WO2015131800A1 - 基于移动存储器的数据黑洞处理方法及移动存储器 - Google Patents
基于移动存储器的数据黑洞处理方法及移动存储器 Download PDFInfo
- Publication number
- WO2015131800A1 WO2015131800A1 PCT/CN2015/073556 CN2015073556W WO2015131800A1 WO 2015131800 A1 WO2015131800 A1 WO 2015131800A1 CN 2015073556 W CN2015073556 W CN 2015073556W WO 2015131800 A1 WO2015131800 A1 WO 2015131800A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- instruction
- address
- data
- black hole
- storage
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
- G06F12/1441—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0638—Organizing or formatting or addressing of data
- G06F3/0644—Management of space entities, e.g. partitions, extents, pools
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0653—Monitoring storage devices or systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/067—Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
Definitions
- the present invention relates to the field of computer security, and in particular, to a data black hole processing method based on a mobile memory and a mobile memory.
- the existing electronic information security areas include three sub-areas of system security, data security and device security.
- Data content security technologies including data encryption and decryption technology and end-to-end data encryption technology, to ensure that data is not illegally read during storage and transmission;
- Network blocking technology including technologies such as network physical blocking and setting network barriers.
- the total effective detection capability of all hazards for computers is currently at most 50%; due to the above-mentioned technologies, the ability to cope with computer kernel viruses, Trojans, operating system vulnerabilities, system backdoors, and human leaks is insufficient. Malicious code may be present (including, for example, computers, laptops, handheld communication devices, etc.).
- copy-protection technology cannot guarantee that confidential information is not illegally stored in the terminal.
- Network-based filtering does not ensure that confidential information is not lost.
- Confidential personnel can be compromised through malicious code or malicious tools, and may also be compromised due to loss of control of confidential devices or storage media.
- the invention provides a data black hole processing method based on mobile memory and a mobile memory, which can improve data security.
- a data black hole processing method based on a mobile memory including: deploying a data black hole system in a computing device to become a data black hole terminal; and a data black hole system refers to process data in a running process of the computing device and The system stores the result of the operation to a specific storage location and ensures that the computing device is operating normally; establishing a data black hole space, including a data storage area opened on the mobile storage, wherein the data storage area can only be accessed by the data black hole system, and cannot Accessed by the operating system or the application layer software, the mobile memory is coupled to the computing device; the user of the computing device is associated with the data black hole space or a part of the data black hole space; and the data generated by the user operating in the data black hole terminal is written.
- a mobile storage device including: a mobile data security access unit and a secure storage space, wherein the mobile storage device itself carries an operating system, and the secure storage space is above the operating system and the operating system.
- Software is not available and can only be accessed by the Mobile Data Security Access Unit; where, when the mobile storage device When coupled to the computing device, the CPU of the computing device is configured to execute an operating system carried by the mobile storage device itself, the user interacts with the mobile storage device through the I/O of the computing device, and the mobile data security access unit receives the mobile storage device The instruction of the operating system carried by itself and sent to the CPU of the computing device; wherein the mobile data security access unit comprises: a receiving unit adapted to receive the hardware instruction; and an instruction analyzing unit adapted to determine whether the hardware instruction is Storing or reading an instruction, generating a determination signal; the instruction modification unit, according to the determination signal, is adapted to modify the target address in the storage instruction to a corresponding storage in a secure storage space when the hardware instruction
- the mobile storage device further includes: an update unit, configured to: after the instruction modification unit modifies the storage instruction, update a bit corresponding to the target address in the mapping bitmap.
- the mobile storage device further includes: an encryption and decryption unit coupled to the secure storage space, and adapted to perform encryption and decryption operations on data entering and leaving the secure storage space.
- an encryption and decryption unit coupled to the secure storage space, and adapted to perform encryption and decryption operations on data entering and leaving the secure storage space.
- the above method and device improve the security of the data, and the black hole space corresponds to the user.
- the hacker obtains the data permission through the malicious code such as the vulnerability, the back door, the Trojan, etc.
- the data can be copied, dumped, sent, and intercepted.
- all data forwarded to external devices, ports, users, and terminals will be redirected to the data black hole space (the black hole space corresponding to the user) and completed in the data black hole space (the black hole space corresponding to the user). Therefore, all data stealing, interception, output and other operations are implemented in the data black hole space.
- a confidential (with data permission) person attempts to privately store data, privately back up, send, and output, all data processing operations are completed in the data black hole space (black space corresponding to the user), so that malicious operations cannot be compromised.
- FIG. 1 is a system level diagram of a computing device in the prior art
- FIG. 2 is a flow chart of a method for reorganizing a runtime command provided in an embodiment of the present invention
- FIG. 3 is a schematic diagram of a process of generating a reassembly instruction fragment provided in an embodiment of the present invention
- step S102 of FIG. 2 provided in another embodiment of the present invention.
- FIG. 5 is a flowchart of a method for reorganizing a runtime instruction according to another embodiment of the present invention, where an instruction segment that has been reorganized is saved by using an address correspondence table;
- FIG. 6 is a flowchart of a method for reorganizing a runtime instruction provided in another embodiment of the present invention, separately opening a storage location to save a target address of a first program branch instruction;
- FIG. 7 is a flowchart of a runtime instruction recombination method provided in another embodiment of the present invention, which disassembles and assembles a non-fixed length instruction set;
- FIG. 8 is a flowchart of a method for reorganizing a runtime instruction according to another embodiment of the present invention, in which a first program transfer instruction is replaced or recorded by a push instruction;
- FIG. 9a is a flowchart of a method for reorganizing a runtime instruction provided in another embodiment of the present invention, wherein the runtime instruction recombination method synthesizes features in the previous embodiments;
- FIG. 9b-9d are schematic diagrams showing the operation process of the runtime instruction recombination method in FIG. 9a when running on the X86 system processor;
- FIG. 10 is a schematic structural diagram of a runtime instruction recombining apparatus provided in an embodiment of the present invention.
- FIG. 11 is a schematic structural diagram of a runtime instruction recombining apparatus provided in another embodiment of the present invention.
- FIG. 12 is a schematic structural diagram of an instruction reassembly unit according to another embodiment of the present invention.
- FIG. 13 is a diagram of a structure of a runtime instruction reorganization apparatus according to another embodiment of the present invention. schematic diagram;
- FIG. 14 is a schematic structural diagram of a runtime instruction recombining apparatus provided in another embodiment of the present invention.
- FIG. 15 is a system hierarchy diagram of a computing device in accordance with an embodiment of the present invention.
- 16 is a flowchart of an initialization process in a data secure access process provided in an embodiment of the present invention.
- FIG. 17 is a schematic diagram of a Bitmap in an embodiment of the present invention.
- 21 is a flowchart of a data security transmission method provided in an embodiment of the present invention.
- FIG. 22 is a schematic diagram of a network environment in an embodiment of the present invention.
- FIG. 23 is a schematic structural diagram of a data security storage device provided in an embodiment of the present invention.
- 24 is a schematic structural diagram of a data security reading apparatus provided in an embodiment of the present invention.
- 25 is a schematic structural diagram of a data security storage and reading apparatus provided in an embodiment of the present invention.
- 26 is a schematic structural diagram of a data security storage and reading apparatus according to another embodiment of the present invention.
- FIG. 27 is a schematic diagram of a data black hole space provided in another embodiment of the present invention.
- 29a is a schematic diagram of an architecture of a computing device provided in an embodiment of the present invention, in which a data security storage and reading method of a stand-alone version is run;
- 29b is a schematic structural diagram of a stand-alone data security storage and reading device provided in an embodiment of the present invention.
- FIG. 30 is a schematic diagram of a black hole processing method for a stand-alone version provided in an embodiment of the present invention.
- FIG. 31 is a schematic diagram of secure storage using a mobile memory provided in an embodiment of the present invention.
- FIG. 32 is a schematic diagram showing a hierarchical structure of a mobile storage device according to an embodiment of the present invention.
- FIG. 1 is a schematic diagram of a system hierarchy of a computing device in the prior art. From top to bottom, the computing device includes:
- User interface layer 101 application layer 102, operating system kernel layer 103, hardware mapping layer 104, and hardware layer 105.
- the user interface layer 101 is an interface between the user and the device through which the user interacts with the device (ie, other layers of the device, such as the application layer 102).
- Application layer 102 refers to the application software layer.
- the operating system kernel layer 103 is a software-based logic layer, generally composed of software data and software code. Compared to the interface layer 101 and the application layer 102, the code of the operating system kernel layer 103 has higher authority. Complete operations can be performed on various hardware and software resources in a computer system.
- the hardware mapping layer 104 is a software-based logic layer that typically operates at the operating system kernel level and has the same permissions as the kernel layer.
- the hardware mapping layer is mainly to solve the problem of mapping the operation modes of different types of hardware into a unified upper layer interface and shielding the hardware.
- the hardware mapping layer is primarily used by the operating system kernel layer 103 to perform operations on various hardware.
- Hardware layer 105 refers to all of the hardware components that make up a computer system.
- the application layer 102 calls the corresponding code to convert the above user operation into an interface function provided by one or more operating systems (for example, an application programming interface of the Microsoft 32-bit platform, win32 API), and converts the "save" operation into A call to an interface function provided by a series of operating system kernel layers 103;
- operating systems for example, an application programming interface of the Microsoft 32-bit platform, win32 API
- the operating system kernel layer 103 converts each operating system interface function into an interface function provided by one or more hardware mapping layers 104; converting the "save" operation into a call to an interface function provided by a series of hardware mapping layers 104. ;
- the hardware mapping layer 104 converts each of its own provided interface functions into one or more hardware instruction calls
- the hardware layer 105 receives the above hardware instruction call and executes the hardware instruction.
- the malicious code when it is intruded by malicious code, the malicious code can obtain the required data from the computing device, and the behavior patterns after stealing the data include:
- the behavior patterns of internal leakage using a person of the above computing device or information device include:
- a CPU address register is used to store the address of the next machine instruction to be run, such as pc (program counter).
- the data in the register is obtained, and the next one or more machine instructions to be executed are read according to the address pointed to by the data, so that the purpose of capturing the machine instruction at runtime can be realized.
- the machine instructions therein can also be analyzed and processed, so that not only the runtime instruction capture and reorganization can be realized, but also Achieve management of predetermined target instructions.
- an embodiment of the present invention provides a runtime instruction reorganization method, which is called an instruction reorganization platform when it is running.
- the method S100 includes:
- S101 a cache instruction running environment
- the instruction running environment includes an address register, and the address register stores an address of a next machine instruction to be run, and the address is a first address;
- S102 Obtain a machine instruction segment to be scheduled, where a last instruction of the machine instruction segment to be scheduled is a first program branch instruction (eg, a first jump instruction);
- a first program branch instruction eg, a first jump instruction
- step S103 before the first program branch instruction, inserting a second program branch instruction to generate a reassembly instruction fragment having a second address; the second program branch instruction is directed to an entry address of the instruction reorganization platform, that is, executing the second program After the transfer instruction, step S101 is performed;
- the cache instruction execution environment may include:
- the CPU machine instruction is pressed into the cache stack to run the relevant register data.
- the cache or save instruction runtime environment may also be performed in a specified, default other cache data structure and address.
- the address register is a program counter, that is, a PC.
- step S102 there is only one program transfer instruction in the machine instruction segment to be scheduled, and the machine instruction segment to be scheduled includes the first program transfer instruction and all previous machine instructions to be scheduled.
- step S103 before the last instruction of the machine instruction segment to be scheduled (ie, the first program transfer instruction, abbreviated as JP1), a second program transfer instruction (referred to as JP2) is inserted, and the JP2 points to the instruction reorganization platform.
- the entry address generates a reassembly instruction fragment having a second address (the address is represented by A").
- Inserting the second program transfer instruction is to restart the operation of the instruction reorganization platform before the JP1 runs when the CPU runs the machine instruction segment to be scheduled, so that the instruction reorganization platform can continue to analyze the next segment of the machine to be scheduled.
- the instruction fragment thus completing the reorganization of all runtime instructions by repeating this method.
- step S105 restoring the instruction execution environment may include:
- the pop-up instruction from the cache stack runs the relevant register data; wherein the target address of the program branch instruction saved by the address register has been modified to a new machine instruction fragment with the second address A" as the entry address.
- step S105 the instruction execution environment is restored, the instruction reorganization platform completes a run, and the CPU executes the reassembly instruction segment, that is, the CPU executes the machine instruction segment with the second address A" as the entry address.
- the instruction reorganization platform regains control of the CPU (ie, executing step S101), at which time the target address of the first program branch instruction has been obtained, and the target address is the new first address, and then Steps S101 to S105 are executed again.
