[go: up one dir, main page]

WO2020082811A1 - Storage method and apparatus having hidden partition, and host device - Google Patents

Storage method and apparatus having hidden partition, and host device Download PDF

Info

Publication number
WO2020082811A1
WO2020082811A1 PCT/CN2019/095070 CN2019095070W WO2020082811A1 WO 2020082811 A1 WO2020082811 A1 WO 2020082811A1 CN 2019095070 W CN2019095070 W CN 2019095070W WO 2020082811 A1 WO2020082811 A1 WO 2020082811A1
Authority
WO
WIPO (PCT)
Prior art keywords
storage device
partition
host
user
hidden
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/095070
Other languages
French (fr)
Chinese (zh)
Inventor
黎剑坤
尚宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dapu Microelectronics Co Ltd
Original Assignee
Shenzhen Dapu Microelectronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Dapu Microelectronics Co Ltd filed Critical Shenzhen Dapu Microelectronics Co Ltd
Publication of WO2020082811A1 publication Critical patent/WO2020082811A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0638Organizing or formatting or addressing of data
    • G06F3/0644Management of space entities, e.g. partitions, extents, pools
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0637Permissions

Definitions

  • the invention relates to a storage method, device and host device with hidden partitions.
  • the operating system on the host side After the operating system on the host side is powered on, it scans the storage device, obtains the storage device parameters, and displays the partition of the storage device.
  • the system storage device and the hidden storage device are physically two storage devices, so that users cannot use the hidden partition when only the system disk is available; to use the hidden partition, you need to purchase another one with a hidden function Storage device.
  • the existing hidden storage devices usually require the support of special hardware, and the use cost and complexity are high.
  • the purpose of the invention of the present invention is to provide a storage method, device and host device with hidden partitions, which can realize common display partitions and hidden partitions on one storage device, which is more convenient for users to use.
  • a storage method with a hidden partition which divides the storage device into an ordinary display partition and a hidden partition
  • the storage device When ordinary users access the storage device through the host, the storage device only displays the ordinary display partition
  • the storage device When an authorized user accesses the storage device through the host, the storage device displays the normal display partition and the hidden partition
  • the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to reveal the corresponding hidden partition of the storage device according to the authenticated user identity information.
  • the storage device management tool on the host side authenticates the authorized user, rescans the storage device according to the verified user identity information, and updates the storage device information to allow the user to access and / or operate the corresponding hidden partition.
  • the method is implemented in the form of software or firmware.
  • the user identity is an authorized user with administrator authority
  • the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.
  • a unique key pair between the host-side storage device management tool and the storage device is generated based on the digital signature algorithm, and the host-side storage device management tool holds the private key, and the storage device holds the public key; when the user passes the host After the identity verification of the end storage device management tool, the host end storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the users, and informs the storage device to reveal the corresponding partitioned storage device of the storage device. 'S public key verifies the access commands of the host-side storage device management tool.
  • the default state is that only the normal display partition is displayed.
  • a storage device with a hidden partition includes:
  • the partition display module is used to display the corresponding partition of the storage device according to the different identities of the user.
  • the storage device displays only the ordinary display partition;
  • the authorized user accesses the storage device through the host, the storage The device displays the normal display partition and the hidden partition; the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to display the corresponding hidden partition of the storage device according to the user identity information after the verification.
  • the user identity is an authorized user with administrator authority
  • the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.
  • the storage device presets the division ratio between the ordinary display partition and the hidden partition.
  • the default state is that only the normal display partition is displayed.
  • a host-side device including:
  • One or more processors are One or more processors;
  • the storage unit is used to store a program for managing the storage device
  • the above method is executed by one or more processors.
  • the present invention divides the storage device into an ordinary display partition and a hidden partition; when a user accesses the storage device through the host side, the host-side storage device management tool authenticates the user to identify the user's identity, and displays the storage device accordingly according to the different identities of the user
  • the storage device shows only the ordinary display partition; for authorized users, the storage device shows the ordinary display partition and the hidden partition, the host side rescans the storage device, and updates the storage device information to allow the user to access and / or operate the hidden Partition.
  • the invention realizes the common display partition and hidden partition on a storage device, which is more convenient for users, effectively reduces the use cost and complexity of hidden devices, and is convenient for promotion.
  • the user identity is an authorized user with administrator authority
  • the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device, which is more convenient for the user.
  • the storage device of the present invention includes a partition display module for displaying the corresponding partition of the storage device according to different identities of users.
  • the storage device displays only the ordinary display partition;
  • the storage device displays the ordinary display partition and the hidden partition;
  • the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to display the corresponding hidden partition of the storage device according to the user identity information after the verification.
  • the invention provides a solution integrating firmware and software without additional hardware support, which effectively reduces the complexity and cost of using the hidden function of the storage device.
  • Figure 1 is a block diagram of the method of the present invention
  • FIG. 2 is a schematic diagram of the hardware structure of the storage device of the present invention.
  • 3 is a flow chart of the administrator user of the present invention to modify the storage partition ratio
  • FIG. 5 is an architecture diagram of an interface program of the storage device of the present invention.
  • FIG. 6 is a schematic diagram showing the partitioning of the storage device of the present invention.
  • FIG. 7 is a schematic diagram of the process of signing and de-signing in a digital signature.
  • FIG. 7 is a schematic diagram of the process of signature and de-signature verification in a digital signature.
  • Digital signature is a comprehensive application of asymmetric encryption technology and digital digest technology.
  • the sender uses a digest algorithm (such as the Hash algorithm) to generate a message digest corresponding to the original text, and uses the sender's private key to sign the communication information digest.
  • the signed signature information is transmitted to the receiving end together with the original text.
  • the receiving end uses the same Hash algorithm as the sending end to generate the message digest 1 in the same manner as the received original text, and obtains it by decoding the signed signature information using the public key.
  • Information Digest 2 will be compared with the above Information Digest 1 and Information Digest 2, if the same, it means that the original text received by the receiving end is complete, and has not been tampered with by a third party during the transmission process, otherwise, the original text has been Tripartite modification.
  • the above original text refers to the unencrypted original information that the sending end needs to send to the receiving end.
  • the above private key and public key are obtained by an asymmetric encryption algorithm, that is to say, the private key and the key exist in pairs, specifically, in the embodiment of the present invention, the private key may be any A character string, schematically, can be a 256-bit random number as the private key, and the public key is the public key corresponding to the private key generated by the asymmetric encryption algorithm, which is not specifically limited here.
  • the asymmetric encryption algorithm may include, but is not limited to the ed25519 algorithm, RSA algorithm, DSA algorithm, Diffie-Hellman, and ECC algorithm, and the specific embodiments of the present invention are not limited.
