (ZL201110108673.5)—种可携带式可信赖私有信息处理系统、专利申请(ZL200610036302.X) 存储卡数据隐藏管理方法及其程序、及专利申请(ZL201010144381.2)存储装置管理方法及系 统。 这些文件都是实现本发明的背景技术文件。  In addition, you can also refer to the patent application (ZL201110051151.6) - Method for partition hiding and reading, patent application (ZL201110108695.1) USB embedded trusted private information processing device and system, patent application (ZL201110108673.5) - Portable and reliable private information processing system, patent application (ZL200610036302.X) Memory card data hiding management method and program thereof, and patent application (ZL201010144381.2) storage device management method and system. These documents are background documents for implementing the present invention.
但是,现有各种方法均不能隐藏该存储器有安全区或隐藏区的这个重要信息, 同时对多个 操作系统的同时兼容性也不是很好。  However, the existing methods cannot hide this important information that the memory has a security zone or a hidden zone, and the compatibility with multiple operating systems is not very good at the same time.
现有技术关于隐藏性的问题就是说, 非法得到该存储器的使用者, 可以肯定该存储器是否 有隐藏区域或安全区域。对于一个具有安全区的存储器, 需要隐藏是否有安全区这个事实, 来 提高安全性。 更进一步的要求是, 需要一种信息隐藏存储器, 具有安全隐藏区域; 能够使上位 机在软件层面, 不能有可靠的手段检测出该存储器是否具有该隐藏功能。这是一种新的信息安 全问题, 也是一个需要解决的技术问题。显然一般要实现信息隐藏安全区域, 则存储器必然有 两个以上的区域。 例如爱国者 L8250型安全 U盘, 就是采用与附图 1完全一样的方式实现; 它有一个安全区和公共区。 如何在一个存储器(一个盘)上分割出两个区域, 特别是安全隔离 的两个区域, 还可以参考本发明人的相关专利及专利申请文件: (ZL02113032.9) —种实现硬 盘安全隔离的装置及方法、 (ZL00132989.8) 硬盘存取变址装置及硬盘变址存取方法。 当然也 有在一个区域或存储器的文件系统中,采用隐藏大文件的方式来代表一个隐藏区域; 或者利用 文件系统在文件系统区域内留一个隐藏区域; 总之我们都可以理解为还是两个以上的区域。 The prior art problem with concealment is that a user who illegally obtains the memory can be sure whether the memory has a hidden area or a secure area. For a memory with a security zone, you need to hide the fact that there is a security zone to improve security. A further requirement is that there is a need for an information hiding memory with a secure hidden area; At the software level, there is no reliable way to detect if the memory has this hidden function. This is a new information security issue and a technical issue that needs to be addressed. Obviously, in general, to implement information hiding security areas, the memory must have more than two areas. For example, the Patriot L8250 security U disk is implemented in exactly the same way as Figure 1; it has a security zone and a public zone. How to split two areas on one memory (one disk), especially two areas that are safely isolated, and also refer to the related patent and patent application documents of the inventor: (ZL02113032.9) - a kind of hard disk safety isolation Apparatus and method, (ZL00132989.8) Hard disk access indexing device and hard disk index access method. Of course, in a region or memory file system, the method of hiding large files is used to represent a hidden area; or the file system is used to leave a hidden area in the file system area; in short, we can understand that there are still more than two areas. .
关于现有技术对多个操作系统的同时兼容性的问题就是说,现有实现安全存储器的技术方 案还有兼容性比较差的缺点。例如为了在 WINDOWS XP上使用, 需要在 WINDOWS XP上开 发驱动程序或程序 (SDK),用以实现通过上位机及上位机软件与储存器控制器交换 PIN码并进 行身份认证; 当 PIN 码正确并通过身份认证后, 储存器控制器开放安全区的使用。 但是, 当 操作系统升级到 WINDOWS 7或使用 ANDROID时, 就必须开发相应操作系统的驱动程序或 程序来实现身份认证; 从使用的兼容性上看, 就是一个缺点。 或者说用于 WINDOWS系统的 安全存储器在用于 ANDROID系统时, 就会产生兼容性问题。  The problem with the prior art compatibility with multiple operating systems is that the existing technical solutions for implementing secure memory have the disadvantage of poor compatibility. For example, in order to use on WINDOWS XP, it is necessary to develop a driver or program (SDK) on WINDOWS XP to exchange PIN code and identity authentication with the storage controller through the host computer and the host computer software; when the PIN code is correct and After identity authentication, the storage controller opens the use of the security zone. However, when the operating system is upgraded to WINDOWS 7 or uses ANDROID, it is necessary to develop a driver or program for the corresponding operating system to implement identity authentication; from the perspective of compatibility, it is a disadvantage. Or, when the secure memory for the WINDOWS system is used in the ANDROID system, compatibility issues arise.
如何用技术手段, 解决隐藏安全区和兼容性这两个问题, 是本发明的目的。解决的技术方 案可以借用本发明人构思的未公开"值驱动炸弹"隐藏攻击计算机系统的技术方案。 "值驱动炸 弹"技术方案简单的说就是,可以设计计算机 CPU的内部逻辑不全是通过特权指令,来使 CPU 进入特权级; 还可以是 CPU分析 CPU使用的数据, 在满足特定要求后, 直接进入特权级。 例 如, 把一首 "好日子"的 MP3歌曲, 用 CPU解压, 则 CPU进入特权级别。 所以, 是"值"驱动。 本来 CPU 的某个功能是解压, 但是遇到特定 "值"后, 进入特权级。 "值驱动炸弹 "技术构思可 以用于信息安全, 特别是信息隐藏领域。 从隐藏式攻击变成隐藏式保护。  How to solve the two problems of hidden security zone and compatibility by technical means is the object of the present invention. The technical solution to be solved can be borrowed from the undisclosed "value-driven bomb" conceived by the inventors to hide the technical solution of attacking the computer system. The "value-driven bomb" technical solution is simply that the internal logic of the computer CPU can be designed not to pass the privileged instruction to make the CPU enter the privilege level; or the CPU can analyze the data used by the CPU, and directly enter after satisfying the specific requirements. Privilege level. For example, if you extract a "good day" MP3 song from the CPU, the CPU enters the privilege level. So, it is a "value" driver. Something that was originally CPU was decompressed, but after encountering a specific "value", it entered the privilege level. The "value-driven bomb" technology concept can be used for information security, especially in the field of information hiding. From hidden attacks to hidden protection.
另外, 与本发明相关的背景技术还有一种信息设定技术。 例如, PC 个人计算机的 BIOS 都有 CMOS设置功能。 当 PC机开机后, 按 F2键进入 CMOS设置程序, 用户可以用 BIOS程 序对该 PC机的各种功能及状态进行设置。 例如, 硬件启动的顺序, PC机的时间, 开机口令 及各种硬件的配置。 CMOS文件就是配置文件。 从宏观的角度, 就是用 CMOS文件的值改变 了计算机的功能或状态。 配置 CMOS的数据是 PC机自己。  Further, the background art related to the present invention has an information setting technique. For example, the BIOS of a PC personal computer has a CMOS setting function. When the PC is turned on, press the F2 key to enter the CMOS setup program. The user can use the BIOS program to set various functions and status of the PC. For example, the order in which the hardware is booted, the time of the PC, the power-on password, and the configuration of various hardware. A CMOS file is a configuration file. From a macro perspective, the value of a CMOS file is used to change the function or state of the computer. Configuring CMOS data is the PC itself.
如果我们把整个移动存储设备 U盘看成一台 PC机,事实上就可以利用 U盘中的 CPU (或 盘控) 进行 U 盘状态的设置或功能改变。 深圳市朗科科技股份有限公司的专利 "ZL200310117457.2改变移动存储设备功能或状态的方法",公开了一种改变移动存储设备功能 或状态的方法。 具体就是在通过上位机在 U盘中设置一个特定文件 (如: 0000.TXT), 在 U 盘加电初始化时, U盘的盘控及盘控软件, 根据 U盘特殊文件的属性, 设置 U盘某些区域的 属性; 如, 只读、 读写等等。 显然该专利方法没有加入身份认证等安全手段, 任何人均可进行 设置。 最重要的一点就是与 PC机的 CMOS设置一样, 该设置只能在 U盘加电初始化时一次 有效; 并不能在 U盘进入正常使用状态后, 进行设置或状态的改变。 但是, 与 PC机 CMOS 设置的不同点在于配置的数据来源于上位机。 If we consider the entire mobile storage device U disk as a PC, we can actually use the CPU (or disk control) in the USB disk to make the U disk status setting or function change. Shenzhen Langke Technology Co., Ltd. patent "ZL200310117457.2 Method of Changing the Function or State of a Mobile Storage Device" discloses a method of changing the function or state of a mobile storage device. Specifically, a specific file (such as: 0000.TXT) is set in the U disk through the host computer. When the U disk is powered on, the disk control and disk control software of the U disk are set according to the attributes of the U disk special file. The properties of certain areas of the disk; for example, read-only, read-write, and so on. Obviously, the patented method does not include security means such as identity authentication, and anyone can set it up. The most important point is that, like the CMOS settings of the PC, this setting can only be effective once when the USB flash drive is initialized; it cannot be changed or set after the USB flash drive enters the normal use state. However, the difference from the PC CMOS setting is that the configured data comes from the host computer.