- the foregoing runtime instruction reorganization method is executed on a CPU of an X86 architecture; in other embodiments of the present invention, the foregoing runtime instruction reassembly method may also be executed on a MIPS processor or an ARM architecture-based processor. .
- the above methods can be performed on any other type of instruction processing unit in a computing device.
- Figure 3 includes a set of machine instructions 401 to be scheduled (e.g., already loaded into memory) a machine instruction of a program, wherein the instruction 4012 is a first program transfer instruction, if the target address of the instruction 4012 is a variable, first assume that the instruction 4012 points to the machine instruction 4013; and the first program transfer before the first program transfer instruction 4012 All of the machine instructions to be dispatched by instruction 4012 constitute a machine instruction segment 4011 (containing only one program branch instruction).
- the instruction execution environment is first cached; then the machine instruction segment 4011 is obtained (eg, copied); the instruction reorganization platform inserts the second program transfer instruction 4113 before the first program transfer instruction 4012.
- the second program branch instruction 4113 points to the instruction reorganization platform 411 itself, thereby generating a reassembly instruction fragment 4111, and the address of the reassembly instruction fragment is A"; the value A of the address register in the cache instruction execution environment is modified to the address A "; Finally restore the instruction running environment.
- the CPU executes the reassembly instruction segment with the address A", and when executing the second program transfer instruction 4113, the instruction reorganization platform 411 regains the CPU control right.
- the first program transfer instruction The target address 4013 of 4012 has been generated, and the target address is a new first address.
- the instruction reorganization platform restarts execution of steps S101 to S105 according to the target address, and continues to analyze subsequent machine instructions to be scheduled, thereby completing the runtime instruction. The method of reorganization.
- step S102 acquiring a machine instruction segment to be scheduled may include:
- S1021 Read a machine instruction address to be scheduled from an address register (for example, a program counter);
- a program transfer instruction for example, a jump instruction
- the program transfer instruction refers to a machine instruction capable of changing a sequence execution sequence of a machine instruction, including a jump Program transfer instruction, Call call instruction, Return return instruction, etc.;
- the first program branch instruction and all previous machine instructions to be scheduled are used as a segment of the machine instruction to be scheduled, and the machine instruction fragment is saved in the instruction reorganization platform, or can be read by another instruction reorganization platform. storage location.
- acquiring the machine instruction segment to be scheduled may also use a non-program transfer instruction (eg, a write instruction, a read instruction, etc.) as a retrieval target to further segment the machine instruction segment.
- a non-program transfer instruction eg, a write instruction, a read instruction, etc.
- the runtime instruction recombining method may further include:
- the instruction set includes an X86, MIPS, and ARM instruction set;
- the target machine command is modified in a predetermined manner.
- the to-be-scheduled instruction pointed to by the fixed address program branch instruction may be acquired together in step S102.
- a runtime instruction recombination method is provided, and the method S300 includes:
- the instruction running environment includes an address register, The address register holds the address of the next machine instruction to be run, the address being the first address;
- step S303 before the first program branch instruction, inserting a second program branch instruction to generate a reassembly instruction fragment having a second address; the second program branch instruction is directed to an entry address of the instruction reorganization platform, that is, executing the second program After the transfer instruction, step S301 is performed;
- step S302 a plurality of program branch instructions may be included in the machine instruction segment to be scheduled; and only one parameter address program branch instruction is included in the program branch instructions. It is called the first program transfer instruction.
- the program branch instruction may include two types, a parameter address program branch instruction and a constant address program branch instruction, wherein the jump address of the constant address program branch instruction is a constant (ie, an immediate number), and the parameter address program branch instruction
- the parameter address in the program is generally calculated in a machine instruction before the program branch instruction.
- the last instruction of the machine instruction fragment to be scheduled is a first program branch instruction; the machine instruction fragment to be scheduled includes the first program branch instruction and all previous machine instructions to be scheduled.
- a runtime instruction recombination method is provided. As shown as shown in Figure 5, the method S200 includes:
- the instruction running environment includes an address register (for example, a program counter), and the address register stores an address of a next machine instruction to be executed, and the address is called a first address;
- the instruction running environment includes All registers of the CPU, including general-purpose registers, status registers, address registers, etc.;
- the address correspondence table is used to indicate whether the instruction segment to be scheduled pointed to by the first address (for example, address A) has a saved reassembly instruction fragment, and the data of the address correspondence table may be an address. Yes, related data can also be stored in other forms;
- the first address A ie, the value A of the address register
- the address of the saved reassembly instruction fragment for example, address A'
- step S205 before the first program branch instruction, insert a second program branch instruction to generate a reassembly instruction fragment having a second address; the second program branch instruction points to an entry address of the instruction reorganization platform, that is, execute the second program After the transfer instruction, step S201 is performed;
- step S206 further includes: establishing an address pair (or a record) in the address correspondence table with the first address A by using the second address A".
- the reassembly instruction fragment having the address A" is saved in the reorganization instruction platform. Or reorganize the memory that the instruction platform can access for reuse.
- the method utilizes an address correspondence table to save computing resources and improve the efficiency of command reorganization at runtime.
- the above-mentioned reorganization method is generally completed by inserting a required program transfer instruction into the to-be-scheduled instruction segment.
- the generation of the recombination instruction segment may also be completed by other means. The details will be described below in conjunction with the embodiments.
- an instruction recombination method for separately opening a storage location to save a target address of a first program branch instruction includes:
- the target address is read from the first storage location, and the machine instruction segment to be scheduled (ie, to be executed) is obtained according to the target address; wherein the last instruction of the machine instruction segment to be scheduled is the first program transfer instruction (for example, the first Jump instruction);
- step S112 acquiring the machine instruction segment to be scheduled includes:
- the program transfer instruction is a search target, and the machine instruction pointed to by the machine instruction address and subsequent instructions are retrieved until a first program transfer instruction (referred to as a first program transfer instruction) is found;
- S1122 The first program branch instruction and all previous machine instructions to be scheduled are used as a piece of machine instruction to be scheduled, and the machine instruction segment is saved in an instruction reorganization platform or a storage that can be read by another instruction reorganization platform. position.
- the target address is the target address parameter of the program branch instruction, which may be an immediate or variable parameter, and the value is saved for the immediate value, and the variable parameter is saved. Its address/reference.
- the processor is about to execute a program branch instruction, its jump destination address has been calculated.
- an instruction reassembly method for disassembly and assembly processing for a non-fixed length instruction set. As shown in FIG. 7, the method includes:
- the target address is read from the first storage location, and the instruction segment to be scheduled is obtained according to the target address, including:
- the program branch instruction (such as a jump instruction) is included, if If not included, continue to acquire the next machine instruction to be scheduled to repeat the above operation until the program branch instruction is matched, the program branch instruction is the first program branch instruction; the first program branch instruction and all previous instructions constitute the to-be-scheduled instruction fragment ;
- the first storage location is used to save the address of the next machine instruction to be run
- an instruction reassembly method for replacing or recording a first program branch instruction with a push instruction.
- the method S130 includes:
- S132 Perform a pop operation to obtain an operand, and calculate an address of an instruction to be run next, where the address is a first address; wherein the stack is used to save an address and a parameter of a program branch instruction (such as a jump instruction);
- an instruction recombination method is provided, as shown in FIG. 9a, including:
- the machine instruction fragment to be executed is obtained from the first address, and the end of the instruction fragment is a program branch instruction (the address of the program branch instruction is the third address);
- the target address of the program branch instruction at the third address is a known amount (for example, an immediate number), and if so, setting the value of the first address to the first The target address of the three addresses, restart execution (3);
- step (1) If not, at the end of the generated reassembled assembly code, add a push instruction to record the original address position of the current third address (ie, the value of the third address) and the operand, and join the jump after the push instruction. Going to the instruction to start the reorganization platform, the step (1) can be started again;
- the generated reassembled assembly code is generated by the assembler to generate a corresponding machine code, and is stored in an address (second address) allocated in the reassembly address space, and the second address and the zeroth address are corresponding addresses.
- the form is stored in the address correspondence table;
- the first program branch instruction is analyzed to determine whether the jump destination address is a known quantity. If it is a known quantity, the search continues until the first parameter address program jump instruction is found, which is called the first program branch instruction.
- the address of the instruction is the third address;
- the generated assembly code (the machine instruction from the first address to the third address, excluding the first program branch instruction) is finally added to the stack instruction to record the original address position and the operand of the first jump of the current third address;
- An instruction to jump to the start of the reorganization platform (second program branch instruction) is added after the push instruction.
- the second address and the zeroth address are stored in the address correspondence table in the form of corresponding address pairs.
- FIG. 9d The processor starts executing the instruction of the second address, and the program branch instruction in the previous instruction segment to be reassembled has been replaced with the push instruction and the instruction to jump to the reorganization platform.
- the main purpose of the push instruction is to reorganize the platform. Provide input parameters.
- FIG. 9d When the execution of the second program transfer instruction, the reorganization platform is re-executed, and the above step (1) is performed. By checking the address and parameters of the program transfer instruction saved in the push instruction, the next one to be executed is calculated.
- the instruction address which is the first address.
- the subsequent processing is the loop of the above process.
- the runtime instruction full monitoring is implemented in the operation phase of the computing device.
- the load instruction at the time of starting the computer is modified, and is called before the execution of the original load instruction.
- the instruction reorganization platform provided by the invention executes the above-mentioned runtime instruction recombination method. Since the jump address of the load instruction is a known fixed address, the instruction reorganization platform can establish the address correspondence table and the first record in advance, and establish the first Reassembly instruction fragment.
- a computer readable medium stores computer executable program code for executing the operation provided in the above embodiment.
- the steps of the instruction reorganization method are provided.
- a computer program comprises the steps of the runtime instruction recombination method provided in the above embodiment.
- runtime instruction reorganization method provides the basis for further application.
- the following embodiments provide various runtime instruction recombination methods for processing different machine instructions, including: store/read instructions, I/O instructions, and network transfer instructions:
- a store/read instruction refers to all instructions or combinations of instructions in a computer system that store/read external storage devices, including but not limited to disk storage devices, flash memory devices, optical storage devices.
- I/O instructions refer to the instruction of the address space of all operating peripherals in the computer system, which ultimately affect the peripheral input and output status, data, signals, and so on.
- the address space of the peripheral includes but is not limited to the I/O address space and the memory mapped I/O device address space.
- Network transmission instructions refer to all instructions in the computer system that affect the network equipment, which ultimately affect the transmission, status, data, and signals of the network equipment of the computer system. And all related features.
- a runtime instruction reorganization method S400 for storing/reading instructions including:
- the instruction running environment includes an address register, the address register stores an address of a next machine instruction to be run, the address is a first address; the address register is, for example, a program counter PC;
- the method for generating the reassembly instruction fragment includes:
- S4043 retrieve a target assembly instruction (that is, use a target assembly instruction as a retrieval target to retrieve an assembly instruction fragment), and the target assembly instruction is a storage/read instruction;
- the JP2 points to the instruction reorganization platform (the instruction reorganization method is called an instruction reorganization platform, and can also be understood as the instruction reorganization method when running)
- the instance is called the entry address of the instruction reorganization platform);
- This embodiment performs instruction processing after the disassembly step; in other embodiments, disassembly and corresponding assembly steps may also be omitted to directly process the machine instructions.
- step S4044 operations are performed on the store and read instructions, and the target and source addresses therein are modified to implement storage relocation/redirection to ensure data security.
- a more specific method of secure storage/reading will be introduced in the following embodiments provided by the present invention.
- a runtime instruction reorganization method S500 for an I/O instruction including:
- S501 a cache instruction running environment
- the instruction running environment includes an address register, and the address register stores an address of a next machine instruction to be executed, and the address is a first address;
- the method for generating the recombination instruction fragment includes:
- S5043 retrieve a target assembly instruction, where the target assembly instruction is an I/O instruction;
- This embodiment performs instruction processing after the disassembly step; in other embodiments, disassembly and corresponding assembly steps may also be omitted to directly process the machine instructions.
- step S5044 an operation is performed on the I/O instruction to block all the input instructions in the I/O instruction to completely block the write operation to the local hardware device; in combination with the storage instruction processing in the previous embodiment
- the process can also implement blocking of input instructions other than storage instructions, and can improve data security in the computing device.
- a runtime instruction reorganization method S600 for network transmission instructions including:
- S601 a cache instruction running environment;
- the instruction running environment includes an address register, and the address register stores an address of a next machine instruction to be run, and the address is a first address;
- the method for generating the recombination instruction fragment includes:
- S6043 retrieve a target assembly instruction, where the target assembly instruction is a network transmission instruction
- the block/deny network transfer instruction may replace the own transfer instruction with "cancel the currently operated instruction” or directly replace it with the invalid instruction by inserting one or more instructions in the reassembled code, depending on the hardware. The difference depends on.