  • the digital signature for each sender, there is a unique private key, which is kept secret from the outside world, and the relevant information signed by the private key can only be obtained through its corresponding public key. Key to decode. Therefore, the private key can represent the identity of the private key holder, and the identity of the private key owner can be verified by the public key corresponding to the private key.
  • digital signature you can confirm that the communication content is signed and sent by the sender of the message, because other devices can not fake the signature of the sender of the message, and different communication content, the summary information is very different, through the digest algorithm, you can also ensure the integrity of the communication content If the content of the communication is tampered with in the middle, the corresponding digital signature will also change. Therefore, the digital signature can verify the integrity of the communication content and the identity of the sender.
  • the storage device is divided into ordinary display partitions and hidden partitions; when a user accesses the storage device through the host side, the host-side storage device management tool authenticates the user to identify the user, and displays the corresponding partition of the storage device according to the user's different identities For ordinary users, the storage device displays only the ordinary display partition; for authorized users, the storage device displays the ordinary display partition and the hidden partition, the host side rescans the storage device, and updates the storage device information to allow the user to access and / or operate the hidden partition.
  • the storage device when the user's identity is an authorized user, the storage device is accessed through the host-side storage device management tool (APP) on the host side. After identity verification, the host side rescans the storage device to obtain new device parameters and display storage The device's normal display partition and hidden partition.
  • APP host-side storage device management tool
  • the storage device When an ordinary user accesses the storage device through the host side or the authorized user fails to pass the identity verification, the storage device only displays the ordinary display partition. Ordinary users can access the storage device through the host-side operating system, and can also access the storage device through the host-side storage device management tool.
  • the storage device presets the division ratio between the ordinary display partition and the hidden partition.
  • the default state is to display only the normal display partition.
  • the storage device includes a control unit and a storage unit, wherein the control unit is a chip DPU, and the storage unit includes FLASH and DRAM.
  • DPU It can be used for data storage control, management and optimization.
  • FLASH It is a flash memory array and a basic storage medium.
  • DRAM It is a memory particle, an important module in the system, a stored program module, and a management data interface.
  • PCIE 3.0 x4 port 0 and port 1 dual ports that interface with the host.
  • Users supported by the system include ordinary users and authorized users.
  • the authorized users include general authorized users and administrator users.
  • the above users can access the storage device through the host-side storage device management tool installed on the host side, or only through the host's operating system Access storage devices.
  • the logical separation of the two areas between the normal display partition and the hidden partition of the storage device is implemented by an algorithm in the flash memory controller (control unit) of the storage device (for example, it can be through a flash conversion layer, flash translation layer, or FTL to fulfill).
  • the host-side storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the user, and informs the storage device to reveal the corresponding partitioned storage device of the storage device, and the storage device uses the corresponding public key Verify the access commands of the host-side storage device management tool.
  • the physical information includes spatial index, distance, temperature, light, sound, humidity, magnetic force, pressure, electric field, magnetic field, etc .
  • biometric information includes sound, smell, color, behavior, face, fingerprint, palm print, etc.
  • the user identity is an authorized user with administrator authority
  • the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.
  • the storage device includes a control unit and a storage unit, wherein the control unit is a chip DPU, and the storage unit includes FLASH and DRAM.
  • DPU It can be used for data storage control, management and optimization.
  • FLASH It is a flash memory array and a basic storage medium.
  • DRAM It is a memory particle, an important module in the system, a stored program module, and a management data interface.
  • PCIE 3.0 x4 port 0 and port 1 dual ports that interface with the host.
  • the storage unit includes the following program modules, which are run by the control unit.
  • Partition display module the partition display module is used to display the corresponding partition of the storage device according to the different identities of the user, when the user identity is an ordinary user, the storage device only shows the ordinary display partition; when the user identity is an authorized user, the storage device is shown Normally display partitions and hidden partitions, and trigger the host side to rescan storage devices and update storage device information to allow users to access and / or operate hidden partitions.
  • the interface program module and the interface program module are used to communicate with the host-side operating system and the host-side storage device management tool.
  • the storage device When the user's identity is an authorized user, the storage device is accessed through the host-side storage device management tool on the host side. After the identity verification, the host side rescans the storage device to obtain new device parameters, showing the normal display partition and hidden partition of the storage device.
  • the storage device When an ordinary user accesses the storage device through the host side or the authorized user fails to pass the identity verification, the storage device only displays the ordinary display partition. Ordinary users can access the storage device through the host-side operating system, and can also access the storage device through the host-side storage device management tool.
  • the storage device presets the division ratio between the ordinary display partition and the hidden partition.
  • the default state is to display only the normal display partition.
  • Users supported by the system include ordinary users and authorized users.
  • the authorized users include general authorized users and administrator users.
  • the above users can access the storage device through the host-side storage device management tool installed on the host side, or only through the host's operating system Access storage devices.
  • the logical separation of the two areas between the normal display partition and the hidden partition of the storage device is implemented by an algorithm in the flash memory controller (control unit) of the storage device (for example, it can be through a flash conversion layer, flash translation layer, or FTL to fulfill).
  • the host-side storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the user, and informs the storage device to reveal the corresponding partitioned storage device of the storage device, and the storage device uses the corresponding public key Verify the access commands of the host-side storage device management tool.
  • the physical information includes spatial index, distance, temperature, light, sound, humidity, magnetic force, pressure, electric field, magnetic field, etc .
  • biometric information includes sound, smell, color, behavior, face, fingerprint, palm print, etc.
  • the user identity is an authorized user with administrator authority
  • the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.
  • One or more processors are One or more processors;
  • the storage unit is used to store a program for managing the storage device (host side storage device management tool APP);
  • the above method is executed by one or more processors.
  • the storage unit is composed of a random access memory (RAM), a cache memory, and a hard disk drive.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A storage method and an apparatus having a hidden partition, and a host device. The storage apparatus is divided into a commonly shown partition and a hidden partition. When an ordinary user visits the storage apparatus by means of the host, the storage apparatus only shows the commonly shown partition. When an authorized user visits the storage apparatus by means of the host, the storage apparatus shows the commonly shown partition and the hidden partition. A storage apparatus management tool of the host performs identity verification on the authorized user, and on the basis of successfully verified user identity information, notifies the storage apparatus to show the corresponding hidden partition of the storage apparatus. A commonly shown partition and a hidden partition can be implemented on one storage apparatus, facilitating use by a user.

