[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN101236534A - Hard disk encryption method based on PCI card under Window environment - Google Patents

Hard disk encryption method based on PCI card under Window environment Download PDF

Info

Publication number
CN101236534A
CN101236534A CNA2007101198151A CN200710119815A CN101236534A CN 101236534 A CN101236534 A CN 101236534A CN A2007101198151 A CNA2007101198151 A CN A2007101198151A CN 200710119815 A CN200710119815 A CN 200710119815A CN 101236534 A CN101236534 A CN 101236534A
Authority
CN
China
Prior art keywords
hard disk
pci card
encryption
target hard
hard disc
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2007101198151A
Other languages
Chinese (zh)
Inventor
王佐
谭毓安
虞振飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CNA2007101198151A priority Critical patent/CN101236534A/en
Publication of CN101236534A publication Critical patent/CN101236534A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to the computer safety field, in particular to a method for preventing hard disc data leakage. The invention comprises a PCI card, a section of loading program which is stored in an extensive ROM image of the PCI card, and a section of hard disc enciphering and deciphering program which is stored in a non-extensive ROM of the PCI card, wherein, a loading program monitors the Windows operating system to interrupt read-write of a target hard disc through an INT13H and finishes encryption and decipherment of target hard disc data, and simultaneously the hard disc enciphering and deciphering program is embedded into the Windows operating system when a computer is started; a hard disc enciphering and deciphering program monitors the Windows operating system to read and write the target hard disc through a driver and finishes encryption and decipherment of the target hard disc data. The method for preventing hard disc data leakage is novel in design, and no additional hardware device is needed to be arranged between a mainboard and the hard disc of the computer; the use cost is low, and only the PCI card is needed; the use is convenient, and a hardware sequence number of the PCI card and a hardware sequence number of the target hard disc generate a cryptographic key required by encryption and decipherment; the cryptographic key binds the PCI card and the target hard disc into the relationship of a key and a lock; a user only needs to insert the cryptographic key into a matched PCI card and does not need to input user name and code.

