Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Disk FDE (Full Disk Encryption) system and method

A full-disk encryption, disk technology, applied in the field of disk full-disk encryption systems, can solve problems such as data leakage, and achieve the effect of preventing leakage

Inactive Publication Date: 2010-06-30
BLUEDON INFORMATION SECURITY TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a disk full-disk encryption system and method, which are used to solve the problem that the security measures of the existing computer system only restrict other users from using the computer, but cannot prevent the data stored on the computer from leaking

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Disk FDE (Full Disk Encryption) system and method
  • Disk FDE (Full Disk Encryption) system and method
  • Disk FDE (Full Disk Encryption) system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0016] Embodiment 1: the system provided by this embodiment, see image 3 As shown, it includes: interception unit, acquisition unit, encryption and decryption unit and data access unit.

[0017] The interception unit is configured to intercept data read and write requests to the local disk.

[0018] The obtaining unit is used to obtain the verification item provided by the user.

[0019] The encryption and decryption unit is used to decrypt the file pointed to by the read request and encrypt the file pointed to by the write request through the verification object.

[0020] The data access unit is used to read the undecrypted file pointed to by the read request from the local disk, and decrypt it by the encryption and decryption unit; and write the file encrypted by the encryption and decryption unit pointed to by the write request to the local disk.

Embodiment 2

[0021] Embodiment 2: Based on the above embodiment 1, the processing procedures of each unit during the computer startup process are described in detail in the form of a flow chart.

[0022] First, after the computer is started, the operating system program is loaded, that is, a read request is sent to the local disk, pointing to the operating system file. At this time, the interception unit can intercept the read request and prompt the user to input a password. In the password input stage, although it is similar to the appearance of the prior art, the main purpose of its verification password is not to prevent other people from using the computer, but to The password is used as a verification object for the subsequent decryption process.

[0023] Secondly, after the user inputs the password, the acquisition unit acquires the password and uses it as a verification item.

[0024] Afterwards, the data access unit reads the undecrypted operating system file from the local disk, ...

Embodiment 3

[0027] Embodiment 3, following Embodiment 2, the processing of each unit when the user stores video and audio files to the local disk after the computer starts up normally.

[0028] First, the user copies the video and audio files to the local disk, and the interception unit intercepts the write request at this time.

[0029] Secondly, the acquiring unit uses the password provided by the user when the computer is normally started as the authentication item.

[0030] Thereafter, the encryption and decryption unit performs a one-way hash operation on the verification object to obtain a hash value. And use the hash value to encrypt the unencrypted video and audio files with a preset encryption and decryption strategy (that is, a disk-level or file-level decryption method).

[0031] Afterwards, the data access unit writes the video and audio files encrypted by the encryption and decryption unit to the designated location of the local disk.

[0032] Finally, the encrypted audio a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a disk FDE system and a method, relates to computer system security field and aims to solve the problem that the security measures of the computer system in prior art only limit other users on using the computer and are incapable of preventing the breach of confidence of the data stored in the computer. The disk FDE system comprises an interception unit, an acquisition unit, an encryption-decryption and a data access unit. The method includes the steps of interception, acquisition, encryption-decryption and access. As the invention proposes the mechanism of intercepting the read-write requests to the local disk, decrypts the read file according the verification condition provided by the user after interception, and encrypts the write-in file, and accordingly realizes the full disk encryption of the local disk and further prevents the breach of confidence of the local disk data.

Description

technical field [0001] The invention relates to the field of computer system security, in particular to a disk full-disk encryption system and method. Background technique [0002] At present, in order to improve the security of computer systems, many computer manufacturers have released computer products with various security measures, such as fingerprint locks, etc. The principles of these security measures can be found in figure 1 As shown, the verification object (password, fingerprint lock, etc.) is mainly provided by the user, and then the system verifies whether the verification object is correct. If it is correct, the execution continues; otherwise, the user is prompted to provide the verification object again. Since these security measures generally only verify whether the verification material provided by the user is correct, their security is very limited. For this type of security measure, it can be cracked simply by modifying the system operation process. For t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F12/14
Inventor 柯宗贵柯宗庆
Owner BLUEDON INFORMATION SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com