Secure computer architecture based on dual-hard-disk cold switching operation

A secure computer and dual hard disk technology, applied in the field of network security transmission, can solve the problems of not being able to make full use of the convenience and low efficiency of data communication, and achieve the effect of preventing plaintext data transmission and defending against network attacks

Active Publication Date: 2020-12-11
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF13 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Various unknown network security threats emerge in endlessly, and network security incidents occur frequently, forcing computers that process sensitive information to never be allowed to access the public Internet. The transmission of sensitive files is greatly restricted, or must rely on VPN encryption machines The protection of these files is either carried by reliable personnel or passed in confidential ways, and cannot make full use of the convenience of data communication brought by the public Internet that is available everywhere, objectively forming the status quo of protecting sensitive files at the cost of inefficient work.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure computer architecture based on dual-hard-disk cold switching operation
  • Secure computer architecture based on dual-hard-disk cold switching operation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0080] This embodiment provides a secure computing architecture based on the cold switching operation of dual hard disk software systems, specifically as follows:

[0081] The safe computer architecture based on the cold switching operation of the dual hard disk software system is as follows: figure 1 As shown, it consists of a common hard disk software system and a secure hard disk software system connected to the same computer motherboard. These two sets of hard disk software systems cannot be started at the same time, and only one of the hard disk software systems can be started by cold switching. The common hard disk software system provides a common computing environment, and the secure hard disk software system provides a secure computing environment.

[0082] The secure computer is based on four security mechanisms of cold switching operation of two hard disk software systems, file data block hash tag mechanism, file random split encrypted transmission, and single func...

Embodiment 2

[0098] This embodiment is on the basis of embodiment 1:

[0099] This embodiment provides a security mechanism implemented by a secure computer architecture

[0100] The design goal of the secure computer architecture is to establish a safe and fully controlled operating environment that is strictly isolated from the public Internet, and meets the application requirements for safe and secure processing of sensitive files in each process including generation, transmission, copying, storage, and editing.

[0101] In order to achieve this safe application goal, the present invention designs a secure computing rack based on dual hard disk system cold switching and encrypted hash tag protection, which realizes strict password isolation between the secure computing environment and the public Internet environment. By adopting a transmission protection mechanism based on file randomization and split encryption, a file security exchange mechanism based on data block cryptographic hash ...

Embodiment 3

[0138] This embodiment is on the basis of embodiment 2:

[0139] This embodiment provides a sensitive file copy control processing workflow, specifically as follows:

[0140] The file safety copy control software running in the safe operating environment executes the sensitive file copy control process between the safe hard disk and the USB memory.

[0141] 1.1 Sensitive file copy output processing workflow

[0142] When a sensitive file needs to be copied and exported through the safe USB interface, the file safety copy control software performs the following processing steps (all encryption / decryption and hash operations are completed by the file encryption / decryption software module calling the cryptographic algorithm operation software function):

[0143] Step 1 If the security computer is in the normal hard disk software running state, switch the power switch of the hard disk to the security hard disk and start the security hard disk software system.

[0144] The second...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a secure computer architecture based on double-hard-disk cold switching operation, which realizes security isolation of two operation environments of a common hard disk softwaresystem and a security hard disk software system based on a double-hard-disk cold switching mechanism. Secure exchange of encrypted files between two systems is realized by adopting a data block encrypted hash tag protection mechanism, secure transmission of sensitive files in internet is ensured by adopting random file segmentation and encryption, and a USB HID interface implements strict limitation of a single device function so as to defend attacks from a USB interface. The secure computer architecture capable of accessing an internet application can be realized, the storage security, the processing security and the copying security of sensitive files can be guaranteed by a dual-system running environment isolation mechanism, and the transmission security of the sensitive files in the internet can be guaranteed based on a file encryption and data block encrypted hash tag mechanism.

Description

technical field [0001] The invention relates to the technical field of network security transmission, in particular to a secure computer architecture and method based on cold switching operation of dual hard disks. Background technique [0002] In the existing computer architecture, the adversary may invade the computer system and steal important sensitive information by using the security loopholes in any link of the Internet protocol, file transfer and copy, and USB interface. Various unknown network security threats emerge in endlessly, and network security incidents occur frequently, forcing computers that process sensitive information to never be allowed to access the public Internet. The transmission of sensitive files is greatly restricted, or must rely on VPN encryption machines However, the protection is either carried by reliable personnel or passed in confidential ways, and cannot make full use of the convenience of data communication brought by the public Interne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/78G06F11/20
CPCG06F21/78G06F11/2053
Inventor 李大双曹云飞吴开均张海燕
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap