[go: up one dir, main page]

CN1285039C - Method for encrypting hidden data with virtual space - Google Patents

Method for encrypting hidden data with virtual space Download PDF

Info

Publication number
CN1285039C
CN1285039C CNB031061036A CN03106103A CN1285039C CN 1285039 C CN1285039 C CN 1285039C CN B031061036 A CNB031061036 A CN B031061036A CN 03106103 A CN03106103 A CN 03106103A CN 1285039 C CN1285039 C CN 1285039C
Authority
CN
China
Prior art keywords
virtual
data
signal conditioning
embedded information
conditioning package
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB031061036A
Other languages
Chinese (zh)
Other versions
CN1523508A (en
Inventor
黄文昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fineart Technology Co Ltd
Original Assignee
Fineart Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fineart Technology Co Ltd filed Critical Fineart Technology Co Ltd
Priority to CNB031061036A priority Critical patent/CN1285039C/en
Publication of CN1523508A publication Critical patent/CN1523508A/en
Application granted granted Critical
Publication of CN1285039C publication Critical patent/CN1285039C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to a method for encrypting and hiding data with virtual space, which is applied to an embedded information storage device, protects files through an encryption program, and hides the data in the embedded information storage device and an information processing device, and comprises the following steps: installing the embedded information storage device in an information processing device; establishing a virtual database in the information processing device; setting the virtual database through a user terminal; storing a file in the virtual database, and encrypting data of the file through an encryption mechanism; continuously and repeatedly detecting whether the embedded information storage device is still installed in the information processing device or not until a positive result is detected, continuing normal operation of the information processing device, and ending the process. The invention uses double security to increase the security and confidentiality of data, so as to achieve the purpose of information security management.

Description

具有虚拟空间加密隐藏数据的方法Method for encrypting hidden data with virtual space

技术领域technical field

本发明涉及一种嵌入式信息储存装置,特别是一种应用于嵌入式信息储存装置并具有虚拟空间加密隐藏数据的方法。The invention relates to an embedded information storage device, in particular to a method applied to the embedded information storage device and having virtual space encryption to hide data.

背景技术Background technique

在科技一日千里的今日,信息处理装置已经广泛应用在每一个领域,随着科技不断进步发展,信息处理装置的功能亦越来越多元化,但在这信息爆炸的时代,相对而言,信息处理装置除了需要各种不同样的功能来供使用者管理信息,同时亦需要足够的空间来置放庞大的信息。Today, with the rapid development of science and technology, information processing devices have been widely used in every field. With the continuous development of science and technology, the functions of information processing devices are becoming more and more diversified. The device not only needs various functions for users to manage information, but also needs enough space to store huge information.

由上述的情形可知,为配合行动通讯的时代,可携式的信息储存装置则成为信息处理装置中不可或缺的配备,因可携式的信息储存装置具有便利的携带性,但其缺点则在于容量太小,无法储存大量的信息,如软磁盘(Floppy Disk)已面临容量不敷使用的窘境,而被市场逐渐淘汰,针对上述缺点,则有现有技术发展出微型硬盘(Micro Driver)、快速存储卡(Memory Stick;MS)…等等,来达到储存的功能,但在数据的保护上一直未见其显著的效果,而下表说明了一般现有的档案保密系统,从表得知诸多保密系统也仍存有许多弊病,很多个人、企业中重要的机密数据、档案也需要保密,然而纵使保密也运用一般密码机制或软件方式呈现,如上所述,如何使信息储存装置具有高度保密的功能,又通过外部硬件装置来达成,实为一尚待解决的技术课题。It can be seen from the above situation that in order to cooperate with the mobile communication era, the portable information storage device has become an indispensable equipment in the information processing device, because the portable information storage device has convenient portability, but its disadvantages are The reason is that the capacity is too small to store a large amount of information. For example, the floppy disk (Floppy Disk) has faced the dilemma of insufficient capacity and has been gradually eliminated by the market. Fast memory card (Memory Stick; MS)... etc., to achieve the storage function, but it has not seen a significant effect on data protection, and the following table illustrates the general existing file security system, from the table. There are still many disadvantages in many confidential systems. Many important confidential data and files in individuals and enterprises also need to be kept secret. The functions are achieved through external hardware devices, which is actually a technical issue yet to be solved.