Description

带有隐藏分区的存储方法、装置及主机端设备Storage method and device with hidden partition and host-side equipment

本申请要求于2018年10月26日提交至中国专利局、申请号为201811261721.2、发明名称为“带有隐藏分区的存储方法、装置及主机端设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application requires the priority of the Chinese patent application filed on October 26, 2018 to the Chinese Patent Office, with the application number 201811261721.2 and the invention titled "Storage Method, Device and Host-End Device with Hidden Partition", all of its content Incorporated by reference in this application.

技术领域Technical field

本发明涉及一种带有隐藏分区的存储方法、装置及主机端设备。The invention relates to a storage method, device and host device with hidden partitions.

背景技术Background technique

主机端的操作系统上电后扫描存储设备,获取存储设备的参数,显现存储设备的分区。现有技术中,系统存储设备和隐藏存储设备在物理上是两个存储设备,导致用户在只有系统盘的情况下,不能使用隐藏分区;若要使用隐藏分区,就需要另外购买一个带隐藏功能的存储设备。而且,现有的隐藏存储设备通常需要特殊硬件的支持,使用成本和复杂度较高。After the operating system on the host side is powered on, it scans the storage device, obtains the storage device parameters, and displays the partition of the storage device. In the prior art, the system storage device and the hidden storage device are physically two storage devices, so that users cannot use the hidden partition when only the system disk is available; to use the hidden partition, you need to purchase another one with a hidden function Storage device. Moreover, the existing hidden storage devices usually require the support of special hardware, and the use cost and complexity are high.

发明内容Summary of the invention

本发明的发明目的在于提供一种带有隐藏分区的存储方法、装置及主机端设备,能够在一个存储设备上实现普通显现分区和隐藏分区,更加方便用户的使用。The purpose of the invention of the present invention is to provide a storage method, device and host device with hidden partitions, which can realize common display partitions and hidden partitions on one storage device, which is more convenient for users to use.

基于同一发明构思,本发明具有三个独立的技术方案:Based on the same inventive concept, the present invention has three independent technical solutions:

1、一种带有隐藏分区的存储方法,将存储装置划分成普通显现分区和隐藏分区;1. A storage method with a hidden partition, which divides the storage device into an ordinary display partition and a hidden partition;

普通用户通过主机端访问存储装置时,存储装置仅显现普通显现分区;When ordinary users access the storage device through the host, the storage device only displays the ordinary display partition;

授权用户通过主机端访问存储装置时,存储装置显现普通显现分区和隐藏分区;When an authorized user accesses the storage device through the host, the storage device displays the normal display partition and the hidden partition

主机端的存储装置管理工具对授权用户进行身份验证,并根据验证通过后的用户身份信息,通知存储设备显现存储装置相应的隐藏分区。The storage device management tool on the host side authenticates the authorized user, and notifies the storage device to reveal the corresponding hidden partition of the storage device according to the authenticated user identity information.

进一步地,主机端的存储装置管理工具对授权用户进行身份验证,并根据验证后的用户身份信息重新扫描存储装置,更新存储装置信息,以允许用户访问和/或操作相应的隐藏分区。Further, the storage device management tool on the host side authenticates the authorized user, rescans the storage device according to the verified user identity information, and updates the storage device information to allow the user to access and / or operate the corresponding hidden partition.

进一步地,所述方法是通过软件或固件形式实现的。Further, the method is implemented in the form of software or firmware.

进一步地,当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。Further, when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.

进一步地,基于数字签名算法生成主机端存储装置管理工具与存储装置之间唯一对应的密钥对,并由主机端存储装置管理工具持有私钥,存储装置持有公钥;当用户通过主机端存储装置管理工具的身份验证后,主机端存储装置管理工具根据用户的不同身份,使用对应的私钥对访问命令进行数字签名,通知存储设备显现存储装置相应的分区存储设备,存储装置以对应的公钥对主机端存储装置管理工具的访问命令进行验证。Further, a unique key pair between the host-side storage device management tool and the storage device is generated based on the digital signature algorithm, and the host-side storage device management tool holds the private key, and the storage device holds the public key; when the user passes the host After the identity verification of the end storage device management tool, the host end storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the users, and informs the storage device to reveal the corresponding partitioned storage device of the storage device. 'S public key verifies the access commands of the host-side storage device management tool.

进一步地,存储装置上电初始时,默认状态为仅显现普通显现分区。Further, when the storage device is initially powered on, the default state is that only the normal display partition is displayed.

2、一种带有隐藏分区的存储装置,所述存储装置包括:2. A storage device with a hidden partition, the storage device includes:

分区显现模块,分区显现模块用于根据用户的不同身份显现存储 装置相应的分区,普通用户通过主机端访问存储装置时,存储装置仅显现普通显现分区;授权用户通过主机端访问存储装置时,存储装置显现普通显现分区和隐藏分区;主机端的存储装置管理工具对授权用户进行身份验证,并根据验证通过后的用户身份信息,通知存储设备显现存储装置相应的隐藏分区。The partition display module is used to display the corresponding partition of the storage device according to the different identities of the user. When the ordinary user accesses the storage device through the host, the storage device displays only the ordinary display partition; when the authorized user accesses the storage device through the host, the storage The device displays the normal display partition and the hidden partition; the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to display the corresponding hidden partition of the storage device according to the user identity information after the verification.

进一步地,当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。Further, when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.

进一步地,存储装置预设普通显现分区和隐藏分区之间的划分比例。Further, the storage device presets the division ratio between the ordinary display partition and the hidden partition.

进一步地,存储装置上电初始时,默认状态为仅显现普通显现分区。Further, when the storage device is initially powered on, the default state is that only the normal display partition is displayed.

3、一种主机端设备,包括:3. A host-side device, including:

一个或多个处理器;One or more processors;

存储单元,用于存储对存储装置进行管理的程序;The storage unit is used to store a program for managing the storage device;

由一个或多个处理器执行上述的方法。The above method is executed by one or more processors.

