Hard Drive Security Access Control And Realization

With the development of information and network technology and their extensive application, information is seen as an extremely valuable commodity. Unfortunately, the flip side of the increasing value of confidential data is additional risk. How to keep information in secure is becoming a concern waiting to be solved. As bulk storage, hard disk is major equipment storing a lot of critical enterprise and personal information, so the protection of data stored on hard disk is the key part of information security.In this paper, we study the techniques for reliable access to hard disk data, and show a trusted disk architecture, which can be used to implement a range of valuable storage-security services, such as identification authentication, data encryption, and access control. Besides storing, the system has the following security services:1) GPS position authentication, When the system starts to run, it authenticates itself with the device's location parameter, which can be gotten by using GPS. If the disk is in trusted status, the system loads the common partition; 2) IC-based authentication, only the users who have IC card can access the trusted partition, and later the system maintains an enforcement mechanism to mediate all accesses according to more information stored on the IC card; 3) Data encryption, the disk data is encrypted by symmetric cryptographic technology to protect its confidentiality, using encryption algorithm called SMS4, which is provided by Functionality and Interface Specification of Cryptographic Support Platform for Trusted Computing. The data saved on disk is cryptograph, so the data got by abnormal means is useless, besides encryption key is stored in a safe memory chip, which makes encryption system more secure.In this paper, we describe our current efforts to realize the storage model, considering a number of related works, referring to TCG Storage Architecture Core Specification and Self-securing storage technology. According to the test result, the system achieved the transparent data encryption and user authentication.