现代计算机上大多数存储器 (包括硬盘、 移动硬盘、 U盘、 MMC卡、 闪存盘、 CF卡、 MMC卡、 SM卡、 SD卡、 TF卡、 手机等等), 本质上都是一个以存储数据为目的的特殊计算 机系统。 它有 CPU、 大容量存储介质及对外接口。 上位机使用这些存储器时, 一般都是发送 命令, 然后存储器应答; 这些发送的命令一般是由存储器对外接口的协议规定, 也可以是存储 器的设计者设计的一些特别的命令, 称为私有命令; 而读写存储器中的数据, 都是上位机发出 有读写地址的命令, 然后存储器 CPU主导完成对存储介质数据的读写, 并通过接口传送数据 到 (读) 上位机, 或接收上位机的数据写入到存储介质。 即, 上位机是 MASTER (HOST), 存储器是 SLAVE (DEVICE)o根据存储器对外接口使用的标准及外观标准可以分为 U盘、 SD 卡、 SATA硬盘、 ATA硬盘、 TF卡、 MMC卡等等。 现在计算机使用的 DDR RAM内存 (存储 器), 基本的功能也是通过地址读取数据; 但是, 在它内部基本没有类似 CPU的独立计算能力 芯片, 一般也没有对 DDR RAM中有计算能力的芯片编程的可能和必要。 所以, 在本发明专 利说明书中的存储器, 特指在这类存储器中, 它有独立工作的 CPU、 在该 CPU上运行的相应 软件及存储介质。 该 CPU简称为盘控或盘控芯片, 我们称为存储器控制器; 在该 CPU上运行 的相应软件一般称为盘控软件或盘控固化软件, 或直接简称固化软件。 固化的含义并不是不能 修改, 而是一般不需要修改。  Most memories on modern computers (including hard drives, mobile hard drives, USB flash drives, MMC cards, flash drives, CF cards, MMC cards, SM cards, SD cards, TF cards, mobile phones, etc.) are essentially one to store data. A special computer system for the purpose. It has a CPU, a large-capacity storage medium, and an external interface. When the host computer uses these memories, it usually sends commands and then the memory responds; these commands are generally specified by the protocol of the external interface of the memory, or some special commands designed by the designer of the memory, called private commands; The data in the read/write memory is a command from the host computer to read and write the address, and then the memory CPU dominates the reading and writing of the data of the storage medium, and transmits the data to (read) the host computer through the interface, or receives the upper computer. Data is written to the storage medium. That is, the host computer is MASTER (HOST), and the memory is SLAVE (DEVICE). According to the standard and appearance standards used by the external interface of the memory, it can be divided into a U disk, an SD card, a SATA hard disk, an ATA hard disk, a TF card, an MMC card, and the like. Now the DDR RAM memory (memory) used by the computer, the basic function is also to read data through the address; however, there is basically no CPU-like independent computing capability chip inside it, and generally there is no programming chip for computing power in DDR RAM. Possible and necessary. Therefore, the memory in the specification of the present invention specifically means that in this type of memory, it has a CPU that operates independently, a corresponding software and a storage medium that runs on the CPU. The CPU is simply referred to as a disk control or disk control chip, which we call a memory controller; the corresponding software running on the CPU is generally called disk control software or disk control firmware, or directly referred to as firmware. The meaning of curing is not that it cannot be modified, but generally does not need to be modified.
在本发明的说明中, 还需要理解信息安全领域的身份认证装置。身份认证装置就是, 要求 鉴别的设备或人通过与身份认证装置进行数据交换,使身份认证装置确认要求鉴别的设备或人 拥有特别的数据或知识, 然后给出鉴别结果。 这些交换的数据符合某些协议, 称为鉴别协议。 在鉴别协议中, 有不泄露信息的零知识鉴别协议。  In the description of the present invention, it is also necessary to understand an identity authentication device in the field of information security. The identity authentication device means that the device or person requesting the authentication exchanges data with the identity authentication device, so that the identity authentication device confirms that the device or person requiring authentication has special data or knowledge, and then gives the authentication result. These exchanged data conform to certain protocols, called authentication protocols. In the authentication protocol, there is a zero-knowledge authentication protocol that does not disclose information.
一种比较简单的鉴别协议就是 PIN码认证协议。 简单的说就是, 用户拥有 PIN码, 而身 份认证装置也拥有相同的 PIN码, 或经过变换后的 PIN码 (密码学术语称为加盐)。 鉴别过程 就是, 用户传送 PIN码到身份认证装置; 然后身份认证装置比较接收到 PIN码与身份认证装 置中存储的 PIN码 (或变换后的 PIN码), 给出鉴别结果; 一致通过鉴别, 不一致鉴别失败。 即 PIN码身份认证装置包括: 存储的 PIN码及比较 PIN码的装置。 显然, PIN码身份认证装 置还可以包含 PIN码变换的装置。 A relatively simple authentication protocol is the PIN authentication protocol. To put it simply, the user has a PIN code, and the identity authentication device also has the same PIN code, or a converted PIN code (the cryptographic term is called salt). The authentication process is that the user transmits the PIN code to the identity authentication device; then the identity authentication device compares and receives the PIN code and the identity authentication device. The PIN code (or the transformed PIN code) stored in the middle gives the authentication result; the authentication is unanimously passed, and the inconsistent authentication fails. That is, the PIN code identity authentication device includes: a stored PIN code and a device for comparing the PIN code. Obviously, the PIN code authentication device may also include means for PIN code conversion.
另外, 还有如 "挑战 -应答 "模式的身份认证协议。 即, 身份认证装置生成一个随机数, 传 送给用户; 用户根据该随机数, 计算出应答数, 并传送回身份认证装置; 身份认证装置根据应 答数, 判断与随机数是否一致或相关; 一致或相关通过认证, 否则不通过认证。 实际上身份认 证装置完全可以预测正确的应答数, 所以该类协议的最后一步还是类似 PIN 码身份认证, 就 是比较用户应答数据和身份认证装置中的数据;一致或变换后一致通过认证。本发明专利中的 PIN码身份认证装置包括所有这种类型的身份认证装置, 它在协议的最后一步进行应答比较, 根据比较的结果决定认证结果的装置。  In addition, there is an authentication protocol such as the "challenge-answer" mode. That is, the identity authentication device generates a random number and transmits it to the user; the user calculates the response number according to the random number, and transmits the response number back to the identity authentication device; the identity authentication device determines whether the random number is consistent or related according to the number of responses; Pass the relevant certification, otherwise it will not pass the certification. In fact, the identity authentication device can completely predict the correct number of responses, so the final step of this type of protocol is similar to PIN code identity authentication, which is to compare the user response data with the data in the identity authentication device; consistently or transformed to pass the authentication. The PIN code identity authentication device in the present invention includes all of the types of identity authentication devices, which perform response comparisons in the last step of the protocol, and determine the authentication result based on the result of the comparison.
一个普通的存储器 (例如 U盘) 只有一个区, 我们称之为公共区。 当然也可以有多个公 共区。公共区也可以要求身份认证后才能使用。本发明的要求就是在现有的存储器上增加一个 安全区。 安全区可以是一个逻辑区域、 卷、 目录、 文件等等; 在本发明中为了方便, 采用安全 区就是一个逻辑区域或逻辑盘来叙述。上位机使用该存储器时, 它是一个完全正常的普通存储 器, 即只有公共区。这样就产生如何打开使用安全区的技术问题及解决的技术方案。根据隐藏 要求, 如果我们采用在存储器控制器上加入特殊的与上位机交换数据命令 (私有命令), 来解 决身份认证及安全区的使用问题 (现有技术方案, 也是普通技术人员首先想到的技术方案), 这样必然可以根据软件检测该控制器是否处理这些特殊命令,来确认该存储器是否有安全区的 信息。 不能满足隐藏的要求。  A normal memory (such as a USB flash drive) has only one zone, which we call a public zone. Of course, there can be multiple public areas. Public areas can also require identity authentication before they can be used. The requirement of the invention is to add a security zone to the existing memory. The security zone can be a logical area, a volume, a directory, a file, etc.; for convenience in the present invention, the security zone is a logical area or a logical disk. When the host computer uses the memory, it is a completely normal normal memory, that is, only the public area. This creates technical problems and how to solve the technical problems of using the safe area. According to the hidden requirement, if we use the special command to exchange data with the host computer (private command) on the memory controller to solve the problem of identity authentication and the use of the security zone (the prior art solution is also the technology first thought of the ordinary technician). Solution), it is inevitable to check whether the controller handles these special commands according to the software to confirm whether the memory has information about the security zone. Can not meet the hidden requirements.
以上所提到的所有专利文献都是本专利实现的背景技术文件,为了节省本专利说明书的篇 幅, 申请人把上述提到的所有专利文献的说明书都作为本专利申请的一部分, 并表示已经把这 些专利及专利申请文件写入了本说明书。  All the patent documents mentioned above are the background documents implemented by this patent. In order to save the space of this patent specification, the applicant has made all the above-mentioned patent documents as part of the patent application, and has indicated that These patents and patent application documents are incorporated in this specification.
另外, 需要说明的是, 现有的普通存储器 U盘就是附图 1中取消身份认证装置 111及安 全区 122的存储器 1。  In addition, it should be noted that the existing conventional memory U disk is the memory 1 of FIG. 1 for canceling the identity authentication device 111 and the security area 122.
发明内容 Summary of the invention
为了更好地隐藏存在安全区这个信息,所以应该采用在正常存储器操作的过程中, 隐藏式 地给出身份认证数据的方法; 并在身份认证数据通过身份认证后, 打开隐藏区使用。  In order to better hide the information of the existence of the security zone, the method of implicitly giving the identity authentication data in the process of normal memory operation should be adopted; and after the identity authentication data passes the identity authentication, the hidden zone is opened for use.
根据"值驱动炸弹"的思想, 一种可以采用的实现隐藏式身份认证的方法是: 根据上位机读 写存储器公共区扇区地址数据的顺序, 来进行身份认证。例如, 读写存储器公共区扇区的地址 顺序, 可以构成认证数据, 即"地址值驱动"。 就是说, 存储器控制器通过接收上位机要求的读 写扇区地址数据,在正常完成读写命令的同时, 判断读写地址数据的顺序是否满足身份认证数 据的要求,进行身份认证。 由于该方案一般需要特殊的存储器扇区读写软件才能实现这些区域 的读写, 那么这个读写软件的存在与否, 也可能成为该存储器是否有安全区的指示。 同时, 必 须根据不同的计算机操作系统开发相应的读写软件, 否则也不能使用, 也存在兼容性不是很理 想的问题。 即, 该方案是一个信息隐藏安全区的技术方案, 与现有技术相比在隐藏性和兼容性 上都有很大的进步, 但不是最佳方案。 According to the idea of "value-driven bomb", a method for implementing hidden identity authentication is as follows: Identity authentication is performed according to the order in which the upper computer reads and writes the sector address data of the common area of the memory. For example, the address of the sector of the common area of the read and write memory The order can constitute authentication data, that is, "address value drive". That is to say, the memory controller receives the read/write sector address data required by the host computer, and determines whether the order of the read/write address data satisfies the requirements of the identity authentication data and performs identity authentication while the read/write command is normally completed. Since the solution generally requires special memory sector read/write software to enable reading and writing of these areas, the presence or absence of the read/write software may also indicate whether the memory has a security zone. At the same time, the corresponding reading and writing software must be developed according to different computer operating systems, otherwise it can not be used, and there is also a problem that compatibility is not ideal. That is, the solution is a technical solution for information hiding security zones, and there is great progress in hiding and compatibility compared with the prior art, but it is not the best solution.
