CN102609371B - System protecting method based on data security - Google Patents
System protecting method based on data security Download PDFInfo
- Publication number
- CN102609371B CN102609371B CN201210034683.3A CN201210034683A CN102609371B CN 102609371 B CN102609371 B CN 102609371B CN 201210034683 A CN201210034683 A CN 201210034683A CN 102609371 B CN102609371 B CN 102609371B
- Authority
- CN
- China
- Prior art keywords
- sector
- data
- block
- piece
- labeled
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a system protecting method based on data security, which relates to the field of program control of computers. The system protecting method includes steps: analyzing effective data of a partition of a system, building a data flow of effective data bits of a sector, dividing the sector in the partition of the hard disk system into a plurality of sector blocks, and building a sector block protecting state data flow according to the data flow of the effective data bits of the sector; intersecting write operation of the partition of the system, inquiring the sector block protecting state data flow, copying original data into a free block if the current sector block to be written is a protected block, recording copying information, marking the free block as a buffering block, marking the sector block to be written as a copied block and then completing write operation; and finding back a file before the system is restored when the system is severely damaged and cannot be guided and the partition of the system has important data files, and directly restoring the system if the system is not severely damaged and the partition of the system does not have the important data files. By the aid of the system protecting method, security of data of users can be guaranteed, loss of the data of the users can be avoided, restoring speed is fast, and influence on writing and reading of a hard disk is low.
Description
Technical field
The present invention relates to the programmed control field of computing machine, particularly relate to a kind of system protection method based on data security.
Background technology
First the technical term relating in literary composition is made an explanation:
NTFS:New Technology File System is the file system of WindowsNT operating environment and Windows NT advanced server network operating system environment.
FAT32:File Allocation Table 32, is the one of Windows system disk zoned format, and this form adopts the file allocation table of 32.
Interrupt for No. 13H: be that the disk read-write using in booting operating system process interrupts.
Data stream: be one section of binary data, use n bit representation certain sense (n > 0, n is integer).
Bit data stream: be step-by-step active data stream, the specific meaning of every bit representation.
Windows PE:Windows PreInstallation Environment, Windows WindowsPE, is the minimum Win32 subsystem with limited service, based on the Windows XP Professional kernel with protected mode operation.
GHOST:General Hardware Oriented System Transfer, towards universal hardware system forwarder, is the hard disk backup reduction instrument under Symantec Corporation of the U.S..
For the safety of protection calculation machine system, general approach has following two kinds:
(1) analyze the valid data of subregion of needing protection; and after being compressed, valid data backup in a hidden partition or file; when partition data destroyed; for example, while destroyed by virus; by by the data decompression of backup, return to protected subregion, to recover the data of subregion; if the subregion backing up is system partitioning, can reach the object of system protection.This way of realization is taking GHOST software as representative.
(2) write operation of monitoring to hard disk, is all mapped in the buffer zone of opening up in advance the write operation in the valid data district to hard disk, to reach the object of protection valid data, for the later stage does restoring operation and prepares.Partial reduction software and protection card are to adopt the object that reaches in this way system protection.
The relative merits of above-mentioned two kinds of methods are as follows:
The advantage of first method is: ensureing on the basis of secure user data, do not need the write operation of supervisory system to hard disk, can not have any impact to the travelling speed of custom system, and data can backup to miscellaneous equipment, for example, on portable hard drive or USB flash disk.Shortcoming is: not only need to take larger space and back up the valid data in subregion, and in the time realizing backup and recover, all need to take the longer time.
The advantage of second method is: while carrying out recovery operation, without data are moved, speed is very fast.Shortcoming is: in the time that valid data are carried out to write operation, the up-to-date data that write are always mapped in other hard disk areas, in the time occurring that mapping relations are lost, will cause user data forever to lose, and cannot reduce.
Summary of the invention
The object of the invention is the deficiency in order to overcome above-mentioned background technology; a kind of system protection method based on data security is provided; no matter wreck or when mapping relations are lost in system; can not cause the loss of user data; ensure the safety of user data; and reduction speed, also less on the read-write impact of hard disk.
