摘要
计算机和通信的结合带来了信息社会高速发展的契机。人们在享受信息化的便利的同时,也面临着信息安全的严峻考验。信息安全不仅关系到个人隐私能否得以保障,还关系到国家安全和利益。作为信息系统数据存储的主要设备,硬盘被广泛应用于各种信息产品中,而硬盘加密卡则是被设计用来在物理层上,以FPGA硬件方式实现对IDE总线上传输数据加解密操作的硬盘数据保护设备。
本文重点介绍了基于Nios嵌入式处理器的SOC系统的软/硬件混合设计方法,IDE硬盘接口的工作原理、协议、读写时序,以及数据加密的基本原理。在此基础之上,进行了如下研究工作:1)提出基于Nios系统的硬盘加密卡的总体设计方案、2)完成基于Ultra DMA和PIO传输模式的IDE硬盘接口设计、3)硬盘加密卡加密原理和密钥管理方案。最终通过软硬混合设计实现了支持Ultra DMA高速数据传输方式的硬盘加密卡的设计。
The combination of Computer and Communication has provided the opportunity that information society develops at full speed in the whole world. However, everyone should face austere situation of the information security, while we enjoy enormous benefit that the information system brings. Information security not only concerns the personal privacy, but also the national security and benefit. Hard disk, which is the irreplaceable information device to store data, has been widely used in many kinds of information products. Hard disk encryption card, which is based on FPGA and could encrypt the data transmitted on IDE data bus, is a physical layer device used to protect the data stored in hard disk.
This paper particularly introduces a hardware/software co-design methodology which is based on Nios Embedded Processor; work principle, protocol, timing of IDE interface Hard Disk; and the principle of data encryption. And propose the design schemes as follow:
1) System design scheme of hard disk encryption card which is based on Nios embedded system.
2) IDE interface which could support Ultra DMA and PIO transfer mode.
3) Encryption principle of hard disk encryption card and Key management scheme.
引文
[1] Harold F. Tipton, Micki Krause. Information Security Management Handbook (volume Ⅰ) Fourth Edition, 2004-6
[2] Harold F. Tipton, Micki Krause. Information Security Management Handbook (volume Ⅱ) Fourth Edition, 2004-6
[3] Harold F. Tipton, Micki Krause. Information Security Management Handbook (volume Ⅲ) Fourth Edition, 2004-6
[4] 周学广,刘艺.信息安全学.机械工业出版设.2003-3
[5] Christopher Alberts, Audrey Dorofee. Managing Information Security Risk: The OCTAVE~(SM) Approach.北京:清华大学出版社.2003-9
[6] Jaehong Park, Ravi Sandhu, James Schifalacqua. Security Architectures for Controlled Digital Information Dissemination. Computer Security Application 2000 ACSAC'00 16th Annual Conference. 2000-11
[7] Lee Davis. Profiting form Innovations in Digital Information Goods: The Role of Intellectual Property Rights. Management of Engineering and Technology 2001 PICMET' 01 Portland Intemational Conference on Volume Supplement. 2001-8
[8] Su-Shing Chen. The Paradox of Digital Preservation. Computer Volume 34, Issue 3. 2001-3
[9] 周恒,罗斯青.SOPC—基于FPGA的SOC设计策略,山西电子技术,2003-1
[10] 刘达,龚建荣.系统可编程芯片(SOPC)设计思想与开发策略.现代电子技术.2002-11 -1-4
[11] 任爱锋,初秀琴,常存等.基于FPGA的嵌入式系统设计[M].西安:西安电子科技大学出版社,2004.
[12] 徐宁仪,周祖成.Avalon总线与SOPC系统构架实例[J].半导体技术,2003,28(2)17-20.
[13] 夏宇闻.复杂数字电路与系统的Verilog HDL设计技术.北京:北京航空航天大学出版社.1998
[14] 王田苗.嵌入式系统设计与实例开发——基于ARM微处理器与uC/OS-Ⅱ实时操作系统.北京:清华大学出版社.2002-9
[15] Alters Coporation. Nios Development Kit. http://www.altera.com/products/devkits/alters/kit-nios.html. 2004-2
[16] Altera Corporation. Nios Embedded Processor 32-bit Programmer's Reference Manual. http://www.altera.com/literature/lit-nios.html. 2003-3
[17] Altera Coporation. Avalon Bus Specification Reference Manual. http://www.altera.com/literature/manual/mnl_avalon_bus.pdf. 2003-7
[18] Matjai Fine, Andrej iemva. Rapid HW/SW Co-Design of Softcore Processor Systems[EB/OL]. http://ieeexplore.ieee.org/ie15/8828/27949/01247988.pdf. 2003-12
[19] Karam S. Chatha, Ranga Vemuri. Hardware-Software Partitioning and Pipelined Scheduling of Transformative Application. Very Large Scale Integration(VLSI) Systems. 2002, 10(3): 193-208
[20] Yong Zhang, Kai Kuang Ma, Qindong Yao. A Software/Hardware Co-Design Methodology for Embedded Microprocessor Core Design[J]. Consumer Electronics, 1999, 45(4): 1241-1246
[21] Altera Coporation. SOPC Builder User Guide. http://www.altera.com/literature/ug/ug_sopcbuilder.pdf. 2003-7
[22] 彭澄廉.挑战SOC——基于NIOS的SOPC设计与实践.北京:清华大学出版社.2004-7
[23] 潘松,黄继业,曾毓.SOPC技术实用教程.北京:清华大学出版社.2005.
[24] K.W.Tse, T.I.YuK and S.S.Chan. Implementation of the Data Encryption Standard Algorithm with FPGAs. More FPGA: Proceedings of the 1993International Workshop on field-programmable logic and applications, Oxford, England. 1993-9
[25] W.Millam, K.Wong M.Ward and E.Dawson. A Single Chip FPGA Implementation of Self-Synchronous Cipher. Proceedings of TENCO'97, IEEE. 1997-9
[26] J. -P. Kaps. High speed FPGA architecture for the Data Encryption Standard. Master's thesis, Department og Electrical Engineering, Worcester Polytechnic Institute. 1998-5
[27] 《中国集成电路编委会》.超级微型计算机集成电路.北京:国防工业出版社.1995-9
[28] FRIEDHELM SCHMIDT.SCSI总线和IDE接口:协议、应用和编程.北京:中国电力出版社,2001
[29] William Stallings.Computer Organization & Architecture Designing for Performance(Sixth Edition).北京:清华大学出版社.2005-1
[30] T13 Technical Committee. Information Technology-AT Attachment with Packet Interface-6. http://www.t13.org
[31] William Stallings. Cryptography and Network Security Principles and Practice(Second Edition).北京:电子工业出版社.2002-9
[32] Wade Trappe, Lawrence C. Washington. Introduction to Cryptography with Coding Theory.北京:人民邮电出版社.2004-6
[33] William Stallings.Network Security Essentials:Applications and Standards.北京:清华大学出版社.2002-6
[34] 褚振勇,翁木云.FPGA设计及应用.西安:西安电子科技大学出版社.2002
[35] John F.Wakerly.Digital Design Principles and Practices(Third Edition).北京:机械工业出版社.2003-8
[36] M.Morris Mano.数字设计(第三版).北京:电子工业出版设.2004-4