| Redundant Arrays of Independent Disks(RAID)technology has the advantages of large capacity,high performance and fault tolerance,which is widely used in various types of storage devices.With the development of storage technology,Solid State Drives(SSDs)have gradually replaced Hard Disk Drives(HDDs)as the member drives of disk arrays.SSD arrays are used for processing of massive storage data,which inevitably generate data security issues.The research on secure storage is particularly important.The SSD array with encryption for designated partition is proposed and designed in this paper,which implements multiple authentication of user identity and encrypted storage of important data.The SSD array is divided into a public partition and a secure partition.The public partition stores normal data,while the secure partition stores encrypted important data.In addition,the secure partition can be hidden.The users can choose the appropriate partition to store data for meeting their needs.The member disk of the array adopts the SSD integrated with a security encryption engine logic module.The SSD controller can encrypt the data of the secure partition in real time.Users can operate the secure partition only after passing identity authentication.Identity authentication modifies the user password authentication method,which encrypts the transmitted password with AES algorithm,effectively preventing illegal interception and theft.The firmware loads different Master Boot Recorders(MBRs)to hide and restore the secure partition of the array.When the firmware is downloaded and updated,the method of download authentication and encrypted transmission improves its security.The work of this paper is carried out under the software RAID environment of Linux system.The scheme adds a data security module to the MD(Multi-Disk)module architecture,which is used to implement the safe storage of data.In the SCSI subsystem,the computer sends the customized security operation command to the device through the SCSI generic(Sg)driver.After the device firmware parsing command,it performs the corresponding operation.Then the system uses the RAID superblock information to obtain the status of the array and the member disks,so as to check the completion of the operation.The array control program implements the management of SSD array by modifying the workflow of MD module.At the end of the paper,functional and performance tests were performed on the SSD array.The tested results show that the SSD array in this paper effectively protects data security and has good performance.The SSD array's function basically achieves the expected goal. |
PDF Full Text Request