本发明具有的有益效果:The beneficial effects of the present invention:

本发明将存储装置划分成普通显现分区和隐藏分区;当用户通过主机端访问存储装置时,主机端存储装置管理工具对用户进行身份验证以识别用户身份,并根据用户的不同身份显现存储装置相应的分区;对于普通用户,存储装置仅显现普通显现分区;对于授权用户,存储装置显现普通显现分区和隐藏分区,主机端重新扫描存储装置,更新存储装置信息,以允许用户访问和/或操作隐藏分区。本发明实现了在一个存储设备上实现普通显现分区和隐藏分区,更加方便用户,有效降低隐藏设备的使用成本和复杂度,便于推广。同时,通过 使用纯软件、固件的方案,可以使进一步降低成本,提高易用性;甚至可以通过安装软件及更新固件的方式,使原来不具备隐藏功能的存储设备拥有隐藏功能,进一步在后装市场进行推广。The present invention divides the storage device into an ordinary display partition and a hidden partition; when a user accesses the storage device through the host side, the host-side storage device management tool authenticates the user to identify the user's identity, and displays the storage device accordingly according to the different identities of the user For ordinary users, the storage device shows only the ordinary display partition; for authorized users, the storage device shows the ordinary display partition and the hidden partition, the host side rescans the storage device, and updates the storage device information to allow the user to access and / or operate the hidden Partition. The invention realizes the common display partition and hidden partition on a storage device, which is more convenient for users, effectively reduces the use cost and complexity of hidden devices, and is convenient for promotion. At the same time, through the use of pure software and firmware solutions, you can further reduce costs and improve ease of use; you can even install software and update firmware to make storage devices that do not have hidden functions have hidden functions. Market promotion.

本发明当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例,更加方便用户的使用。In the present invention, when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device, which is more convenient for the user.

本发明存储装置包括分区显现模块,用于根据用户的不同身份显现存储装置相应的分区,普通用户通过主机端访问存储装置时,存储装置仅显现普通显现分区;授权用户通过主机端访问存储装置时,存储装置显现普通显现分区和隐藏分区;主机端的存储装置管理工具对授权用户进行身份验证,并根据验证通过后的用户身份信息,通知存储设备显现存储装置相应的隐藏分区。。本发明提供了固件、软件一体化的解决方案,不需另外硬件支持,有效降低了存储设备隐藏功能的使用复杂度及使用成本。The storage device of the present invention includes a partition display module for displaying the corresponding partition of the storage device according to different identities of users. When an ordinary user accesses the storage device through the host side, the storage device displays only the ordinary display partition; The storage device displays the ordinary display partition and the hidden partition; the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to display the corresponding hidden partition of the storage device according to the user identity information after the verification. . The invention provides a solution integrating firmware and software without additional hardware support, which effectively reduces the complexity and cost of using the hidden function of the storage device.

附图说明BRIEF DESCRIPTION

图1是本发明方法的流程框图;Figure 1 is a block diagram of the method of the present invention;

图2是本发明存储装置的硬件结构示意图;2 is a schematic diagram of the hardware structure of the storage device of the present invention;

图3是本发明管理员用户修改存储分区比例的流程图;3 is a flow chart of the administrator user of the present invention to modify the storage partition ratio;

图4是本发明的系统程序架构图;4 is a system program architecture diagram of the present invention;

图5是本发明存储装置的接口程序架构图;5 is an architecture diagram of an interface program of the storage device of the present invention;

图6是本发明存储装置分区显现示意图;6 is a schematic diagram showing the partitioning of the storage device of the present invention;

图7是数字签名中的签名与解签名的过程示意图。7 is a schematic diagram of the process of signing and de-signing in a digital signature.

具体实施方式detailed description

为了便于理解,首先对本发明实施例所涉及的概念进行说明:For ease of understanding, the concepts involved in the embodiments of the present invention are first described:

数字签名:digital signature:

如图7所示,这里以摘要算法为Hash算法为例进行说明,图7为数字签名中的签名与解签名验证的过程示意图。As shown in FIG. 7, the digest algorithm is a Hash algorithm as an example for illustration here. FIG. 7 is a schematic diagram of the process of signature and de-signature verification in a digital signature.

数字签名是对非对称加密技术与数字摘要技术的综合运用,发送端利用摘要算法(如Hash算法),可以生成原文对应的信息摘要,并使用发送端的私钥对通信信息摘要进行签名,然后将签名后的签名信息与原文一起传输给接收端,接收端使用与发送端相同的Hash算法,对接收到的原文采用相同的方式产生信息摘要1,并与利用公钥解码被签名的签名信息得到信息摘要2,将与上述信息摘要1与信息摘要2进行对比,如果相同,则说明接收端接收到的原文是完整的,在传输过程中没有受到第三方的篡改,否则,说明原文已被第三方修改。其中,上述原文是指发送端需要向接收端发送的未加密过得原始信息。Digital signature is a comprehensive application of asymmetric encryption technology and digital digest technology. The sender uses a digest algorithm (such as the Hash algorithm) to generate a message digest corresponding to the original text, and uses the sender's private key to sign the communication information digest. The signed signature information is transmitted to the receiving end together with the original text. The receiving end uses the same Hash algorithm as the sending end to generate the message digest 1 in the same manner as the received original text, and obtains it by decoding the signed signature information using the public key. Information Digest 2, will be compared with the above Information Digest 1 and Information Digest 2, if the same, it means that the original text received by the receiving end is complete, and has not been tampered with by a third party during the transmission process, otherwise, the original text has been Tripartite modification. The above original text refers to the unencrypted original information that the sending end needs to send to the receiving end.

其中,需要说明的是,上述私钥与公钥是通过非对称加密算法得到,也就是说,私钥与密钥是配对存在的,具体的,在本发明实施例中,私钥可以是任一字符串,示意性的,可以是一个256位的随机数作为私钥,而公钥则是利用非对称加密算法生成的私钥对应的公钥,具体此处不做限定。另外需要说明的是,本发明实施例中,上述非对称加密算法可以包括,但不局限于ed25519算法、RSA算法、DSA算法、Diffie-Hellman以及ECC算法,具体本发明实施例也不做限定。It should be noted that the above private key and public key are obtained by an asymmetric encryption algorithm, that is to say, the private key and the key exist in pairs, specifically, in the embodiment of the present invention, the private key may be any A character string, schematically, can be a 256-bit random number as the private key, and the public key is the public key corresponding to the private key generated by the asymmetric encryption algorithm, which is not specifically limited here. In addition, it should be noted that in the embodiment of the present invention, the asymmetric encryption algorithm may include, but is not limited to the ed25519 algorithm, RSA algorithm, DSA algorithm, Diffie-Hellman, and ECC algorithm, and the specific embodiments of the present invention are not limited.