Description

Under the Windows environment based on the hard disk encryption method of pci card
Technical field
The present invention relates to computer safety field, provided a kind of method that prevents that hard disc data from revealing specifically.
Background technology
Along with the level of informatization is more and more higher, it is especially important that information security seems.The data of computing machine generally are stored on the local hard drive, undelegated copying data even directly steal hard disk and can bring serious loss to the computer user.In the scheme that hard disc data reveals hard disc data is encrypted a kind of effective ways of can yet be regarded as numerous preventing.
The HD encryption scheme that exists generally needs in conjunction with complicated hardware equipment at present, and as increase extra hardware device between computer motherboard and hard disk, use cost is higher.In addition, since tightr with combination of hardware, there is compatible problem.
Summary of the invention
The object of the present invention is to provide a kind of cheaply based on the hard disk encryption method of pci card.
Technical scheme of the present invention is:
Comprise a pci card, one section loading procedure that leaves in the pci card expansion ROM reflection, one section HD encryption decrypted program that leaves in the non-expansion ROM of pci card; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the hardware sequence number PID of pci card and the hardware sequence number HID of target hard disk, and (PID HID) calculates the key that the target hard disk encryption and decryption need by function f.
Loading procedure leaves in the reflection of pci card expansion ROM; The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory COOOOH~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
The HD encryption decrypted program leaves in the non-expansion ROM of pci card; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory COOOOH~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing.Loading procedure comes the read-write of supervisory control comuter to target hard disk by the interrupt service routine of revising INT13H.After loading procedure is finished modification, the content of hard disk 0 sector is read in internal memory 0000:7C00 and execution, start Windows operating system from hard disk.In start-up course subsequently, the Windows boot (Osloader.exe) on the hard disk reads registry information and filesystem information by INT13H.Loading procedure monitors the read-write of boot to registration table, call original INT13H interrupt service routine and read registration table on the hard disk to internal memory, and in internal memory, revise the content read, allow on hard disk of boot program loads and non-existent Kernel Driver.When boot read this Kernel Driver by INT13H, loading procedure was redirected to pci card to read operation, read the HD encryption decrypted program that leaves the non-expansion ROM of pci card in.So far, boot has obtained the content of HD encryption decrypted program, and according to the indication of registration table with its Windows operating system of packing into.After boot was finished system initialization work, Windows operating system began to start.This begins constantly, and Windows operating system will abandon using INT13H to interrupt using instead memory devices such as driver access hard disk.Be embedded into the monitoring of the HD encryption decrypted program adapter of Windows operating system nucleus to the target hard disk read-write operation, the data that the deciphering read operation is obtained, the data of encrypting write operation as the disk filter drive program.
The invention has the beneficial effects as follows:
1) modern design.Need between computer motherboard and hard disk, not increase extra hardware device.
2) use cost is low.Only need a pci card.
3) easy to use.The hardware sequence number of pci card and the hardware sequence number of target hard disk produce the key that encrypting and decrypting needs.This key is bound the relation of key and lock with pci card and target hard disk, and the pci card that inserts coupling gets final product, and does not need to import username and password.
Description of drawings
Fig. 1-disk storage driver level synoptic diagram.
The use synoptic diagram of Fig. 2-pci card storage space.
The workflow diagram of Fig. 3-start from pci card.
Embodiment
Below in conjunction with the drawings and specific embodiments the present invention is described in further detail.The present invention is not limited only to following examples, everyly utilizes mentality of designing of the present invention, and the design of doing some simple change all should enter within protection scope of the present invention.
Pci card is as the carrier of loading procedure and HD encryption decrypted program.Loading procedure leaves in the reflection of pci card expansion ROM, and the HD encryption decrypted program leaves in the non-expansion ROM of pci card, as Fig. 2.
HD encryption decrypted program (DiskSecure.sys) is operated in the Windows operating system nucleus, is positioned between disk driver (Disk.sys) and the subregion driver (PartMgr.sys), as Fig. 1.Behind the Windows os starting, computing machine is finished by input and output request package (IRP) the read-write operation of hard disk.When Windows operating system needs access hard disk, construct corresponding IRP and following layer by layer the biography.The HD encryption decrypted program is analyzed the IRP that the subregion driver hands down: if IRP is read operation, the HD encryption decrypted program sends to disk driver with this IRP earlier, and disk driver returns to the HD encryption decrypted program with this IRP after finishing read operation.The HD encryption decrypted program uses the data among the secret key decryption IRP; After finishing deciphering IRP is returned to Windows operating system.If IRP is a write operation, the HD encryption decrypted program is created a new IRP again according to this IRP, and uses the data among the new IRP that creates of secret key encryption; After finishing encryption, the IRP that newly creates is sent to disk driver.
Need a lot of initialization datas during the Windwos os starting, these data are kept in the registration table.During system start-up, boot reads registration table and finishes initialization operation.Loading procedure monitoring boot is revised the data that boot reads to the read operation of registration table and file system in internal memory.
HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control Class the { hierarchical sequence of UpperFilters key indication disk storage driver among the 4D36E967-E325-11CE-BFC1-08002BE10318}: PartMgr.sys, Diskperf.sys.Wherein Diskperf.sys is that Windows 2000 is exclusive.Here we need make amendment the UpperFilters key assignments in the internal memory, and hierarchical sequence becomes: DiskSecure.sys, PartMgr.sys, Diskperf.sys.In addition, we also need be in internal memory HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet increase the DiskSecure key below the Services key, and HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services increase Start under the DiskSecure key, key assignments such as Group and give corresponding value.Wherein Start=0 represents that DiskSecure.sys packs into when computer starting.After the modification of registry data in the internal memory come into force, boot need be obtained the information of DiskSecure.sys file from file system.Loading procedure intercept and capture boot to SYSTEM32 the visit of DRIVERS directory information, in internal memory, increase the information of DiskSecure.sys, as file size, document location or the like.When boot reads DiskSecure.sys when (DiskSecure.sys does not exist) according to these information on hard disk, loading procedure is read operation and be redirected to pci card, reads the DiskSecure.sys that is placed on the non-expansion ROM of pci card.So far, boot has obtained the content of DiskSecure.sys, and according to the indication of registration table with the DiskSecure.sys Windows operating system of packing into, as shown in Figure 3.