比较好的方法就是,存储器控制器读取公共区的特殊扇区或检查上位机写入公共区的特殊 扇区的数据。 如, 读取或检查上位机写入存储器公共区文件系统中目录区域的数据; 如果在目 录区域中的某个文件名 (或目录名)所含的数据, 符合身份认证所需要的数据, 就可以实现身 份认证; 例如如果以某个文件名 (或目录名) 作为 PIN 码, 存储器控制器检查到目录中存在 符合安全区认证所要求的 PIN码的文件名 (或目录名), 就可以实现身份认证。 同时输入身份 认证数据的方式也比较简单正常,符合隐藏式身份认证的要求; 就是上位机在存储器公共区文 件系统的根目录区新建一个满足身份认证要求的文件名的文件 (或目录名), 来隐藏式给出身 份认证数据或 PIN码。  A better method is to read the special sector of the common area or check the data of the special sector written by the host computer in the public area. For example, reading or checking the data written by the upper computer to the directory area in the file system of the storage common area; if the data contained in a file name (or directory name) in the directory area meets the data required for identity authentication, Identity authentication can be implemented; for example, if a file name (or directory name) is used as the PIN code, the memory controller can check the file name (or directory name) in the directory that meets the PIN code required by the security zone authentication. Authentication. At the same time, the method of inputting the authentication data is relatively simple and normal, and meets the requirements of the hidden identity authentication; that is, the host computer creates a file (or directory name) of a file name that satisfies the identity authentication requirement in the root directory area of the file system of the storage common area. To hide the identity authentication data or PIN code.
总之,为了安全或隐藏我们应该尽量采用与没有安全区的存储器完全正常操作所产生的数 据进行身份认证。 通过身份认证后, 放开安全区的使用或显现。 例如, 上位机在存储器公共区 上创建文件或目录就是一个非常正常的操作, 可以作为存储器安全区的身份认证数据。 另外, 由于不需要操作系统额外提供软件, 故该方法还有兼容性好的特点。也就是说, 如果不考虑隐 藏的特性和要求, 上位机在存储器公共区上创建文件或目录来进行身份认证与现有技术相比, 也是一个在兼容性上有显著进步的技术方案。 一种实现安全存储区的装置, 它包括: 存储器控制器; 一个公共区; 至少一个安全区; 与 安全区匹配的身份认证装置; 其中, 当存储器控制器检查对公共区的操作数据时, 发现存在符 合与安全区匹配的身份认证装置的身份认证要求的数据, 存储器控制器开放安全区的使用; 其中存储器控制器检查对公共区的操作数据, 包括但不限于: 对公共区的写入数据、 从公 共区读出的数据、 公共区已有数据、 对公共区正常操作命令中的数据(如, 读写扇区命令中的 地址数据)、 对公共区或对存储器控制器的状态检查的数据等; 即包括存储器控制器从上位机 能够得到并可以检查的所有数据。 其中安全区包括但不限于: 一个逻辑区域、 卷、 目录、 文件 等. In short, for security or concealment, we should try to use the data generated by the full normal operation of the memory without the security zone for identity authentication. After identity verification, release the use or appearance of the security zone. For example, it is a very normal operation for the host computer to create a file or directory on the common area of the memory, which can be used as the authentication data of the memory security area. In addition, since there is no need for the operating system to provide additional software, the method has good compatibility characteristics. That is to say, if the hidden features and requirements are not considered, the host computer creates a file or directory on the common area of the memory for identity authentication, which is also a technical solution with significant improvement in compatibility compared with the prior art. An apparatus for implementing a secure storage area, comprising: a memory controller; a common area; at least one security area; an identity authentication device matching the security zone; wherein, when the memory controller checks operation data for the public zone, There is data conforming to the identity authentication requirements of the identity authentication device that matches the security zone, and the memory controller opens the use of the security zone; wherein the memory controller checks operational data for the public zone, including but not limited to: write data to the public zone Data read from the public area, existing data in the common area, data in the normal operation command of the public area (for example, address data in the read/write sector command), check on the status of the common area or the memory controller Data, etc.; that is, all data that the memory controller can obtain from the host computer and can check. The security zone includes but is not limited to: a logical area, volume, directory, file Wait.
进一步说明, 存储器控制器检查对公共区的操作数据, 可以是检查对公共区的写入数据、 或者可以是检查从公共区读出的数据、或者可以是检查公共区已有数据、或者可以是上位机对 公共区正常操作命令中的数据。  Further, the memory controller checks the operation data for the common area, and may check the write data to the common area, or may check the data read from the public area, or may check the existing data of the public area, or may be The data in the normal operation command of the upper computer to the public area.
进一步, 与安全区匹配的身份认证装置是 PIN码认证装置, 当存储器控制器检查对公共 区的写入数据、读出数据、 已有数据或上位机对公共区正常操作命令中的数据时, 其中含有与 认证装置一致的 PIN码或变换后一致的 PIN码, 存储器控制器开放安全区的使用;  Further, the identity authentication device matching the security zone is a PIN code authentication device, and when the memory controller checks the write data to the common area, the read data, the existing data, or the data in the normal operation command of the upper computer to the public area, The PIN code that matches the authentication device or the PIN code that is consistent after the conversion is included, and the memory controller uses the open security zone;
快速地,存储器控制器还有级联触发器装置, 用于检查对公共区的写入数据或从公共区读 出的数据;  Quickly, the memory controller also has cascaded trigger means for checking write data to a common area or data read from a public area;
更进一步, 与安全区匹配的身份认证装置是 PIN 码认证装置, 当存储器控制器检查公共 区文件系统目录区域的数据时, 发现其中含有与认证装置一致的 PIN码或变换后一致的 PIN 码, 存储器控制器开放安全区的使用;  Further, the identity authentication device that matches the security zone is a PIN code authentication device. When the memory controller checks the data of the file system directory area of the public area, it finds that the PIN code that matches the authentication device or the PIN code that is consistent after the conversion is included. The use of a memory controller open safety zone;
安全地, 存储器控制器复位后才能进行相应的检查;  Safely, the memory controller can be reset before it can be checked accordingly;
实用地, 存储器控制器开放安全区的使用, 是采取向使用该存储器的设备显示一个逻辑盘 的方式实现。 根据本发明的另一方面, 一种使用安全存储区方法, 它包括: 存储器控制器检查对公共区 的操作数据; 当对公共区的操作数据通过身份认证后, 开放安全区的使用;  Practically, the use of the memory controller open security zone is accomplished by displaying a logical disk to the device using the memory. According to another aspect of the present invention, a method of using a secure storage area, comprising: a memory controller checking operational data for a public area; and using an open security area when the operational data of the public area is authenticated by the identity;
其中存储器控制器检查对公共区的操作数据, 包括但不限于: 对公共区的写入数据、 从公 共区读出的数据、 公共区已有数据、 对公共区正常操作命令中的数据(如, 读写扇区命令中的 地址数据)、 对公共区或对存储器控制器的状态检查的数据等; 即包括存储器控制器从上位机 能够得到并可以检查的所有数据。 其中安全区包括但不限于: 一个逻辑区域、 卷、 目录、 文件 等.  The memory controller checks operational data for the common area, including but not limited to: write data to the public area, data read from the public area, existing data in the public area, data in normal operation commands to the public area (eg, , the address data in the read/write sector command), the data for checking the status of the common area or the memory controller, etc.; that is, all the data that the memory controller can obtain from the host computer and can check. The security zone includes but is not limited to: a logical area, volume, directory, file, etc.
进一步说明, 存储器控制器检查对公共区的操作数据, 可以是检查对公共区的写入数据、 或者可以是检查从公共区读出的数据、或者可以是检查公共区已有数据、或者可以是对公共区 正常操作命令中的数据  Further, the memory controller checks the operation data for the common area, and may check the write data to the common area, or may check the data read from the public area, or may check the existing data of the public area, or may be Data in the normal operation command of the public area
快速地,存储器控制器检查对公共区的写入数据或从公共区读出的数据, 采用级联触发器 的方式;  Quickly, the memory controller checks the write data to the common area or the data read from the common area, using a cascade trigger;
进一步, 存储器控制器检查对公共区的操作数据是在存储器控制器初始化时进行; 更进一步, 存储器控制器检查对公共区的操作数据是检查公共区文件系统目录区的数据, 该数据包括已有数据或上位机的写入数据; Further, the memory controller checks that the operation data for the common area is performed when the memory controller is initialized; Further, the memory controller checks that the operation data for the common area is data of the public area file system directory area, and the data includes the existing data or the write data of the upper computer;
比较好的, 存储器控制器检查对公共区的操作数据是检查公共区中文件的已有文件数据、 上位机对存储器的写入数据或上位机从存储器读出的数据;  Preferably, the memory controller checks the operation data of the common area to check the existing file data of the file in the public area, the write data of the upper computer to the memory, or the data read by the upper computer from the memory;
