CN103425938B - The folder encryption method of one kind Unix operating system and device - Google Patents
The folder encryption method of one kind Unix operating system and device Download PDFInfo
- Publication number
- CN103425938B CN103425938B CN201310331559.8A CN201310331559A CN103425938B CN 103425938 B CN103425938 B CN 103425938B CN 201310331559 A CN201310331559 A CN 201310331559A CN 103425938 B CN103425938 B CN 103425938B
- Authority
- CN
- China
- Prior art keywords
- encrypted file
- file system
- unix operating
- described encrypted
- carry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 108010039622 Livex Proteins 0.000 claims description 6
- 230000006835 compression Effects 0.000 abstract description 2
- 238000007906 compression Methods 0.000 abstract description 2
- 230000006837 decompression Effects 0.000 abstract description 2
- 230000003068 static effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 4
- 238000005192 partition Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 1
- 238000004804 winding Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses folder encryption method and the device of a kind Unix operating system, at the encrypted file system that encrypted file place directory creating is parameter with encrypted folder name; By the file copy in encrypted file in encrypted file system, and delete encrypted file, create the program bar of the same name with encrypted file; User double-click shortcut icon start encrypted file system open program time, to user input password verify, be proved to be successful rear establishment temp directory, carry encrypted file system is to temp directory.Method and apparatus of the present invention, is encrypted file, and by compression and decompression to encrypted file system, realizes under encrypt file can both be in guard mode under dynamic and static state.
Description
Technical field
The present invention relates to file security technical field, refer to a kind of folder encryption method and device of class Unix operating system especially.
Background technology
At present, along with the widespread use of personal computer, office automation, a hot issue paid close attention to is become to the safety of storage file.Due to the demand of aspect such as to share to file, same file may have multiple people access, increases the possibility of leaking data.
Because the catalogue in existing operating system normally realizes by modes such as indexes, so it is the encryption that Single document and respective type are opened instrument and carried out that common encrypt file stores what adopt, to input password as when compressed file and Word File Open, also the encryption of whole disk or subregion is had to realize, or by the encryption that winding device file realizes, confidentiality is inadequate, therefore, needs a kind of novel folder encryption method or system.
Summary of the invention
In view of this, the object of the invention is to the folder encryption method of proposition one kind Unix operating system, file is encrypted.
The folder encryption method of one kind Unix operating system, comprising: the encrypted file system being parameter with encrypted folder name at encrypted file place directory creating; By the file copy in described encrypted file in described encrypted file system, and delete described encrypted file, create the program bar of the same name with described encrypted file; What described program bar pointed to described encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it; User double-click described shortcut icon start described encrypted file system open program time, to user input password verify, be proved to be successful rear establishment temp directory, encrypted file system described in carry is to described temp directory; Wherein, after encrypted file system carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
According to one embodiment of the method for the invention, further, by in the file copy in described encrypted file to described encrypted file system time, be encrypted existing All Files in described encrypted file, cipher mode comprises: DES algorithm, aes algorithm; When opening encryption folder, the password of user's input is verified.
According to one embodiment of the method for the invention, further, user is obtained when double-clicking the event of shortcut icon, if described encrypted file system is decrypted and by carry, then directly open described encryption folder; If described encrypted file system does not have decrypted, then encrypted file system described in carry, and the password of user's input is verified; If described encrypted file system is decrypted and carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
According to one embodiment of the method for the invention, further, in the physical disk subregion or document image of class UNIX operating system, set up described encrypted file system, described encrypted file system is the transparent encrypted file system adopting EncFS cipher mode.
According to one embodiment of the method for the invention, further, described class Unix operating system comprises: (SuSE) Linux OS; The storage medium of the class Unix operating system of LiveX form is USB flash disk or flash memory, starts class Unix operating system by the USB interface of main frame; Described USB interface is USB2.0 or USB3.0 interface.
The present invention also aims to the file encrypting device of proposition one kind Unix operating system, file is encrypted.