由此可得,在数字签名中,对于每一个发送端而言,都有其特有的私钥,且都是对外界保密的,而通过私钥签名的相关信息,只能通过其对应的公钥来进行解码。因此,私钥可以代表私钥持有者的身份, 可以通过私钥对应的公钥来对私钥拥有者的身份进行验证。通过数字签名,则能够确认通信内容是消息发送端签名并发送过来的,因为其他设备假冒不了消息发送端的签名,而不同的通信内容,摘要信息千差万别,通过摘要算法,还可以确保通信内容的完整性,如果通信内容在中途被篡改了,对应的数字签名也将发生改变。因此,因此数字签名能够验证通信内容的完整性以及发送端的身份。It can be seen that in the digital signature, for each sender, there is a unique private key, which is kept secret from the outside world, and the relevant information signed by the private key can only be obtained through its corresponding public key. Key to decode. Therefore, the private key can represent the identity of the private key holder, and the identity of the private key owner can be verified by the public key corresponding to the private key. Through digital signature, you can confirm that the communication content is signed and sent by the sender of the message, because other devices can not fake the signature of the sender of the message, and different communication content, the summary information is very different, through the digest algorithm, you can also ensure the integrity of the communication content If the content of the communication is tampered with in the middle, the corresponding digital signature will also change. Therefore, the digital signature can verify the integrity of the communication content and the identity of the sender.

实施例一:Example one:

带有隐藏分区的存储方法:Storage method with hidden partition:

将存储装置划分成普通显现分区和隐藏分区;当用户通过主机端访问存储装置时,主机端存储装置管理工具对用户进行身份验证以识别用户身份,并根据用户的不同身份显现存储装置相应的分区;对于普通用户,存储装置仅显现普通显现分区;对于授权用户,存储装置显现普通显现分区和隐藏分区,主机端重新扫描存储装置,更新存储装置信息,以允许用户访问和/或操作隐藏分区。The storage device is divided into ordinary display partitions and hidden partitions; when a user accesses the storage device through the host side, the host-side storage device management tool authenticates the user to identify the user, and displays the corresponding partition of the storage device according to the user's different identities For ordinary users, the storage device displays only the ordinary display partition; for authorized users, the storage device displays the ordinary display partition and the hidden partition, the host side rescans the storage device, and updates the storage device information to allow the user to access and / or operate the hidden partition.

如图1所示,当用户身份是授权用户时,通过主机端的主机端存储装置管理工具(APP)访问存储装置,通过身份验证后,主机端重新扫描存储装置,获得新的设备参数,显现存储装置的普通显现分区和隐藏分区。As shown in Figure 1, when the user's identity is an authorized user, the storage device is accessed through the host-side storage device management tool (APP) on the host side. After identity verification, the host side rescans the storage device to obtain new device parameters and display storage The device's normal display partition and hidden partition.

当普通用户通过主机端访问存储装置或授权用户未通过身份验证时,存储装置仅显现普通显现分区。普通用户可以通过主机端的操作系统访问存储装置,也可通过主机端存储装置管理工具访问存储装置。When an ordinary user accesses the storage device through the host side or the authorized user fails to pass the identity verification, the storage device only displays the ordinary display partition. Ordinary users can access the storage device through the host-side operating system, and can also access the storage device through the host-side storage device management tool.

在存储装置预设普通显现分区和隐藏分区之间的划分比例。存储装置上电初始时,默认状态为仅显现普通显现分区。The storage device presets the division ratio between the ordinary display partition and the hidden partition. When the storage device is initially powered on, the default state is to display only the normal display partition.

如图2所示,存储装置包括控制单元、存储单元,其中所说控制单元为芯片DPU,所说存储单元包括FLASH和DRAM。As shown in FIG. 2, the storage device includes a control unit and a storage unit, wherein the control unit is a chip DPU, and the storage unit includes FLASH and DRAM.

DPU:可用于数据的存储控制、管理、优化。DPU: It can be used for data storage control, management and optimization.

FLASH:是闪存阵列,是基本的存储介质。FLASH: It is a flash memory array and a basic storage medium.

DRAM:是内存颗粒,系统中重要模块,存储程序模块,管理数据接口。DRAM: It is a memory particle, an important module in the system, a stored program module, and a management data interface.

PCIE 3.0 x4 port 0 and port 1:是与主机端接口的双端口。PCIE 3.0 x4 port 0 and port 1: dual ports that interface with the host.

系统支持的用户包括普通用户、授权用户,其中授权用户包括一般授权用户和管理员用户,上述用户均可通过主机端安装的主机端存储装置管理工具访问存储装置,也可仅通过主机的操作系统访问存储装置。所说存储装置的普通显现分区和隐藏分区之间两个区域的逻辑隔离是由存储装置的闪存控制器(控制单元)中算法来实现(譬如,可以通过闪存转换层,flash translation layer,or FTL来实现)。Users supported by the system include ordinary users and authorized users. The authorized users include general authorized users and administrator users. The above users can access the storage device through the host-side storage device management tool installed on the host side, or only through the host's operating system Access storage devices. The logical separation of the two areas between the normal display partition and the hidden partition of the storage device is implemented by an algorithm in the flash memory controller (control unit) of the storage device (for example, it can be through a flash conversion layer, flash translation layer, or FTL to fulfill).

基于数字签名算法生成主机端存储装置管理工具与存储装置之间唯一对应的密钥对,并由主机端存储装置管理工具持有私钥,存储装置持有公钥;当用户通过主机端存储装置管理工具的身份验证后,主机端存储装置管理工具根据用户的不同身份,使用对应的私钥对访问命令进行数字签名,通知存储设备显现存储装置相应的分区存储设备,存储装置以对应的公钥对主机端存储装置管理工具的访问命令进行验证。Generate a unique key pair between the host-side storage device management tool and the storage device based on the digital signature algorithm, and the host-side storage device management tool holds the private key, and the storage device holds the public key; when the user passes the host-side storage device After the identity verification of the management tool, the host-side storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the user, and informs the storage device to reveal the corresponding partitioned storage device of the storage device, and the storage device uses the corresponding public key Verify the access commands of the host-side storage device management tool.