 分类 Classification  典型程序 typical procedure   操作描述 Operation description   缺点 shortcoming  保密柜(保密目录) Confidential Cabinet (Confidential Directory)  保密盘,i-key Security disk, i-key   将档案拖入特定目录,即可加密,反之拖出即可解密 Drag the file into a specific directory to encrypt it, otherwise drag it out to decrypt it   无法在加密目录执行程序或档案,须先将档案拖出,操作完后,须记得拖入,并删除外面的明文档案。  If you cannot execute programs or files in the encrypted directory, you must drag the files out first. After the operation, you must remember to drag them in and delete the plaintext files outside.  对档案加密成另一档案 Encrypt a file into another file  WinZip等,会改变档案名 WinZip, etc., will change the file name   通常设计成用鼠标右键对档案进行加解密 Usually designed to encrypt and decrypt files with the right mouse button   同上,但操作更加不便 Same as above, but more inconvenient to operate  系统可自行加密自已产生的档案 The system can encrypt the files generated by itself  Word,Excel等 Word, Excel, etc.   开档时会询问密码 Password will be asked when opening the file   只可对特定(自己产生)档案加密,破解程序很多 Only specific (self-generated) files can be encrypted, and there are many cracking programs  透明式加解密 Transparent encryption and decryption  GoodLock GoodLock   对档案加密后,可维持原档名,若smart card存在,则和一般档案操作相同,否则即无法解读档案。 After encrypting the file, the original file name can be maintained. If the smart card exists, the operation is the same as the general file operation, otherwise the file cannot be interpreted.   只可对数据加密,但加密数据可存在硬盘任何一处 Only data can be encrypted, but encrypted data can be stored anywhere on the hard disk

发明内容Contents of the invention

有鉴于此,本发明的目的在于克服现有技术的不足与缺陷,提供一种具有虚拟空间加密隐藏数据的方法,其主要目的是将使用者机密的数据文件、档案与应用程序安装于信息处理装置或嵌入式信息储存装置所提供的虚拟数据库,经过侦测、复制、搬移、删除等方式,将所使用的路径、信息与历程加以隐藏,避免有心人的窃取与使用,此外通过一种虚拟硬盘加密技术(On-the-fly Encryption),将所有存入于信息处理装置或嵌入式信息储存装置的数据加密,只有需要数据的瞬间,才会读到明文,而没有通过解密,数据永远是密文,而每一不同的嵌入式信息储存装置拥有不同的密码,并不具有任何关连性,而本发明的解密装置便是嵌入式信息储存装置,唯有安装嵌入式信息储存装置于其所属信息处理装置中方可解密,也就是一个嵌入式信息储存装置只能对应其特定的信息处理装置。In view of this, the purpose of the present invention is to overcome the deficiencies and defects of the prior art, and provide a method for encrypting and hiding data in virtual space, the main purpose of which is to install user confidential data files, files and application programs in information processing The virtual database provided by the device or embedded information storage device hides the used path, information and process through detection, copying, moving, deleting, etc., so as to avoid the theft and use of malicious people. In addition, through a virtual hard disk Encryption technology (On-the-fly Encryption) encrypts all data stored in information processing devices or embedded information storage devices. Only when the data is needed, can the plaintext be read without decryption, and the data will always be encrypted. text, and each different embedded information storage device has a different password, which does not have any relevance, and the decryption device of the present invention is an embedded information storage device, only the embedded information storage device is installed on its belonging information Only in the processing device can it be decrypted, that is, an embedded information storage device can only correspond to its specific information processing device.

为达上述目的,本发明提供一种具有虚拟空间加密隐藏数据的方法,应用于一嵌入式信息储存装置上,通过加密程序保护档案,并隐藏该嵌入式信息储存装置及信息处理装置中的数据,该方法包含有下列步骤:In order to achieve the above purpose, the present invention provides a method for encrypting hidden data in a virtual space, which is applied to an embedded information storage device, protects files through an encryption program, and hides the data in the embedded information storage device and information processing device , the method includes the following steps:

安装该嵌入式信息储存装置于一信息处理装置中;installing the embedded information storage device in an information processing device;

建立一个虚拟数据库于该信息处理装置,通过该信息处理装置所提供的一储存空间切割一区域,将该虚拟数据库的一目标路径建立于该区域;或者建立一个虚拟数据库于该嵌入式信息储存装置,通过该嵌入式信息储存装置所提供的一储存空间切割一区域,将该虚拟数据库的一目标路径建立于该区域;Establish a virtual database on the information processing device, cut an area through a storage space provided by the information processing device, and establish a target path of the virtual database in the area; or establish a virtual database on the embedded information storage device cutting an area through a storage space provided by the embedded information storage device, and establishing a target path of the virtual database in the area;

通过一使用者端设定该虚拟数据库;configuring the virtual database through a client;

存入一档案于该虚拟数据库中,将档案通过一加密机制将数据进行加密;通过该虚拟数据库复制一特定路径,该特定路径是指该档案任何存留于该信息处理装置中的信息与历程;复制完成后将该特定路径搬移至该储存空间中;storing a file in the virtual database, encrypting the data of the file through an encryption mechanism; copying a specific path through the virtual database, the specific path refers to any information and history of the file stored in the information processing device; After copying, move the specific path to the storage space;

