中文摘要：

提出了通过使用可信密码模块保护涉密数据的一种新的机制，该解决方案包括运行时的数据保护与静态文件数据保护，使用的关键技术是可信密码模块的密钥保护特性。给出了可信密码模块加解密的性能测试，以及弥补性能不足的解决方案。通过使用可信密码模块的数据封装技术，提出了一个网络控制的实现方案，给出了网络控制的实验测试结果。

英文摘要：

Management of cryptography keys for data encapsulation in classified network has been troubling people. The aim of this article is to present a new mechanism for protecting classified data by using trusted cryptography module. The solution contains both runtime data protection and static file data protection. The key technique is using the feature of cryptography keys hidden technology of trusted cryptography module. The result of a simple performance test of the trusted cryptography module is provided while the solution for its insufficiency is also presented. By using the trusted cryptography module, an implementation with experiment result of a network control is presented.