可以通过外设得到用户的物理、生物特征信息,以物理、生物特征信息为种子,基于单向密码散列函数(cryptographic hash)生成私钥;基于数字签名技术,生成与上述私钥对应的公钥,并将该公钥加载到存储设备。所说物理信息包括空间指标、距离、温度、光、声 音、湿度、磁力、压强、电场、磁场等;生物特征信息包括声音、气味、颜色、行为、面孔、指纹、掌纹等。You can get the user's physical and biometric information through peripherals. Use the physical and biometric information as seeds to generate a private key based on a one-way cryptographic hash function (cryptographic hash); based on digital signature technology, generate a public key corresponding to the private key Key and load the public key to the storage device. The physical information includes spatial index, distance, temperature, light, sound, humidity, magnetic force, pressure, electric field, magnetic field, etc .; biometric information includes sound, smell, color, behavior, face, fingerprint, palm print, etc.

实施例二:Example 2:

带有隐藏分区的存储方法:Storage method with hidden partition:

如图3所示,当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。As shown in FIG. 3, when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.

当具有管理员权限的授权用户通过主机端存储装置管理工具身份验证后,允许其通过存储装置管理工具发出重新划分存储装置普通显现分区和隐藏分区之间的比例指令,存储装置执行所述重置分区比例命令。When an authorized user with administrator authority passes the identity verification of the host-side storage device management tool, it is allowed to issue a ratio command between the normal display partition and the hidden partition of the storage device through the storage device management tool, and the storage device performs the reset Partition ratio command.

实施例二的其余工作流程同实施一。The rest of the workflow of the second embodiment is the same as the first implementation.

实施例三:Example three:

带有隐藏分区的存储装置:Storage device with hidden partition:

如图2所示,存储装置包括控制单元、存储单元,其中所说控制单元为芯片DPU,所说存储单元包括FLASH和DRAM。As shown in FIG. 2, the storage device includes a control unit and a storage unit, wherein the control unit is a chip DPU, and the storage unit includes FLASH and DRAM.

DPU:可用于数据的存储控制、管理、优化。DPU: It can be used for data storage control, management and optimization.

FLASH:是闪存阵列,是基本的存储介质。FLASH: It is a flash memory array and a basic storage medium.

DRAM:是内存颗粒,系统中重要模块,存储程序模块,管理数据接口。DRAM: It is a memory particle, an important module in the system, a stored program module, and a management data interface.

PCIE 3.0 x4 port 0 and port 1:是与主机端接口的双端口。PCIE 3.0 x4 port 0 and port 1: dual ports that interface with the host.

存储单元包括以下程序模块,由控制单元运行。The storage unit includes the following program modules, which are run by the control unit.

分区显现模块,分区显现模块用于根据用户的不同身份显现存储装置相应的分区,当用户身份是普通用户时,使存储装置仅显现普通显现分区;当用户身份是授权用户时,使存储装置显现普通显现分区 和隐藏分区,并触发主机端重新扫描存储装置、更新存储装置信息,以允许用户访问和/或操作隐藏分区。Partition display module, the partition display module is used to display the corresponding partition of the storage device according to the different identities of the user, when the user identity is an ordinary user, the storage device only shows the ordinary display partition; when the user identity is an authorized user, the storage device is shown Normally display partitions and hidden partitions, and trigger the host side to rescan storage devices and update storage device information to allow users to access and / or operate hidden partitions.

接口程序模块,接口程序模块(FTL映射层),用于与主机端的操作系统和主机端的主机端存储装置管理工具进行通讯。The interface program module and the interface program module (FTL mapping layer) are used to communicate with the host-side operating system and the host-side storage device management tool.

当用户身份是授权用户时,通过主机端的主机端存储装置管理工具访问存储装置,通过身份验证后,主机端重新扫描存储装置,获得新的设备参数,显现存储装置的普通显现分区和隐藏分区。当普通用户通过主机端访问存储装置或授权用户未通过身份验证时,存储装置仅显现普通显现分区。普通用户可以通过主机端的操作系统访问存储装置,也可通过主机端存储装置管理工具访问存储装置。When the user's identity is an authorized user, the storage device is accessed through the host-side storage device management tool on the host side. After the identity verification, the host side rescans the storage device to obtain new device parameters, showing the normal display partition and hidden partition of the storage device. When an ordinary user accesses the storage device through the host side or the authorized user fails to pass the identity verification, the storage device only displays the ordinary display partition. Ordinary users can access the storage device through the host-side operating system, and can also access the storage device through the host-side storage device management tool.

在存储装置预设普通显现分区和隐藏分区之间的划分比例。存储装置上电初始时,默认状态为仅显现普通显现分区。The storage device presets the division ratio between the ordinary display partition and the hidden partition. When the storage device is initially powered on, the default state is to display only the normal display partition.

系统支持的用户包括普通用户、授权用户,其中授权用户包括一般授权用户和管理员用户,上述用户均可通过主机端安装的主机端存储装置管理工具访问存储装置,也可仅通过主机的操作系统访问存储装置。所说存储装置的普通显现分区和隐藏分区之间两个区域的逻辑隔离是由存储装置的闪存控制器(控制单元)中算法来实现(譬如,可以通过闪存转换层,flash translation layer,or FTL来实现)。Users supported by the system include ordinary users and authorized users. The authorized users include general authorized users and administrator users. The above users can access the storage device through the host-side storage device management tool installed on the host side, or only through the host's operating system Access storage devices. The logical separation of the two areas between the normal display partition and the hidden partition of the storage device is implemented by an algorithm in the flash memory controller (control unit) of the storage device (for example, it can be through a flash conversion layer, flash translation layer, or FTL to fulfill).

基于数字签名算法生成主机端存储装置管理工具与存储装置之间唯一对应的密钥对,并由主机端存储装置管理工具持有私钥,存储装置持有公钥;当用户通过主机端存储装置管理工具的身份验证后,主机端存储装置管理工具根据用户的不同身份,使用对应的私钥对访问命令进行数字签名,通知存储设备显现存储装置相应的分区存储设备,存储装置以对应的公钥对主机端存储装置管理工具的访问命令进 行验证。Generate a unique key pair between the host-side storage device management tool and the storage device based on the digital signature algorithm, and the host-side storage device management tool holds the private key, and the storage device holds the public key; when the user passes the host-side storage device After the identity verification of the management tool, the host-side storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the user, and informs the storage device to reveal the corresponding partitioned storage device of the storage device, and the storage device uses the corresponding public key Verify the access commands of the host-side storage device management tool.

