On disk encryption technology in Vista SP1

Source: Internet
Author: User
Keywords US disk if briefly
Previously mentioned, http://www.aliyun.com/zixun/aggregation/15470.html ">vista SP1 's update package has improved BitLocker Drive encryption (BDE), Provides TMP encryption support, including flash encryption and pins.

BitLocker can not only encrypt the entire system partition, but also support the encryption of the non-system partition, which can create the secret data partition locally. After a BitLocker Drive Encryption (BitLocker) partition, all the files stored on it are protected. And when we copy the new file into the partition, the file is automatically encrypted without us doing anything else.

If our machines are repaired or stolen, others hang their hard disks on other machines, and if BitLocker detects a security risk for a system condition (for example, disk errors, changes to the BIOS, or changes to any startup files) when the computer starts, BitLocker The drive is locked and requires a specific BitLocker recovery password to unlock, so no one can peek at our encrypted data.

Of course, we can turn it off temporarily by disabling BitLocker at any time, or permanently shut it down by decrypting the drive. The method is also simple, select "Start → control Panel →bitlocker Drive Encryption", click the "Turn off BitLocker" option, pop-up the BitLocker Drive Encryption dialog box, to decrypt the drive, click the Decrypt volume option to temporarily disable BitLocker , click Disable BitLocker Drive Encryption.

Tips

Note that this feature requires not only the support of the hardware TMP technology, but also that the file remains encrypted only when it is stored in an encrypted partition. If we copy the file to another drive or computer, the file will be decrypted.

So we've sorted out a little bit of help and we want to help:

Hardware requirements for BitLocker Drive Encryption:

Because BitLocker stores its own encryption and decryption keys on a 11585.html "> Hardware device outside the hard disk, you must have one of the following hardware devices:

A computer with a Trusted Platform Module (TPM), a special microchip that supports advanced security features in some new computers. If the computer was manufactured with TPM version 1.2 or later, BitLocker stores its key in the TPM.

Removable USB memory devices, such as USB flash drives. If your computer does not have TPM version 1.2 or later, BitLocker stores its keys in the flash drive.

Note

You can enable certain BitLocker features and settings through Group Policy settings.

To turn on BitLocker Drive Encryption, the computer hard disk must meet the following conditions:

1, at least two partitions. One of the partitions must contain a drive that installs Windows. The drive is BitLocker will be encrypted. Another partition is an active partition and must remain unencrypted so that the computer can be started.

2. You must use the NTFS file system for formatting.

The BIOS used is compatible with the TPM and supports USB devices when the computer is started. If this is not the case, you will need to update the BIOS before using BitLocker.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.