System protection method based on data security provided by the invention, comprise the following steps: the valid data of S1, analysis hard-disk system subregion, set up sector valid data bit data stream, sector in fdisk is divided into some sectors piece, set up sector block protection status data stream according to sector valid data bit data stream, sector, place, the sector piece that is labeled as valid data in the valid data bit data stream of sector is labeled as to protected, and all the other are labeled as free block, S2, tackle all write operations to hard disk, when intercept system partitioning write operation time, inquiry sector block protection status data stream, if sector, place, current sector to be written piece is protected, find according to sector block protection status data stream the sector piece that is labeled as free block, read the data of current sector to be written piece from hard disk, these data are backuped in free block, record the backup information of these data, and revise sector block protection status data and flow, this free block is labeled as to buffer stopper, sector to be written piece is labeled as and is backed up piece, then complete the write operation to sector to be written piece, S3, wreck when protected computer operating system, while causing system to guide, if having significant data file in system partitioning need to give for change, articulate as the system vectoring computer from dish from other hard disk from Windows PE vectoring computer or by hard disk, first by the data Replica on hard disk to other storage mediums, and then restoring system, if do not have data to give for change, direct-reduction system, according to the state of sector piece and the data backup information of record of record in sector block protection status data stream, re-writes the original present position of data by Backup Data.
In technique scheme, the valid data bit data stream of sector described in step S1 is one and is used for representing whether the sector in fdisk comprises the bit data stream of valid data, 1 byte=8,1 bit representation 1 sector.
In technique scheme, if sector comprises valid data, correspondence position is labeled as to 1; Otherwise be labeled as 0.
In technique scheme, in step S1, be that a sector piece carries out piecemeal by the An Mei128 sector, sector in fdisk.
In technique scheme, backup information described in step S2 refers to which sector piece is former data be backed up to.
In technique scheme, while carrying out restoring operation in step S3, if judge and be labeled as protected, buffer stopper or free block in Kuai sector, sector block protection status data stream, do not process; If be labeled as and be backed up piece in Kuai sector, sector block protection status data stream,, according to the backup information of record, the data of backup are re-write to the original residing hard disk of data position.
In technique scheme, further comprising the steps of after step S3: to re-establish sector block protection status data stream according to step S1, and remove all backup informations that record in step S2, state when fdisk data are returned to software installation.
In technique scheme, when interception is to the write operation of system disk in step S2, by articulating 13H interrupt vector and hard disk filtration drive being installed, realize the interception to system disk write operation.
In technique scheme, the file system of described fdisk is NTFS or FAT32.
Compared with prior art, advantage of the present invention is as follows:
(1) the present invention can ensure the safety of user data, when system wrecks or the backup information that records is lost the loss that can not cause user data.
(2) when restoring system of the present invention; the sector piece only changing for system recovers, and in ensureing secure user data, has improved greatly the speed of system reducing; read-write impact on hard disk is less, compares traditional system protection software and has obvious superiority.
Brief description of the drawings
Fig. 1 is the process flow diagram of system protection method in the embodiment of the present invention.
Embodiment
Below in conjunction with drawings and Examples, the present invention is described in further detail.
System protection method based on data security shown in Figure 1, the embodiment of the present invention provides, comprises the following steps:
Step 101: the valid data of analytic system subregion, set up sector valid data bit data stream, sector valid data bit data stream is one and is used for representing whether sector, fdisk is the data stream of valid data, 1 byte=8, wherein every 1 bit representation 1 sector, if sector is valid data, correspondence position is labeled as to 1; Otherwise be labeled as 0.
Step 102: in order to improve running efficiency of system, be that a sector piece carries out piecemeal to the An Mei128 sector, sector in fdisk, 0~127 sector in subregion is a sector piece, and 128~255 sectors are a sector piece, and the rest may be inferred afterwards.
According to the sector valid data bit data stream of setting up in step 101, set up sector block protection status data stream, sector block protection status data stream is a data stream that records all sectors block protection state, the guard mode of sector piece comprises protected state, idle condition, buffer status and be backed up state, these sector pieces are known as respectively protected according to state, free block, buffer stopper and be backed up piece, the sector piece that is wherein labeled as the place, sector of valid data in sector valid data bit data stream is all labeled as protected, other sector piece is all labeled as free block.