The file encrypting device of one kind Unix operating system, comprising: encrypted file system generation module, for the encrypted file system being parameter with encrypted folder name at encrypted file place directory creating; Encrypt file clip module, for by the file copy in described encrypted file in described encrypted file system, and delete described encrypted file, create the program bar of the same name with described encrypted file; What described program bar pointed to described encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it; Password authentication module, for double-click user described shortcut icon start described encrypted file system open program time, verify the password of user's input, be proved to be successful rear establishment temp directory, encrypted file system described in carry is to described temp directory; Wherein, after encrypted file system carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
According to an embodiment of device of the present invention, further, described encrypt file clip module by the file copy in described encrypted file to described encrypted file system time, be encrypted existing All Files in described encrypted file, cipher mode comprises: DES algorithm, aes algorithm; When opening encryption folder, password authentication module is verified the password that user inputs.
According to an embodiment of device of the present invention, further, described password authentication module obtains user when double-clicking the event of described shortcut icon, if described encrypted file system is decrypted and by carry, then described password authentication module directly opens described encryption folder; If described encrypted file system does not have decrypted, then encrypted file system described in described password authentication module carry, verifies the password of user's input; Wherein, if described encrypted file system decrypted and carry, then in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
According to an embodiment of device of the present invention, further, described encrypted file system generation module sets up described encrypted file system in the physical disk subregion or document image of class UNIX operating system, and described encrypted file system is the transparent encrypted file system adopting EncFS cipher mode.
According to an embodiment of device of the present invention, further, described class Unix operating system comprises: (SuSE) Linux OS; The storage medium of the class Unix operating system of LiveX form is USB flash disk or flash memory, starts class Unix operating system by the USB interface of main frame; Described USB interface is USB2.0 or USB3.0 interface.
As can be seen from above, the folder encryption method of class Unix operating system provided by the invention and device, enable user be encrypted file very intuitively, decryption work.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is an embodiment schematic diagram of the folder encryption method of class Unix operating system of the present invention;
Fig. 2 is an embodiment schematic diagram of the file encrypting device of class Unix operating system of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly understand, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in more detail.
Class Unix system (Unix-like) refers to various traditional Unix system, the such as Solaris of FreeBSD, OpenBSD, SUN company, and the system that various and traditional Unix is similar, such as Minix, Linux, QNX etc., all considerably inherit the characteristic of original UNIX, there are many resemblances, and observe POSIX specification all to a certain extent.
Fig. 1 is an embodiment schematic diagram of the folder encryption method of class Unix operating system of the present invention.As shown in Figure 1:
Step 101, at the encrypted file system that encrypted file place directory creating is parameter with encrypted folder name.
Step 102, by the file copy in encrypted file in encrypted file system, and deletes encrypted file, creates the program bar of the same name with encrypted file.What program bar pointed to encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it.
Step 103, user double-click shortcut icon start encrypted file system open program time, to user input password verify, be proved to be successful rear establishment temp directory, carry encrypted file system is to temp directory.
According to one embodiment of the method for the invention, after encrypted file system carry, in operation system state hurdle or file manager, state is provided to show and unloading operation interface, when clicking unloading operation, unloading encrypted file system.
According to one embodiment of present invention, by the file copy in encrypted file to encrypted file system time, be encrypted All Files existing in encrypted file, cipher mode comprises: DES algorithm, aes algorithm etc.When opening the encryption folder in encrypted file system or encrypted file system, the password of user's input is verified.
According to one embodiment of the method for the invention, obtain user when double-clicking the event of shortcut icon, if encrypted file system is decrypted and by carry, then directly open encryption folder.
If encrypted file system does not have decrypted, then carry encrypted file system, and the password of user's input is verified.
If encrypted file system is decrypted and carry, in operation system state hurdle or file manager, state is provided to show and unloading operation interface, when clicking unloading operation, unloading encrypted file system.
According to one embodiment of present invention, obtain user when double-clicking the event of shortcut icon, if encrypted file system is decrypted and by carry, then directly open encrypted file system.
If encrypted file system does not have decrypted, then carry encrypted file system, and the password of user's input is verified.