侦测该嵌入式信息储存装置是否仍安装在该信息处理装置中,若嵌入式信息储存装置没有安装在该信息处理装置中,则删除存入于该储存空间的该特定路径,接着再回到侦测该嵌入式信息储存装置是否仍安装在该信息处理装置中,持续重复侦测,直至最终达到下一步骤;Detect whether the embedded information storage device is still installed in the information processing device, if the embedded information storage device is not installed in the information processing device, delete the specific path stored in the storage space, and then return to Detecting whether the embedded information storage device is still installed in the information processing device, and continuously repeating the detection until finally reaching the next step;

若嵌入式信息储存装置仍安装在该信息处理装置中,则该信息处理装置继续正常运作,并结束本流程。If the embedded information storage device is still installed in the information processing device, the information processing device continues to operate normally, and this process ends.

根据本发明所揭露的方法,将数据运用双重保全的模式保护使用者重要的数据,纵使遗失嵌入式信息储存装置他人也无法在其它的信息处理装置中使用,以达到个人数据保密的功能。本发明至少包含下列步骤:安装嵌入式信息储存装置于信息处理装置中并建立至少一个虚拟数据库于信息处理装置,接着通过使用者端设定虚拟数据库,而存入档案于虚拟数据库中,之后侦测嵌入式信息储存装置是否仍安装在信息处理装置中,最后隐藏档案显示于信息处理装置中的特定路径。According to the method disclosed in the present invention, the important data of the user is protected by a double security mode, even if the embedded information storage device is lost, others cannot use it in other information processing devices, so as to achieve the function of keeping personal data confidential. The present invention at least includes the following steps: installing an embedded information storage device in the information processing device and establishing at least one virtual database in the information processing device, then setting the virtual database through the user terminal, and storing files in the virtual database, and then detecting It is tested whether the embedded information storage device is still installed in the information processing device, and finally the hidden file is displayed in a specific path in the information processing device.

附图说明Description of drawings

图1为本发明具有虚拟空间加密隐藏数据方法的示意图;Fig. 1 is a schematic diagram of the present invention having a method for encrypting and hiding data in a virtual space;

图2-a、图2-b及图2-c为本发明具有虚拟空间加密隐藏数据方法的流程图;Fig. 2-a, Fig. 2-b and Fig. 2-c are flowcharts of the method for encrypting and hiding data in virtual space according to the present invention;

图3-a及图3-b为本发明具有虚拟空间加密隐藏数据方法的使用者接口图;FIG. 3-a and FIG. 3-b are user interface diagrams of the present invention having a method for encrypting and hiding data in a virtual space;

图4-a、图4-b、图4-c、图4-d为本发明具有虚拟空间加密隐藏数据方法的实施图。Fig. 4-a, Fig. 4-b, Fig. 4-c, and Fig. 4-d are implementation diagrams of the method for encrypting and hiding data in a virtual space according to the present invention.

图中符号说明Explanation of symbols in the figure

10  虚拟数据库10 virtual database

20  档案20 files

30  信息处理装置30 information processing device

步骤100  安装一嵌入式信息储存装置于一信息处理装置中Step 100 Install an embedded information storage device in an information processing device

步骤110  建立至少一个一虚拟数据库于该信息处理装置Step 110 Establish at least one virtual database on the information processing device

步骤112  通过该信息处理装置所提供的一储存空间切割一区域Step 112 Cut a region through a storage space provided by the information processing device

步骤114  将该虚拟数据库的一目标路径建立于该区域Step 114 Establish a target path of the virtual database in the area

步骤116  通过该嵌入式信息储存装置所提供的一储存空间切割一区域Step 116 Cut a region through a storage space provided by the embedded information storage device

步骤118  将该虚拟数据库的一目标路径建立于该区域Step 118 Establish a target path of the virtual database in the area

步骤120  通过一使用者端设定该虚拟数据库Step 120 Set up the virtual database through a client

步骤130  存入一档案于该虚拟数据库中Step 130 Store a file in the virtual database

步骤132  该档案通过一加密机制将数据进行加密Step 132 The file encrypts the data through an encryption mechanism

步骤134  通过该虚拟数据库复制该特定路径Step 134 Copy the specific path through the virtual database

步骤136  将该特定路径搬移至该储存空间Step 136 Move the specific path to the storage space

步骤140  侦测该嵌入式信息储存装置是否仍安装在该信息处理装置中Step 140 Detect whether the embedded information storage device is still installed in the information processing device

步骤150  该信息处理装置继续正常运作Step 150 The information processing device continues to operate normally

步骤160  隐藏该档案显示于该信息处理装置中的一特定路径Step 160 Hide the file displayed in a specific path in the information processing device

步骤162  删除存入于该储存空间的该特定路径Step 162 Delete the specific path stored in the storage space