Step 103: tackle all write operations to hard disk, when intercept system partitioning write operation time, inquiry sector block protection status data stream, if the sector piece at place, current sector to be written is marked as protected, find according to sector block protection status data stream the sector piece that is labeled as free block, read the data of current sector to be written piece from hard disk, and back up data in the free block finding, the backup information of record data, be which sector piece is former data be backed up to, and revise sector block protection status data stream: this free block is labeled as to buffer stopper, sector to be written piece is labeled as and is backed up piece, then complete the amendment to sector to be written piece.
Step 104: when protected computer operating system wrecks, while causing system to guide, if having significant data file in system partitioning need to give for change, articulate as the system vectoring computer from dish from other hard disk from Windows PE vectoring computer or by hard disk, first by the data Replica on hard disk to other storage mediums, and then restoring system; If do not have data to give for change, direct-reduction system, according to the state of sector piece and the data backup information of record of record in sector block protection status data stream, re-writes the original present position of data by Backup Data.
Step 105: in the time carrying out restoring operation, according to various states and the data backup information of record in sector block protection status data stream, if be labeled as protected, buffer stopper or free block in Kuai sector, sector block protection status data stream, do not need to process; If be labeled as and be backed up piece in Kuai sector, sector block protection status data stream; according to the backup information of record; the data that backed up are re-write to the original residing hard disk of data position; finally re-establish sector block protection status data stream according to step 101 and 102; and remove all data backup information recording in step 103, state fdisk data can be returned to software installation time.
The fdisk file system of supporting in the embodiment of the present invention is NTFS or FAT32.
The system partitioning that hypothesis will be protected is below C dish, and the file system of subregion is NTFS, realizes the protection to C dish by following step.
(1) set up the sector valid data bit data stream of C dish subregion.Analyze new technology file system, find NTFS bunch to take file, and obtain every bunch of sector number comprising, bunch taking file is to represent bunch bit data stream whether taking, according to bunch taking file and every bunch of sector number comprising, can Rapid Establishment sector valid data bit data stream.
(2) set up C dish sector block protection mode bit data stream.Piecemeal is carried out by 128 sectors in all sectors to C dish: the 0-127 sector in subregion is a piece, and 128-255 sector is a piece, afterwards the like.The sector piece that is labeled as the place, sector of valid data in the valid data bit data stream of sector is all labeled as to protected, and other sector piece is all labeled as free block, can set up the sector block protection bit data stream of C dish.
(3) tackle all hard disk operation of writing to C dish: by articulating 13H interrupt vector and hard disk filtration drive being installed, to reach the object of intercepting and capturing C dish read-write operation.In the time intercepting the write operation that C is coiled, inquiry C dish sector block protection status data stream, if the sector piece at the place, sector being modified current is marked as protected, find according to C dish sector block protection status data stream the sector piece that is labeled as free block, read the data of the current sector piece that is just being modified data from hard disk, and these data are backuped in the free block finding above, the backup information of record data, be which sector piece is former data be backed up to, and revise C dish sector block protection status data stream: this free block is labeled as to buffer stopper, the sector piece of revising is labeled as and is backed up piece, then complete the amendment to being backed up piece.
(4) when C dish data wreck, while causing system to guide, if there is significant data file to give for change, can use after other system vectoring computer, first by the data Replica on hard disk to other storage mediums, and then restoring system.If do not have data to give for change, can direct-reduction system.
(5) C dish is destroyed, and C dish is carried out to restoring operation.Carrying out when restoring operation, according to various states and the data backup information of record in the block protection status data stream of C dish sector, if be labeled as protected, buffer stopper or free block in Kuai sector, sector block protection status data stream, do not need to process; If be labeled as and be backed up piece in Kuai sector, sector block protection status data stream; according to the data backup information of record; the data of backup are re-write to the original residing hard disk of data position; finally re-establish C dish sector block protection status data stream according to step (1) (2); and remove all data backup information of record in step (3), C can be coiled to the state of data when returning to software and installing.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the present invention the present invention.Like this, if these amendments of the present invention and within modification belongs to the scope of the claims in the present invention and equivalent technologies thereof, the present invention is also intended to comprise these changes and modification interior.The content not being described in detail in this instructions belongs to the known prior art of professional and technical personnel in the field.