According to one embodiment of present invention, a disk partition creates encrypted partition form, file converts to after ciphertext stored in this subregion through kernel device map encrypting module, when using this disk partition, require that input password is verified, use by this subregion just can be opened after checking, encryption device is mapped as virtual logical volume equipment, by this logical volume equipment of carry mode carry using ordinary magnetic disc, create generic file system, access stores content in a conventional way, is transparent encrypted file system.
According to one embodiment of present invention, in the physical disk subregion or document image of class UNIX operating system, set up encrypted file system, encrypted file system is the transparent encrypted file system adopting EncFS cipher mode.
EncFS be one freely increase income based on GPL, the encrypted file system of FUSE rank, can transparent encrypted file, use any catalogue to deposit encrypt file.EncFS runs on the user's space of Linux, uses FUSE kernel module.The file of all this file system of write is all by encrypted.
EncFS provides the encrypted file system of a user class, and each user can be the file system of catalogue or document creation one encryption of controlling oneself, and other users can only see the content after encryption.
According to one embodiment of present invention, class Unix operating system comprises: (SuSE) Linux OS etc.
The storage medium of the class Unix operating system of LiveX form is USB flash disk or flash memory, starts class Unix operating system by the USB interface of main frame.USB interface is USB2.0 or USB3.0 interface.
The operating system of LiveX form, such as LiveCD, referring to just can by the operating system of CD self-starting without the need to installing.
Some Linux release versions are designed to " LiveCD ", namely directly can guide the CD into available linux system.After getting up from CD boot, provide a whole set of operable instrument, wherein have some to be general, have some to be highly special.Owing to taking CD as carrier, common LiveCD except basic operating system, all with application software.
Fig. 2 is an embodiment schematic diagram of the file encrypting device of class Unix operating system of the present invention.As shown in Figure 2, the file encrypting device 21 of class Unix operating system comprises: encrypted file system generation module 211, encrypt file clip module 212, password authentication module 213.
The encrypted file system that encrypted file system generation module 211 is parameter at encrypted file place directory creating with encrypted folder name.
File copy in encrypted file in encrypted file system, and is deleted encrypted file by encrypt file clip module 212, creates the program bar of the same name with encrypted file.What program bar pointed to encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it.
Password authentication module 213 user double-click shortcut icon start encrypted file system open program time, to user input password verify, be proved to be successful rear establishment temp directory, carry encrypted file system is to temp directory.
According to one embodiment of present invention, after encrypted file system carry, in operation system state hurdle or file manager, state is provided to show and unloading operation interface, when clicking unloading operation, unloading encrypted file system.
According to one embodiment of present invention, encrypt file clip module 212 by the file copy in encrypted file to encrypted file system time, be encrypted All Files existing in encrypted file, cipher mode comprises: DES algorithm, aes algorithm etc.
When opening encryption folder, the password of password authentication module 213 pairs of user's inputs is verified.
According to one embodiment of present invention, password authentication module 213 obtains user when double-clicking the event of shortcut icon, if encrypted file system is decrypted and by carry, then directly open encryption folder.
If encrypted file system does not have decrypted, then carry encrypted file system, the password of password authentication module 213 pairs of user's inputs is verified.
According to one embodiment of present invention, if encrypted file system decrypted and carry, then in operation system state hurdle or file manager, state is provided to show and unloading operation interface, when clicking unloading operation, unloading encrypted file system.
According to one embodiment of present invention, encrypted file system generation module 211 sets up encrypted file system in the physical disk subregion or document image of class UNIX operating system, and encrypted file system is the transparent encrypted file system adopting EncFS cipher mode.
The folder encryption method of class Unix operating system of the present invention and device, by the compression and decompression to encrypted file system, realize under encrypt file can both be in guard mode under dynamic and static state.
Method and system of the present invention may be realized in many ways.Such as, any combination by software, hardware, firmware or software, hardware, firmware realizes method and system of the present invention.Said sequence for the step of method is only to be described, and the step of method of the present invention is not limited to above specifically described order, unless specifically stated otherwise.In addition, in certain embodiments, can be also record program in the recording medium by the invention process, these programs comprise the machine readable instructions for realizing according to method of the present invention.Thus, the present invention also covers the recording medium stored for performing the program according to method of the present invention.