- This embodiment performs instruction processing after the disassembly step; in other embodiments
- the disassembly and corresponding assembly steps can also be omitted to directly process the machine instructions.
- step S6044 the network transmission instruction is operated to check whether the remote computing device corresponding to the target address in the network transmission instruction is a secure address; if not, the network transmission instruction is blocked to implement data security transmission.
- the address correspondence table in the foregoing multiple embodiments is established and maintained by the instruction reorganization platform, and may be a fixed length array structure, a variable length linked list structure, or other suitable data for storing binary data. structure. According to one embodiment of the invention, its length is adjustable and its footprint is releasable. The operation of releasing the address correspondence table may be performed randomly or periodically.
- the address correspondence table may further include a record establishment time field for deleting the record according to the length of the setup time when the space is deleted.
- the address correspondence table may further include a record usage count field. In the search address correspondence table step, if found, the value of the field is changed; the record usage count field is also used to delete the record in the release space. When you delete the record according to the number of uses.
- the instruction reorganization device 500 include:
- An instruction execution environment cache and recovery unit 501 is adapted to cache and restore an instruction execution environment;
- the instruction execution environment includes an address register, and the address register (eg, program counter pc) stores an address of a next machine instruction to be executed, the address is First address;
- the address register eg, program counter pc
- the instruction fetching unit 502 is configured to obtain a machine instruction segment to be scheduled after the unit 501 caches the instruction execution environment; wherein the last instruction of the machine instruction segment to be scheduled is the first program transfer instruction (for example, the first jump instruction) );
- the instruction reorganization unit 503 is adapted to parse and modify the machine instruction segment to be scheduled, including: inserting a second program transfer instruction to generate a recombination instruction segment having a second address A" before the first program branch instruction;
- the second program branch instruction is directed to the device 500, that is, after executing the second program branch instruction, the instruction execution environment cache and recovery unit 501 of the device 500 performs the next processing;
- the address replacement unit 504 is adapted to modify the value of the address register in the cached instruction execution environment to the address of the reassembly instruction fragment.
- the instruction execution environment cache and recovery unit 501 is coupled to the instruction acquisition unit 502 and the address replacement unit 504, respectively.
- the instruction acquisition unit 502, the instruction reassembly unit 503 and the address replacement unit 504 are coupled in sequence.
- the process of apparatus 500 is as follows:
- the instruction execution environment cache and recovery unit 501 caches the instruction execution environment, for example, by pushing the instruction to run the relevant register data into the cache stack;
- the instruction acquisition unit 502 reads the machine instruction address to be scheduled from the CPU address register 511, and reads the machine instruction segment from the machine instruction address, and the last instruction of the machine instruction segment is a program transfer instruction;
- the instruction acquisition unit 502 reads the machine instruction address to be scheduled from the CPU address register 511; retrieves the machine instruction address by using the program transfer instruction as a retrieval target. Corresponding machine instructions until the first program branch instruction (ie, control branch instruction, including unconditional branch instruction and conditional branch instruction) is found; the program branch instruction includes, for example, a Jump/JMP instruction, a Call instruction, a RET instruction, etc.; The first program branch instruction and all previous machine instructions are used as a segment of the machine instruction to be scheduled; the machine instruction segment is saved in the storage location of the device 500 or other device 500;
- the first program branch instruction ie, control branch instruction, including unconditional branch instruction and conditional branch instruction
- the program branch instruction includes, for example, a Jump/JMP instruction, a Call instruction, a RET instruction, etc.
- the first program branch instruction and all previous machine instructions are used as a segment of the machine instruction to be scheduled; the machine instruction segment is saved in the storage location of the device 500 or other device 500;
- the instruction reorganizing unit 503 inserts a second program branch instruction before the last instruction of the acquired machine instruction segment, the second program branch instruction pointing to the entry address of the device 500, and generating a reassembly instruction fragment having the address A" ;
- the address replacement unit 504 modifies the value A of the address register in the cached instruction execution environment to the address A";
- the instruction execution environment cache and recovery unit 501 restores the instruction execution environment, for example, popping an instruction from the cache stack to run the relevant register data.
- the instruction acquisition unit 502 can use the first non-address program transfer instruction as the first program transfer instruction to improve the execution efficiency of the recombining apparatus.
- a runtime instruction recombining apparatus which can fully utilize the repeatability of runtime instructions, improve efficiency, and save computing resources.
- the instruction reorganization device 600 includes:
- An instruction execution environment cache and recovery unit 601 is adapted to cache and restore an instruction execution environment; the instruction execution environment includes an address register, and the address register stores an address of a next machine instruction to be executed, the address being a first address;
- the instruction fetching unit 602 is configured to acquire a segment of the machine instruction to be scheduled; wherein the last instruction of the segment of the machine instruction to be scheduled is the first program branch instruction;
- the instruction reorganization unit 603 is adapted to parse and modify the segment of the machine instruction to be scheduled, including: inserting a second program branch instruction before the first program branch instruction to generate a reassembly instruction segment having a second address;
- the program transfer instruction points to the device 600, that is, after executing the second program transfer instruction, the instruction execution environment cache and recovery unit 601 of the device 600 performs the next processing;
- An address replacement unit 604 adapted to modify a value of an address register in the cached instruction execution environment to an address of a reassembly instruction fragment;
- the instruction retrieval unit 605 is adapted to use the first address to look up an address correspondence table.
- the address correspondence table is used to indicate whether the instruction segment to be scheduled pointed to by the first address A has a saved reassembly instruction fragment, and the data of the address correspondence table. For example, an address pair;
- the instruction retrieval unit 605 is adapted to invoke the address replacement unit 604 to modify the first address A (ie, the value A of the address register) to the address A' of the saved reassembly instruction fragment; if no corresponding correspondence is found
- the record retrieval unit is adapted to establish a record in the address correspondence table with the address A using the second address A".
- the instruction execution environment cache and recovery unit 601 is coupled to the instruction retrieval unit 605 and the address replacement unit 604, respectively, and the instruction retrieval unit 605 is coupled to the instruction acquisition unit 602, the instruction reassembly unit 603, and the address replacement unit 604, respectively.
- the instruction acquisition unit 602, the instruction reassembly unit 603, and the address replacement unit 604 are coupled in sequence.
- the execution process of the device 600 is as follows:
- the instruction execution environment cache and recovery unit 601 caches the instruction execution environment, for example, pushing the instruction to run the relevant register data into the cache stack;
- the instruction retrieval unit 605 searches for the address correspondence table by using the value A of the address register in the cached instruction execution environment;
- the instruction retrieval unit 605 calls the address replacement unit 604, which changes the value A of the address register to the value A' in the record; the address replacement unit 604 invokes the instruction execution environment cache and recovery unit 601. To restore the instruction execution environment, that is, popping the instruction from the cache stack to run the relevant register data, The second reorganization operation ends;
- the instruction fetch unit 602 reads the machine instruction address to be scheduled from the CPU address register, and reads the machine instruction fragment from the machine instruction address, the last instruction of the machine instruction segment is a program transfer instruction.
- the instruction obtaining unit 602 reads the machine instruction address to be scheduled from the CPU address register; retrieves the machine instruction corresponding to the machine instruction address by using the program branch instruction as a retrieval target until the first program branch instruction is found;
- the program transfer instruction includes a Jump instruction, a Call instruction, and the like; the first program transfer instruction and all previous machine instructions are used as a segment of the machine instruction to be scheduled; the machine instruction segment is saved in the device 600, or other a storage location that the device 600 can read;
- the instruction recomposing unit 603 inserts a second program branch instruction before the last instruction of the acquired machine instruction segment, the second program branch instruction pointing to the entry address of the device 600, and generating a reassembly instruction fragment having the address A" ;
- the instruction reorganizing unit 603 sends the address A" to the instruction retrieval unit 605, and the instruction retrieval unit 605 creates a record in the address correspondence table in which the address A is located with the address A; in preparation for subsequent instruction reuse;
- the address replacement unit 604 modifies the value A of the address register in the cached instruction execution environment to the address A";
- the instruction execution environment cache and recovery unit 601 restores the instruction execution environment, that is, pops up the instruction from the cache stack to run the relevant register data.
- the instruction reorganization unit 603 may further include:
- the instruction parsing unit 6031 is adapted to match the machine instruction segment with the instruction set to obtain a target machine instruction to be processed (ie, retrieve a machine instruction segment to be scheduled by using a target instruction); the instruction set includes an X86, MIPS, and ARM instruction set. ;
- the instruction modification unit 6032 is adapted to modify the target machine instruction in a predetermined manner.
- the instruction parsing unit 6031 will be responsible for acquiring a store/read instruction in a machine instruction segment to be scheduled, the instruction modification unit 6032 modifying the storage and reading therein.
- the address is the address on the secure storage device. Its function and effect are the same as the corresponding method embodiment S400 described above, and details are not described herein again.
- the instruction parsing unit 6031 will be responsible for acquiring an I/O instruction in a machine instruction segment to be scheduled, and the instruction modification unit 6032 will be in the I/O instruction.
- the input commands are all blocked.
- the function and effect are the same as the corresponding method embodiment S500 described above, and are not described herein again.
- the instruction parsing unit 6031 is responsible for acquiring a network transmission instruction in a machine instruction segment to be scheduled, and the instruction modification unit 6032 checks a target address in the network transmission instruction. Whether the corresponding remote computing device is a secure address; if not, the instruction modification unit is adapted to block the network from transmitting instructions. Its function and effect are the same as the corresponding method embodiment S600 described above, and are not described herein again.
- the instruction reorganizing unit may further include a disassembly unit and an assembly unit.
- the instruction reorganizing unit 703 includes: a disassembly unit 7031, an instruction parsing unit 7032, an instruction modification unit 7033, and an assembly unit 7034 that are sequentially coupled.
- the disassembly unit 7031 is adapted to disassemble the machine instruction segment to be scheduled, parse the assembly instruction segment to be scheduled, and send it to the instruction parsing unit 7032 before parsing and modifying the machine instruction segment to be scheduled.
- the assembly unit 7034 is adapted to assemble the reassembled assembly instruction fragment after parsing and modifying the machine instruction segment to be scheduled, and obtain a reassembly instruction fragment represented by the machine code, and send the instruction instruction unit to the instruction replacement unit.
- the instruction parsing unit 7032 and the instruction modifying unit 7033 will The operation instruction method to be scheduled is similar to the above embodiment, and details are not described herein again.
- the instruction reorganization device 800 includes:
- An instruction execution environment cache and recovery unit 801 is adapted to cache an instruction execution environment
- the instruction reorganizing unit 804 is adapted to save the target address of the first program branch instruction in the first storage location 803, replace the first program branch instruction with the second program branch instruction, and generate a recombination instruction fragment having the second address;
- the second program branch instruction points to the entry address of device 800.
- the instruction execution environment cache and recovery unit 801 is further adapted to resume the instruction execution environment after the instruction reorganization unit 804 replaces the instruction, and jump to the second address to continue execution.
- the execution process of device 800 is as follows:
- the instruction execution environment cache and recovery unit 801 caches the instruction execution environment
- the instruction acquisition unit 802 reads the target address (to be scheduled instruction address) from the first storage location 803, and acquires a machine instruction segment to be scheduled according to the target address; wherein the last instruction of the machine instruction segment to be scheduled is the first program Transfer instruction
- the instruction reorganizing unit 804 saves the target address of the first program branch instruction at the first storage location 803: (1) saves its value for the immediate value, (2) saves its address/reference for the variable parameter, for example, saves the float type variable destination_address Address or quote use;
- the instruction reorganizing unit 804 replaces the first program branch instruction with the second program branch instruction to generate a recombination instruction fragment having the second address;
- instruction execution environment cache and recovery unit 801 restores the instruction execution environment and jumps to the second address to continue execution.
- a runtime command recombination apparatus that corresponds to the above method S130 and that includes features of the apparatus provided in some of the above embodiments.
- the apparatus 900 includes:
- the instruction execution environment cache and recovery unit 901 is adapted to cache and restore the instruction execution environment
- the instruction obtaining unit 902 is adapted to perform a pop operation to acquire an operand, and use an operand to calculate an address of an instruction to be executed next, the address being a first address;
- the instruction reorganizing unit 903 is adapted to replace the first program branch instruction as a push stack instruction, and record the address and the operand of the first program branch instruction in the push stack instruction;
- the instruction retrieval unit 904 is adapted to use the first address to search for an address correspondence table.
- the address correspondence table is configured to indicate whether the to-be-scheduled instruction segment pointed to by the first address has a saved reassembly instruction fragment, and the data of the address correspondence table is Address pair
- the instruction retrieval unit 904 is adapted to invoke the instruction execution environment cache and recovery unit 901 to restore the cached instruction execution environment, and jump to the found corresponding address to continue execution (this reorganization operation is completed);
- the instruction reorganization unit 903 is called to perform the reorganization operation.
