Windows 10安全存储
[英]Windows 10 Secure Storage
问题描述
In Windows 10, is there a secure storage mechanism analogous to the Android TrustZone? 
在Windows 10中,是否有类似于Android TrustZone的安全存储机制?
Where the data is encrypted and stored in a location separate from regular user file space? 数据在哪里加密并存储在与常规用户文件空间不同的位置?
I'm looking to store data from an application that doesn't need to be accessed by any other user or application, and I don't really want to just encrypt it and store it on the disk. 我希望存储不需要任何其他用户或应用程序访问的应用程序中的数据,并且我真的不想仅加密并将其存储在磁盘上。
Any thoughts? 有什么想法吗?
1 个解决方案
解决方案1
2 已采纳 2016-07-09 01:35:33
With Windows being an open platform (unlike non-rooted Android - I am talking about the user point of view now) there's no simple way to store anything on the disk (or elsewhere for this matter) and have it protected from user's access. 由于Windows是开放平台(与非root用户的Android不同-我现在正在谈论用户的观点),没有简单的方法将任何内容存储在磁盘上(或就此而言,放在其他位置)并保护它不受用户访问。 The user is essentially the owner of everything in his PC and on its disk. 用户本质上是其PC及其磁盘上所有内容的所有者。
The best you can do is use CryptProtectData / CryptUnprotectData WinAPI functions to "bind" the data to the user account. 最好的办法是使用CryptProtectData / CryptUnprotectData WinAPI函数将数据“绑定”到用户帐户。 These APIs don't store the data, but just encrypt it with the key, derived from the user credentials. 这些API不会存储数据,而只是使用从用户凭据派生的密钥对数据进行加密。 You then can store this encrypted data in user's profile directory. 然后,您可以将此加密数据存储在用户的配置文件目录中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.