CN101236535B - Hard disk encryption method based on optical disk under Window environment - Google Patents
Hard disk encryption method based on optical disk under Window environment Download PDFInfo
- Publication number
- CN101236535B CN101236535B CN2007101198166A CN200710119816A CN101236535B CN 101236535 B CN101236535 B CN 101236535B CN 2007101198166 A CN2007101198166 A CN 2007101198166A CN 200710119816 A CN200710119816 A CN 200710119816A CN 101236535 B CN101236535 B CN 101236535B
- Authority
- CN
- China
- Prior art keywords
- hard disk
- encryption
- hard disc
- target hard
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention relates to the computer safety field, in particular to a method for preventing hard disc data leakage. The invention comprises a compact disc, a section of loading program which is stored in memory space from 0xA000 to 0xA7FF of the compact disc, and a section of hard disc enciphering and deciphering program which is stored in memory space from 0x0000 to 0x7FFF of the compact disc, wherein, a loading program monitors the Windows operating system to interrupt read-write of a target hard disc through an INT13H and finishes encryption and decipherment of target hard disc data, and simultaneously the hard disc enciphering and deciphering program is embedded into the Windows operating system when a computer is started; a hard disc enciphering and deciphering program monitors the Windows operating system to read and write the target hard disc through a driver and finishes encryption and decipherment of the target hard disc data. The method for preventing hard disc data leakageis novel in design, and no additional hardware device is needed to be arranged between a mainboard and the hard disc of the computer; the use cost is low, and only the compact disc is needed; the useis convenient, and a sequence number of the compact disc and a hardware sequence number of the target hard disc generate a cryptographic key required by encryption and decipherment; the cryptographickey binds the compact disc and the target hard disc into the relationship of a key and a lock; a user only needs to insert the cryptographic key into a matched compact disc and does not need to inputuser name and code.
Description
Technical field
The present invention relates to computer safety field, provided a kind of method that prevents that hard disc data from revealing specifically.
Background technology
Along with the level of informatization is more and more higher, it is especially important that information security seems.The data of computing machine generally are stored on the local hard drive, undelegated copying data even directly steal hard disk and can bring serious loss to the computer user.In the scheme that hard disc data reveals hard disc data is encrypted a kind of effective ways of can yet be regarded as numerous preventing.
The HD encryption scheme that exists generally needs in conjunction with complicated hardware equipment at present, and as increase extra hardware device between computer motherboard and hard disk, use cost is higher.In addition, since tightr with combination of hardware, there is compatible problem.
Summary of the invention
The object of the present invention is to provide a kind of cheaply based on the HD encryption scheme of CD.
Technical scheme of the present invention is:
Comprise a CD, one section loading procedure that leaves CD 0xA000 to the 0xA7FF storage space in, one section HD encryption decrypted program that leaves CD 0x0000 to the 0x7FFF storage space in; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the sequence number CID of CD and the hardware sequence number HID of target hard disk, and (CID HID) calculates the key that the target hard disk encryption and decryption need by function f.
Loading procedure leaves the storage space of CD 0xA000 to 0xA7FF in; When computing machine during from optical disk start-up, BIOS reads in internal memory with loading procedure to be carried out; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
The HD encryption decrypted program leaves the storage space of CD 0x0000 to 0x7FFF in; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
When computing machine during from optical disk start-up, BIOS reads in internal memory 0000:7C00 and execution leaving the loading procedure of CD 0xA000 to the 0xA7FF storage space in.Loading procedure comes the read-write of supervisory control comuter to target hard disk by the interrupt service routine of revising INT13H.After loading procedure is finished modification, the content of hard disk 0 sector is read in internal memory 0000:7C00 and execution, start Windows operating system from hard disk.In start-up course subsequently, the Windows boot (Osloader.exe) on the hard disk reads registry information and filesystem information by INT13H.Loading procedure monitors the read-write of boot to registration table, call original INT13H interrupt service routine and read registration table on the hard disk to internal memory, and in internal memory, revise the content read, allow on hard disk of boot program loads and non-existent Kernel Driver.When boot read this Kernel Driver by INT13H, loading procedure was redirected to CD to read operation, read to leave the HD encryption decrypted program of CD 0x0000 to the 0x7FFF storage space in.So far, boot has obtained the content of HD encryption decrypted program, and according to the indication of registration table with its Windows operating system of packing into.After boot is finished system initialization work, Windows operating system will abandon using INT13H to interrupt using instead memory devices such as driver access hard disk.Be embedded into the monitoring of the HD encryption decrypted program adapter of Windows operating system nucleus to the target hard disk read-write operation, the data that the deciphering read operation is obtained, the data of encrypting write operation as the disk filter drive program.