- the instruction reorganization unit 903 may further include a disassembly unit 9031, an instruction parsing unit 9032, an instruction modification unit 9033, and an assembly unit 9034.
- the instruction execution environment cache and recovery unit 901 resumes the cached instruction execution environment, and jumps to the address of the reassembly instruction segment to continue execution (this reorganization operation is completed).
- the disassembly unit 9031 may be located in the instruction acquisition unit 902, and perform a disassembly operation by the instruction segment to be scheduled.
- runtime instruction recombination method and apparatus are described in detail above by some embodiments, which have the following advantages compared with the prior art:
- the instruction reorganization method can monitor the instruction of the computing device in the running state of the instruction
- the address correspondence table is used to improve the efficiency of instruction reorganization and save computing resources
- Operate for storage and read instructions modify the target and source address to achieve storage relocation/redirection, and ensure data security
- the network transmission instruction is operated to check whether the remote computing device corresponding to the target address in the network transmission instruction is a secure address; if not, the network transmission instruction is blocked to implement data security transmission.
- Figure 15 is a system hierarchy diagram of a computing device in accordance with one embodiment of the present invention.
- the computing device 200 includes a user interface layer 201, an application layer 202, an operating system kernel layer 203, a hardware mapping layer 204, a security layer 205, and a hardware layer 206.
- the hardware layer 206 further includes a CPU 2061, a hard disk 2062 (ie, a local storage device), and a network card 2063.
- computing device 200 is coupled to storage device 10 (also referred to as a secure storage device).
- storage device 10 also referred to as a secure storage device.
- the storage device 10 is a remote disk array, and the network card 2063 of the hardware layer 206 is connected through a network to exchange data with the computing device 200.
- storage device 10 may also be other known or unknown types of storage devices.
- the hard disk 2062 can also be replaced with other types of local storage devices, such as a USB flash drive and an optical disk, etc., which are merely illustrative and not limiting.
- the embodiment provides a data security access process, including:
- the foregoing initialization process S1000 includes:
- S1010 Establish communication between the computer terminal system 200 and the secure storage device 10;
- mapping bitmap (Bitmap) from the secure storage device 10 to the current computer terminal system 200, for example, in the memory of the computer terminal system 200; the mapping bitmap is used to indicate whether the data of the local storage device has been transferred and stored.
- step S1030 If the synchronization operation of step S1020 fails, a Bitmap is established on the secure storage device 10 and initialized, and then synchronized to the computer terminal system 200.
- the Bitmap on the computer terminal system 200 is referred to as a mapping bitmap or a first mapping bitmap, and the secure storage device is used.
- the Bitmap on 10 is referred to as a second mapping bitmap (step S1030 can be summarized as first establishing a second mapping bitmap and initializing, and then synchronizing to the computer terminal system 200 as a first mapping bitmap).
- step S1020 if the operation of synchronizing the second mapping bitmap from the storage device 10 to the current computer terminal system 200 fails, it is indicated that the first connection is between the storage device 10 and the computer terminal system 200.
- the step S1030 may include: mapping the local storage space in the computer terminal system 200 to the storage device 10, and the mapping method/relationship is a one-to-one mapping in units of 1 sector (or other stored basic units), and establishing Map bitmaps (Bitmap).
- Bitmaps on the local storage space to the storage device 100 may also be established using other base capacity units. For Bitmap, the following will be described in detail with reference to the accompanying drawings.
- FIG. 17 is a schematic diagram of a Bitmap in an embodiment of the present invention.
- the map includes local storage A storage medium 3000 on a storage device (such as the hard disk 2062 in FIG. 15), a storage medium 4000 on the storage device 10 connected to the local storage device through a network.
- a storage space 4010 having the same size as the storage medium 3000 is created on the storage medium 4000 as a one-to-one mapping space.
- the Bitmap 4020 is stored in the storage space 4010.
- the Bitmap 4020 is a bitmap, wherein 1 bit represents 1 sector, and the data (0 or 1) of each bit identifies/indicates whether a sector on the storage medium 3000 has been dumped to
- the storage space 4010 on the storage medium 4000 so the mapping bitmap can also be referred to as a dump table.
- the Bitmap 4020 on the storage device 10 is synchronized to the computer terminal system 200 after the establishment is completed.
- Bitmap 4020 the sectors that have been dumped are labeled 1 and the sectors that are not dumped are not marked; in other embodiments, the labels used by the dump and non-dump sectors are freely selectable.
- an application or operating system saves a piece of data (such as a file)
- the file system inside the operating system will open a certain amount of storage space on the storage medium 3000 of the local storage device, such as sector 3040 and sector 3050, and assign it to The file is used and the local file allocation table is overwritten.
- sectors 4040 and 4050 are allocated at the same location on storage medium 4000, and dump data is stored therein. And the bit data corresponding to the sector 3040 and the sector 3050 in the Bitmap 4020 is changed to 1.
- the data writing process S2000 further includes:
- the application layer 202 issues a write file operation request through the file system of the operating system kernel layer 203, or the operating system kernel layer 203 directly issues a write file operation request; or
- the application layer 202 directly issues a write data operation request to the hardware mapping layer 204, or the operating system kernel layer 203 directly issues a write data operation request to the hardware mapping layer 204;
- the operating system kernel layer 203 parses the write file request into a hardware port instruction (ie, a hardware instruction), and sends it to the hardware mapping layer 204, where the port instruction includes a write location (eg, a sector);
- step S2010 is to directly issue a write data operation request to the hardware mapping layer 204, the request is already a hardware port instruction;
- the security layer 205 receives the hardware port instruction from the hardware mapping layer 204, and rewrites the write location (ie, the sector) in the port instruction to the corresponding storage address located on the storage device 10, and then updates the first mapping bitmap. For example, modifying the bit data corresponding to the sector to 1 indicates that the sector has been dumped; the security layer 205 sends the modified port command to the hardware layer 206.
- the computer terminal system 200 does not store the written data, and the corresponding data has been relocated and stored on the secure storage device 10.
- the writing process S2000 may further include:
- the first mapping bitmap is synchronized to the storage device 10 and saved as a second mapping bitmap, thereby ensuring that the first mapping bitmap on the computer terminal system 200 is consistent with the second mapping bitmap on the storage device in real time.
- the S2040 may also be uniformly performed before the local computer terminal system 200 is shut down.
- the data reading process S3000 further includes:
- the application layer 202 issues a read file operation request through the file system of the operating system kernel layer 203, or the operating system kernel layer 203 directly issues a read file operation request; or
- the application layer 202 issues a read data operation request directly to the hardware mapping layer 204, or the operating system kernel layer 203 issues a read data operation request directly to the hardware mapping layer 204;
- the operating system kernel layer 203 parses the read file request into a hardware port instruction, and sends it to the hardware mapping layer 204, where the port instruction includes a read address (for example, a sector);
- the security layer 205 receives the data read instruction from the hardware mapping layer 204, obtains the read address (source address) therein, and searches for the first mapping bitmap, if the bit data in the first mapping bitmap indicates the reading The address is the dump address (data has been dumped), the security layer 205 modifies the read address of the port instruction to the address on the storage device 10; the security layer 205 sends the modified port command to the hardware layer 206.
- An advantage of this embodiment is that the above-described reading process does not affect the existing operating mode of the user, and the reading of the data that has been dumped on the secure storage device (ie, the storage device 10) is realized.
- step S3010 the process of synchronizing the second mapping bitmap from the storage device 10 to the local is to maintain the consistency of the local data with the data on the secure storage device after the computer terminal system 200 is restarted.
- a data security storage method is provided; as shown in FIG. 18, the method includes the following steps:
- S4040 sends the modified storage instruction to the hardware layer.
- the hardware instructions are hardware instructions from a hardware mapping layer.
- Receiving hardware instructions from the hardware mapping layer can 100% screen all hardware instructions (interface instructions) sent to the processor such as the CPU.
- the computer can run the Windows operating system, and the hardware abstraction layer HAL in the Windows system is the hardware mapping layer 204 in FIG.
- the computer terminal can also run other operating systems, such as Linux, Unix or embedded operating systems, etc., and the hardware mapping layer is a corresponding layer in Linux, Unix or other embedded operating systems.
- the process of receiving the hardware instruction may include acquiring the hardware instruction by using a runtime instruction recombination method (for example, S101-S105).
- a runtime instruction recombination method for example, S101-S105.
- a store instruction a similar method such as S404, S504 or S604 when the runtime instruction reassembly method obtains a machine instruction.
- the runtime instruction reorganization method not only can the final result of the calculation be relocated to the secure storage device, but also the intermediate process of the calculation (including the intermediate process generated by the operating system) can be relocated to the secure storage device; in this way
- the terminal computing device is incomplete, and the information leakage prevention is further achieved by making the terminal computing device incomplete.
- the hardware instructions may be of the X86 instruction, the ARM instruction, the MIPS instruction, etc.
- the built-in analysis mechanism of the terminal computing device may be used to process different types of CPU instructions.
- the method may further include:
- S4050 Update the first mapping bitmap, set a corresponding “bit” of the target address (sector) in the first mapping bitmap to a dump flag, for example “1”; and synchronize the updated mapping bitmap to The secure storage device is saved as a second mapping bitmap.
- the dump operation is completely transparent to the upper layer application and the user, and does not affect the workflow of the existing computer operation and the application system.
- the foregoing method provided in this embodiment can be used not only in a computer terminal system, but also in any computing device and an intelligent terminal including an application layer, an operating system kernel layer, and a hardware layer, and real-time implementation of instruction level storage relocation/redirection. (ie storage relocation/redirection based on hardware storage instructions).
- a data security reading method is provided; referring to FIG. 19, the method S5000 includes:
- S5030 if it is a read instruction, acquires a source address (read address) in the read instruction, searches for a first mapped bitmap, and modifies a read address in the read instruction according to data of the mapped bitmap, thereby implementing a dump Reading of data and non-dump data; and
- the method may further include: synchronizing the second mapping bitmap on the storage device to the computer terminal system 200, Save as the first map bitmap.
- the hardware instructions are from a hardware mapping layer.
- the process of receiving the hardware instruction may include acquiring the hardware instruction by using a runtime instruction recombination method (for example, S101-S105). To put it another way, it is possible to process a read instruction when the runtime instruction reorganizes the method to get the machine instruction.
- a runtime instruction recombination method for example, S101-S105.
- step S5020 if the hardware instruction is not a read instruction, the hardware instruction may be directly sent to the hardware layer for execution.
- step S5030 can be further decomposed into:
- S5031 if it is a read command, obtain a source address in the read command, and determine whether the source address is an address on the storage device;
- step S5031 if the source address of the read command is already an address on the storage device, the computing device (for example, the security layer 205 in FIG. 15) does not need to look up the data in the first mapped bitmap again, and may directly Send hardware instructions to the hardware layer for execution.
- the computing device for example, the security layer 205 in FIG. 15
- secure storage device 10 may serve as a shared resource for a plurality of terminal systems.
- a data secure access method is provided. As shown in FIG. 20, the method S6000 includes:
- the target address is read from the first storage location, and the machine instruction segment to be scheduled/executed is obtained according to the target address.
- the last instruction of the machine instruction segment to be scheduled is the first program transfer instruction (for example, the first jump instruction) );
- modifying a target address in the storage instruction to a storage address on a corresponding storage device ie, a secure storage device
- For the read instruction acquiring the source address in the read instruction, searching for the first mapping bitmap, and modifying the read address in the read instruction according to the data of the mapped bitmap;
- the local hard disk command itself is different from the write network hard disk command, or the local hard disk command itself is different from the read network hard disk command, then not only the address needs to be modified, but also the storage instruction or the read command needs to be modified accordingly;
- S6016 Restore the instruction running environment, and jump to the second address to continue execution.
- Storage and reading are generally data exchanges for local storage devices; Generally refers to the exchange of data through network devices.
- a data security transmission method including:
- S7040 determining whether the target address is a secure address
- the hardware layer sends a transmission instruction and data to a terminal system of the target address
- the terminal system of the target address receives and utilizes the data secure storage method (described in the above embodiment) to save the data.
- step S7040 a method of determining whether the target address is a secure address is as follows.
- the security server 820 is connected to the terminal system 800, 810 through a network.
- the terminal system 800, 810 has performed a registration operation to the security server 820 when deploying the data security transmission method provided in the above embodiment of the present invention.
- the security server 820 internally maintains a secure address table that records all terminal systems that have been registered.
- the security server 820 automatically sends the updated security address table to each terminal.
- the architecture of the terminal system 800 includes an application layer 801, an operating system kernel layer 802, a security layer 803, and a hardware layer 804, and a security layer. 803 is responsible for maintaining the secure address table.