Claims (7)
1. the system protection method based on data security, is characterized in that comprising step:
The valid data of S1, analysis hard-disk system subregion, set up sector valid data bit data stream, be a sector piece by every 128 sectors, sector in fdisk is divided into some sectors piece, set up sector block protection status data stream according to sector valid data bit data stream, sector, place, the sector piece that is labeled as valid data in the valid data bit data stream of sector is labeled as to protected, and all the other are labeled as free block;
S2, tackle all write operations to hard disk, when intercept hard-disk system subregion write operation time, inquiry sector block protection status data stream, if sector, place, current sector to be written piece is protected, find according to sector block protection status data stream the sector piece that is labeled as free block, read the data of current sector to be written piece from hard disk, these data are backuped in free block, record the backup information of these data, described backup information refers to which sector piece is former data be backed up to, and revise sector block protection status data and flow, this free block is labeled as to buffer stopper, sector to be written piece is labeled as and is backed up piece, then complete the write operation to sector to be written piece,
S3, wreck when protected computer operating system, while causing system to guide, if having significant data file in system partitioning need to give for change, articulate as the system vectoring computer from dish from other hard disk from Windows PE vectoring computer or by hard disk, first by the data Replica on hard disk to other storage mediums, and then restoring system; If do not have data to give for change, direct-reduction system, according to the state of sector piece and the data backup information of record of record in sector block protection status data stream, re-writes the original present position of data by Backup Data.
2. the system protection method based on data security as claimed in claim 1; it is characterized in that: the valid data bit data stream of sector described in step S1 is one and is used for representing whether the sector in fdisk comprises the bit data stream of valid data; 1 byte=8,1 bit representation 1 sector.
3. the system protection method based on data security as claimed in claim 2, is characterized in that: if sector comprises valid data, correspondence position is labeled as to 1; Otherwise be labeled as 0.
4. the system protection method based on data security as claimed in claim 1, it is characterized in that: while carrying out restoring operation in step S3, if judge and be labeled as protected, buffer stopper or free block in Kuai sector, sector block protection status data stream, do not process; If be labeled as and be backed up piece in Kuai sector, sector block protection status data stream,, according to the backup information of record, the data of backup are re-write to the original residing hard disk of data position.
5. the system protection method based on data security as claimed in claim 4; it is characterized in that: further comprising the steps of after step S3: re-establish sector block protection status data stream according to step S1; and all backup informations that record in removing step S2, state when fdisk data are returned to software installation.
6. the system protection method based on data security as claimed in claim 1; it is characterized in that: when in step S2, interception is to the write operation of system partitioning; by articulating 13H interrupt vector and hard disk filtration drive being installed, realize the interception to system partitioning write operation.
7. the system protection method based on data security as described in any one in claim 1 to 6, is characterized in that: the file system of described fdisk is NTFS or FAT32.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210034683.3A CN102609371B (en) | 2012-02-16 | 2012-02-16 | System protecting method based on data security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210034683.3A CN102609371B (en) | 2012-02-16 | 2012-02-16 | System protecting method based on data security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102609371A CN102609371A (en) | 2012-07-25 |
| CN102609371B true CN102609371B (en) | 2014-12-03 |
Family
ID=46526761
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210034683.3A Active CN102609371B (en) | 2012-02-16 | 2012-02-16 | System protecting method based on data security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102609371B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102841943B (en) * | 2012-08-24 | 2015-07-08 | 上海泰宇信息技术有限公司 | Data safety supervision early warning and backup strategy system and method |
| CN102880530B (en) * | 2012-09-25 | 2016-04-06 | 东莞宇龙通信科技有限公司 | Terminal and terminal backup and restoration methods |
