CN101236535B - Hard disk encryption method based on optical disk under Window environment - Google Patents

Hard disk encryption method based on optical disk under Window environment Download PDF

Info

Publication number
CN101236535B
CN101236535B CN2007101198166A CN200710119816A CN101236535B CN 101236535 B CN101236535 B CN 101236535B CN 2007101198166 A CN2007101198166 A CN 2007101198166A CN 200710119816 A CN200710119816 A CN 200710119816A CN 101236535 B CN101236535 B CN 101236535B
Authority
CN
China
Prior art keywords
hard disk
encryption
hard disc
target hard
read
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2007101198166A
Other languages
Chinese (zh)
Other versions
CN101236535A (en
Inventor
王佐
谭毓安
虞振飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN2007101198166A priority Critical patent/CN101236535B/en
Publication of CN101236535A publication Critical patent/CN101236535A/en
Application granted granted Critical
Publication of CN101236535B publication Critical patent/CN101236535B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to the computer safety field, in particular to a method for preventing hard disc data leakage. The invention comprises a compact disc, a section of loading program which is stored in memory space from 0xA000 to 0xA7FF of the compact disc, and a section of hard disc enciphering and deciphering program which is stored in memory space from 0x0000 to 0x7FFF of the compact disc, wherein, a loading program monitors the Windows operating system to interrupt read-write of a target hard disc through an INT13H and finishes encryption and decipherment of target hard disc data, and simultaneously the hard disc enciphering and deciphering program is embedded into the Windows operating system when a computer is started; a hard disc enciphering and deciphering program monitors the Windows operating system to read and write the target hard disc through a driver and finishes encryption and decipherment of the target hard disc data. The method for preventing hard disc data leakageis novel in design, and no additional hardware device is needed to be arranged between a mainboard and the hard disc of the computer; the use cost is low, and only the compact disc is needed; the useis convenient, and a sequence number of the compact disc and a hardware sequence number of the target hard disc generate a cryptographic key required by encryption and decipherment; the cryptographickey binds the compact disc and the target hard disc into the relationship of a key and a lock; a user only needs to insert the cryptographic key into a matched compact disc and does not need to inputuser name and code.

Description

Under the Windows environment based on the hard disk encryption method of CD
Technical field
The present invention relates to computer safety field, provided a kind of method that prevents that hard disc data from revealing specifically.
Background technology
Along with the level of informatization is more and more higher, it is especially important that information security seems.The data of computing machine generally are stored on the local hard drive, undelegated copying data even directly steal hard disk and can bring serious loss to the computer user.In the scheme that hard disc data reveals hard disc data is encrypted a kind of effective ways of can yet be regarded as numerous preventing.
The HD encryption scheme that exists generally needs in conjunction with complicated hardware equipment at present, and as increase extra hardware device between computer motherboard and hard disk, use cost is higher.In addition, since tightr with combination of hardware, there is compatible problem.
Summary of the invention
The object of the present invention is to provide a kind of cheaply based on the HD encryption scheme of CD.
Technical scheme of the present invention is:
Comprise a CD, one section loading procedure that leaves CD 0xA000 to the 0xA7FF storage space in, one section HD encryption decrypted program that leaves CD 0x0000 to the 0x7FFF storage space in; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the sequence number CID of CD and the hardware sequence number HID of target hard disk, and (CID HID) calculates the key that the target hard disk encryption and decryption need by function f.
Loading procedure leaves the storage space of CD 0xA000 to 0xA7FF in; When computing machine during from optical disk start-up, BIOS reads in internal memory with loading procedure to be carried out; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
The HD encryption decrypted program leaves the storage space of CD 0x0000 to 0x7FFF in; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
When computing machine during from optical disk start-up, BIOS reads in internal memory 0000:7C00 and execution leaving the loading procedure of CD 0xA000 to the 0xA7FF storage space in.Loading procedure comes the read-write of supervisory control comuter to target hard disk by the interrupt service routine of revising INT13H.After loading procedure is finished modification, the content of hard disk 0 sector is read in internal memory 0000:7C00 and execution, start Windows operating system from hard disk.In start-up course subsequently, the Windows boot (Osloader.exe) on the hard disk reads registry information and filesystem information by INT13H.Loading procedure monitors the read-write of boot to registration table, call original INT13H interrupt service routine and read registration table on the hard disk to internal memory, and in internal memory, revise the content read, allow on hard disk of boot program loads and non-existent Kernel Driver.When boot read this Kernel Driver by INT13H, loading procedure was redirected to CD to read operation, read to leave the HD encryption decrypted program of CD 0x0000 to the 0x7FFF storage space in.So far, boot has obtained the content of HD encryption decrypted program, and according to the indication of registration table with its Windows operating system of packing into.After boot is finished system initialization work, Windows operating system will abandon using INT13H to interrupt using instead memory devices such as driver access hard disk.Be embedded into the monitoring of the HD encryption decrypted program adapter of Windows operating system nucleus to the target hard disk read-write operation, the data that the deciphering read operation is obtained, the data of encrypting write operation as the disk filter drive program.
The invention has the beneficial effects as follows:
1) modern design.Need between computer motherboard and hard disk, not increase extra hardware device.
2) use cost is low.Only need a CD.
3) easy to use.The sequence number of CD and the hardware sequence number of target hard disk produce the key that encrypting and decrypting needs.This key is bound the relation of key and lock with CD and target hard disk, and the CD that inserts coupling gets final product, and does not need to import username and password.
Description of drawings
Fig. 1-disk storage driver level synoptic diagram.
The use synoptic diagram in Fig. 2-optical disc storage space.
Fig. 3-from the workflow diagram of optical disk start-up.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is described in further detail.The present invention is not limited only to following examples, everyly utilizes mentality of designing of the present invention, and the design of doing some simple change all should enter within protection scope of the present invention.
CD is as the carrier of loading procedure and HD encryption decrypted program.Loading procedure leaves 0 sector of CD in, and the HD encryption decrypted program leaves the storage space of CD 0x0000 to 0x7FFF in, as Fig. 2.
HD encryption decrypted program (DiskSecure.sys) is operated in the Windows operating system nucleus, is positioned between disk driver (Disk.sys) and the subregion driver (PartMgr.sys), as Fig. 1.Behind the Windows os starting, computing machine is finished by input and output request package (IRP) the read-write operation of hard disk.When Windows operating system needs access hard disk, construct corresponding IRP and following layer by layer the biography.The HD encryption decrypted program is analyzed the IRP that the subregion driver hands down: if IRP is read operation, the HD encryption decrypted program sends to disk driver with this IRP earlier, and disk driver returns to the HD encryption decrypted program with this IRP after finishing read operation.The HD encryption decrypted program uses the data among the secret key decryption IRP; After finishing deciphering IRP is returned to Windows operating system.If IRP is a write operation, the HD encryption decrypted program is created a new IRP again according to this IRP, and uses the data among the new IRP that creates of secret key encryption; After finishing encryption, the IRP that newly creates is sent to disk driver.
Need a lot of initialization datas during the Windwos os starting, these data are kept in the registration table.During system start-up, boot reads registration table and finishes initialization operation.Loading procedure monitoring boot is revised the data that boot reads to the read operation of registration table and file system in internal memory.
HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control Class the { hierarchical sequence of UpperFilters key indication disk storage driver among the 4D36E967-E325-11CE-BFC1-08002BE10318}: PartMgr.sys, Diskperf.sys.Wherein Diskperf.sys is that Windows 2000 is exclusive.Here we need make amendment the UpperFilters key assignments in the internal memory, and hierarchical sequence becomes: DiskSecure.sys, PartMgr.sys, Diskperf.sys.In addition, we also need be in internal memory HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet increase the DiskSecure key below the Services key, and HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services increase Start under the DiskSecure key, key assignments such as Group and give corresponding value.Wherein Start=0 represents that DiskSecure.sys packs into when computer starting.After the modification of registry data in the internal memory come into force, boot need be obtained the information of DiskSecure.sys file from file system.Loading procedure intercept and capture boot to SYSTEM32 the visit of DRIVERS directory information, in internal memory, increase the information of DiskSecure.sys, as file size, document location or the like.When boot reads DiskSecure.sys when (DiskSecure.sys does not exist) according to these information on hard disk, loading procedure is read operation and be redirected to CD, reads to leave the DiskSecure.sys of CD 0x0000 to the 0x7FFF space in.So far, boot has obtained the content of DiskSecure.sys, and according to the indication of registration table with the DiskSecure.sys Windows operating system of packing into, as shown in Figure 3.

Claims (1)

1.Windows under the environment based on the hard disk encryption method of CD, it is characterized in that: computing machine is from optical disk start-up, has one section loading procedure that leaves CD 0xA000 to the 0xA7FF storage space in the described CD, one section HD encryption decrypted program that leaves CD 0x0000 to the 0x7FFF storage space in; When computing machine during from optical disk start-up, BIOS reads in internal memory with loading procedure to be carried out; Loading procedure comes monitoring Windows operating system to interrupt the read-write target hard disk by INT13H by revising the INT13H interrupt service routine, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In start-up course, loading procedure is revised registry information and the filesystem information that the Windows boot reads in internal memory, allow on hard disk of boot program loads and non-existent Kernel Driver, when boot reads this Kernel Driver by INT13H, loading procedure is redirected to CD to read operation, read the HD encryption decrypted program, thereby the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the sequence number CID of CD and the hardware sequence number HID of target hard disk, and (CID HID) calculates the key that the target hard disk encryption and decryption need by function f.
CN2007101198166A 2007-07-31 2007-07-31 Hard disk encryption method based on optical disk under Window environment Expired - Fee Related CN101236535B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2007101198166A CN101236535B (en) 2007-07-31 2007-07-31 Hard disk encryption method based on optical disk under Window environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2007101198166A CN101236535B (en) 2007-07-31 2007-07-31 Hard disk encryption method based on optical disk under Window environment