具体实施方式Detailed ways

本发明为一种具有虚拟空间加密隐藏数据的方法,请参照图1,为本发明具有虚拟空间加密隐藏数据方法的示意图,说明如下:The present invention is a method for encrypting and hiding data in a virtual space. Please refer to FIG. 1 , which is a schematic diagram of the method for encrypting and hiding data in a virtual space according to the present invention. The description is as follows:

本发明首先将嵌入式信息储存装置安装于信息处理装置30之上后,便可开始激活,而信息处理装置30及嵌入式信息储存装置中均可提供一虚拟数据库10用以保密档案与重要数据,当使用者将档案20存入虚拟数据库10时,虚拟数据库10便会依据一种加密技术将档案20予以加密,只有在读取的过程中,使用者才能看到明文,而将档案的路径与历程回存入信息处理装置30时,该虚拟数据库10便会撷取并记录其特征状态,当移去嵌入式信息储存装置,便隐藏所有信息,避免有心人的使用,然而如图,可设立复数笔虚拟数据库10(称之虚拟盘),存放不同数据,更可通过不同的设定模式加以管理;而档案20可为一应用程序处理特定的事项。In the present invention, the embedded information storage device is firstly installed on the information processing device 30, and then activated, and both the information processing device 30 and the embedded information storage device can provide a virtual database 10 for keeping files and important data , when the user stores the file 20 in the virtual database 10, the virtual database 10 will encrypt the file 20 according to an encryption technology, only in the process of reading, the user can see the plain text, and the path of the file When the process is back stored in the information processing device 30, the virtual database 10 will capture and record its characteristic state. When the embedded information storage device is removed, all information will be hidden to avoid the use of interested people. However, as shown in the figure, it can be set up A plurality of virtual databases 10 (called virtual disks) store different data and can be managed through different setting modes; and the file 20 can be used for an application program to handle specific matters.

上述的嵌入式信息储存装置通过一连接接口与信息处理装置30连接,而连接接口可为一高密度传输连接接口(IEEE1394),也可为一万用串行总线接口(USB interface),然而信息处理装置30可以是桌上型计算机、手提电脑(NB)、个人数字助理(PDA)、移动电话、掌上型信息处理装置任何一种。此外嵌入式信息储存装置可以是移动式储存器、集成电路卡(IC CARD)及智能卡(SMART CARD)任何一种。The above-mentioned embedded information storage device is connected with the information processing device 30 through a connection interface, and the connection interface can be a high-density transmission connection interface (IEEE1394), and can also be a universal serial bus interface (USB interface), but the information The processing device 30 may be any one of a desktop computer, a notebook computer (NB), a personal digital assistant (PDA), a mobile phone, or a palm-sized information processing device. In addition, the embedded information storage device can be any kind of mobile memory, integrated circuit card (IC CARD) and smart card (SMART CARD).

请参照图2-a,图2-a为本发明具有虚拟空间加密隐藏数据方法的流程图,说明如下:Please refer to Fig. 2-a, Fig. 2-a is a flow chart of the method for encrypting and hiding data in a virtual space according to the present invention, which is described as follows:

首先安装一嵌入式信息储存装置于一信息处理装置30中(步骤100),安装完成之后,便接着建立至少一个一虚拟数据库10于该信息处理装置或嵌入式信息储存装置(步骤110),建立虚拟数据库10的程序结束后,便通过一使用者端设定该虚拟数据库10(步骤120),设定分为四种模式,待流程结束再详加说明,设定完成后,存入一档案20于该虚拟数据库10中(步骤130),接着侦测该嵌入式信息储存装置是否仍安装在该信息处理装置30中(步骤140),若嵌入式信息储存装置仍安装在该信息处理装置30中,则该信息处理装置30继续正常运作(步骤150),并结束本流程;若嵌入式信息储存装置没有安装在该信息处理装置30中,则隐藏该档案20显示于该信息处理装置30中的一特定路径,接着会回到步骤140,持续侦测并重复上述流程,并完成本流程。First install an embedded information storage device in an information processing device 30 (step 100), after the installation is completed, then create at least one virtual database 10 in the information processing device or embedded information storage device (step 110), establish After the program of the virtual database 10 is finished, the virtual database 10 is set through a user terminal (step 120). The setting is divided into four modes, which will be explained in detail after the flow is finished. After the setting is completed, it will be stored in a file 20 in the virtual database 10 (step 130), then detect whether the embedded information storage device is still installed in the information processing device 30 (step 140), if the embedded information storage device is still installed in the information processing device 30 , then the information processing device 30 continues to operate normally (step 150), and ends this process; if the embedded information storage device is not installed in the information processing device 30, the file 20 is hidden and displayed in the information processing device 30 A specific path, and then return to step 140, continue to detect and repeat the above process, and complete this process.