Claims (3)

  1. Under the Windows environment based on the hard disk encryption method of pci card, it is characterized in that: comprise a pci card, one section loading procedure that leaves in the pci card expansion ROM reflection, one section HD encryption decrypted program that leaves in the non-expansion ROM of pci card; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, finishes the encryption and decryption to the target hard disk data; When computer starting, the HD encryption decrypted program is embedded Windows operating system simultaneously; HD encryption decrypted program monitoring Windows operating system is read and write target hard disk by driver, finishes the encryption and decryption to the target hard disk data; Loading procedure and HD encryption decrypted program obtain the hardware sequence number PID of pci card and the hardware sequence number HID of target hard disk, and (PID HID) calculates the key that the target hard disk encryption and decryption need by function f.
  2. 2. based on the hard disk encryption method of pci card, it is characterized in that under the Windows environment as claimed in claim 1: described loading procedure leaves in the reflection of pci card expansion ROM; The self check operation detection of carrying out when computer BIOS is read in some zones among internal memory C0000H~DFFFFH with the reflection in the expansion ROM when pci card has expansion ROM, makes a far call then, carries out the loading procedure in videoing; Loading procedure monitoring Windows operating system is interrupted the read-write target hard disk by INT13H, and the data that deciphering is read from target hard disk are encrypted the data that write target hard disk; In internal memory, revise registry information and the filesystem information that reads simultaneously, the HD encryption decrypted program is embedded Windows operating system as the disk filter drive program.
  3. 3. based on the hard disk encryption method of pci card, it is characterized in that under the Windows environment as claimed in claim 1: described HD encryption decrypted program leaves in the non-expansion ROM of pci card; It is a disk filter drive program that is operated in the Windows operating system nucleus; When Windows operating system abandoned using INT13H to interrupt using instead driver read-write target hard disk, the HD encryption decrypted program was taken over the encryption and decryption to the target hard disk data.
CNA2007101198151A 2007-07-31 2007-07-31 Hard disk encryption method based on PCI card under Window environment Pending CN101236534A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2007101198151A CN101236534A (en) 2007-07-31 2007-07-31 Hard disk encryption method based on PCI card under Window environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2007101198151A CN101236534A (en) 2007-07-31 2007-07-31 Hard disk encryption method based on PCI card under Window environment

Publications (1)

Publication Number Publication Date
CN101236534A true CN101236534A (en) 2008-08-06

Family

ID=39920164

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2007101198151A Pending CN101236534A (en) 2007-07-31 2007-07-31 Hard disk encryption method based on PCI card under Window environment

Country Status (1)

Country Link
CN (1) CN101236534A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401928A (en) * 2013-08-05 2013-11-20 苏州鼎富软件科技有限公司 Remote computer monitoring method
CN112632515A (en) * 2020-12-18 2021-04-09 三未信安科技股份有限公司 Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401928A (en) * 2013-08-05 2013-11-20 苏州鼎富软件科技有限公司 Remote computer monitoring method
CN103401928B (en) * 2013-08-05 2016-07-06 国家电网公司 Remote computer monitors method
CN112632515A (en) * 2020-12-18 2021-04-09 三未信安科技股份有限公司 Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on)
CN112632515B (en) * 2020-12-18 2022-12-13 三未信安科技股份有限公司 Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on)

Similar Documents

Publication Publication Date Title
JP4822646B2 (en) Generating a key hierarchy for use in an isolated execution environment
KR101081118B1 (en) System and method for securely restoring a program context from a shared memory
KR101397637B1 (en) Method and apparatus including architecture for protecting multi-user sensitive code and data
US8838950B2 (en) Security architecture for system on chip
JP5175856B2 (en) Protection and method of flash memory block in secure device system
US20090240953A1 (en) On-disk software image encryption
WO2011114655A1 (en) Information processing device, virtual machine generation method, and application software distribution system
US20080082447A1 (en) Portable Mass Storage Device With Virtual Machine Activation
KR101054981B1 (en) Computer-implemented methods, information processing systems, and computer-readable recording media for securely storing the context of a program
EP2264640B1 (en) Feature specific keys for executable code
WO2009107330A1 (en) Information processor and method for controlling the same
WO1992014209A1 (en) Encryption apparatus for computer device
KR20140051350A (en) Digital signing authority dependent platform secret
CN101334827A (en) Magnetic disc encryption method and magnetic disc encryption system for implementing the method
CN101236532B (en) Hard disk encryption method based on USB equipment under Window environment
US8108905B2 (en) System and method for an isolated process to control address translation
KR20090048581A (en) Portable mass storage with virtual machine activation
CN103823692A (en) Computer operating system starting method
CN102073597A (en) Full disk encryption method of operating system disk based on user identity authentication
EP3785149B1 (en) Memory assignment for guest operating systems
US8086873B2 (en) Method for controlling file access on computer systems
CN101236535B (en) Hard disk encryption method based on optical disk under Window environment
CN101236534A (en) Hard disk encryption method based on PCI card under Window environment
CN101236533B (en) Method for realizing hard disk write-protecting lock based on PCI card under Windows environment
CN116842529B (en) Computer program product, software running method and related device thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20080806