更广泛的,存储器控制器检查对公共区的操作数据是检查存储器控制器所得到的所有类型 的数据;  More broadly, the memory controller checks that the operational data for the common area is all types of data obtained by checking the memory controller;
进一步,存储器控制器所得到的所有类型的数据包括上位机对存储器的写入数据、读出数 据、 状态交换数据、 读写命令中的地址数据、 对公共区正常操作命令中的数据;  Further, all types of data obtained by the memory controller include write data of the host computer to the memory, read data, state exchange data, address data in the read/write command, and data in a normal operation command of the common area;
常用地, 身份认证是 PIN码身份认证;  Generally, identity authentication is PIN code authentication;
这里公共区并不是说是不可以隐藏数据的区域。只是为了叙述方便, 表示与安全区不是同 一个区域而已。如果公共区与安全区同处于一个逻辑盘时, 也仅仅是表示他们不属于同一个逻 辑区域、 文件夹或文件等。  The public area here is not an area where data cannot be hidden. Just for the convenience of description, it means that it is not the same area as the safe area. If the public area and the security area are in the same logical disk, it only means that they do not belong to the same logical area, folder or file.
附图说明 DRAWINGS
下面参照附图描绘本发明, 其中, The present invention is described below with reference to the accompanying drawings, in which
图 1表示现有技术的说明, 其中公共区 121 没有读写限制和介质加密等功能, 而安全区 122 需要通过身份认证装置 111认证后才能正常使用; 1 shows a description of the prior art, in which the public area 121 has no functions such as read/write restrictions and media encryption, and the security area 122 needs to be authenticated by the identity authentication device 111 before it can be used normally;
图 2表示优选实施例 1, 4的示意图; Figure 2 shows a schematic view of a preferred embodiment 1, 4;
图 3表示优选实施例 2的示意图; Figure 3 is a schematic view showing a preferred embodiment 2;
图 4表示优选实施例 3的示意图。 Fig. 4 is a view showing a preferred embodiment 3.
具体实施方式 detailed description
[实施例 1 ] 文件名或目录名认证  [Embodiment 1] File name or directory name authentication
本发明的核心就是上位机采用正常的数据操作,来隐藏或兼容式给出身份认证数据并打开 安全区。 根据本发明第一种实施方式, 一种实现安全存储区装置如图 2中的"安全存储器 1 "所 示。在该实施方式中,一种安全存储器 1的装置, 它包括: 存储器控制器 11 ; 一个公共区 121 ; 一个安全区 122; 与安全区匹配的身份认证装置 111 ; 存储器对外接口 110; 存储器控制器 11 连接公共区 121和安全区 122, 并通过存储器对外接口 110与计算机 2相连接; 其中, 当存储 器控制器 11检查计算机 2通过存储器接口 110对公共区 121的写入数据时 (如, 目录数据), 发现存在符合与安全区匹配的身份认证装置 111的身份认证要求的数据, 存储器控制器 11开 放安全区 122的使用, 即计算机 2可以读写安全区。 身份认证装置 111是 PIN码身份认证装置。与安全区匹配的身份认证装置 111的身份认证 所要求的数据, 是用公共区文件系统的根目录区中的文件名 (或目录名)数据, 并以该数据作 为 PIN 码进行身份认证。 显然根目录区中只要有某个文件名 (或目录名) 通过身份认证装置 111的 PIN码认证, 存储器控制器 11就对计算机 2开放安全区 122的使用。 当然开放安全区 122的使用, 可以同时使用公共区 121, 这样就必须增加一个逻辑盘。 也可以在使用安全区时, 暂不使用公共区。 The core of the invention is that the upper computer uses normal data operations to hide or compatible to give identity authentication data and open the security zone. According to a first embodiment of the present invention, a secure storage area device is shown as "secure memory 1" in FIG. In this embodiment, a device for secure memory 1, comprising: a memory controller 11; a common area 121; a security area 122; an identity authentication device 111 matching the security zone; a memory external interface 110; 11 is connected to the common area 121 and the secure area 122, and is connected to the computer 2 through the memory external interface 110; wherein, when the memory controller 11 checks the write data of the computer 2 to the common area 121 through the memory interface 110 (eg, directory data) It is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the security zone, and the memory controller 11 opens the use of the security zone 122, that is, the computer 2 can read and write the security zone. The identity authentication device 111 is a PIN code identity authentication device. The data required for the identity authentication of the identity authentication device 111 matching the security zone is the file name (or directory name) data in the root directory area of the public zone file system, and the data is used as the PIN code for identity authentication. It is apparent that as long as a certain file name (or directory name) is authenticated by the PIN code of the identity authentication device 111 in the root directory area, the memory controller 11 opens the use of the secure area 122 to the computer 2. Of course, the use of the open security zone 122 can use the public zone 121 at the same time, so that a logical disk must be added. You can also use the public area temporarily when using the security zone.
假设与安全区匹配的身份认证装置 111是 PIN码认证装置,合法的 PIN码是 PSWD.TXT, 来进一步说明实施例 1。 为了打开使用安全区 122, 可以由计算机 2 (或上位机) 向安全存储 器 1公共区 121文件系统的根目录写一个名字为 PSWD.TXT的文件; 计算机 2就会根据安全 存储器 1的公共区 121文件系统的规定, 向安全存储器 1的公共区 121的根目录区域, 写入名 字为 PSWD.TXT的文件名及其他相关数据; 存储器控制器 11根据公共区的文件系统规定, 得 到根目录区在存储介质 12中的位置; 存储器控制器 11通过检查写入安全存储器 1公共区 121 文件系统的根目录区域的数据,可以得到所有写入根目录下文件的名字,其中包括 PSWD.TXT 文件名字; 存储器控制器 11, 把所有得到的根目录下文件名送入与安全区匹配的身份认证装 置 111进行身份认证, 显然这其中也有 PSWD.TXT这个文件名; 由于 PWSD.TXT这个文件名 必然会被送到与安全区匹配的身份认证装置 111,所以身份认证装置 111必然会通过身份认证; 存储器控制器 11根据身份认证装置 111的认证结果, 开放安全区 122的使用。 当然, 普通正 常的根目录文件写操作时,存储器控制器 11也要进行同样的工作,只不过由于没有 PSWD.TXT 文件, 所以没有通过认证; 这就像正常地写了一个根目录文件。  It is assumed that the identity authentication device 111 matching the security zone is a PIN code authentication device, and the legal PIN code is PSWD.TXT to further illustrate Embodiment 1. In order to open the use security zone 122, a file named PSWD.TXT can be written by the computer 2 (or host computer) to the root directory of the secure memory 1 public area 121 file system; the computer 2 will be based on the public area 121 of the secure memory 1. The file system specifies that the file name named PSWD.TXT and other related data are written to the root directory area of the public area 121 of the secure memory 1; the memory controller 11 obtains the root directory area according to the file system specification of the public area. The location in the storage medium 12; the memory controller 11 can obtain the names of all the files written in the root directory by checking the data written in the root directory area of the file system of the public area 121 of the secure memory 1, including the name of the PSWD.TXT file; The memory controller 11 sends all the obtained file names in the root directory to the identity authentication device 111 matching the security zone for identity authentication. Obviously, this also has the file name PSWD.TXT; since the file name of PWSD.TXT is bound to be It is sent to the identity authentication device 111 that matches the security zone, so the identity authentication device 111 However it will pass authentication; the memory controller 11 in accordance with the authentication result of the authentication device 111, 122 open the safe areas. Of course, the memory controller 11 also performs the same operation when writing a normal normal root file file, but since there is no PSWD.TXT file, it does not pass authentication; this is like writing a root directory file normally.
显然, 该检查可以只在计算机 2写根目录时启动, 以节省存储器控制器 11的工作量。 进 一步, 也可以使存储器控制器 11根据公共区文件系统的规定, 删除 PSWD.TXT文件以防止 PIN码的泄露。 就是说, 如果采取读取检查目录区的文件或目录名, 来隐藏式给出 PIN码。 一 般要求在使用完这个 PIN码后, 应该取消这个 PIN码; 实质就是删除或修改这个作为 PIN码 的文件名或目录。  Obviously, this check can be started only when the computer 2 writes the root directory to save the workload of the memory controller 11. Further, the memory controller 11 can also cause the PSWD.TXT file to be deleted in accordance with the provisions of the common area file system to prevent the PIN code from being leaked. That is to say, if the file or directory name of the directory area is read and read, the PIN code is given in a hidden manner. It is generally required that after using this PIN code, the PIN code should be cancelled; the essence is to delete or modify the file name or directory as the PIN code.