上述的四种模式,可分为挂载/停用模式、空间管理模式、密码模式及备份/还原模式,分别说明如下:The above four modes can be divided into mount/disable mode, space management mode, password mode and backup/restore mode, which are described as follows:

1.挂载/停用模式:指将该使用者端致能(enable)/除能(disable)特定的该虚拟数据库;使用者可以在信息处理装置30中产生不限数目的虚拟数据库10,但是有同时挂载的数目限制。而一个虚拟数据库10必须在挂载的状态才能使用。1. Mounting/disabling mode: refers to enabling (enable)/disabling (disable) the specific virtual database of the client; the user can generate an unlimited number of virtual databases 10 in the information processing device 30, But there is a limit to the number of simultaneous mounts. And a virtual database 10 can only be used in the mounted state.

2.空间管理模式:指该使用者端更改该虚拟数据库的容量大小。如果虚拟数据库10的容量不够,而它所在的硬盘仍有空间,可以用此命令加大。2. Space management mode: means that the user side changes the capacity of the virtual database. If the capacity of the virtual database 10 is not enough, but the hard disk where it is located still has space, you can use this command to increase it.

3.密码模式:提供一救援密码在该使用者端遗失该嵌入式信息储存装置时加以控管,更限制一特定救援次数并进入只读该虚拟数据库的状态。如果嵌入式信息储存装置一时不在身边,使用者还是想使用虚拟数据库10,此时,便可利用救援密码方式来挂载虚拟数据库10。有一限制便是,无法新增虚拟数据库10。3. Password mode: provide a rescue password to control when the user end loses the embedded information storage device, limit a specific number of rescue times and enter the read-only state of the virtual database. If the embedded information storage device is not around for a while, and the user still wants to use the virtual database 10, at this time, the virtual database 10 can be mounted by means of a rescue password. One limitation is that virtual database 10 cannot be added.

4.备份/还原模式:指将该使用者端所需的数据从该虚拟数据库备份于该信息处理装置中,而还原模式便是从该信息处理装置还原数据至该虚拟数据库中。良好的作业习惯是经常将数据作备份,必要时将备份数据还原使用。“备份”可以将整个虚拟数据库10压缩成一个.zip档案,存放在使用者指定的目录中。4. Backup/restore mode: refers to backing up the data required by the user terminal from the virtual database to the information processing device, and the restore mode is to restore data from the information processing device to the virtual database. A good working habit is to back up the data frequently and restore the backup data when necessary. "Backup" can compress the entire virtual database 10 into a .zip file and store it in a directory specified by the user.

“还原”可以将“备份”产生的.zip档案还原成一个虚拟数据库10档案,存放在我们指定的目录中。档名与备份前的档案相同。"Restore" can restore the .zip file generated by "Backup" into a virtual database 10 file, which is stored in the directory we specify. The file name is the same as the file before backup.

接下来就本发明中的步骤A及步骤B建立虚拟数据库10的细部流程加以说明,步骤A是指步骤110建立虚拟数据库10于该信息处理装置30;步骤B是指步骤110建立虚拟数据库10于嵌入式信息储存装置。而两者步骤A与B乃择一进行,使用者可自订虚拟数据库10所建立的区域,请参照图2-b。Next, the detailed process of establishing the virtual database 10 in step A and step B of the present invention will be described. Step A refers to establishing the virtual database 10 in the information processing device 30 in step 110; step B refers to establishing the virtual database 10 in step 110. Embedded information storage device. The two steps A and B can be carried out by choosing one, and the user can customize the area created by the virtual database 10, please refer to FIG. 2-b.

步骤A之后,接着通过该信息处理装置30所提供的一储存空间切割一区域(步骤112),而储存空间可为一硬盘(Hard Disk;HD),而该区域由逻辑存储区的区块(block)所组成,切割完成之后,将该虚拟数据库10的一目标路径建立于该区域(步骤114),通过此方法将可更改虚拟数据库10的容量大小并可进行机密数据的隐藏。After step A, then a region is divided by a storage space provided by the information processing device 30 (step 112), and the storage space can be a hard disk (Hard Disk; HD), and the region is composed of logical storage blocks ( block), after the cutting is completed, a target path of the virtual database 10 is established in the area (step 114), by which the capacity of the virtual database 10 can be changed and confidential data can be hidden.

而若使用者选择步骤B,便接着通过该嵌入式信息储存装置所提供的一储存空间切割一区域(步骤116),切割完成之后,将该虚拟数据库10的一目标路径建立于该区域(步骤118),通过此方法将可更改虚拟数据库10的容量大小并可进行机密数据的隐藏。And if the user selects step B, then a region is cut by a storage space provided by the embedded information storage device (step 116), after the cutting is completed, a target path of the virtual database 10 is established in the region (step 116). 118), the capacity size of the virtual database 10 can be changed and confidential data can be hidden by this method.

