可信加密磁盘的设计与应用

发布时间：2018-05-05 01:48

本文选题：虚拟磁盘 + 透明加解密　；参考：《北京工业大学》2013年硕士论文

【摘要】：随着信息技术突飞猛进的发展和电脑的广泛普及，使得信息安全越来越受到人们重视。目前，针对信息的保护主要依赖于系统的安全和网络的安全。本文主要是针对系统中文件的安全进行探讨，而目前信息大都是以文件的形式存放于计算机，如何设计一个系统能够加强对文件资源的有效保护，成为我们研究的重点内容。信息时代的一个重要特征就是大量的数据都以电子化的形式存储在各种设施中。磁盘存储设备是计算机的主要数据存储设备，存储着大量的机密信息和重要数据的磁盘，，由于遗失、被盗或者被非法访问磁盘存储设备而引起的机密信息和重要数据的泄漏，导致政府、企业和个人遭受了巨大的损失。本文分析了磁盘加密软件TrueCrypt，分析了其透明加解密的原理，同时本文还分析了可信计算的基本思想，在基于虚拟磁盘管理技术及透明加解密磁盘软件TrueCrypt的基础上，结合可信计算的基本思想，利用USBKey作为可信度量根，设计了采用USBKey的可信磁盘加密系统。通过使用USBKey作为可信度量根实现加密磁盘的可信性。在数据安全性方面，对于数据磁盘，选择在文件驱动层次开发上层过滤驱动加解密程序。在这个层次对数据进行加解密，既不需要考虑物理磁盘的分布情况，也不需要关心上层文件的信息，还可以兼顾磁盘的需求，简单便捷地实现对数据磁盘的全盘加密。加密技术是解决存储设备数据泄露题最直接、最有效的技术。磁盘以其体积小、容量大、速度快等特点成为了主流数据存储设备，因此，磁盘加密从进入二十一世纪以来就成为了信息安全行业研究的热点。本课题的研究成果，对促进信息化发展，提高信息安全水平都将起到积极的作用。
[Abstract]:With the rapid development of information technology and the wide spread of computers, people pay more and more attention to information security. At present, the protection of information mainly depends on the security of the system and the security of the network. This paper mainly discusses the security of files in the system, but at present, most of the information is stored in the form of files in the computer. How to design a system to enhance the effective protection of file resources has become the focus of our research. An important feature of the information age is that a large number of data are stored electronically in various facilities. Disk storage device is the main data storage device of computer, which stores a large amount of confidential information and important data, and leaks the confidential information and important data caused by the loss, theft or illegal access to the disk storage device. As a result, governments, businesses and individuals have suffered enormous losses. This paper analyzes the disk encryption software TrueCryptand the principle of transparent encryption and decryption. At the same time, this paper also analyzes the basic idea of trusted computing, based on virtual disk management technology and transparent encryption and decryption disk software TrueCrypt. Combined with the basic idea of trusted computing, a trusted disk encryption system based on USBKey is designed by using USBKey as the confidence root. The creditability of the encrypted disk is realized by using USBKey as the confidence root. In the aspect of data security, for data disk, we choose to develop the upper layer filter driver encryption and decryption program at the file driver level. In order to encrypt and decrypt the data at this level, we do not need to consider the distribution of the physical disk or the information of the upper file. We can also give consideration to the demand of the disk and realize the complete encryption of the data disk simply and conveniently. Encryption technology is the most direct and effective technology to solve the data leakage problem of storage devices. Disk has become the mainstream data storage device because of its small size, large capacity and fast speed. Therefore, disk encryption has become a hot topic in the information security industry since it entered the 21 century. The research results of this subject will play a positive role in promoting the development of information technology and improving the level of information security.
【学位授予单位】：北京工业大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP309;TP333

【参考文献】