具有操作监控的加密移动存储设备软件设计与实现
发布时间:2018-07-05 08:34
本文选题:移动存储 + 操作监控 ; 参考:《南京理工大学》2013年硕士论文
【摘要】:移动存储介质作为数据和信息交换的重要载体,在带给我们便捷的同时也带来了安全隐患。此类设备中的数据很容易因为设备丢失,以及用户非授权的恶意行为而导致信息泄漏或丢失,进而带来重大的损失。因此,保护移动存储设备的数据安全非常重要,已有技术主要着眼于保护存储数据的安全,而对用户的操作监控尤其是离线的操作监控探讨的较少。据此,本论文设计了具有操作监控的可移动存储设备软件系统,主要的研究工作包括: (1)对具有操作监控的(离线的)安全存储设备的总体架构和功能要求进行了设计,并对其中涉及的一些密码基本概念,如AES、HMAC、LRW和Salt等进行了介绍,对(?)Windows系统的过滤驱动技术进行了简介; (2)针对密盘化模块的设计与开发,介绍了整体工作流程、基于鼠标位置的随机数生成方法,以及可实现离线的用户操作监控并满足透明加解密需要的密钥设计,并对密盘的数据格式和相关控制头的安全存储技术进行了分析; (3)针对挂载模块的设计与开发,介绍了用户操作口令的验证过程,虚拟磁盘的开发和挂载,以及过滤驱动的绑定与过滤函数的功能实现,并对磁盘使用的时间控制技术进行了介绍; (4)针对监控模块的设计与开发,介绍了管理员口令的验证过程,用户操作记录的数据结构,以及管理员对用户操作记录的读取和操作记录的导出功能。 论文最后对全文进行了总结,提出了当前软件存在的不足之处,并对下一步的工作进行了展望。
[Abstract]:As an important carrier of data and information exchange, mobile storage media not only brings us convenience, but also brings security risks. The data in this kind of equipment is easy to be leaked or lost because of the loss of the device and the unauthorized malicious behavior of the user. Therefore, it is very important to protect the data security of mobile storage devices. The existing technologies mainly focus on the security of stored data, while the operational monitoring of users, especially off-line operation monitoring, is less discussed. Therefore, a removable storage device software system with operation monitoring is designed in this paper. The main research work includes: (1) the general architecture and functional requirements of the (offline) secure storage devices with operational monitoring are designed, and some basic cryptographic concepts involved in them are also discussed. For example, AESHMACU LRW and Salt are introduced, and the filter driver technology of Windows system is introduced. (2) aiming at the design and development of compact disk module, the whole work flow is introduced, and the method of generating random number based on mouse position is introduced. And the key design which can realize the off-line user operation monitoring and satisfy the need of transparent encryption and decryption, and analyzes the data format of the secret disk and the security storage technology of the relative control head. (3) aiming at the design and development of the mount module, This paper introduces the verification process of user operation password, the development and mounting of virtual disk, the binding of filter driver and the function of filter function, and introduces the time control technology of disk usage. (4) aiming at the design and development of the monitor module, this paper introduces the verification process of the administrator password, the data structure of the user operation record, and the function of the administrator reading the user operation record and exporting the operation record. Finally, the paper summarizes the whole paper, points out the shortcomings of the current software, and looks forward to the next work.
【学位授予单位】:南京理工大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TN929.5;TP333
【参考文献】
相关期刊论文 前10条
1 郎锐 ,张若苏 ,徐金云;VC++编程实现在Windows2000下对磁盘扇区数据的直接读写[J];电脑编程技巧与维护;2004年12期
2 吴世忠;;信息安全风险管理的动态与趋势[J];计算机安全;2007年04期
3 吴伟理;孙杭;;透明加密——一种新的数据加密方式[J];江西测绘;2009年03期
4 何明星,范平志;新一代私钥加密标准AES进展与评述[J];计算机应用研究;2001年10期
5 何明星,林昊;AES算法原理及其实现[J];计算机应用研究;2002年12期
6 汪进奇;;基于虚拟磁盘的数据保护管理系统的设计与实现[J];宁夏机械;2007年04期
7 王红霞,陆塞群;基于HMAC-SHA1算法的消息认证机制[J];山西师范大学学报(自然科学版);2005年01期
8 李清俊;甘萌;;基于虚拟磁盘的文件加密方法[J];计算机工程与设计;2006年15期
9 杨永辉;樊金生;郝U,
本文编号:2099619
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2099619.html