另外,在实际使用的技术方案中,必须还要有修改口令的方法。例如,用户想把 PSWD.TXT 的口令更换成 123456.TXT口令。 那么可以采用在安全存储器 1公共区 121文件系统的根目录 下先写入以 123456.SET为文件名的文件; 然后由计算机 2 (或上位机) 向安全存储器 1公共 区 121文件系统的根目录写一个名字为 PSWD.TXT的文件; 计算机 2就会根据安全存储器 1 的公共区 121 文件系统的规定, 向安全存储器 1 的公共区 121 的根目录区域, 写入名字为 PSWD.TXT的文件名及其他相关数据; 存储器控制器 11根据公共区的文件系统规定, 得到根 目录区在存储介质 12中的位置;存储器控制器 11通过检查写入安全存储器 1公共区 121文件 系统的根目录区域的数据, 可以得到所有写入根目录下文件的名字, 其中包括 PSWD.TXT文 件名字; 存储器控制器 11, 把所有得到的根目录下文件名送入与安全区匹配的身份认证装置 111进行身份认证, 显然这其中也有 PSWD.TXT这个文件名; 由于 PWSD.TXT这个文件名必 然会被送到与安全区匹配的身份认证装置 111, 所以身份认证装置 111必然会通过身份认证; 然后, 存储器控制器 11根据身份认证装置 111的认证通过认证的结果, 搜索根目录区是否存 在以" .SET"为后缀的文件; 当发现存在以 123456.SET为文件名的文件, 存储器控制器 11就改 变与安全区匹配的身份认证装置 111中用于认证的 PIN码或变换后的 PIN码为 123456.TXT。 这样就实现了 PIN码的更换。 In addition, in the technical solution actually used, there must be a method of modifying the password. For example, the user wants to change the password of PSWD.TXT to the 123456.TXT password. Then, the file with the file name of 123456.SET can be written first in the root directory of the file system of the public area 121 of the secure memory 1; then the computer 2 (or the host computer) is directed to the root directory of the file system of the secure memory 1 public area 121. Write a file named PSWD.TXT; the computer 2 writes the name to the root directory area of the public area 121 of the secure memory 1 according to the definition of the common area 121 file system of the secure memory 1. The file name of PSWD.TXT and other related data; the memory controller 11 obtains the location of the root directory area in the storage medium 12 according to the file system specification of the public area; the memory controller 11 writes the file of the public area 121 of the secure memory 1 by checking The data of the root directory area of the system can get the names of all the files written in the root directory, including the name of the PSWD.TXT file; the memory controller 11, sends the file names of all the obtained root directories to the identity matching the security zone. The authentication device 111 performs identity authentication. Obviously, there is also a file name of PSWD.TXT. Since the file name of PWSD.TXT is necessarily sent to the identity authentication device 111 matching the security zone, the identity authentication device 111 must pass the identity authentication. Then, the memory controller 11 searches the root directory area for the file with the suffix ".SET" according to the result of the authentication by the authentication of the identity authentication device 111; when it finds that there is a file with the file name of 123456.SET, the memory control The device 11 changes the PIN code or the authentication for authentication in the identity authentication device 111 that matches the security zone. The PIN code is 123456.TXT. This completes the replacement of the PIN code.
如果根目录文件区中有多个以". SET"为后缀的文件名的文件,那么可以规定只有第一个有 效。 为保证更换 PIN码的有效, 可以删除其他所有以 ".SET"为后缀的文件并留有要更换 PIN 码的文件名。 建立文件名 123456.SET的文件相当于输入"新密码", 而输入文件名 PSWD.TXT 的文件相当于输入"密码"或"旧密码"。  If there are multiple files with file names suffixed with ". SET" in the root file area, then only the first one can be specified. To ensure that the replacement PIN code is valid, you can delete all other files with the suffix ".SET" and leave the file name to be replaced with the PIN code. Creating a file name 123456.SET file is equivalent to entering "new password", and entering a file with the file name PSWD.TXT is equivalent to entering "password" or "old password".
隐藏的核心问题就是身份认证从哪儿及如何取得认证所需的数据,可以如实施例 1中所采 用的检查目录区的文件名或目录名数据解决,也可以采用其他手段。如:对公共区的写入数据、 从公共区读出的数据、 对公共区或存储器控制器的状态检查等的数据。  The hidden core problem is the identification of where and how to obtain the data required for authentication. It can be solved by checking the file name or directory name data of the directory area used in Embodiment 1, or other means can be used. Such as: data written to the public area, data read from the public area, status check of the public area or the memory controller, and the like.
为了更安全, 还可以限制在存储控制器复位后才能进行相应的检查;  In order to be safer, it is also possible to limit the check after the memory controller is reset;
另外, 我们知道 U盘上的 SCSI命令集里, 有一个检查更换媒体介质的功能。 这时只要 U 盘向计算机 2报告媒体已更换, 计算机 2就会自动重新进行 U盘的枚举, 把公共区更换为安 全区。 这样就可以以逻辑盘的形式, 呈现安全区 122。 即以逻辑盘的形式呈现隐藏盘。 也可以 先显示两个逻辑盘, 其中一个是公共区, 另一个是安全区; 当没有通过身份认证时, 安全不可 读写; 通过认证后直接开放安全区的使用。 这样, 就可以同时使用两个区, 但丢失隐藏安全区 的优点。  In addition, we know that there is a function to check the replacement of media media in the SCSI command set on the USB flash drive. At this time, as long as the U disk reports to the computer 2 that the media has been replaced, the computer 2 automatically re-executes the U disk and replaces the public area with the security area. This allows the security zone 122 to be presented in the form of a logical disk. That is, the hidden disk is presented in the form of a logical disk. It is also possible to display two logical disks first, one of which is a public area and the other is a security zone; when it is not authenticated, security is not readable and writable; after authentication, the use of the security zone is directly opened. In this way, it is possible to use two zones at the same time, but the advantage of hiding the security zone is lost.
该实施例的用户使用方式就是: 在计算机上插入 U盘; 使用计算机在 U盘的根目录上建 立 PIN码文件, 就是建立名为 PSWD.TXT的文件; 由于 PSWD.TXT是安全区的 PIN码, 并 通过身份认证。 这时计算机就可以使用安全区。 即在计算机就可以使用安全盘。  The user usage of this embodiment is: inserting a USB flash drive on the computer; using a computer to create a PIN code file on the root directory of the USB flash drive, is to create a file named PSWD.TXT; since PSWD.TXT is the security zone PIN code And passed the identity certification. The computer can then use the security zone. That is, the security disk can be used on the computer.
[实施例 2] 方法 [Example 2 ] Method
根据本发明第二种实施方式, 一种使用安全存储区方法, 它包括: 存储控制器检查对公共 区的操作数据; 当对公共区的操作数据通过身份认证后, 开放安全区的使用。通过检查公共区 的"正常"数据, 实现隐藏或兼容式身份认证后开放安全区的使用, 是该方法的核心。 According to a second embodiment of the present invention, a method of using a secure storage area, comprising: a storage controller checking for a public The operational data of the zone; the use of the open security zone when the operational data of the public zone passes the identity authentication. It is the core of this method to check the use of "normal" data in public areas to achieve the use of open or secure areas after hidden or compatible authentication.
其中检查对公共区的操作数据, 包括但不限于: 对公共区的写入数据、 从公共区读出的数 据、 公共区已有数据、对公共区或存储器控制器的状态检查的数据等; 即包括存储器控制器从 上位机能够得到的所有数据。 其中安全区包括但不限于: 一个逻辑区域、 卷、 目录、 文件等; 为了安全及方便,检查对公共区的操作数据可以是在存储器控制器初始化时进行。这样也 可以减少存储器控制器的工作难度和强度。  The operation data for the public area is checked, including but not limited to: write data to the public area, data read from the public area, existing data of the public area, data of status check of the public area or the memory controller, etc.; That is, it includes all the data that the memory controller can get from the host computer. The security zone includes but is not limited to: a logical area, a volume, a directory, a file, etc. For security and convenience, checking the operational data for the public area may be performed when the memory controller is initialized. This also reduces the difficulty and strength of the memory controller.
在所有检查的方式中,检查对公共区文件系统目录区的操作数据比较容易实现和易于用户 理解。  In all the ways of checking, it is easier to implement and easy to understand for the operation data of the file system directory area of the public area.
这样, 结合附图 3进一步叙述该方法。 一种使用安全存储区方法, 它包括以下步骤: 存储 器加电后进入初始化; 读取公共区文件系统中根目录区的数据; 把根目录区的所有文件名 (或 目录名) 作为 PIN码提供给 PIN码身份认证装置进行身份认证; 如果存在某个文件名 (或目 录名) 通过 PIN码身份认证装置的认证, 则表示通过认证, 开放安全区的读写 (使用); 如果 根目录中没有一个文件名 (或目录名) 作为 PIN 码能通过身份认证装置的身份认证, 则没有 通过认证, 只开放公共区的读写 (使用)。  Thus, the method is further described in conjunction with Figure 3. A method of using a secure storage area, comprising the steps of: entering initialization after power-on; reading data of a root directory area in a public area file system; providing all file names (or directory names) of the root directory area as a PIN code The PIN code identity authentication device performs identity authentication; if there is a file name (or directory name) authenticated by the PIN code identity authentication device, it means that the authentication is performed, the open security zone is read and written (used); if there is not one in the root directory The file name (or directory name) can be authenticated by the identity authentication device as the PIN code, and the authentication is not performed. Only the public area is read and written (used).
下面参考附图 3及附图 2, 用一个实例来进一步叙述说明实施例 2。 在该实例中的芯片型 号的选择只是为了进一步说明本发明的实质,不表示只能选用这些芯片来实现本发明的技术方 案。参考附图 2我们选择 Z8HM2芯片(存储器控制器 11 )及 MT29F32G08BA存储芯片(4G, 存储介质 12) 组成的 U盘 (安全存储器 1 )。 该 U盘的存储芯片 (MT29F32G08BA) 的存储 空间划分为两个区, 公共区 121(1G)及安全区 122(3G)。 公共区格式化为 FAT16文件系统, 安 全区格式化为 FAT32文件系统。关于 FAT16及 FAT32文件系统的格式及标准,这里不再赘述。  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Referring now to Figures 3 and 2, an embodiment will be further described. The chip type in this example is chosen only to further illustrate the essence of the invention, and does not indicate that these chips can only be used to implement the technical solution of the present invention. Referring to Figure 2, we select a USB flash drive (Secure Memory 1) consisting of a Z8HM2 chip (memory controller 11) and a MT29F32G08BA memory chip (4G, storage medium 12). The storage space of the memory chip (MT29F32G08BA) of the USB flash drive is divided into two areas, a common area 121 (1G) and a security area 122 (3G). The public area is formatted as a FAT16 file system and the security area is formatted as a FAT32 file system. The format and standards of the FAT16 and FAT32 file systems are not described here.