| CN105930279A (en) * | 2016-04-15 | 2016-09-07 | 杭州华三通信技术有限公司 | Disk space detection method and apparatus |
| CN111726377B (en) * | 2019-03-19 | 2023-05-26 | 百度在线网络技术(北京)有限公司 | Public cloud-based data processing method and device |
| CN111240893B (en) * | 2019-12-26 | 2023-07-18 | 曙光信息产业(北京)有限公司 | Backup and restore management method and system based on data stream slicing technology |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1109979C (en) * | 1999-01-12 | 2003-05-28 | 李增胜 | Method for quick protection and recovery for hard disc data of computer |
| US7370165B2 (en) * | 2000-12-29 | 2008-05-06 | Valt.X Technologies Inc. | Apparatus and method for protecting data recording on a storage medium |
| CN101241454B (en) * | 2007-02-09 | 2010-07-28 | 武汉回归科技有限公司 | Novel system protection and rapid restoration accomplishing method |
| CN101763295B (en) * | 2009-12-28 | 2012-05-30 | 北京握奇数据***有限公司 | Data backup method, data backup device, backup item erasing method, backup item erasing device, data recovery method and data recovery device |
-
2012
- 2012-02-16 CN CN201210034683.3A patent/CN102609371B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN102609371A (en) | 2012-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11586734B2 (en) | Systems and methods for protecting SSDs against threats | |
| US9690666B1 (en) | Incremental backup operations in a transactional file system | |
| US10235060B1 (en) | Multilevel snapshot replication for hot and cold regions of a storage system | |
| US8990164B1 (en) | Systems and methods for performing incremental backups | |
| CN103019888B (en) | Backup method and device | |
| US8176104B2 (en) | Space recovery with storage management coupled with a deduplicating storage system | |
| CN102012852B (en) | Method for implementing incremental snapshots-on-write | |
| US8200926B1 (en) | Methods and systems for creating full backups | |
| US20110258404A1 (en) | Method and apparatus to manage groups for deduplication | |
| US8621165B1 (en) | Method and apparatus for providing a volume image backup of selected objects | |
| CN104360914B (en) | Incremental snapshot method and apparatus | |
| CN102609371B (en) | System protecting method based on data security | |
| US10467102B1 (en) | I/O score-based hybrid replication in a storage system | |
| WO2017173623A1 (en) | Method and storage device for processing stripes in storage device | |
| US20160371150A1 (en) | Head start population of an image backup | |
| CN103605588A (en) | Disk backup method of virtue machine | |
| CN106886370B (en) | data safe deletion method and system based on SSD (solid State disk) deduplication technology | |
| CN104077380A (en) | Method and device for deleting duplicated data and system | |
| Zou et al. | The dilemma between deduplication and locality: Can both be achieved? | |
| CN106294007B (en) | Data recovery method and device | |
| CN104461685A (en) | Virtual machine processing method and virtual computer system | |
| WO2021082422A1 (en) | Compatibility processing method, system and device for space reclamation of storage system | |
| CN103034592A (en) | Data processing method and device | |
| US8549223B1 (en) | Systems and methods for reclaiming storage space on striped volumes | |
| CN107315661B (en) | Deleted file recovery method and device for cluster file system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: WUHAN AOYI CLOUD COMPUTING CO., LTD. Free format text: FORMER OWNER: WUHAN OS-EASY TECHNOLOGY CO., LTD. Effective date: 20150211 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 430074 WUHAN, HUBEI PROVINCE TO: 430000 WUHAN, HUBEI PROVINCE |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20150211 Address after: 430000 Hubei city of Wuhan Province, East Lake New Technology Development Zone, Optics Valley Road No. 465 building 17 room 1701 creative Patentee after: WUHAN OS-EASY CLOUD COMPUTING CO., LTD. Address before: 7 building, 6 building, Optics Valley Pioneer Street, East Lake Development Zone, Wuhan, Hubei, 430074 Patentee before: Wuhan Os-easy Technology Co., Ltd. |
|
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 430000 Hubei city of Wuhan Province, East Lake New Technology Development Zone, Optics Valley Road No. 465 building 17 room 1701 creative Patentee after: WUHAN OS-EASY CLOUD COMPUTING CO., LTD. Address before: Optics Valley creative building No. 465 430000 Guanshan Wuhan East Lake New Technology Development Zone, Hubei Province Road 17 room 1701 Patentee before: WUHAN OS-EASY CLOUD COMPUTING CO., LTD. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: System protection method based on data security Effective date of registration: 20210628 Granted publication date: 20141203 Pledgee: Bank of Communications Ltd. Wuhan fruit Lake Branch Pledgor: WUHAN OS-EASY CLOUD COMPUTING Co.,Ltd. Registration number: Y2020980002830 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |