Enciphered protection and read write control method for computer data

Abstract

This invention relates to a computer data cipher protection and a read / write control method, which applies a generate method combining a serial bus ciphering dog or software identity certification with the sector stage read / write interception to realize cipher to hard disk data, which utilizes the sector stage read / write interception method to intercept all read / write operations, carries out cipher / decipher conversion in the cipher core under the condition of existing related identity certification to realize the cipher to disk data and read / write control.

Description

Technical field [0001] The present invention relates to an encryption protection of computer data and a related read-write control method, in particular a universal serial bus dongle (USB-KEY), sector-level read-write interception, and an encryption core (the encryption core is responsible for the data Encryption and decryption) and a combination of controlling read and write operations. Background technique: [0002] Authenex’s data encryption product HDLOCK uses a combination of USB-KEY and software encryption core to encrypt data on hard disk files. Its implementation technology is based on the file filtering technology of the operating system, that is, intercept all read and write operations on files, and perform encryption and decryption conversion in the encryption core. This conversion will only be performed when the corresponding USB-KEY exists. If it does not exist, the encrypted file data cannot be read correctly, thus realizing the encryption of the data. Disadvantages...

AI Technical Summary

Problems solved by technology

Its disadvantages: ①The object of encryption is file content data, not all data on the hard disk

②Encrypted files can still be seen, and can still be deleted when there is no corresponding USB-KEY, resulting in data loss

③Because the file filtering technology can only intercept the read and write operations with files as the object, it is impossible to intercept the read and write directly to the sector, such as formatting. The attacker only needs to use the formatting function to store important data completely destroyed

The user puts the files to be encrypted in this virtual partition, and the read and write operations in this virtual partition will be encrypted. If there is no corresponding USB-KEY, it cannot be accessed

Disadvantages: ① Existing data cannot be protected. If you want to protect it, you must first copy it to the virtual partition

②Like HDLOCK, it can only protect data in the form of files ③It can only be operated in the predetermined space size

④Because the virtual partition of Hidden Dragon Token is also a file, the attacker can still delete it or format the partition where it is located without the KEY, resulting in data loss

Disadvantages: ①The cost of the card is higher

②For data security, the card should be unplugged when leaving the computer. Since the card is plugged into the computer motherboard, the computer case must be opened to be plugged in and out. The operation is extremely inconvenient, especially for many notebook computers. There is no place to insert a card at all

③ To encrypt, the entire hard disk must be encrypted. It is not possible to select only one or a group of partitions to encrypt, while the remaining partitions are not encrypted.

[0008] In the prior art, there is no encryption method combined with USB-KEY and sector-level read-write interception, and a method combined with read-write operation control

Images