当使用本发明的 U盘加电后, Z8HM2中的 U盘控制程序首先进入芯片的初始化程序模块; 在初始化程序模块中, U盘控制程序根据公共区 121文件系统 (FAT16) 的标准规定, 计算出 公共区根目录的在存储芯片 ( MT29F32G08BA ) 中的位置; 读取存于存储芯片 (MT29F32G08BA) 中的根目录扇区的数据; 然后 U盘控制程序, 把该文件系统根目录下所 有文件名 (或目录名) 与预存的 PIN码比较 (文件名作为 PIN码提交给 PIN码身份认证装置 111进行身份认证); 如果相等 (存在某个文件名通过 PIN码身份认证装置 111的认证, 则表 示通过认证), 开放安全区 122的读写功能(使用);如果根目录中没有一个文件名(或目录名) 相等 (作为 PIN码没有通过身份认证装置 111的身份认证), 则没有通过认证, 只开放公共区 121的读写 (使用); 然后 U盘控制程序进入等待状态, 等待计算机发出的 USB的命令, 并根 据命令进行相应的工作; 当与 U盘连接的计算机 2根据 USB协议发出询问该 U盘有几个逻辑 盘(LUN)及类型时, U盘控制程序根据初始化的结果进行相应的数据回送, 如果没有通过身 份认证, 则回答只有一个 LUN, 这时计算机 2就认为该 U盘只有一个逻辑盘; 当通过身份认 证后, U盘控制器回答有 2个 LUN, 这时计算机 2就认为该 U盘有 2个逻辑盘; 并显示两个 盘符, 即公共区 121及安全区 122。 同时开放这两个区的读写及其他操作。 After powering up the U disk of the present invention, the U disk control program in the Z8HM2 first enters the initialization program module of the chip; in the initialization program module, the U disk control program is calculated according to the standard specification of the public area 121 file system (FAT16). The location of the root directory of the public area in the memory chip (MT29F32G08BA); read the data of the root directory sector stored in the memory chip (MT29F32G08BA); then the U disk control program, all file names in the root directory of the file system (or directory name) is compared with the pre-stored PIN code (the file name is submitted as a PIN code to the PIN code identity authentication device 111 for identity authentication); if equal (the existence of a certain file name is authenticated by the PIN code identity authentication device 111, it indicates By authentication), the read/write function (use) of the open security zone 122; if none of the file names (or directory names) in the root directory are equal (as the PIN code does not pass the identity authentication of the identity authentication device 111), the authentication is not passed. Open only public areas 121 read and write (use); then the U disk control program enters the wait state, waits for the USB command issued by the computer, and performs corresponding work according to the command; when the computer 2 connected to the U disk issues an inquiry according to the USB protocol, the U disk has When several logical disks (LUNs) and types are used, the U disk control program performs corresponding data echo according to the initialization result. If there is no identity authentication, the answer is only one LUN. At this time, the computer 2 considers that the U disk has only one logical disk. After passing the identity authentication, the U disk controller answers that there are 2 LUNs. At this time, the computer 2 considers that the U disk has 2 logical disks; and displays two drive letters, that is, the public area 121 and the security area 122. At the same time, the reading and writing and other operations of these two areas are opened.
上面的过程, 是 U盘初始化模块的工作。 然后, U盘控制器进入工作模块及等待状态。 当与 U盘连接的计算机 2, 发出根据 USB协议格式的命令时, U盘控制器应答执行。 U盘控 制程序还有根据计算机读写 U盘的命令进行界检查的功能, 使得读写公共区的 USB命令不能 采取越界读写的方式, 读取安全区的数据, 提供更好的安全性。  The above process is the work of the U disk initialization module. Then, the U disk controller enters the working module and waits. When the computer connected to the USB flash drive 2 issues a command according to the USB protocol format, the USB flash drive responds to the execution. The U disk control program also has the function of checking the boundary according to the command of the computer to read and write the U disk, so that the USB command for reading and writing the public area cannot take the method of reading and writing across the boundary, and the data of the security zone is read to provide better security.
该实施例的用户使用方式就是: 在计算机上插入 U盘; 使用计算机上的操作系统在 U盘 的根目录上建立 PIN码文件 (在实施例 1中就是建立名 PSWD.TXT的文件); 拔下 U盘; 再 插入 U盘, 由于 PSWD.TXT是安全区的 PIN码, 并通过身份认证。 这时计算机就可以使用安 全区。 即在计算机 2上可以看到 2个移动硬盘: 安全盘和安全盘。 同样也可以采用实施例 1 中的方法, 实现 PIN码的更换。  The user usage of this embodiment is: inserting a USB flash drive on the computer; using the operating system on the computer to create a PIN code file on the root directory of the USB flash drive (in the first embodiment, the file named PSWD.TXT is created); U disk; Insert U disk, because PSWD.TXT is the PIN code of the security zone, and passed the identity authentication. The computer can then use the security zone. That is, you can see 2 mobile hard disks on the computer 2: security disk and security disk. The PIN code can also be replaced by the method in Embodiment 1.
显然安全区的文件系统与本实施例没有关系, 即可以是任何上位机能够使用的文件系统。 根据公共区的目录数据进行身份认证的核心是,存储器控制器的固化软件必须能够分析公 共区的目录数据,即该固化软件必须兼容该文件系统。所述上位机操作系统为 WINDOWS 时, 对应的所述 U盘公共区文件系统包括但不限于 FAT12、 VFAT、 FAT16、 FAT32、 CDFS、 NTFS。 本发明中的上位机操作系统为 LINUX时, 对应的所述文件系统包括但不限于 EXT2、 EXT3、 JFS、 NFS、 RAMFS HPFS、 CRAMFS FAT12、 VFAT、 FAT16、 FAT32。 所述 U盘完全可 以是闪存盘、 CF卡、 MMC卡、 SM卡、 SD卡等, 但不限于上述移动存储设备。  Obviously, the file system of the security zone has nothing to do with the embodiment, that is, it can be any file system that can be used by the upper computer. The core of identity authentication based on directory data in the public area is that the firmware of the memory controller must be able to analyze the directory data of the public zone, ie the firmware must be compatible with the file system. When the upper computer operating system is WINDOWS, the corresponding U disk public area file system includes but is not limited to FAT12, VFAT, FAT16, FAT32, CDFS, NTFS. When the upper computer operating system in the present invention is LINUX, the corresponding file system includes but is not limited to EXT2, EXT3, JFS, NFS, RAMFS HPFS, CRAMFS FAT12, VFAT, FAT16, FAT32. The USB flash drive may be a flash disk, a CF card, an MMC card, an SM card, an SD card, etc., but is not limited to the above mobile storage device.
本发明的方法的本质, 就是用目录区的数据作为 PIN 码, 提供给身份认证装置; 通过身 份认证后, 开放安全区的使用。 进一步, 还可以设置多个安全区; 每个安全区都有相应的身份 认证方法及装置。 简单地, 可以都是 PIN码认证装置。 这样检查目录区数据, 根据相应的 PIN 码认证结果, 开放相应的安全区。这样就增加实现了多安全区的安全方案, 实现了对安全区数 目的隐藏。 实施例 3详细说明该技术方案。  The essence of the method of the present invention is that the data of the directory area is used as a PIN code to be provided to the identity authentication device; after the identity authentication, the use of the security zone is opened. Further, a plurality of security zones may be set; each security zone has a corresponding identity authentication method and device. Simply, they can all be PIN code authentication devices. In this way, the directory area data is checked, and the corresponding security zone is opened according to the corresponding PIN code authentication result. This increases the security scheme that implements multiple security zones, and achieves the hiding of the number of security zones. Embodiment 3 details the technical solution.
[实施例 3] 多 PIN码认证  [Embodiment 3] Multi-PIN code authentication
根据本发明第三种实施方式, 一种使用安全区域的装置如所关联的附图 4中安全存储器 1 所示。 在该图中, 安全区 121与身份认证装置 111对应; 安全区 122与身份认证装置 112相对 应。 身份认证装置 111及 112都是 PIN码认证装置, 即身份认证装置 111及 112中存储都有 PIN码或加盐后的 PIN码。 当存储器控制器 11检查对公共区 123的写入数据时, 发现存在符 合与安全区 121匹配的身份认证装置 111的身份认证要求的数据, 存储器控制器 11开放安全 区 121的使用; 当存储器控制器 11检查对公共区 123的写入数据或已有数据时, 发现存在符 合与安全区 122匹配的身份认证装置 112的身份认证要求的数据, 存储器控制器 11开放安全 区 122的使用。 According to a third embodiment of the present invention, a device using a secure area is as described in connection with the secure memory 1 of FIG. Shown. In the figure, the secure area 121 corresponds to the identity authentication device 111; the secure area 122 corresponds to the identity authentication device 112. The identity authentication devices 111 and 112 are both PIN code authentication devices, that is, the identity authentication devices 111 and 112 store PIN codes or PIN codes after salting. When the memory controller 11 checks the write data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the secure area 121, the memory controller 11 opens the use of the secure area 121; when the memory is controlled When the device 11 checks the write data or the existing data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 112 matching the secure area 122, and the memory controller 11 opens the use of the secure area 122.
显然, 如果同时通过身份认证装置 111及 112的认证, 这需要存储器控制器同时开放安全 区 121和安全区 122的使用。 在 U盘的情况下, 可能需要增加逻辑盘来适应该情况。  Obviously, if authentication by the authentication devices 111 and 112 is simultaneously performed, this requires the memory controller to simultaneously open the use of the security zone 121 and the security zone 122. In the case of a USB flash drive, it may be necessary to add a logical disk to accommodate this situation.
该实施例中的 "当存储器控制器 11检查对公共区 123的写入数据或已有数据时"的数据, 也可以是文件目录名或文件名数据。 另外, 更换 PIN也可以采取实施例 1 中的方法: 当通过 身份认证后, 搜索根目录; 寻找以 ".SET"为后缀名的文件来更换 PIN码。  The data "when the memory controller 11 checks the write data or the existing data to the common area 123" in this embodiment may also be a file directory name or file name data. In addition, the method of Embodiment 1 can also be adopted to replace the PIN: After passing the identity authentication, search for the root directory; look for the file with the suffix ".SET" to replace the PIN code.
该方案显示的是只有两个安全区的情况, 显然该认证方案适用于多于两个安全区的情况。 例如 5个安全区域, 这样就有相应的 5个 PIN码身份认证装置对应。 这样就可以实现多安全 区域隐藏, 攻击者没有办法确认真实的安全区的数量。 关于多安全区的情况, 就不赘述了。  The scenario shows the case of only two security zones, and it is clear that the authentication scheme applies to more than two security zones. For example, 5 security zones, so there are corresponding 5 PIN code authentication devices. This allows multiple security zones to be hidden, and there is no way for an attacker to confirm the actual number of security zones. Regarding the situation of multiple security zones, we will not go into details.