Those of ordinary skill in the field are to be understood that: these are only specific embodiments of the invention; be not limited to the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (6)
1. the folder encryption method of a kind Unix operating system, is characterized in that, comprising:
At the encrypted file system that encrypted file place directory creating is parameter with encrypted folder name; In the physical disk subregion or document image of class UNIX operating system, set up described encrypted file system, described encrypted file system is the transparent encrypted file system adopting EncFS cipher mode;
By the file copy in described encrypted file in described encrypted file system, and delete described encrypted file, create the program bar of the same name with described encrypted file; What described program bar pointed to described encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it;
User double-click described shortcut icon start described encrypted file system open program time, to user input password verify, be proved to be successful rear establishment temp directory, encrypted file system described in carry is to described temp directory; Obtain user when double-clicking the event of shortcut icon, if described encrypted file system is decrypted and by carry, then directly open described encryption folder; If described encrypted file system does not have decrypted, then encrypted file system described in carry, and the password of user's input is verified; If described encrypted file system is decrypted and carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system;
Wherein, after encrypted file system carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
2. method according to claim 1, is characterized in that:
By in the file copy in described encrypted file to described encrypted file system time, be encrypted existing All Files in described encrypted file, cipher mode comprises: DES algorithm, aes algorithm;
When opening encryption folder, the password of user's input is verified.
3. method according to claim 1, is characterized in that,
Described class Unix operating system comprises: (SuSE) Linux OS;
The storage medium of the class Unix operating system of LiveX form is USB flash disk or flash memory, starts class Unix operating system by the USB interface of main frame;
Described USB interface is USB2.0 or USB3.0 interface.
4. the file encrypting device of a kind Unix operating system, is characterized in that, comprising:
Encrypted file system generation module, for the encrypted file system being parameter with encrypted folder name at encrypted file place directory creating; Described encrypted file system generation module sets up described encrypted file system in the physical disk subregion or document image of class UNIX operating system, and described encrypted file system is the transparent encrypted file system adopting EncFS cipher mode;
Encrypt file clip module, for by the file copy in described encrypted file in described encrypted file system, and delete described encrypted file, create the program bar of the same name with described encrypted file; What described program bar pointed to described encrypted file system opens program, and transmits the fullpath parameter of current crypto file system to it;
Password authentication module, for double-click user described shortcut icon start described encrypted file system open program time, verify the password of user's input, be proved to be successful rear establishment temp directory, encrypted file system described in carry is to described temp directory;
Described password authentication module obtains user when double-clicking the event of described shortcut icon, if described encrypted file system is decrypted and by carry, then described password authentication module directly opens described encryption folder; If described encrypted file system does not have decrypted, then encrypted file system described in described password authentication module carry, verifies the password of user's input; Wherein, if described encrypted file system decrypted and carry, then in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system;
Wherein, after encrypted file system carry, in operation system state hurdle or file manager, provide state to show and unloading operation interface, when clicking unloading operation, unload described encrypted file system.
5. device according to claim 4, is characterized in that:
Described encrypt file clip module by the file copy in described encrypted file to described encrypted file system time, be encrypted existing All Files in described encrypted file, cipher mode comprises: DES algorithm, aes algorithm;
When opening encryption folder, password authentication module is verified the password that user inputs.