- the security layer 803 will determine whether the target address is a secure address based on whether the target address is in the secure address table. That is, in step S7040, if the target address is included in the secure address Table, the target address is a secure address.
- the implementation of the above secure transmission method enables Trojans or malicious tools to transmit the acquired information even if the confidential information is obtained.
- any electronic device capable of providing file or data editing, saving or transmission such as a handheld device, an intelligent terminal, etc., may become the application of the present invention.
- a carrier for providing data security access and transmission methods may become the application of the present invention.
- Data security access device including storage and reading devices
- a data security storage device is provided.
- a data security storage device refers to: a device that implements a data security storage method in hardware form; and (2) a secure storage device refers to: used to dump information or data. Storage entities, such as disks.
- the data security storage device 7100 includes: a receiving unit 7110, an instruction analyzing unit 7120, an instruction modifying unit 7130, and a sending unit 7140.
- the receiving unit 7110 is coupled to the command analyzing unit 7120
- the command analyzing unit is 7120 is coupled to the instruction modification unit 7130 and the transmission unit 7140, respectively
- the transmission unit 7140 is also coupled to the instruction modification unit 7130.
- the receiving unit 7110 is adapted to receive a hardware instruction, where the hardware instruction may come from a hardware mapping layer;
- the instruction analysis unit 7120 is adapted to analyze the hardware instruction and determine whether the hardware instruction is a store instruction: if it is a store instruction, the instruction analysis unit 7120 is further adapted to send it to the instruction modification unit 7130, if not the store instruction, the instruction analysis Unit 7120 is further adapted to send it to the transmitting unit 7140;
- the instruction modification unit 7130 is adapted to modify the target address in the storage instruction to be a corresponding storage address on the secure storage device, and then send the modified storage instruction to the sending unit 7140;
- Transmitting unit 7140 is adapted to forward the received instructions to hardware layer 7200.
- the data secure storage device may further include:
- the updating unit 7150 and the synchronization unit 7160 are coupled to the instruction modification unit 7130, and the synchronization unit 7160 is coupled to the update unit 7150.
- the update unit 7150 is adapted to update the bit corresponding to the target address in the mapping bitmap after the instruction modification unit 7130 modifies the storage instruction.
- the sector included in the storage instruction target address is set to "1" in the corresponding "bit" data in the first mapping bitmap, indicating that the sector has been dumped.
- the synchronization unit 7160 is adapted to establish communication between the terminal computing device system (ie, the terminal computing device) and the secure storage device, and perform mapping mapping between the terminal computing device system and the secure storage device. Synchronize.
- the synchronization unit 7160 establishes communication between the terminal computing device system and the secure storage device, and synchronizes the second mapping bitmap on the secure storage device to the terminal computing device system. , saved as the first map bitmap.
- the synchronization unit 7160 is in the computer terminal system.
- the local storage space is mapped to the secure storage device, and a first mapping bitmap and a second mapping bitmap are established.
- the second mapping bitmap is first established on the secure storage device, and then synchronized to the local, and saved as the first mapping bitmap.
- mapping bitmap When the update unit 7150 updates the bit corresponding to the target address in the first mapping bitmap (ie, mapping bitmap), the synchronization unit 7160 will send the updated first mapping bitmap to the secure storage device, and on the secure storage device. Saved as a second map bitmap.
- the location of the secure storage device is not limited and may be a remote storage device or a local storage device.
- the remote storage device may serve only one computing device or may be shared by multiple computing devices.
- the hardware instructions may be hardware port I/O instructions.
- the data security reading apparatus 8100 includes:
- Unit 8130 is also coupled to transmitting unit 8140.
- the transmitting unit 8140 is coupled to the hardware layer 8200.
- the receiving unit 8110 is adapted to receive a hardware instruction.
- the hardware instruction is from a hardware mapping layer.
- the instruction analyzing unit 8120 is adapted to analyze the hardware instruction and determine whether the hardware instruction is a read instruction. If the hardware instruction is a read instruction, obtain a source address of the read instruction and determine whether the source address is The address on the secure storage device.
- the instruction analysis unit 8120 transmits the hardware instruction to the transmitting unit 8140.
- the instruction modification unit 8130 looks up the mapped bitmap and modifies the read location in the read command according to the data of the mapped bitmap. site.
- the map bitmap is also used to indicate whether the data of the local storage address is dumped to the secure storage device in the embodiment, and is not described here.
- the instruction modification unit 8130 looks up the bit corresponding to the sector contained in the source address in the first mapped bitmap. If the "bit" data is displayed as 1, it means that a dump has occurred. If the "bit" data is displayed as 0 or NULL, it means that no dump has occurred. If the dump has occurred, the instruction modification unit 8130 changes the source address (read address) to the corresponding dump address, and transmits the modified hardware instruction to the transmitting unit 8140.
- the data security reading device may further include a synchronization unit 8150 coupled to the instruction modification unit 8130.
- the synchronization unit 8150 is adapted to establish communication between the terminal computing device system and the secure storage device and to synchronize the mapping bitmap between the terminal computing device system and the secure storage device. Specifically, the synchronization unit 8150 establishes communication between the terminal computing device system and the secure storage device when the terminal computing device system is started, and synchronizes the second mapping bitmap on the secure storage device to the terminal computing device system. , saved as a first mapping bitmap, provided by the instruction modification unit 8130.
- the secure storage device may be a remote storage device, and the remote storage device may be shared by multiple terminal computing device systems. In other embodiments of the present invention, the secure storage device may also be a local storage device.
- the data security reading device and the data security storage device may be combined into one device, wherein the instruction analyzing unit and the instruction modifying unit can process both the storage instruction and the read instruction, and the following examples are described in detail. .
- a data secure storage and reading device As shown in FIG. 25, the data secure storage and reading device (referred to as data security access device) 9100 includes:
- An instruction execution environment cache and recovery unit 9101 is adapted to cache and restore the instruction execution environment
- the instruction obtaining unit 9102 is adapted to acquire an instruction address to be executed next, the address is a first address, and is further adapted to acquire a machine instruction segment to be scheduled/executed according to the first address; wherein, the last part of the machine instruction segment to be scheduled An instruction is a first program transfer instruction; a specific manner of obtaining a machine instruction fragment to be scheduled has been described in detail in the foregoing embodiments, and details are not described herein again;
- the instruction retrieval unit 9104 is adapted to use the first address to find an address correspondence table:
- the instruction retrieval unit 9104 is adapted to invoke the instruction execution environment cache and recovery unit 9101 to restore the cached instruction execution environment, and jump to the found corresponding address to continue execution (this reorganization is completed);
- the instruction reorganization unit 9103 is called to perform the reorganization operation.
- the address correspondence table is used to indicate whether the to-be-scheduled instruction segment pointed to by the first address has a saved reassembly instruction fragment, and the data of the address correspondence table may be an address pair.
- the instruction reorganization unit 9103 further includes:
- the instruction parsing unit 9111 is an organic combination of the above-mentioned instruction analyzing unit 7120 and the command analyzing unit 8120, and is adapted to analyze the hardware instruction and determine whether each hardware instruction in the machine instruction segment to be scheduled/executed is stored or read. Take instruction
- the instruction modification unit 9112 if the instruction parsing unit 9111 finds a store or read instruction, the instruction modification unit 9112 is adapted to:
- For the read instruction look up the mapped bitmap, and modify the read address in the read instruction according to the indication data of the mapped bitmap;
- the updating unit 9113 is adapted to: after the instruction modifying unit 9112 modifies the storage instruction, update a bit corresponding to the target address in the mapping bitmap to reflect that the local data has been dumped;
- the synchronization unit 9114 is adapted to establish communication between the terminal computing device system and the secure storage device, and synchronize the mapping bitmap between the terminal computing device system and the secure storage device.
- the instruction recombining unit 9103 is adapted to replace the first program branch instruction as a push instruction, and the first program branch instruction in the push instruction Address and operand; further adapted to add a second program branch instruction after the push instruction to generate a reassembly instruction fragment having a second address; the second program branch instruction points to an entry address of the device 9100; The second address of the instruction fragment and the first address establish a record in the address correspondence table.
- the instruction recombining unit 9103 and the instruction parsing unit 9111, the instruction modifying unit 9112, the updating unit 9113, and the synchronizing unit 9114 are juxtaposed units of the same hierarchy, and their functions are not described again.
- the instruction reassembly unit 9103 obtains the reassembly instruction fragment, it is further adapted to invoke the instruction execution environment cache and recovery unit 9101 to restore the cached instruction execution environment, and jump to the address of the reassembly instruction fragment to continue execution (reorganization operation is completed).
- the embodiment is only for the sake of illustration, and does not limit the manner in which the data security reading device, the data security storage device, and the instruction reorganization device are combined, and the various data security reading devices and data security storage described above are described.
- the device and instruction reassembly devices can be combined in a variety of desired ways.
- the above-mentioned secure storage method and device can also be combined with cloud technology to ensure the security of data in the cloud, thereby accelerating the application and popularization of cloud computing. Specific embodiments will be described below.
- the data security storage method realizes the instruction-level data dumping, that is, the data dumping. Based on this, the data security storage method of the terminal computing device system full-running cycle is realized. On the one hand, even the Trojan or malicious tool is obtained.
- the confidential information can not save the obtained information, so that the data always exists within the controllable security scope; on the other hand, the local data is no longer stored in the confidential state, thus preventing the active leakage of the secret person and Passive leak
- the data security reading method and the data security storage method make the data always exist within the controllable security range, and ensure that the dump data can be read out after the data is safely stored (dumped); since the local will not be saved again Any data in a state of confidentiality, thus preventing the active disclosure and passive disclosure of secret persons;
- the secure storage device When the secure storage device is a remote storage device, it can be shared by multiple terminals to improve the space usage efficiency of the secure storage device.
- Data black hole system refers to a system that stores process data and operation results during the operation of a computing device to a specific storage location and can ensure the normal operation of the computing device;
- the data black hole system undermines the integrity of the computing device and, by breaking the integrity of the computing device, implements a data security system that does not compromise data even when malicious code or secret persons have the highest data privileges.
- Data black hole terminal refers to a computing device (such as a computer terminal) that deploys a data black hole system.
- the data black hole terminal transfers the process data and the result data generated during the operation to a specific storage location.
- Black hole storage area defined below.
- a process A10 for improving data security including:
- A11 Create a data black hole space for the user, including two modes (any one can be performed):
- the data black hole terminal creates a data storage area on the local data storage device, where the data storage area is a target area for terminal data redirection, and the data storage area is called a black hole storage area;
- the corresponding relationship between the data storage area and the user may be that one data storage area corresponds to multiple local (or local) users, or multiple storage areas correspond to multiple local (or local) users;
- the data storage area can only be accessed by the data black hole system and cannot be accessed by the operating system or application layer (such as application software) of the terminal computing device;
- A112 network deployment mode a data storage area is created in a storage location on the network, and the data storage area is a target area for terminal data redirection;
- the correspondence between the data storage area and the users on the network terminal may be a one-to-one correspondence; the storage area may also correspond to a local (or local) user.
- black hole space a data black hole space (referred to as black hole space) is established for the user.
- the data black hole terminal When the terminal user logs in to the data black hole terminal for the first time, the data black hole terminal will establish a corresponding data black hole data storage area according to the user information.
- A13 Redirecting all data persistence operations of the terminal computing device.
- the data black hole terminal determines that the data black hole storage area exists and can establish a correspondence between the user and the black hole storage area, and the user is all on the local (data black hole terminal). The data write will be redirected to the datastore.
- the black hole space corresponds to the user.
- the hacker obtains the data permission through the malicious code such as the vulnerability, the back door, the Trojan, and the like, the data can be copied, dumped, sent, and intercepted.
- all data forwarded to external devices, ports, users, and terminals will be redirected to the data black hole space (the black hole space corresponding to the user) and completed in the data black hole space (the black hole space corresponding to the user). Therefore, all data stealing, interception, output and other operations are implemented in the data black hole space.
- a confidential (with data permission) person attempts to privately store data, privately back up, send, and output, all data processing operations are completed in the data black hole space (black space corresponding to the user), so that malicious operations cannot be compromised.
- the computing device capable of executing the above process A10 is referred to as a data black hole server, and the data black hole server passes through the network and the computing terminal 1 (shown as terminal 1 in the figure) and computing terminal 2 (Fig. The data connection/coupling shown in terminal 2), ..., computing terminal N (shown as terminal N in the figure).
- Data black hole server Each terminal deploys a data black hole system, so that each terminal becomes a data black hole terminal (shown as data black hole terminal 1, data black hole terminal 2, ..., data black hole terminal N).