The invention has the beneficial effects as follows:
1) modern design.Need between computer motherboard and hard disk, not increase extra hardware device.
2) use cost is low.Only need a CD.
3) easy to use.The sequence number of CD and the hardware sequence number of target hard disk produce the key that encrypting and decrypting needs.This key is bound the relation of key and lock with CD and target hard disk, and the CD that inserts coupling gets final product, and does not need to import username and password.
Description of drawings
Fig. 1-disk storage driver level synoptic diagram.
The use synoptic diagram in Fig. 2-optical disc storage space.
Fig. 3-from the workflow diagram of optical disk start-up.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is described in further detail.The present invention is not limited only to following examples, everyly utilizes mentality of designing of the present invention, and the design of doing some simple change all should enter within protection scope of the present invention.
CD is as the carrier of loading procedure and HD encryption decrypted program.Loading procedure leaves 0 sector of CD in, and the HD encryption decrypted program leaves the storage space of CD 0x0000 to 0x7FFF in, as Fig. 2.
HD encryption decrypted program (DiskSecure.sys) is operated in the Windows operating system nucleus, is positioned between disk driver (Disk.sys) and the subregion driver (PartMgr.sys), as Fig. 1.Behind the Windows os starting, computing machine is finished by input and output request package (IRP) the read-write operation of hard disk.When Windows operating system needs access hard disk, construct corresponding IRP and following layer by layer the biography.The HD encryption decrypted program is analyzed the IRP that the subregion driver hands down: if IRP is read operation, the HD encryption decrypted program sends to disk driver with this IRP earlier, and disk driver returns to the HD encryption decrypted program with this IRP after finishing read operation.The HD encryption decrypted program uses the data among the secret key decryption IRP; After finishing deciphering IRP is returned to Windows operating system.If IRP is a write operation, the HD encryption decrypted program is created a new IRP again according to this IRP, and uses the data among the new IRP that creates of secret key encryption; After finishing encryption, the IRP that newly creates is sent to disk driver.
Need a lot of initialization datas during the Windwos os starting, these data are kept in the registration table.During system start-up, boot reads registration table and finishes initialization operation.Loading procedure monitoring boot is revised the data that boot reads to the read operation of registration table and file system in internal memory.
HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control Class the { hierarchical sequence of UpperFilters key indication disk storage driver among the 4D36E967-E325-11CE-BFC1-08002BE10318}: PartMgr.sys, Diskperf.sys.Wherein Diskperf.sys is that Windows 2000 is exclusive.Here we need make amendment the UpperFilters key assignments in the internal memory, and hierarchical sequence becomes: DiskSecure.sys, PartMgr.sys, Diskperf.sys.In addition, we also need be in internal memory HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet increase the DiskSecure key below the Services key, and HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services increase Start under the DiskSecure key, key assignments such as Group and give corresponding value.Wherein Start=0 represents that DiskSecure.sys packs into when computer starting.After the modification of registry data in the internal memory come into force, boot need be obtained the information of DiskSecure.sys file from file system.Loading procedure intercept and capture boot to SYSTEM32 the visit of DRIVERS directory information, in internal memory, increase the information of DiskSecure.sys, as file size, document location or the like.When boot reads DiskSecure.sys when (DiskSecure.sys does not exist) according to these information on hard disk, loading procedure is read operation and be redirected to CD, reads to leave the DiskSecure.sys of CD 0x0000 to the 0x7FFF space in.So far, boot has obtained the content of DiskSecure.sys, and according to the indication of registration table with the DiskSecure.sys Windows operating system of packing into, as shown in Figure 3.