另外, 还可以采取用公共区的文件名 PIN码打开安全区 121, 然后用安全区 121的文件名 PIN码, 打开安全区 122。 这样, 可以更安全地进行隐藏。  Alternatively, the security zone 121 may be opened by using the file name PIN code of the public zone, and then the security zone 122 may be opened by the file name PIN code of the security zone 121. This way, you can hide more safely.
显然, 这种隐藏方法的本质就是实现多身份隐藏式认证。根据认证结果进行选择安全区是 一个顺理成章的事。当然可以采用零知识身份认证等更高级的身份认证协议实现多身份隐藏式 认证。  Obviously, the essence of this hidden method is to achieve multi-identity hidden authentication. It is a matter of course to choose a safe area based on the results of the certification. Of course, a more advanced identity authentication protocol such as zero-knowledge authentication can be used to implement multi-identity concealment authentication.
[实施例 4] 读写文件认证 [Embodiment 4 ] Read and write file authentication
根据本发明第四种实施方式, 一种使用安全区域的装置如所关联的附图 2中安全存储器 1 所示。在该图中,安全区 122与身份认证装置 111对应。身份认证装置 111是 PIN码认证装置, 即身份认证装置 111中存储有 PIN码或加盐后的 PIN码。当存储器控制器 11检查对公共区 123 的写入数据时, 发现存在符合与安全区 122匹配的身份认证装置 111的身份认证要求的数据, 存储器控制器 11开放安全区 122的使用。  According to a fourth embodiment of the invention, a device for using a secure area is as shown in the associated secure memory 1 of Figure 2. In the figure, the secure area 122 corresponds to the identity authentication device 111. The identity authentication device 111 is a PIN code authentication device, that is, the identity authentication device 111 stores a PIN code or a salted PIN code. When the memory controller 11 checks the write data to the common area 123, it is found that there is data conforming to the identity authentication request of the identity authentication device 111 matching the secure area 122, and the memory controller 11 opens the use of the secure area 122.
这里的写入数据, 可以是写入文件中的内容。一般说来直接检查所有文件的写入数据, 是 一个非常耗时的工作, 没有实际应用的价值。 但是, 可以采用硬件引擎来加速这个检查工作。 更可行的方法是, 使用级联触发的硬件方式进行检查。例如, 假设存储器控制器的级联触发器 是 Ql、 Q2、 Q3及 Q4; 这 4个触发器构成级联触发器装置; 我们需要检查所有写入数据中是 否存在 01H、 53H、 67H、 23H、 12H这个 PIN码数据序列。 那么当写入数据出现 01H时, 硬 件置位 Q1触发器; 当 Q1触发器置位时, 检查接着写入的数据; 如果接着写入的数据是 53H, 则置位 Q2触发器, 否则复位 Q1触发器; 当 Q1及 Q2触发器置位时, 检查接着写入的数据; 如果接着写入的数据是 67H, 则置位 Q3触发器, 否则复位 Q1及 Q2触发器。 当 Ql、 Q2及 Q3触发器置位时, 检查接着写入的数据; 如果接着写入的数据是 23H, 则置位 Q4触发器, 否则复位 Ql、 Q2及 Q3触发器。 当 Ql、 Q2、 Q3及 Q4触发器置位时, 检查接着写入的数据; 如果接着写入的数据不是 12H, 复位 Ql、 Q2、 Q3及 Q4触发器; 如果接着写入的数据是 12H, 表示写入数据出现 01H、 53H、 67H、 23H、 12H这个 PIN码数据序列, 则存储器控制器 11开 放安全区 122的使用。任何数据的不配, 必然复位所有触发器, 写入序列的检查又必须重新开 始。 这样就实现了从所有写入数据中, 判断是否存在 01H、 53H、 67H、 23H、 12H这个 PIN 码数据序列的工作, 并实现身份认证。 The write data here can be the content written in the file. In general, directly checking the write data of all files is a very time consuming task and has no practical value. However, a hardware engine can be used to speed up this inspection. A more feasible approach is to check using the hardware of the cascade trigger. For example, suppose the cascade trigger of the memory controller It is Ql, Q2, Q3 and Q4; these four triggers constitute a cascade trigger device; we need to check whether there are 01H, 53H, 67H, 23H, 12H PIN code data sequences in all written data. Then, when the write data appears 01H, the hardware sets the Q1 flip-flop; when the Q1 flip-flop is set, checks the data that is subsequently written; if the data to be subsequently written is 53H, the Q2 flip-flop is set, otherwise the Q1 is reset. Trigger; When the Q1 and Q2 flip-flops are set, the data to be written is checked; if the data to be subsequently written is 67H, the Q3 flip-flop is set, otherwise the Q1 and Q2 flip-flops are reset. When the Ql, Q2, and Q3 flip-flops are set, the data that is subsequently written is checked. If the data to be subsequently written is 23H, the Q4 flip-flop is set, otherwise the Ql, Q2, and Q3 flip-flops are reset. When the Ql, Q2, Q3, and Q4 flip-flops are set, check the data that is subsequently written. If the data to be written next is not 12H, reset the Ql, Q2, Q3, and Q4 flip-flops; if the data to be written next is 12H, Indicates that the PIN code data sequence of 01H, 53H, 67H, 23H, 12H appears in the write data, and the memory controller 11 opens the use of the security zone 122. Any data mismatch will necessarily reset all triggers, and the write sequence check must be restarted. This realizes the work of judging whether there are 01H, 53H, 67H, 23H, 12H PIN code data sequences from all the written data, and realizes identity authentication.
实现上述功能的硬件非常简单,所以检查上位机所有写入数据实现身份认证是技术上完全 可以实施的技术方案。例如, 这样就可以实现向安全存储器公共区写入一首含有身份认证数据 的 MP3歌曲, 实现身份认证, 开放安全区的使用。  The hardware that implements the above functions is very simple, so checking all the write data of the host computer to implement identity authentication is a technically fully implementable technical solution. For example, it is possible to write an MP3 song containing identity authentication data to the public area of the secure memory for identity authentication and use of an open secure area.
同理,检查从安全存储器读出数据实现身份认证也是技术上完全可以实施的技术方案。这 样,就可以实现当上位机读出安全存储器公共区的含有身份认证数据的文件时,实现身份认证。 例如, 播放一首存储于安全存储器的一首特定 MP3的歌来实现身份认证。  Similarly, checking the data read from the secure memory to implement identity authentication is also a technically fully implementable technical solution. In this way, identity authentication can be implemented when the host computer reads the file containing the identity authentication data in the public area of the secure memory. For example, a song of a specific MP3 stored in a secure memory is played to implement identity authentication.
本发明的本质就是使用公共区的各种数据实现身份认证,然后开放安全区的使用。显然可 以使用的公共区数据不限于根目录的数据, 也可以是某个特定子目录的数据, 也可以是某个特 定目录下的文件名, 也可以是某个特定目录下的某个文件的内容, 甚至也可以是某个特定目录 下的一首特定歌唱家的特定版本的歌。  The essence of the invention is to use the various data of the public area to achieve identity authentication, and then open the use of the security zone. Obviously, the public area data that can be used is not limited to the data of the root directory, but also the data of a specific subdirectory, or the file name in a specific directory, or a file in a specific directory. Content, or even a specific version of a particular singer's song in a particular directory.
总之, 可以利用任何公共区的规定数据作为身份认证的数据, 进行身份认证; 通过认证后 开放安全区的使用。任何公共区的数据还包括, 任何对公共区操作的正常数据, 如复制一首特 定的歌到公共区, 存储器控制器可以检查该歌的写入数据, 如存入的文件路径、 歌名、 歌的内 容等等数据。 这些数据都可以作为身份认证的数据。  In short, the specified data of any public area can be used as the identity authentication data for identity authentication; and the use of open security zones after authentication. The data of any public area also includes any normal data for the operation of the public area, such as copying a specific song to the public area, the memory controller can check the written data of the song, such as the file path stored, the song title, The content of the song and so on. These data can be used as data for identity authentication.
在权利要求 1中的"其中, 当存储器控制器检查对公共区的操作数据时, 发现存在符合与 安全区匹配的身份认证装置的身份认证要求的数据, 存储器控制器开放安全区的使用; "中的 "存储器控制器检查对公共区的操作数据", 应该理解为两个方面, 其一是已经存储于公共区的 数据, 其二是连接存储器的计算机对公共区进行正常操作的数据, 包括但不限于如读写数据、 读写命令的地址顺序数据等。 In claim 1, "wherein, when the memory controller checks the operation data for the common area, it is found that there is data conforming to the identity authentication request of the identity authentication device matching the security zone, and the memory controller opens the use of the security zone;" The "memory controller checks the operational data for the public area" should be understood as two aspects, one of which is already stored in the public area. Data, the second is the data of the computer connected to the memory to perform normal operations on the common area, including but not limited to, such as reading and writing data, address sequence data of read and write commands, and the like.
以上用 PIN码认证身份认证装置及公共区目录区数据进行身份认证, 来说明本发明的方 法。 也说明了如何检查对公共区文件读写的内容, 来说明本发明的方法。但是本发明并不限定 用于只有一个安全区; 也不限定公共区和安全区必须处于不同的文件系统; 不限定安全区必须 是一个逻辑区域, 可以是卷、 目录、 文件等; 也不限定只使用 PIN 码身份认证; 也不限定只 使用公共区目录数据进行身份认证; 也不限定于只使用对存储器的读写数据进行身份认证; 也 不限定于 U盘, 显然还可以应用于 TF卡、 SD卡、 手机中的存储器、 硬盘及计算机中的存储 器。尽管在以上的实施例中对本发明进行了描述, 但可以理解, 以上实施例的描述是说明性的 而非限制性的,本领域的熟练技术人员可以理解, 在不脱离由权利要求书定义的本发明的精神 和范围的前提下, 可做出各种变形、 改进、 修改和替换。  The above method is described by using the PIN code authentication identity authentication device and the public zone directory area data for identity authentication. It also illustrates how to check the contents of the public area file to read and write, to illustrate the method of the present invention. However, the present invention is not limited to use only one security zone; nor is it limited that the public zone and the security zone must be in different file systems; the undefined security zone must be a logical zone, which may be a volume, a directory, a file, etc.; Only use PIN code authentication; it is not limited to use only public area directory data for identity authentication; nor is it limited to use only the read and write data of the memory for identity authentication; nor is it limited to U disk, obviously can also be applied to TF card , SD card, memory in the phone, hard disk, and memory in the computer. Although the present invention has been described in the foregoing embodiments, it is to be understood that Various modifications, improvements, changes and substitutions are possible in the spirit and scope of the invention.