- the black hole storage area (shown as mapping block 1, mapping block 2, ..., mapping block N) is located on the data black hole server (or the disk array server to which the server is connected).
- the data black hole space includes the black hole storage area of the data black hole server and the memory of each data black hole terminal, so that the calculation process data and the result data of the data black hole terminal are stored in the black hole storage area.
- the data black hole system undermines the integrity of the computing device and, by breaking the integrity of the computing device, implements a data security system that does not compromise data even when malicious code or secret persons have the highest data privileges.
- a data black hole processing method S90 is provided. As shown in FIG. 28, the method includes:
- black hole storage area Open a data storage area (called black hole storage area) and local memory in a storage location of the network
- the user of the computing device is associated with the data black hole space or a part of the data black hole space, for example, when the user logs in the data black hole terminal, the terminal user forms a one-to-one correspondence with the data black hole space;
- the data black hole terminal redirects the “data write” generated by the user operation to the data black hole space corresponding to the user, for example, redirects to the black hole storage area corresponding to the user;
- steps S91 and S92 - deploying a black hole system on a computing device and establishing a data black hole space for a user can be accomplished in one step.
- step S93 may be performed only when the user logs in to the black hole terminal for the first time, or may be performed each time the user logs in to the black hole terminal.
- step S93 and step S94 can be completed in one step, namely:
- the “data write” of the user is all redirected to the data black hole space corresponding to the user according to a preset corresponding manner.
- the preset corresponding manner may include a fixed correspondence. For example, each user corresponds to a certain capacity storage space in the black hole space.
- the preset corresponding manner may include dynamic correspondence. For example, each user first corresponds to a preset capacity storage space in the black hole space, and if the user stores data exceeding the preset capacity, the user is allocated a larger (for example, a preset capacity). 2, 4 or 8 times, etc.) storage space.
- a preset capacity for example, a preset capacity. 2, 4 or 8 times, etc.
- the data black hole terminal determines that the data black hole storage area exists and can establish a correspondence relationship between the user and the black hole storage area, the user is in the local (data). All data writes on the black hole terminal will be redirected to the data store. Also, all data reads will be based on the version of the data or the user's own choice to read the bank data or local (or local) data.
- a data security reading method S80 including:
- the data security reading device in this embodiment can be adaptively modified.
- the instruction modification unit 8130 in the data security reading device 8100 is modified to be further adapted to perform the operation of S83, and other units can refer to the data security read.
- the device 8100 is taken, and details are not described herein.
- the data black hole processing method executed by the computing device is a stand-alone data black hole processing method.
- the computing device 70 includes: an application layer (or a unit corresponding to the application layer) 71, an operating system kernel layer (or a unit corresponding to the operating system kernel layer) 72, a hardware mapping layer (or a unit corresponding to the hardware mapping layer). 73) security layer (or security layer) Corresponding units 74, these levels or units correspond to the user interface layer 201, the application layer 202, the operating system kernel layer 203, the hardware mapping layer 204, the security layer 205, and the hardware layer 206 included in the computing device 200 of the previous embodiment. ,No longer.
- Mobile computing device 70 also includes a hardware layer 75.
- the hardware layer 75 includes devices or units as follows: CPU, network card, and hard disk 75a.
- the hard disk 75a includes a normal storage area and a secure storage area 75a1.
- the secure storage area 75a1 may also be an encrypted storage area, and the data needs to be encrypted and decrypted before or after data access.
- the above data security reading method for example, S5000
- storage method for example, S4000
- the above method becomes a stand-alone version of data security storage and reading method;
- the independent computing device for example, PC
- stand-alone data security storage methods include:
- the hardware instruction is a store instruction, modifying a target address in the store instruction to a corresponding storage address of a secure storage space on the computing device;
- the modified storage instruction is sent to the hardware layer for execution.
- the stand-alone version of the data security reading method includes:
- the hardware instruction is a read instruction, acquire a source address in the read instruction, look up a first mapping bitmap, and modify a read address in the read instruction according to data of the mapped bitmap;
- the unneeded units can be deleted as needed, and can be a stand-alone data secure storage and reading device.
- the computing device includes: a separate local storage space 87 and a secure storage space 88, and a stand-alone data security storage and reading device 80; wherein the secure storage space is for the operating system Not available (eg, invisible or inaccessible), accessible only by the stand-alone data security storage and reading device 80;
- the stand-alone data security storage and reading device 80 includes:
- the receiving unit 81 is adapted to receive a hardware instruction
- the instruction analyzing unit 82 is adapted to determine whether the hardware instruction is a storage or reading instruction, and generate a determination signal;
- the instruction modification unit 83 is adapted to modify the target address in the storage instruction to a corresponding storage address in the secure storage space when the hardware instruction is a storage instruction; and is further adapted to be when the hardware instruction is a read At the time of instruction, looking up the mapping bitmap, and modifying the read address in the read instruction according to the data of the mapping bitmap; the mapping bitmap is used to indicate whether the data of the address of the local storage space is dumped to the secure storage Space, mapping bitmap has been described in detail in the foregoing embodiment, and will not be described again here;
- the sending unit 84 is adapted to send the modified read or store instruction to the hardware layer for execution.
- the above computing device may further include an updating unit 85 adapted to update the bit corresponding to the target address in the mapping bitmap after the instruction modifying unit 83 modifies the storage instruction.
- the computing device may further include an encryption and decryption unit 86 adapted to encrypt and decrypt data entering and leaving the secure storage space 88.
- a method for processing a black hole of a stand-alone data includes:
- Sa1 deploying a data black hole system in a computing device (such as a computer, a handheld communication device, a smart terminal, etc.) to become a data black hole terminal;
- a computing device such as a computer, a handheld communication device, a smart terminal, etc.
- Sa2 the establishment of data black hole space, including: opening a data storage area (called black hole storage area) and local memory locally in the computing device, wherein the data storage area can only be accessed by the data black hole system, and cannot be operated by the terminal computing device operating system. Or application layer access;
- the user of the computing device is associated with the data black hole space or a part of the data black hole space. For example, when the user logs in the data black hole terminal, the terminal user forms a one-to-one correspondence with the data black hole space;
- the data black hole terminal redirects the “data write” generated by the user operation to the data black hole space corresponding to the user and encrypts, for example, redirects to the black hole storage area corresponding to the user;
- Sa5 prevents data persistence operations on local storage devices (except black hole storage area), and prevents data output from non-data black hole terminals through local ports, thereby ensuring that data entering data black hole terminals or data black hole spaces is only in data black holes. Exist in space.
- Sa1 represents step 1.
- the mobile storage device When a thief is operating a mobile computing device (such as a laptop or tablet), if it is not convenient to connect to a remote secure storage device (used as a black hole storage area), the mobile storage device can be used as a secure storage device. Transform the security of computing devices, including mobile computing devices, into the security of mobile storage devices.
- the designated mobile storage device can be used as a carrier for the confidential data, that is, the mobile storage device is used as a temporary secure storage device.
- the mobile computing device 20 in the figure includes a user interface layer 21, an application layer 22, an operating system kernel layer 23, a hardware mapping layer 24, a security layer 25, and a hardware layer 26, and a user interface layer 201 included in the computing device 200 of the previous embodiment.
- the application layer 202, the operating system kernel layer 203, the hardware mapping layer 204, the security layer 205, and the hardware layer 206 correspond to each other and will not be described again.
- the data security reading and storage method provided in the above embodiments of the present invention can be integrated with a secure storage device in a mobile storage device and used as a portable device.
- a mobile storage device ie, a mobile storage device 50 is provided, including: an application layer (or a unit corresponding to an application layer) 52, an operating system kernel layer (or an operating system). A unit corresponding to the kernel layer) 53, a hardware mapping layer (or a unit corresponding to the hardware mapping layer) 54, and a security layer (or a unit corresponding to the security layer) 55. These levels or units correspond to the user interface layer 201, the application layer 202, the operating system kernel layer 203, the hardware mapping layer 204, the security layer 205, and the hardware layer 206 included in the computing device 200 of the previous embodiment, and are not described again.
- the mobile storage device 50 further includes a hardware layer (or a unit corresponding to the hardware layer) 56 including a data interface 56a and a secure storage area 56b.
- the data interface 56a is used to connect other computing devices (via corresponding data interfaces), and the secure storage area 56b is used as a secure storage device (or as a black hole storage area) in the data secure storage and reading method.
- the computing terminal 40 includes an application layer (or a unit corresponding to the application layer) 41, an operating system kernel layer (or a unit corresponding to the operating system kernel layer) 42, a hardware mapping layer (or a unit corresponding to the hardware mapping layer) 43, and a hardware layer ( Or the corresponding unit of the hardware layer) 44.
- the hardware layer 44 includes hardware units such as a CPU 44a, a hard disk 44b, a network card 44c, and a data interface 44d (for example, a USB interface).
- the data interface 56a is coupled/connected with the data interface 44d.
- the secure storage area 56b is not available to the operating system on the removable storage device 50.
- the mobile storage device 50 is connected to the computing terminal 40 through a data interface, and uses the computing resources of the computing terminal 40 to complete the operation of the mobile storage device itself system (including layers 52-55), and the data is stored in the secure storage area 56b.
- the process of data storage performed by the mobile storage device 50 includes:
- Step A1 The mobile storage device 50 is coupled to the computing terminal 40 through the data interfaces 56a and 44d;
- Step A2 The computing terminal 40 is restarted, and the CPU 44a of the computing terminal 40 runs the system (including the application software and system software corresponding to the layers 52-55) carried by the mobile storage device 50;
- Step A3 The user operates the system carried by the mobile storage device 50 by calculating the I/O (input and output device, such as the keyboard 44b) of the terminal 40;
- Step A4 the security layer 55 receives the hardware instructions from the hardware mapping layer 54;
- Step A5 If the hardware instruction is a store or read instruction, the security layer 55 modifies the target address in the storage instruction or the source address in the read instruction to correspond to the secure storage area 56b on the mobile storage device. Storage address in; and
- Step A6 the modified storage instruction is sent to the CPU 44a of the computing terminal 40.
- the data transfer storage process performed by the security layer 55 is the same as the data security storage and reading method provided in the previous embodiment, and will not be described again.
- the data security reading and storing method provided in the above embodiments of the present invention can be integrated with a secure storage device in a mobile computing device (such as a notebook computer or a smart phone) for use as a portable device.
- a mobile computing device such as a notebook computer or a smart phone
- the foregoing mobile computing device and the mobile storage device may be combined with the secure storage device and the secure reading device (for example, the device 7100, the device 8100, the device 9100, and the like) provided in the foregoing embodiments, and the unnecessary units are deleted to complete the secure storage of the mobile data. And the reading method.
- the combination of the above-described mobile computing device and mobile storage device with the secure storage device and the secure reading device can be designed as needed.
- a mobile computing device eg, a laptop or smartphone
- the mobile computing device includes: separate local and secure storage spaces; and data secure storage and reading devices.
- the secure storage space is not available to the operating system (eg, invisible or inaccessible).
- the data security storage and reading device includes:
- a receiving unit adapted to receive a hardware instruction
- the instruction analyzing unit is adapted to determine whether the hardware instruction is a storage or reading instruction, and generate a determination signal
- An instruction modification unit configured to: when the hardware instruction is a storage instruction, modify a target address in the storage instruction to a corresponding storage address in a secure storage space; and further, when the hardware instruction is a read instruction And searching for a bitmap, and modifying a read address in the read instruction according to data of the mapped bitmap; the mapping bitmap is used to indicate whether data of an address of the local storage space is dumped to the secure storage space ;
- the sending unit is adapted to send the modified read or store instruction to the hardware layer for execution.
- the hardware instructions come from the hardware mapping layer.
- the mobile computing device further includes: an updating unit, configured to: after the instruction modifying unit modifies the storage instruction, update a bit corresponding to the target address in the mapping bitmap.
- the above mobile computing device (such as a notebook) is used to protect the data security protection of the external application authorization of the personal or enterprise user data.
- the system assumes that personal or business users have confidential data on their PCs and laptops, but because the system has backdoors, vulnerabilities, Trojans, or other unknown malicious code, there is no guarantee that the data on the PC/notebook will not be compromised, and the device cannot be guaranteed. Data security after loss. Enterprises can use the protection and monitoring of the data usage process when data is exported from the intranet.
- the mobile computing device e.g., notebook
- a standalone computer e.g., a PC
- a mobile storage device eg, a USB flash drive
- the mobile storage device includes: a data interface, a secure storage space, and a data secure storage and reading device; the data interface is adapted to be coupled to a computing device; the computing device includes a local storage space for An operating system on the mobile storage device is run and used to provide computing resources for the data secure storage and reading device.