Publications (2)

Publication Number Publication Date
CN101236535A CN101236535A (en) 2008-08-06
CN101236535B true CN101236535B (en) 2010-12-22

Family

ID=39920165

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007101198166A Expired - Fee Related CN101236535B (en) 2007-07-31 2007-07-31 Hard disk encryption method based on optical disk under Window environment

Country Status (1)

Country Link
CN (1) CN101236535B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108595982B (en) * 2018-03-19 2021-09-10 中国电子科技集团公司第三十研究所 Secure computing architecture method and device based on multi-container separation processing
CN113221171A (en) * 2021-05-21 2021-08-06 杭州弗兰科信息安全科技有限公司 Encrypted file reading and writing method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1294457A (en) * 1999-10-26 2001-05-09 国际商业机器公司 Encrypted/deencrypted stored data by utilizing disaccessible only secret key
CN1601430A (en) * 2004-10-14 2005-03-30 苏州超锐微电子有限公司 Method of carrying out hard disk protection by utilizing encryption of main zoning
CN1776563A (en) * 2005-12-19 2006-05-24 清华紫光股份有限公司 File encrypting device based on USB interface
CN1928881A (en) * 2006-09-26 2007-03-14 南京擎天科技有限公司 Computer data security protective method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1294457A (en) * 1999-10-26 2001-05-09 国际商业机器公司 Encrypted/deencrypted stored data by utilizing disaccessible only secret key
CN1601430A (en) * 2004-10-14 2005-03-30 苏州超锐微电子有限公司 Method of carrying out hard disk protection by utilizing encryption of main zoning
CN1776563A (en) * 2005-12-19 2006-05-24 清华紫光股份有限公司 File encrypting device based on USB interface
CN1928881A (en) * 2006-09-26 2007-03-14 南京擎天科技有限公司 Computer data security protective method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
JP特開2006-318435A 2006.11.24
胡晓军等.USB软件加密卡及其驱动程序的设计与开发.计算机应用28 8.2002,28(8),7-9.
胡晓军等.USB软件加密卡及其驱动程序的设计与开发.计算机应用28 8.2002,28(8),7-9. *

Also Published As

Publication number Publication date
CN101236535A (en) 2008-08-06

Similar Documents

Publication Publication Date Title
US5748744A (en) Secure mass storage system for computers
US7725614B2 (en) Portable mass storage device with virtual machine activation
JP5175856B2 (en) Protection and method of flash memory block in secure device system
AU2006205315B2 (en) Method and portable storage device for allocating secure area in insecure area
KR100678927B1 (en) Method and portable storage device for allocating secure area in insecure area
KR101081118B1 (en) System and method for securely restoring a program context from a shared memory
WO2011114655A1 (en) Information processing device, virtual machine generation method, and application software distribution system
US20090240953A1 (en) On-disk software image encryption
EP2264640B1 (en) Feature specific keys for executable code
US7818567B2 (en) Method for protecting security accounts manager (SAM) files within windows operating systems
US20030061494A1 (en) Method and system for protecting data on a pc platform using bulk non-volatile storage
US20080263542A1 (en) Software-Firmware Transfer System
CN103488919A (en) Protection method and device for executable programs
KR20140051350A (en) Digital signing authority dependent platform secret
CN101334827A (en) Magnetic disc encryption method and magnetic disc encryption system for implementing the method
CN101236532B (en) Hard disk encryption method based on USB equipment under Window environment
CN102073597B (en) A kind of operating system dish full disk encryption method based on authenticating user identification
WO2008021682A2 (en) Portable mass storage with virtual machine activation
EP3785149B1 (en) Memory assignment for guest operating systems
CN103823692A (en) Computer operating system starting method
US8086873B2 (en) Method for controlling file access on computer systems
CN103605934A (en) Protection method and device for executable files
CN101236535B (en) Hard disk encryption method based on optical disk under Window environment
US20110145596A1 (en) Secure Data Handling In A Computer System
CN101236534A (en) Hard disk encryption method based on PCI card under Window environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20101222

Termination date: 20110731