6. device according to claim 4, is characterized in that,
Described class Unix operating system comprises: (SuSE) Linux OS;
The storage medium of the class Unix operating system of LiveX form is USB flash disk or flash memory, starts class Unix operating system by the USB interface of main frame;
Described USB interface is USB2.0 or USB3.0 interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310331559.8A CN103425938B (en) | 2013-08-01 | 2013-08-01 | The folder encryption method of one kind Unix operating system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310331559.8A CN103425938B (en) | 2013-08-01 | 2013-08-01 | The folder encryption method of one kind Unix operating system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103425938A CN103425938A (en) | 2013-12-04 |
| CN103425938B true CN103425938B (en) | 2016-04-27 |
Family
ID=49650658
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310331559.8A Expired - Fee Related CN103425938B (en) | 2013-08-01 | 2013-08-01 | The folder encryption method of one kind Unix operating system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103425938B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104951407B (en) * | 2014-03-24 | 2017-11-28 | 哈尔滨安天科技股份有限公司 | One kind can encrypted U disk and its encryption method |
| CN105373745A (en) * | 2015-11-12 | 2016-03-02 | 深圳市华德安科技有限公司 | Data access control method and device for site enforcement recorder and site enforcement recorder |
| CN109583242A (en) * | 2018-11-22 | 2019-04-05 | 郑州云海信息技术有限公司 | The method and system that fdisk encrypts under a kind of K-UX system |
| CN110213051B (en) * | 2019-06-05 | 2021-11-19 | 郑州信大捷安信息技术股份有限公司 | Encryption and decryption method and system for fine granularity of directory |
| CN113672960A (en) * | 2021-08-26 | 2021-11-19 | 北京中安星云软件技术有限公司 | Database transparent encryption and decryption implementation method and system based on user mode file system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388054A (en) * | 2008-09-22 | 2009-03-18 | 浪潮电子信息产业股份有限公司 | The Method of Using NVRAM to Save Linux Startup Scripts and Configuration Files to Realize System Encryption |
| CN102457567A (en) * | 2010-11-08 | 2012-05-16 | 中标软件有限公司 | Mirror image backup/recovery method and tool for web management mode |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100463842B1 (en) * | 2001-12-27 | 2004-12-29 | 한국전자통신연구원 | Apparatus for managing key in afile security system and method for managing security key |
| MY151312A (en) * | 2010-10-20 | 2014-05-15 | Mimos Berhad | A method and system for file encryption and decryption in a server |
-
2013
- 2013-08-01 CN CN201310331559.8A patent/CN103425938B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388054A (en) * | 2008-09-22 | 2009-03-18 | 浪潮电子信息产业股份有限公司 | The Method of Using NVRAM to Save Linux Startup Scripts and Configuration Files to Realize System Encryption |
| CN102457567A (en) * | 2010-11-08 | 2012-05-16 | 中标软件有限公司 | Mirror image backup/recovery method and tool for web management mode |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103425938A (en) | 2013-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6061171B1 (en) | Computer program, secret management method and system | |
| US9473297B2 (en) | Achieving storage efficiency in presence of end-to-end encryption using downstream decrypters | |
| CN103825953B (en) | A kind of user model encrypted file system | |
| US10824571B1 (en) | Separate cryptographic keys for protecting different operations on data | |
| EP2874151B1 (en) | Method and apparatus for controlling access to encrypted data | |
| US20110252233A1 (en) | System and method for backing up and restoring files encrypted with file-level content protection | |
| CN103745162B (en) | A kind of secure network file storage system | |
| KR20080095866A (en) | Computer session management device and system | |
| CN103425938B (en) | The folder encryption method of one kind Unix operating system and device | |
| CN103488954B (en) | A kind of file encryption system | |
| CN101719209B (en) | General digital rights protection method on WINDOWS platform | |
| CN109325355A (en) | Mobile terminal data method for secure storing based on virtual disk | |
| JP2008123049A (en) | Automatic file decryption and encryption system, its method, and program | |
| WO2023071990A1 (en) | Privacy protection method and system | |
| CN103605934B (en) | Protection method and device for executable files | |
| CN104361297A (en) | File encryption and decryption method based on Linux operating system | |
| JP7527539B2 (en) | Electronic data management method, electronic data management device, program therefor, and recording medium | |
| KR20160146623A (en) | A Method for securing contents in mobile environment, Recording medium for storing the method, and Security sytem for mobile terminal | |
| CN102467625B (en) | Data protection method, device and system | |
| Deshmukh et al. | Providing data security on cell phones | |
| JP2006164096A (en) | Encrypted data access control method | |
| KR102305680B1 (en) | System for storing security information using a plurality of storages | |
| CN103530532A (en) | File encryption method and system | |
| TWI263432B (en) | Data security method for storage apparatus and storage media and electronic device | |
| KR101703847B1 (en) | A Method for securing contents in mobile environment, Recording medium for storing the method, and Security sytem for mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160427 Termination date: 20160801 |