- Data security storage and reading devices include:
- a receiving unit adapted to receive a hardware instruction
- the instruction analyzing unit is adapted to determine whether the hardware instruction is a storage or reading instruction, and generate a determination signal
- An instruction modification unit configured to: when the hardware instruction is a storage instruction, modify a target address in the storage instruction to a corresponding storage address in a secure storage space; and further, when the hardware instruction is a read instruction Finding a mapping bitmap, and modifying a read address in the read instruction according to data of the mapped bitmap; the mapping bitmap is used to indicate local storage Whether the data of the address of the storage space is dumped to the secure storage space; and
- a transmitting unit adapted to send the modified read or store instruction to a hardware layer of the computing device for execution.
- the mobile storage device further includes: an updating unit, configured to: after the instruction modifying unit modifies the storage instruction, update a bit corresponding to the target address in the mapping bitmap.
- the hardware instructions may come from a hardware mapping layer.
- the above-mentioned mobile storage device uses a U disk/mobile hardware disk on which a data secure storage and reading device (or data secure storage and reading method) is deployed as an export data carrier for protecting the security of the exported data.
- the core is to ensure that data exported to the outside world does not leave traces of data during use in an uncontrolled environment, while ensuring that data is not in an environment with system backdoors, vulnerabilities, Trojans, or other unknown malicious code. Being copied or intercepted.
- mapping bitmap is used to indicate whether data of the address of the local storage space is dumped to the secure storage space.
- a form of a file correspondence table may also be used, that is, local data is transferred and stored in the secure storage space in the form of a file.
- the invention may be embodied as a system, method or computer program product as would be appreciated by one of ordinary skill in the art. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, microcode, etc.) or a combination of software and hardware aspects, which may be collectively referred to herein as " Circuit, "module” or "system”.
- the present invention can take the form of a computer program product embodied in any tangible medium that expresses a computer-usable program code.
- the computer usable or computer readable medium can be, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium.
- a more specific example (non-exhaustive list) of computer readable media would include the following: electrical connections with one or more wires, a portable computer disk, a hard disk, a random access memory (RAM), a read only memory (ROM), A rewritable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disk read only memory (CD-ROM), optical storage device, such as those supporting the Internet or an intranet, or magnetic storage devices.
- the computer usable or computer readable medium may even be paper or another suitable medium that can print the program, as the program can be electrically captured, then edited, translated, or otherwise, via optical scanning, for example, on paper or other media.
- a computer-usable or computer-readable medium can be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- the computer usable medium can include a propagated data signal containing computer usable program code, which can be in baseband or can be part of a carrier.
- Computer usable program code may be transmitted using any suitable medium, including but not limited to wireless, wireline, optical cable, RF, and so forth.
- Computer program code for carrying out operations of the present invention can be written in any combination of one or more programming languages, including object-oriented programming languages such as Java, Smalltalk, C++, etc., and such as "C" A traditional procedural language such as a programming language or a similar programming language.
- the program code may execute entirely on the user's computer, partly on the user's computer as a stand-alone software package, partly on the user's computer and partly on the remote computer, or all on the remote computer or server.
- the remote computer can be connected to the user's computer via any type of network, including a local area network (LAN) or a wide area network (WAN) or a connection that can be connected to an external computer (eg, by using an Internet service provider) Internet).
- LAN local area network
- WAN wide area network
- Internet Internet service provider
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
- Memory System Of A Hierarchy Structure (AREA)
- Executing Machine-Instructions (AREA)
Abstract
Description
Claims (17)
- 一种基于移动存储器的数据黑洞处理方法,包括:在计算设备部署数据黑洞系统,使之成为数据黑洞终端;所述数据黑洞系统是指将所述计算设备运行过程中的过程数据和运行结果存储至特定存储位置并且能够确保所述计算设备正常运行的系统;建立数据黑洞空间,包括在所述移动存储器上开辟的数据存储区域,其中,所述数据存储区只能由数据黑洞系统访问,不能被操作系统或应用层软件访问,所述移动存储器与所述计算设备耦接;为所述计算设备的用户与所述数据黑洞空间或所述数据黑洞空间的一部分建立对应关系;将所述用户在所述数据黑洞终端操作所产生的数据写重定向到与所述该用户对应的所述数据黑洞空间;阻止对于本地存储设备的数据持久化操作,并且阻止通过本地端口对非数据黑洞终端的数据输出,保证进入所述数据黑洞终端或者所述数据黑洞空间的数据只在所述数据黑洞空间存在。
- 如权利要求1所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全存储方法,将用所述户在所述数据黑洞终端操作所产生的数据写重定向到与所述用户对应的所述数据黑洞空间通过所述数据安全存储方法实现,所述数据安全存储方法包括:接收硬件指令;如果该硬件指令是存储指令,则修改所述存储指令中的目标地址 为当前用户对应的所述数据黑洞空间的存储地址;和将修改后的存储指令发送到硬件层执行。
- 如权利要求2所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全读取方法,所述数据安全读取方法包括:接收硬件指令;如果该硬件指令是读取指令并且其欲读取的数据已经被存储到所述数据黑洞空间,更改读取指令的源地址为当前用户对应的所述数据黑洞空间的存储地址;将修改后的读取指令发送到硬件层执行。
- 如权利要求2所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全读取方法,所述数据安全读取方法包括:接收硬件指令;如果该硬件指令是读取指令并且其欲读取的数据已经被存储到所述数据黑洞空间,为所述用户提供一种选择:读取本地数据或所述数据黑洞空间数据,并根据用户的选择来读取所述本地数据或所述数据黑洞空间数据;将修改后的读取指令发送到硬件层执行。
- 如权利要求4所述的基于移动存储器的数据黑洞处理方法,其中,读取所述数据黑洞空间数据包括:更改所述读取指令的源地址为当前用户对应的所述数据黑洞空 间的存储地址。
- 如权利要求3或4所述的基于移动存储器的数据黑洞处理方法,其中,接收所述硬件指令包括:接收来自硬件抽象层的硬件指令。
- 如权利要求1所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全存储方法,将所述用户在所述数据黑洞终端操作所产生的数据写重定向到与所述用户对应的所述数据黑洞空间通过数据安全存储方法实现,所述数据安全存储方法包括:缓存指令运行环境,包括地址寄存器,所述地址寄存器用于保存下一条将要运行的机器指令的地址,该地址为第一地址;获取待调度的机器指令片段,其中,所述待调度的机器指令片段的最后一条指令为第一程序转移指令;分析所述待调度的机器指令片段中的每一条指令,如果其为存储指令,则修改所述存储指令中的目标地址为对应的数据黑洞空间的存储地址;在所述第一程序转移指令前,插入第二程序转移指令,生成具有第二地址的重组指令片段,其中,所述第二程序转移指令指向指令重组平台的入口地址;将所述地址寄存器中的所述第一地址修改为第二地址;和恢复所述指令运行环境。
- 如权利要求1所述的基于移动存储器的数据黑洞处理方法, 其中,部署所述数据黑洞系统包括部署数据安全存储方法,将所述用户在所述数据黑洞终端操作所产生的数据写重定向到与该用户对应的所述数据黑洞空间通过所述数据安全存储方法实现,所述数据安全存储方法包括:缓存指令运行环境;从第一存储位置读取目标地址,根据所述目标地址获取待调度的机器指令片段;所述待调度的机器指令片段的最后一条指令为第一程序转移指令;在所述第一存储位置保存所述第一程序转移指令的目标地址;分析所述待调度的机器指令片段中的每一条指令,如果其为存储指令,则修改所述存储指令中的目标地址为对应的所述数据黑洞空间的存储地址;将所述第一程序转移指令替换为第二程序转移指令,生成具有第二地址的重组指令片段;所述第二程序转移指令指向指令重组平台的入口地址;和恢复所述指令运行环境,并跳转到所述第二地址继续执行。
- 如权利要求1所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全存储方法,将所述用户在所述数据黑洞终端操作所产生的数据写重定向到与该用户对应的所述数据黑洞空间通过数据安全存储方法实现,所述数据安全存储方法包括:缓存指令运行环境;获取栈中保存的程序转移指令的地址和参数,计算下一条即将运行的指令地址,该地址为第一地址;根据所述第一地址获取待调度的机器指令片段;其中,所述待调度的机器指令片段的最后一条指令为第一程序转移指令;分析所述待调度机器指令片段中的每一条指令,如果其为存储指令,则修改所述存储指令中的目标地址为对应的所述数据黑洞空间的存储地址;替换所述第一程序转移指令为压栈指令,在所述压栈指令中记录所述第一程序转移指令的地址和操作数;在所述压栈指令之后加入第二程序转移指令,生成具有第二地址的重组指令片段;所述第二程序转移指令指向指令重组平台的入口地址;和恢复所述指令运行环境,并跳转到所述第二地址继续执行。
- 如权利要求7所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全读取方法,所述数据安全读取方法包括:缓存指令运行环境;所述指令运行环境包括地址寄存器,所述地址寄存器保存下一条将要运行的机器指令的地址,该地址为第一地址;获取待调度的机器指令片段;其中,所述待调度的机器指令片段的最后一条指令为第一程序转移指令;分析所述待调度的机器指令片段中的每一条指令,如果该硬件指 令是读取指令并且其欲读取的数据已经被存储到所述数据黑洞空间,更改所述读取指令的源地址为对应的所述数据黑洞空间的存储地址;在所述第一程序转移指令前,插入第二程序转移指令,生成具有第二地址的重组指令片段;所述第二程序转移指令指向指令重组平台的入口地址;将所述地址寄存器中的所述第一地址修改为所述第二地址;和恢复所述指令运行环境。
- 如权利要求8所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全读取方法,所述数据安全读取方法包括:缓存指令运行环境;从第一存储位置读取目标地址,根据所述目标地址获取待调度的机器指令片段;所述待调度的机器指令片段的最后一条指令为第一程序转移指令;在所述第一存储位置保存所述第一程序转移指令的目标地址;分析所述待调度的机器指令片段中的每一条指令,如果该硬件指令是读取指令并且其欲读取的数据已经被存储到所述数据黑洞空间,更改所述读取指令的源地址为对应的所述数据黑洞空间的存储地址;将所述第一程序转移指令替换为第二程序转移指令,生成具有第二地址的重组指令片段;所述第二程序转移指令指向指令重组平台的入口地址;和恢复所述指令运行环境,并跳转到所述第二地址继续执行。
- 如权利要求9所述的基于移动存储器的数据黑洞处理方法,其中,部署所述数据黑洞系统包括部署数据安全读取方法,所述数据安全读取方法包括:缓存指令运行环境;获取栈中保存的程序转移指令的地址和参数,计算下一条即将运行的指令地址,该地址为第一地址;根据所述第一地址获取待调度的机器指令片段;其中,所述待调度的机器指令片段的最后一条指令为第一程序转移指令;分析所述待调度的机器指令片段中的每一条指令,如果该硬件指令是读取指令并且其欲读取的数据已经被存储到所述数据黑洞空间,更改所述读取指令的源地址为对应的所述数据黑洞空间的存储地址;替换所述第一程序转移指令为压栈指令,在所述压栈指令中记录所述第一程序转移指令的地址和操作数;在所述压栈指令之后加入第二程序转移指令,生成具有第二地址的重组指令片段;所述第二程序转移指令指向指令重组平台的入口地址;和恢复所述指令运行环境,并跳转到所述第二地址继续执行。
- 如权利要求7-12中任一项所述的基于移动存储器的数据黑洞处理方法,其中,所述获取待调度的机器指令片段包括:从所述地址寄存器读取待调度的机器指令地址;以程序转移指令为检索目标,检索所述机器指令地址指向的机器指令及其后续指令,直到发现第一个程序转移指令,称为第一程序转 移指令;所述程序转移指令指能够改变机器指令顺序执行流程的机器指令;将所述第一程序转移指令以及其之前的所有待调度的机器指令作为一个待调度的机器指令片段。
- 如权利要求7-12中任一项所述的基于移动存储器的数据黑洞处理方法,其中,所述获取待调度的机器指令片段包括:从所述地址寄存器读取待调度的机器指令地址;以程序转移指令为检索目标,检索所述机器指令地址指向的机器指令及其后续指令,直到发现第一个参数地址程序转移指令,称为第一程序转移指令;所述程序转移指令指能够改变机器指令顺序执行流程的机器指令;将所述第一程序转移指令以及其之前的所有待调度的机器指令作为一个待调度的机器指令片段。
- 一种移动存储设备,包括:移动版数据安全存取单元以及安全存储空间,其中,所述移动存储设备本身携带操作系统,安所述全存储空间对于所述操作系统及所述操作系统之上的软件是不可用的,只能由所述移动版数据安全存取单元访问;其中,当所述移动存储设备与所述计算设备耦接时,所述计算设备的CPU用于执行所述移动存储设备本身携带的操作系统,用户通过所述计算设备的I/O与所述移动存储设备进行交互,所述移动版数据安全存取单元接收来自所述移动存储设备本身携带的操作系统的指令并将其发送给所述计算设备的CPU;其中,移动版数据安全存取单元包括:接收单元,适于接收硬件指令;指令分析单元,适于判断所述硬件指令是否为存储或读取指令,产生判断信号;指令修改单元,根据所述判断信号,适于当所述硬件指令为存储指令时,将所述存储指令中的目标地址修改为对应的在所述安全存储空间内的存储地址;还适于当所述硬件指令为读取指令时,查找映射位图,并根据映射位图的数据修改所述读取指令中的读取地址,其中,所述映射位图用于表示所述计算设备的本地存储空间的地址的数据是否转储到所述安全存储空间;发送单元,适于将修改后的读取或存储指令发送到硬件层执行。
- 如权利要求15所述的移动存储设备,还包括:更新单元,适于在所述指令修改单元修改所述存储指令之后,更新所述映射位图中所述目标地址对应的位。
- 如权利要求15所述的移动存储设备,还包括:加解密单元,与所述安全存储空间耦接,适于对进出所述安全存储空间的数据进行加解密操作。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2016550598A JP6317821B2 (ja) | 2014-03-04 | 2015-03-03 | データブラックホール処理方法及びモバイルストレージデバイス |
US15/116,193 US20160350530A1 (en) | 2014-03-04 | 2015-03-03 | Data blackhole processing method based on mobile storage device, and mobile storage device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410076582.1 | 2014-03-04 | ||
CN201410076582.1A CN103942499B (zh) | 2014-03-04 | 2014-03-04 | 基于移动存储器的数据黑洞处理方法及移动存储器 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015131800A1 true WO2015131800A1 (zh) | 2015-09-11 |
Family
ID=51190165
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2015/073556 WO2015131800A1 (zh) | 2014-03-04 | 2015-03-03 | 基于移动存储器的数据黑洞处理方法及移动存储器 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20160350530A1 (zh) |
JP (1) | JP6317821B2 (zh) |
CN (1) | CN103942499B (zh) |
WO (1) | WO2015131800A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109325354A (zh) * | 2017-07-31 | 2019-02-12 | 阿里巴巴集团控股有限公司 | 数据的存储、处理及读取方法、数据存储设备和系统 |
US11721806B2 (en) | 2020-08-28 | 2023-08-08 | Echion Technologies Limited | Active electrode material |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103942499B (zh) * | 2014-03-04 | 2017-01-11 | 中天安泰(北京)信息技术有限公司 | 基于移动存储器的数据黑洞处理方法及移动存储器 |
US10454619B2 (en) * | 2016-11-08 | 2019-10-22 | Microsoft Technology Licensing, Llc | Advanced retry mechanism for transmitting large datasets |
CN106919853A (zh) * | 2017-03-01 | 2017-07-04 | 中天安泰(北京)信息技术有限公司 | 一种计算设备配置装置及配置方法 |
CN106874797A (zh) * | 2017-03-01 | 2017-06-20 | 中天安泰(北京)信息技术有限公司 | 一种计算设备配置方法及计算设备配置装置 |
CN106874790A (zh) * | 2017-03-01 | 2017-06-20 | 中天安泰(北京)信息技术有限公司 | 一种计算设备运行方法及计算设备 |
CN106960159A (zh) * | 2017-05-09 | 2017-07-18 | 深圳市夏日晨光数码有限公司 | 具有安全加密功能的安全盘及安全加密方法 |
CN107240408B (zh) * | 2017-05-11 | 2019-05-10 | 中国科学院信息工程研究所 | 针对cd-rom光盘介质的读写管控系统 |
JP6310125B1 (ja) * | 2017-08-17 | 2018-04-11 | 九州電力株式会社 | データ保護システム、データ保護方法及びプログラム |
CN111222119A (zh) * | 2019-12-27 | 2020-06-02 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | 转储分析终端及机车运行数据的安全转储分析方法 |
CN114385067B (zh) * | 2020-10-19 | 2023-07-18 | 澜起科技股份有限公司 | 用于存储器系统的数据更新方法和存储器控制器 |
TWI780696B (zh) * | 2021-05-10 | 2022-10-11 | 創鑫智慧股份有限公司 | 查找表壓縮方法與查找表讀取方法及其計算設備、主機與裝置 |
US11481134B1 (en) * | 2021-05-24 | 2022-10-25 | Sap Se | Adaptive caching for hybrid columnar databases with heterogeneous page sizes |
Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101082886A (zh) * | 2006-05-30 | 2007-12-05 | 松下电器产业株式会社 | 存储器数据保护装置及ic卡用lsi |
WO2012145916A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
WO2012145915A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
WO2012145917A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 运行时指令重组方法及装置 |
CN103679039A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
CN103679041A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
CN103677746A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103677769A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103679040A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
CN103677770A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103679042A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
CN103927493A (zh) * | 2014-03-04 | 2014-07-16 | 北京中天安泰信息科技有限公司 | 数据黑洞处理方法 |
CN103942492A (zh) * | 2014-03-04 | 2014-07-23 | 北京中天安泰信息科技有限公司 | 单机版数据黑洞处理方法及计算设备 |
CN103942499A (zh) * | 2014-03-04 | 2014-07-23 | 北京中天安泰信息科技有限公司 | 基于移动存储器的数据黑洞处理方法及移动存储器 |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7058973B1 (en) * | 2000-03-03 | 2006-06-06 | Symantec Corporation | Network address translation gateway for local area networks using local IP addresses and non-translatable port addresses |
GB2398134A (en) * | 2003-01-27 | 2004-08-11 | Hewlett Packard Co | Applying a data handing policy to predetermined system calls |
JP4347582B2 (ja) * | 2003-02-04 | 2009-10-21 | パナソニック株式会社 | 情報処理装置 |
CN1926616B (zh) * | 2004-01-19 | 2011-09-14 | 特科2000国际有限公司 | 使用存储器地址映射表的便携式数据存储设备 |
US20050261857A1 (en) * | 2004-05-21 | 2005-11-24 | Clark Jones | System and method for linking and loading compiled pattern data |
US7467272B2 (en) * | 2004-12-16 | 2008-12-16 | International Business Machines Corporation | Write protection of subroutine return addresses |
US20060149918A1 (en) * | 2004-12-30 | 2006-07-06 | Rudelic John C | Memory with modifiable address map |
JP4806557B2 (ja) * | 2005-10-18 | 2011-11-02 | 株式会社日立製作所 | ログを管理するストレージ装置及び計算機システム |
US8898802B2 (en) * | 2005-10-24 | 2014-11-25 | Science Park Corporation | Electronic computer data management method, program, and recording medium |
US7882365B2 (en) * | 2006-12-22 | 2011-02-01 | Spansion Llc | Systems and methods for distinguishing between actual data and erased/blank memory with regard to encrypted data |
JP4287485B2 (ja) * | 2007-07-30 | 2009-07-01 | 日立ソフトウエアエンジニアリング株式会社 | 情報処理装置及び方法、コンピュータ読み取り可能な記録媒体、並びに、外部記憶媒体 |
JP2009043133A (ja) * | 2007-08-10 | 2009-02-26 | Hitachi Software Eng Co Ltd | 情報処理装置 |
US8578124B2 (en) * | 2009-12-18 | 2013-11-05 | Symantec Corporation | Storage systems and methods with pre-reserve allocation |
US20110153944A1 (en) * | 2009-12-22 | 2011-06-23 | Klaus Kursawe | Secure Cache Memory Architecture |
JP2011150388A (ja) * | 2010-01-19 | 2011-08-04 | Hitachi Solutions Ltd | 機密区分情報に基づいたファイル保存先パス変換システム及び方法 |
CN102023817A (zh) * | 2010-12-03 | 2011-04-20 | 深圳市江波龙电子有限公司 | 一种存储设备数据的读写控制方法及系统 |
CN103620613B (zh) * | 2011-03-28 | 2018-06-12 | 迈克菲股份有限公司 | 用于基于虚拟机监视器的反恶意软件安全的系统和方法 |
US9015853B2 (en) * | 2012-06-15 | 2015-04-21 | The Regents Of The University Of California | Concealing access patterns to electronic data storage for privacy |
KR102139327B1 (ko) * | 2012-11-15 | 2020-07-29 | 삼성전자주식회사 | 불휘발성 메모리 장치 및 불휘발성 메모리 장치의 동작 방법 |
-
2014
- 2014-03-04 CN CN201410076582.1A patent/CN103942499B/zh not_active Expired - Fee Related
-
2015
- 2015-03-03 US US15/116,193 patent/US20160350530A1/en not_active Abandoned
- 2015-03-03 JP JP2016550598A patent/JP6317821B2/ja active Active
- 2015-03-03 WO PCT/CN2015/073556 patent/WO2015131800A1/zh active Application Filing
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101082886A (zh) * | 2006-05-30 | 2007-12-05 | 松下电器产业株式会社 | 存储器数据保护装置及ic卡用lsi |
WO2012145916A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
WO2012145915A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
WO2012145917A1 (zh) * | 2011-04-29 | 2012-11-01 | 北京中天安泰信息科技有限公司 | 运行时指令重组方法及装置 |
CN103679039A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
CN103679041A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
CN103677746A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103677769A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103679040A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全读取方法及装置 |
CN103677770A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 指令重组方法及装置 |
CN103679042A (zh) * | 2012-09-06 | 2014-03-26 | 北京中天安泰信息科技有限公司 | 数据安全存储方法及装置 |
CN103927493A (zh) * | 2014-03-04 | 2014-07-16 | 北京中天安泰信息科技有限公司 | 数据黑洞处理方法 |
CN103942492A (zh) * | 2014-03-04 | 2014-07-23 | 北京中天安泰信息科技有限公司 | 单机版数据黑洞处理方法及计算设备 |
CN103942499A (zh) * | 2014-03-04 | 2014-07-23 | 北京中天安泰信息科技有限公司 | 基于移动存储器的数据黑洞处理方法及移动存储器 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109325354A (zh) * | 2017-07-31 | 2019-02-12 | 阿里巴巴集团控股有限公司 | 数据的存储、处理及读取方法、数据存储设备和系统 |
CN109325354B (zh) * | 2017-07-31 | 2022-06-28 | 阿里云计算有限公司 | 数据的存储、处理及读取方法、数据存储设备和系统 |
US11721806B2 (en) | 2020-08-28 | 2023-08-08 | Echion Technologies Limited | Active electrode material |
Also Published As
Publication number | Publication date |
---|---|
JP2017514196A (ja) | 2017-06-01 |
JP6317821B2 (ja) | 2018-04-25 |
US20160350530A1 (en) | 2016-12-01 |
CN103942499A (zh) | 2014-07-23 |
CN103942499B (zh) | 2017-01-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2015131800A1 (zh) | 基于移动存储器的数据黑洞处理方法及移动存储器 | |
US9989043B2 (en) | System and method for processor-based security | |
CN107977573B (zh) | 用于安全的盘访问控制的方法和系统 | |
KR101626424B1 (ko) | 가상 머신 모니터 기반 안티 악성 소프트웨어 보안 시스템 및 방법 | |
WO2015131801A1 (zh) | 数据黑洞处理方法 | |
CN103299284B (zh) | 数据安全读取方法及装置 | |
US10091213B2 (en) | Systems and methods to provide secure storage | |
WO2008039241A1 (en) | Methodology, system and computer readable medium for detecting and managing malware threats | |
JP2014515858A (ja) | 実行中の命令を再結合する方法および装置 | |
JP6255336B2 (ja) | 安全なデータ格納方法およびデバイス | |
CN103488919A (zh) | 一种可执行程序的保护方法及装置 | |
Tian et al. | A practical intel sgx setting for linux containers in the cloud | |
Zhao et al. | TEE-aided write protection against privileged data tampering | |
WO2015131799A1 (zh) | 单机版数据黑洞处理方法及计算设备 | |
Hong et al. | Personal privacy protection framework based on hidden technology for smartphones | |
KR20220085786A (ko) | 랜섬웨어 방지 | |
Καράμπορος | File system security and protection from software-based fault injection attacks | |
Sun et al. | Design and Implementation Considerations for a Virtual File System Using an Inode Data Structure | |
Yang et al. | An Android Data Protection Scheme for System-as-Root Architectures | |
Surie et al. | Rapid trust establishment for transient use of unmanaged hardware | |
Butler et al. | SwitchBlade: Policy-Driven Disk Segmentation | |
Palm et al. | Security Analysis of the Palm Operating System and its Weaknesses Against Malicious Code Threats |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15758276 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15116193 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: 2016550598 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 15758276 Country of ref document: EP Kind code of ref document: A1 |