而上述建立至少一个虚拟数据库于该信息处理装置的步骤110中的该信息处理装置,可通过该嵌入式信息储存装置进行取代。而步骤A与步骤B无法同时执行。The information processing device in step 110 of establishing at least one virtual database in the information processing device can be replaced by the embedded information storage device. However, step A and step B cannot be performed at the same time.

然后就本发明中的步骤C档案20存入虚拟数据库10与步骤D隐藏档案20的特定路径的细部流程加以说明,请参照图2-c。Then, the detailed process of storing the file 20 into the virtual database 10 in step C and the specific path of hiding the file 20 in step D in the present invention will be described, please refer to FIG. 2-c.

步骤C之后,接着该档案20通过一加密机制将数据进行加密(步骤132),此一加密机制是一种虚拟硬盘加密技术(On-the-flyEncryption),然后通过该虚拟数据库10复制该特定路径(步骤134),复制完成后,将该特定路径搬移至该储存空间(步骤136)。After step C, then the file 20 encrypts the data through an encryption mechanism (step 132), this encryption mechanism is a virtual hard disk encryption technology (On-the-fly Encryption), and then replicates the specific path through the virtual database 10 (Step 134), after copying is completed, move the specific path to the storage space (Step 136).

步骤D之后,接着删除存入于该储存空间的该特定路径(步骤162),而特定路径是指该档案任何存留于该信息处理装置中的信息与历程,便可将所有信息与历程完全隐藏,达成本发明的目的。After step D, then delete the specific path stored in the storage space (step 162), and the specific path refers to any information and history of the file stored in the information processing device, so that all information and history can be completely hidden , to achieve the purpose of the present invention.

上述所提的虚拟硬盘加密技术是指数据由硬盘读入程序前,自动进行解密。反之程序将数据存入硬盘前,会自动加密,整个加解密动作完全是透明的,使用者并无须强记,哪些档案是明文或密文,因此操作上,完全和一般习惯相同。更进一步地说:只有程序须要数据的瞬间,才会读到明文,硬盘上的数据永远是密文,解密的充分必要条件便是嵌入式信息储存装置安装于信息处理装置上。The virtual hard disk encryption technology mentioned above means that the data is automatically decrypted before being read into the program from the hard disk. On the other hand, the program will automatically encrypt the data before storing it in the hard disk. The entire encryption and decryption operation is completely transparent, and the user does not need to memorize which files are plaintext or ciphertext. Therefore, the operation is completely the same as the general practice. To put it further: Only when the program needs the data, can the plaintext be read. The data on the hard disk is always ciphertext. The necessary and sufficient condition for decryption is that the embedded information storage device is installed on the information processing device.

请参照图3-a及图3-b,为本发明具有虚拟空间加密隐藏数据方法的使用者接口图,图中说明了使用者建立虚拟数据库10的接口与设定虚拟数据库10的接口,而后便可运用本发明所提及的种种功能进行操作。接着请参照图4-a、图4-b、图4-c、图4-d,为本发明具有虚拟空间加密隐藏数据方法的实施图。Please refer to FIG. 3-a and FIG. 3-b, which are user interface diagrams of the method for encrypting and hiding data in virtual space according to the present invention. The figure illustrates the interface for the user to establish the virtual database 10 and the interface for setting the virtual database 10, and then Just can utilize various functions mentioned in the present invention to operate. Next, please refer to FIG. 4-a, FIG. 4-b, FIG. 4-c, and FIG. 4-d, which are implementation diagrams of the method for encrypting and hiding data in a virtual space according to the present invention.

通过本实施例将可更易了解本发明,特别是指步骤160中所提的特定路径,在本实施例中此一特定路径是指用于微软窗口操作系统下所显示的必要路径;当然必不用以限定本发明,若使用在不同操作系统下必然会有其它不同的路径需要隐藏,以达本发明之效;而由于隐藏特定的路径;若使用者要在其它计算机上有相同的功效,需得重新拥有另一个嵌入式信息储存装置方可,故一个嵌入式信息储存装置只搭配一计算机。The present invention will be easier to understand through the present embodiment, especially referring to the specific path mentioned in step 160. In this embodiment, this specific path refers to the necessary path for displaying under the Microsoft Windows operating system; certainly not To limit the present invention, if using under different operating systems, there must be other different paths that need to be hidden to achieve the effect of the present invention; and because the specific path is hidden; if the user wants to have the same effect on other computers, it needs to be hidden. It is necessary to have another embedded information storage device again, so an embedded information storage device is only matched with one computer.

首先选取(Dr.eye 98译典通)应用软件安装在一个虚拟数据库上,未拔除嵌入式信息储存装置时,虚拟数据库上的软件在“程序集、桌面、安装/移除、工具列”等四个位置将会看到,如图4-a、图4-b所示,拔除嵌入式信息储存装置后,虚拟数据库会自动消失,虚拟数据库上的软件在“程序集、桌面、安装/移除、工具列”等四个位置里的数据都会消失,插回嵌入式信息储存装置后,这些数据都会完全还原,不受任何影响,如上所述,“程序集、桌面、安装/移除、工具列”,也就是前述所提的特定路径,包含所有历程与信息都将被隐藏,而更添增数据安全的保密度。First, select (Dr.eye 98 Yidiantong) application software to install on a virtual database. When the embedded information storage device is not removed, the software on the virtual database will be displayed in "program set, desktop, installation/removal, tool bar", etc. You will see the four locations, as shown in Figure 4-a and Figure 4-b, after the embedded information storage device is unplugged, the virtual database will disappear automatically, and the software on the virtual database can be found in "program set, desktop, install/move The data in the four locations such as "Delete, Toolbar" will disappear. After inserting the embedded information storage device back, these data will be completely restored without any impact. As mentioned above, "Programs, Desktop, Install/Remove, "Toolbar", that is, the specific path mentioned above, including all processes and information will be hidden, which will increase the confidentiality of data security.

虽然本发明以前述的较佳实施例揭露如上,然其并非用以限定本发明,本领域技术人员,在不脱离本发明的精神和范围内,当可作些许的更动与润饰,因此本发明的保护范围当视权利要求书的范围所界定者为准。Although the present invention is disclosed above with the aforementioned preferred embodiments, it is not intended to limit the present invention. Those skilled in the art may make some changes and modifications without departing from the spirit and scope of the present invention. Therefore, this present invention The scope of protection of the invention should be defined by the scope of the claims.

Claims (16)

1. method with Virtual Space enciphering hiding data; be applied on the embedded information accumulation device, by encipheror protection archives, and the data in hiding this embedded information accumulation device and the signal conditioning package; it is characterized in that this method includes the following step:
This embedded information accumulation device is installed in a signal conditioning package;
Set up a virtual data base in this signal conditioning package, cut a zone, a destination path of this virtual data base is built on this zone by the storage area that this signal conditioning package provided; Perhaps set up a virtual data base in this embedded information accumulation device, cut a zone, a destination path of this virtual data base is built on this zone by the storage area that this embedded information accumulation device provided;
Hold this virtual data base of setting by a user;
Deposit archives in this virtual data base, archives are encrypted data by an encryption mechanism; Duplicate a particular path by this virtual data base, this particular path is meant any information and the course that retains in this signal conditioning package of these archives; Duplicate and this particular path is moved to this storage area after finishing;
Whether detect this embedded information accumulation device still is installed in this signal conditioning package, if embedded information accumulation device is not installed in this signal conditioning package, then deletion deposits this particular path in this storage area in, whether then return this embedded information accumulation device of detecting still is installed in this signal conditioning package, continue to repeat detecting, until finally reaching next step;
If embedded information accumulation device still is installed in this signal conditioning package, then this signal conditioning package continues normal operation, and process ends.
2. the method with Virtual Space enciphering hiding data as claimed in claim 1 is characterized in that, this embedded information accumulation device is connected with this signal conditioning package by a connecting interface.
3. the method with Virtual Space enciphering hiding data as claimed in claim 2 is characterized in that, this connecting interface is a high density transmission connecting interface.
4. the method with Virtual Space enciphering hiding data as claimed in claim 2 is characterized in that, this connecting interface is a universal serial interface.
5. the method with Virtual Space enciphering hiding data as claimed in claim 1, it is characterized in that this signal conditioning package can select one arbitrarily from the combination of desktop PC, laptop computer, personal digital assistant, mobile phone, hand held signal conditioning package.
6. the method with Virtual Space enciphering hiding data as claimed in claim 1 is characterized in that, this sets up a virtual data base in the step of this signal conditioning package, more comprises the following step:
Cut a zone by the storage area that this signal conditioning package provided; And
One destination path of this virtual data base is built on this zone.
7. the method with Virtual Space enciphering hiding data as claimed in claim 6 is characterized in that this storage area can be a hard disk, and should be made up of the block of logical storage area in the zone.
8. the method with Virtual Space enciphering hiding data as claimed in claim 1 is characterized in that, this sets up a virtual data base this signal conditioning package in the step of this signal conditioning package, can replace by this embedded information accumulation device.
9. the method with Virtual Space enciphering hiding data as claimed in claim 8 is characterized in that, this embedded information accumulation device can be set up a virtual data base, comprises the following step:
Cut a zone by the storage area that this embedded information accumulation device provided; And
One destination path of this virtual data base is built on this zone.
10. the method with Virtual Space enciphering hiding data as claimed in claim 1, it is characterized in that, this user holds and sets this virtual data base, comprises following setting pattern: one carry/shutdown mode, a space management pattern, a cipher mode and a backup/reduction-mode.
11. the method with Virtual Space enciphering hiding data as claimed in claim 10 is characterized in that, this carry/shutdown mode refers to this user is held this specific virtual data base of activation/decapacitation.
12. the method with Virtual Space enciphering hiding data as claimed in claim 10 is characterized in that, this space management pattern refers to that this user holds the amount of capacity of this virtual data base of change.
13. the method with Virtual Space enciphering hiding data as claimed in claim 10, it is characterized in that, this cipher mode, provide rescue password keyholed back plate in addition when this user holds this embedded information accumulation device of loss, more limit a specific rescue number of times and enter the state of read-only this virtual data base.
14. the method with Virtual Space enciphering hiding data as claimed in claim 10, it is characterized in that, this backup/reduction-mode, be with this user hold required data from this virtual data library backup in this signal conditioning package, and reduction-mode be from this signal conditioning package restoring data to this virtual data base.
15. the method with Virtual Space enciphering hiding data as claimed in claim 1 is characterized in that, these archives can be an application program and handle specific item.
16. the method with Virtual Space enciphering hiding data as claimed in claim 1 is characterized in that, this embedded information accumulation device can select one arbitrarily from the combination of portable reservoir, integrated circuit card and smart card.
CNB031061036A 2003-02-18 2003-02-18 Method for encrypting hidden data with virtual space Expired - Fee Related CN1285039C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB031061036A CN1285039C (en) 2003-02-18 2003-02-18 Method for encrypting hidden data with virtual space