可以通过外设得到用户的物理、生物特征信息,以物理、生物特征信息为种子,基于单向密码散列函数(cryptographic hash)生成私钥;基于数字签名技术,生成与上述私钥对应的公钥,并将该公钥加载到存储设备。所说物理信息包括空间指标、距离、温度、光、声音、湿度、磁力、压强、电场、磁场等;生物特征信息包括声音、气味、颜色、行为、面孔、指纹、掌纹等。You can get the user's physical and biometric information through peripherals. Use the physical and biometric information as seeds to generate a private key based on a one-way cryptographic hash function (cryptographic hash); based on digital signature technology, generate a public key corresponding to the private key Key and load the public key to the storage device. The physical information includes spatial index, distance, temperature, light, sound, humidity, magnetic force, pressure, electric field, magnetic field, etc .; biometric information includes sound, smell, color, behavior, face, fingerprint, palm print, etc.

实施例四:Example 4:

带有隐藏分区的存储装置:Storage device with hidden partition:

当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。When the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device.

当具有管理员权限的授权用户通过主机端存储装置管理工具身份验证后,允许其通过存储装置管理工具发出重新划分存储装置普通显现分区和隐藏分区之间的比例指令,存储装置执行所述重置分区比例命令。When an authorized user with administrator authority passes the identity verification of the host-side storage device management tool, it is allowed to issue a ratio command between the normal display partition and the hidden partition of the storage device through the storage device management tool, and the storage device performs the reset Partition ratio command.

实施例四的其余结构、工作原理同实施三。The remaining structure and working principle of the fourth embodiment are the same as those of the third embodiment.

实施例五:Example 5:

主机端设备:Host device:

包括:include:

一个或多个处理器;One or more processors;

存储单元,用于存储对存储装置进行管理的程序(主机端存储装置管理工具APP);The storage unit is used to store a program for managing the storage device (host side storage device management tool APP);

由一个或多个处理器执行上述的方法。所说存储单元由随机存储器(RAM)、高速缓存存储器和硬盘驱动器组成。The above method is executed by one or more processors. The storage unit is composed of a random access memory (RAM), a cache memory, and a hard disk drive.

本发明并不仅仅限于说明书和实施方式中所描述,因此对于熟悉领域的人员而言可容易地实现另外的优点和修改,故在不背离权利要求及等同范围所限定的一般概念的精神和范围的情况下,本实用新型并不限于特定的细节、代表性的设备和这里示出与描述的图示示例。The present invention is not limited to what is described in the specification and embodiments, so that those skilled in the art can easily realize additional advantages and modifications, so without departing from the spirit and scope of the general concept defined by the claims and equivalent scope In the case of the present invention, the present invention is not limited to specific details, representative equipment, and illustrated examples shown and described herein.

Claims (11)

一种带有隐藏分区的存储方法,其特征在于:将存储装置划分成普通显现分区和隐藏分区;A storage method with a hidden partition, which is characterized in that the storage device is divided into a common display partition and a hidden partition; 普通用户通过主机端访问存储装置时,存储装置仅显现普通显现分区;When ordinary users access the storage device through the host, the storage device only displays the ordinary display partition; 授权用户通过主机端访问存储装置时,存储装置显现普通显现分区和隐藏分区;When an authorized user accesses the storage device through the host, the storage device displays the normal display partition and the hidden partition; 主机端的存储装置管理工具对授权用户进行身份验证,并根据验证通过后的用户身份信息,通知存储设备显现存储装置相应的隐藏分区。The storage device management tool on the host side authenticates the authorized user, and notifies the storage device to reveal the corresponding hidden partition of the storage device according to the authenticated user identity information. 根据权利要求1所述的带有隐藏分区的存储方法,其特征在于:主机端的存储装置管理工具对授权用户进行身份验证,并根据验证后的用户身份信息重新扫描存储装置,更新存储装置信息,以允许用户访问和/或操作相应的隐藏分区。The storage method with a hidden partition according to claim 1, wherein the storage device management tool on the host side authenticates the authorized user, rescans the storage device according to the verified user identity information, and updates the storage device information, To allow users to access and / or operate the corresponding hidden partition. 根据权利要求1所述的带有隐藏分区的存储方法,其特征在于:所述方法是通过软件或固件形式实现的。The storage method with a hidden partition according to claim 1, wherein the method is implemented in the form of software or firmware. 根据权利要求1所述的带有隐藏分区的存储方法,其特征在于:当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。The storage method with a hidden partition according to claim 1, characterized in that when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device. 根据权利要求4所述的带有隐藏分区的存储方法,其特征在于:基于数字签名算法生成主机端存储装置管理工具与存储装置之间唯一对应的密钥对,并由主机端存储装置管理工具持有私钥,存储装置持有公钥;当用户通过主机端存储装置管理工具的身份验证后,主机端存储装置管理工具根据用户的不同身份,使用对应的私钥对访问命令进行数字签名,通知 存储设备显现存储装置相应的分区存储设备,存储装置以对应的公钥对主机端存储装置管理工具的访问命令进行验证。The storage method with hidden partition according to claim 4, characterized in that: a unique key pair between the host-side storage device management tool and the storage device is generated based on the digital signature algorithm, and the host-side storage device management tool Holds the private key, and the storage device holds the public key; after the user passes the identity verification of the host-side storage device management tool, the host-side storage device management tool uses the corresponding private key to digitally sign the access command according to the different identities of the user. The storage device is notified to reveal the corresponding partitioned storage device of the storage device, and the storage device verifies the access command of the host-side storage device management tool with the corresponding public key. 根据权利要求1所述的带有隐藏分区的存储方法,其特征在于:存储装置上电初始时,默认状态为仅显现普通显现分区。The storage method with a hidden partition according to claim 1, wherein when the storage device is initially powered on, the default state is that only the normal display partition is displayed. 一种带有隐藏分区的存储装置,其特征在于,所述存储装置包括:A storage device with a hidden partition, characterized in that the storage device includes: 分区显现模块,分区显现模块用于根据用户的不同身份显现存储装置相应的分区,普通用户通过主机端访问存储装置时,存储装置仅显现普通显现分区;授权用户通过主机端访问存储装置时,存储装置显现普通显现分区和隐藏分区;主机端的存储装置管理工具对授权用户进行身份验证,并根据验证通过后的用户身份信息,通知存储设备显现存储装置相应的隐藏分区。The partition display module is used to display the corresponding partition of the storage device according to the different identities of the user. When the ordinary user accesses the storage device through the host, the storage device displays only the ordinary display partition; when the authorized user accesses the storage device through the host, the storage The device displays the normal display partition and the hidden partition; the storage device management tool on the host side authenticates the authorized user, and notifies the storage device to display the corresponding hidden partition of the storage device according to the user identity information after the verification. 根据权利要求7所述的存储装置,其特征在于:当用户身份是具有管理员权限的授权用户时,允许该用户重新划分存储装置普通显现分区和隐藏分区之间的比例。The storage device according to claim 7, characterized in that when the user identity is an authorized user with administrator authority, the user is allowed to re-divide the ratio between the ordinary display partition and the hidden partition of the storage device. 根据权利要求7或8所述的存储装置,其特征在于:存储装置预设普通显现分区和隐藏分区之间的划分比例。The storage device according to claim 7 or 8, wherein the storage device presets a division ratio between the ordinary display partition and the hidden partition. 根据权利要求9所述的带有隐藏分区的存储装置,其特征在于:存储装置上电初始时,默认状态为仅显现普通显现分区。The storage device with a hidden partition according to claim 9, wherein when the storage device is initially powered on, the default state is that only the normal display partition is displayed. 一种主机端设备,其特征在于:包括:A host-side device, characterized in that it includes: 一个或多个处理器;One or more processors; 存储单元,用于存储对存储装置进行管理的程序;The storage unit is used to store a program for managing the storage device; 由所述一个或多个处理器执行权利要求1至6任何一项所述的方法。The method according to any one of claims 1 to 6 is executed by the one or more processors.
PCT/CN2019/095070 2018-10-26 2019-07-08 Storage method and apparatus having hidden partition, and host device Ceased WO2020082811A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811261721.2 2018-10-26
CN201811261721.2A CN109542340A (en) 2018-10-26 2018-10-26 Storage method, device and device at host machine end with hidden partition