Claims (1)
1.Windows under the environment based on the hard disk encryption method of CD, it is characterized in that: computing machine is from optical disk start-up, has one section loading procedure that leaves CD 0xA000 to the 0xA7FF storage space in the described CD, one section HD encryption decrypted program that leaves CD 0x0000 to the 0x7FFF storage space in; When computing machine during from optical disk start-up, BIOS reads in internal memory with loading procedure to be carried out; Loading procedure comes monitoring Windows operating system to interrupt the read-write target hard disk by INT13H by revising the INT13H interrupt service routine, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In start-up course, loading procedure is revised registry information and the filesystem information that the Windows boot reads in internal memory, allow on hard disk of boot program loads and non-existent Kernel Driver, when boot reads this Kernel Driver by INT13H, loading procedure is redirected to CD to read operation, read the HD encryption decrypted program, thereby the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the sequence number CID of CD and the hardware sequence number HID of target hard disk, and (CID HID) calculates the key that the target hard disk encryption and decryption need by function f.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101198166A CN101236535B (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on optical disk under Window environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101198166A CN101236535B (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on optical disk under Window environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101236535A CN101236535A (en) | 2008-08-06 |
CN101236535B true CN101236535B (en) | 2010-12-22 |
Family
ID=39920165
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007101198166A Expired - Fee Related CN101236535B (en) | 2007-07-31 | 2007-07-31 | Hard disk encryption method based on optical disk under Window environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101236535B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108595982B (en) * | 2018-03-19 | 2021-09-10 | 中国电子科技集团公司第三十研究所 | Secure computing architecture method and device based on multi-container separation processing |
CN113221171A (en) * | 2021-05-21 | 2021-08-06 | 杭州弗兰科信息安全科技有限公司 | Encrypted file reading and writing method and device, electronic equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1294457A (en) * | 1999-10-26 | 2001-05-09 | 国际商业机器公司 | Encrypted/deencrypted stored data by utilizing disaccessible only secret key |
CN1601430A (en) * | 2004-10-14 | 2005-03-30 | 苏州超锐微电子有限公司 | Method of carrying out hard disk protection by utilizing encryption of main zoning |
CN1776563A (en) * | 2005-12-19 | 2006-05-24 | 清华紫光股份有限公司 | File encrypting device based on USB interface |
CN1928881A (en) * | 2006-09-26 | 2007-03-14 | 南京擎天科技有限公司 | Computer data security protective method |
-
2007
- 2007-07-31 CN CN2007101198166A patent/CN101236535B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1294457A (en) * | 1999-10-26 | 2001-05-09 | 国际商业机器公司 | Encrypted/deencrypted stored data by utilizing disaccessible only secret key |
CN1601430A (en) * | 2004-10-14 | 2005-03-30 | 苏州超锐微电子有限公司 | Method of carrying out hard disk protection by utilizing encryption of main zoning |
CN1776563A (en) * | 2005-12-19 | 2006-05-24 | 清华紫光股份有限公司 | File encrypting device based on USB interface |
CN1928881A (en) * | 2006-09-26 | 2007-03-14 | 南京擎天科技有限公司 | Computer data security protective method |
Non-Patent Citations (3)
Title |
---|
JP特開2006-318435A 2006.11.24 |
胡晓军等.USB软件加密卡及其驱动程序的设计与开发.计算机应用28 8.2002,28(8),7-9. |
胡晓军等.USB软件加密卡及其驱动程序的设计与开发.计算机应用28 8.2002,28(8),7-9. * |
Also Published As
Publication number | Publication date |
---|---|
CN101236535A (en) | 2008-08-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5748744A (en) | Secure mass storage system for computers | |
US7725614B2 (en) | Portable mass storage device with virtual machine activation | |
JP5175856B2 (en) | Protection and method of flash memory block in secure device system | |
AU2006205315B2 (en) | Method and portable storage device for allocating secure area in insecure area | |
KR100678927B1 (en) | Method and portable storage device for allocating secure area in insecure area | |
KR101081118B1 (en) | System and method for securely restoring a program context from a shared memory | |
WO2011114655A1 (en) | Information processing device, virtual machine generation method, and application software distribution system | |
US20090240953A1 (en) | On-disk software image encryption | |
EP2264640B1 (en) | Feature specific keys for executable code | |
US7818567B2 (en) | Method for protecting security accounts manager (SAM) files within windows operating systems | |
US20030061494A1 (en) | Method and system for protecting data on a pc platform using bulk non-volatile storage | |
US20080263542A1 (en) | Software-Firmware Transfer System | |
CN103488919A (en) | Protection method and device for executable programs | |
KR20140051350A (en) | Digital signing authority dependent platform secret | |
CN101334827A (en) | Magnetic disc encryption method and magnetic disc encryption system for implementing the method | |
CN101236532B (en) | Hard disk encryption method based on USB equipment under Window environment | |
CN102073597B (en) | A kind of operating system dish full disk encryption method based on authenticating user identification | |
WO2008021682A2 (en) | Portable mass storage with virtual machine activation | |
EP3785149B1 (en) | Memory assignment for guest operating systems | |
CN103823692A (en) | Computer operating system starting method | |
US8086873B2 (en) | Method for controlling file access on computer systems | |
CN103605934A (en) | Protection method and device for executable files | |
CN101236535B (en) | Hard disk encryption method based on optical disk under Window environment | |
US20110145596A1 (en) | Secure Data Handling In A Computer System | |
CN101236534A (en) | Hard disk encryption method based on PCI card under Window environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20101222 Termination date: 20110731 |