| With the development of information storage technology, hard disk has become the main method to save data. Recently, there are so many cases of data leaked which is caused by disk lost, stolen or unauthorized access,they are the main part of disk information leakage. So it is the focus of the research that how to ensure security of disk data when the computer is powered off.On the basis of the design requirement of disk encryption system, some key technology is provided, analysis by synthesis to the technology, the overall framework of the disk encryption system is introduced, according to the framework of disk encryption system, the start-up process of windows base on disk encryption system is provided. The security of the key is foundation of the security of disk encryption system,in order to guarantee the security key access method, the pre-boot authentication mode is designed, identity authentication process of the disk encryption system based on PBA is provided. In the aspect of key management, Usbkey is used to separate the key and the encryption data. On the basis of requirement of enterprise's environment, a multistage key management system based on Usbkey designed. In the aspect of designing filter drive, filter drivers level of disk encryption system determines encryption level of disk data, In order to intercept all the disk operating, disk encryption and decryption filter drives is designed and implemented, all the data which is written or read to the disk is encrypted dynamically.The focuses of research are the designing and realizing of disk filter drive and Key management. The overall framework of the disk encryption system is introduced in the beginning, On the basis of the overall framework of the disk encryption system; disk filter drive and Key management are designed, but they are just the local design, without the support of the whole system, the design has One-sidedness defects. So I hope to make the design more and more comprehensive in the late work. |
PDF Full Text Request