Claims

权利要求 Rights request
1. 一种实现安全存储区的装置, 它包括:  1. A device for implementing a secure storage area, comprising:
A、 存储器控制器;  A, memory controller;
B、 一个公共区;  B, a public area;
C、 至少一个安全区;  C, at least one safe area;
D、 与安全区匹配的身份认证装置;  D. An identity authentication device that matches the security zone;
其中, 当存储器控制器检查对公共区的操作数据时, 发现存在符合与安全区匹配的身份认 证装置的身份认证要求的数据, 存储器控制器开放安全区的使用。  Wherein, when the memory controller checks the operation data for the public area, it is found that there is data conforming to the identity authentication requirement of the identity authentication device matching the security zone, and the memory controller opens the use of the security zone.
2. 根据权利要求 1 的装置, 其特征在于检查对公共区的操作数据, 可以是检查对公共区 的写入数据、 或者可以是检查从公共区读出的数据、或者可以是检查公共区已有数据、 或者可 以是检查上位机对公共区正常操作命令中的数据。  2. Apparatus according to claim 1, characterized in that the operation data for the common area is checked, which may be to check the write data to the common area, or may be to check the data read from the public area, or may be to check that the public area has been There is data, or it may be to check the data in the normal operation command of the upper computer to the public area.
3. 根据权利要求 2的装置,其特征在于与安全区匹配的身份认证装置是 PIN码认证装置, 当存储器控制器检查对公共区的写入数据、读出数据、 已有数据或上位机对公共区正常操作命 令中的数据时, 其中含有与认证装置一致的 PIN码或变换后一致的 PIN码, 存储器控制器开 放安全区的使用。  3. Apparatus according to claim 2 wherein the identity authentication device that matches the security zone is a PIN code authentication device, and when the memory controller checks for write data to the public area, read data, existing data, or host pair When the data in the common area normal operation command contains a PIN code consistent with the authentication device or a PIN code that is consistent after the conversion, the memory controller opens the use of the security zone.
4. 根据权利要求 2的装置,其特征在于与安全区匹配的身份认证装置是 PIN码认证装置, 当存储器控制器检查公共区文件系统目录区域的数据时,发现其中含有与认证装置一致的 PIN 码或变换后一致的 PIN码, 存储器控制器开放安全区的使用。  4. Apparatus according to claim 2 wherein the identity authentication device that matches the security zone is a PIN code authentication device that, when the memory controller checks data in the directory system directory area of the public zone, finds that it contains a PIN that is consistent with the authentication device. The code or the consistent PIN code after conversion, the memory controller uses the open security zone.
5. 根据权利要求 2 的装置, 其特征在于存储器控制器还有级联触发器装置, 用于检查对 公共区的写入数据或从公共区读出的数据。  The apparatus according to claim 2, wherein the memory controller further has cascade trigger means for checking write data to the common area or data read from the common area.
6. 一种使用安全存储区方法, 它包括:  6. A method of using a secure storage area, which includes:
A、 存储器控制器检查对公共区的操作数据;  A. The memory controller checks operational data for the public area;
B、 当对公共区的操作数据通过身份认证后, 开放安全区的使用。  B. When the operational data of the public area passes the identity authentication, the use of the open security zone is opened.
7. 根据权利要求 6的方法, 其特征在于步骤 A中检查对公共区的操作数据, 可以是检查 对公共区的写入数据、或者可以是检查从公共区读出的数据、或者可以是检查公共区已有数据、 或者可以是对公共区正常操作命令中的数据。  7. The method according to claim 6, characterized in that the operation data for the common area is checked in step A, which may be to check the write data to the common area, or may be to check the data read from the common area, or may be an inspection The public area has data, or it can be data in the normal operation command of the public area.
8. 根据权利要求 7的方法, 其特征在于步骤 A中检查对公共区的操作数据是检查公共区 文件系统目录区的数据, 该数据包括已有数据或上位机的写入数据。  The method according to claim 7, characterized in that in step A, the operation data for the common area is checked for data of the common area file system directory area, the data including the existing data or the write data of the upper computer.
9. 根据权利要求 7的方法, 其特征在于步骤 A中检查对公共区的操作数据是检查公共区 中文件的已有文件数据、 上位机对存储器的写入数据或上位机从存储器读出的数据。 9. The method according to claim 7, characterized in that in step A, the operation data for the public area is checked to check the public area. The existing file data of the medium file, the write data of the host computer to the memory, or the data read by the host computer from the memory.
10. 根据权利要求 7的方法,其特征在于检查对公共区的写入数据或从公共区读出的数据, 采用级联触发器的方式。  10. A method according to claim 7, characterized in that the method of cascading triggers is used to check the write data to the common area or the data read from the common area.
11. 根据权利要求 6到 10的方法, 其特征在于步骤 B中的身份认证是 PIN码身份认证。  11. Method according to claims 6 to 10, characterized in that the identity authentication in step B is a PIN code identity authentication.
PCT/CN2012/081767 2012-03-09 2012-09-21 Apparatus and method for implementing secure storage area WO2013131363A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201280071278.7A CN104169894A (en) 2012-03-09 2012-09-21 Apparatus and method for implementing secure storage area

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210060635.1 2012-03-09
CN201210060635 2012-03-09

Publications (1)

Publication Number Publication Date
WO2013131363A1 true WO2013131363A1 (en) 2013-09-12

Family

ID=49115917

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/081767 WO2013131363A1 (en) 2012-03-09 2012-09-21 Apparatus and method for implementing secure storage area

Country Status (2)

Country Link
CN (1) CN104169894A (en)
WO (1) WO2013131363A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10073661B2 (en) * 2016-07-20 2018-09-11 Atmel Corporation Security extensions for non-volatile memory

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101276432A (en) * 2008-05-20 2008-10-01 普天信息技术研究院有限公司 Memory card and method for realizing digital content protection
CN101308475A (en) * 2008-07-15 2008-11-19 中兴通讯股份有限公司 Safe mobile storage system and method of use thereof
US20110282678A1 (en) * 2010-05-12 2011-11-17 Ing Direct, Fsb System and method for providing limited access to data

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7024555B2 (en) * 2001-11-01 2006-04-04 Intel Corporation Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment
CN100476762C (en) * 2005-12-31 2009-04-08 联想(北京)有限公司 Safety memory device and data management method
CN102110059A (en) * 2009-12-25 2011-06-29 中国长城计算机深圳股份有限公司 Access method and system for multi-user hard disk data

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101276432A (en) * 2008-05-20 2008-10-01 普天信息技术研究院有限公司 Memory card and method for realizing digital content protection
CN101308475A (en) * 2008-07-15 2008-11-19 中兴通讯股份有限公司 Safe mobile storage system and method of use thereof
US20110282678A1 (en) * 2010-05-12 2011-11-17 Ing Direct, Fsb System and method for providing limited access to data

Also Published As

Publication number Publication date
CN104169894A (en) 2014-11-26

Similar Documents

Publication Publication Date Title
US10049207B2 (en) Methods of operating storage systems including encrypting a key salt
US20120011354A1 (en) Boot loading of secure operating system from external device
EP2335181B1 (en) External encryption and recovery management with hardware encrypted storage devices
US8566603B2 (en) Managing security operating modes
US20160174068A1 (en) Integrated Circuit Device That Includes A Secure Element And A Wireless Component For Transmitting Protected Data Over A Local Point-To-Point Wireless Communication Connection
KR20120104175A (en) Authentication and securing of write-once, read-many (worm) memory devices
KR102195344B1 (en) Security system and method for computer using usb storage medium
CN105354479A (en) USB flash disk authentication based solid state disk and data hiding method
JP2004013899A (en) Control access to data stored on storage device of trusted computing platform system
CN102073597B (en) A kind of operating system dish full disk encryption method based on authenticating user identification
US20050193195A1 (en) Method and system for protecting data of storage unit
CN114662164A (en) Identity authentication and access control system, method and equipment based on encrypted hard disk
CN110807186B (en) Method, device, equipment and storage medium for safe storage of storage equipment
WO2013181960A1 (en) Secure storage method, terminal and system based on virtualization
US20220326863A1 (en) Data storage apparatus with variable computer file system
WO2013131363A1 (en) Apparatus and method for implementing secure storage area
RU119910U1 (en) BUILT-IN TSM SECURITY MODULE
CN102375958B (en) The method of restricting accessing of files
EP3979111A1 (en) File system protection apparatus and method in auxiliary storage device
WO2013131362A1 (en) Apparatus and method for securely hiding memory
TW200411392A (en) Data protection method and system for storage unit
KR101161686B1 (en) Memory device with security function and security method thereof
US20080244163A1 (en) Portable data access device
JP2007115103A (en) Portable storage device
CN111079106A (en) SSD multi-partition login method based on BIOS security mechanism and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12870656

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 30/01/2015)

122 Ep: pct application non-entry in european phase

Ref document number: 12870656

Country of ref document: EP

Kind code of ref document: A1