Publications (1)

Publication Number Publication Date
WO2020082811A1 true WO2020082811A1 (en) 2020-04-30

Family

ID=65845356

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/095070 Ceased WO2020082811A1 (en) 2018-10-26 2019-07-08 Storage method and apparatus having hidden partition, and host device

Country Status (2)

Country Link
CN (1) CN109542340A (en)
WO (1) WO2020082811A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109542340A (en) * 2018-10-26 2019-03-29 深圳大普微电子科技有限公司 Storage method, device and device at host machine end with hidden partition

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101308700A (en) * 2008-06-16 2008-11-19 南京金标尺软件有限公司 Divulging secret prevention U disk
CN101908361A (en) * 2010-09-14 2010-12-08 杭州电子科技大学 A U disk private information hiding method
CN102955746A (en) * 2011-08-18 2013-03-06 北京爱国者信息技术有限公司 Read-only mode mobile storage device and data access method thereof
CN105095945A (en) * 2014-05-07 2015-11-25 中兴软创科技股份有限公司 SD card capable of securely storing data
CN109542340A (en) * 2018-10-26 2019-03-29 深圳大普微电子科技有限公司 Storage method, device and device at host machine end with hidden partition

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105740717B (en) * 2016-01-29 2018-11-13 四川效率源信息安全技术股份有限公司 A kind of method and apparatus that electronic data file protection is carried out based on encrypted partition
CN108650271A (en) * 2018-05-17 2018-10-12 深圳大普微电子科技有限公司 A kind of method for managing user right and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101308700A (en) * 2008-06-16 2008-11-19 南京金标尺软件有限公司 Divulging secret prevention U disk
CN101908361A (en) * 2010-09-14 2010-12-08 杭州电子科技大学 A U disk private information hiding method
CN102955746A (en) * 2011-08-18 2013-03-06 北京爱国者信息技术有限公司 Read-only mode mobile storage device and data access method thereof
CN105095945A (en) * 2014-05-07 2015-11-25 中兴软创科技股份有限公司 SD card capable of securely storing data
CN109542340A (en) * 2018-10-26 2019-03-29 深圳大普微电子科技有限公司 Storage method, device and device at host machine end with hidden partition

Also Published As

Publication number Publication date
CN109542340A (en) 2019-03-29

Similar Documents

Publication Publication Date Title
US10650167B2 (en) Trusted computing
US10521595B2 (en) Intelligent storage devices with cryptographic functionality
CN102945355B (en) Fast Data Encipherment strategy based on sector map is deferred to
US9760727B2 (en) Secure host interactions
CN104639516B (en) Identity identifying method, equipment and system
US9948668B2 (en) Secure host communications
US9547773B2 (en) Secure event log management
CN106549750A (en) Computer-implemented method, system using same, and computer program product
KR102695289B1 (en) Module and method for authenticating data transfer between a storage device and a host device
US20240256649A1 (en) Method for implementing virtualized trusted platform module, secure processor and storage medium
CN107908574A (en) The method for security protection of solid-state disk data storage
CN114730342A (en) Data storage device encryption
CN1889426B (en) Method and system for realizing network safety storing and accessing
CN114244565B (en) Key distribution method, device, equipment and storage medium
US20220326975A1 (en) Transparent data reduction in private/public cloud environments for host encrypted data
CN114747177A (en) Data storage device encryption
WO2020082811A1 (en) Storage method and apparatus having hidden partition, and host device
CN106650477A (en) Encryption method and apparatus
CN116578505A (en) Data sharing method, device, equipment and storage medium based on disk encryption
CN107517268A (en) A kind of data manipulation method based on SAN storages, apparatus and system
CN118114315A (en) Method, device, electronic device and system for encryption and decryption processing of mobile storage device
JP2023048659A (en) SYSTEM WITH FILE PROTECTION, METHOD FOR PROTECTING FILES AND PROTECTION PROGRAM FOR FILES
CN116232589A (en) Key management method and device, computer-readable storage medium, electronic device
CN116208320A (en) Method for managing data encryption and decryption keys, method for processing commands and related products

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19877473

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19877473

Country of ref document: EP

Kind code of ref document: A1