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB031061036A CN1285039C (en) 2003-02-18 2003-02-18 Method for encrypting hidden data with virtual space

Publications (2)

Publication Number Publication Date
CN1523508A CN1523508A (en) 2004-08-25
CN1285039C true CN1285039C (en) 2006-11-15

Family

ID=34282679

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB031061036A Expired - Fee Related CN1285039C (en) 2003-02-18 2003-02-18 Method for encrypting hidden data with virtual space

Country Status (1)

Country Link
CN (1) CN1285039C (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100392597C (en) * 2005-09-15 2008-06-04 首都信息发展股份有限公司 A virtual hardware acceleration method and system
KR100755701B1 (en) * 2005-12-27 2007-09-05 삼성전자주식회사 Required Paging Apparatus and Method for Embedded Systems
CN102662797A (en) * 2012-04-11 2012-09-12 无锡华御信息技术有限公司 Virtualization-based software backup method
CN109308163A (en) * 2017-07-26 2019-02-05 英业达科技有限公司 Non-volatility memory magnetic region planing method

Also Published As

Publication number Publication date
CN1523508A (en) 2004-08-25

Similar Documents

Publication Publication Date Title
US8892905B2 (en) Method and apparatus for performing selective encryption/decryption in a data storage system
JP6055988B1 (en) Computer program, secret management method and system
US7581118B2 (en) Disk sanitization using encryption
CN102945355B (en) Fast Data Encipherment strategy based on sector map is deferred to
US7257717B2 (en) Method with the functions of virtual space and data encryption and invisibility
US20120237024A1 (en) Security System Using Physical Key for Cryptographic Processes
KR101659590B1 (en) Secure deletion of data stored in a memory
EP1012691A1 (en) Encrypting file system and method
CN1786867A (en) Method for ciphering and diciphering of file, safety managing storage apparatus and system method thereof
US7216207B1 (en) System and method for fast, secure removal of objects from disk storage
CN109766215B (en) Data processing method and device
Zhang et al. Ensuring data confidentiality via plausibly deniable encryption and secure deletion–a survey
CN111399770B (en) Data storage mode conversion method, device and storage medium
CN1285039C (en) Method for encrypting hidden data with virtual space
CN103488755B (en) A kind of file system access method and apparatus
CN1776563A (en) File encrypting device based on USB interface
CN1154050C (en) Virtual magnetic disk method under windows
HK1068983B (en) Method with the functions of virtual space and data encryption and invisibility
HK1068983A1 (en) Method with the functions of virtual space and data encryption and invisibility
CN100444109C (en) Method and system for rebuilding application software environment
TW576996B (en) Method for encrypting secured data with virtual space
CN101324865A (en) Embedded information storage device and method for preloading digital property management thereof
TWI258082B (en) Method of locking artificial interface by an embedded information storage device with huggermugger function
CN2854676Y (en) File binder encipher device based on universal serial bus interface
CN101266636A (en) Computer safe memory card and storage method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1068983

Country of ref document: HK

C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20061115

Termination date: 20120218