+

CN103516523A - Data encryption system structure based on cloud storage - Google Patents

Data encryption system structure based on cloud storage Download PDF

Info

Publication number
CN103516523A
CN103516523A CN201310494894.XA CN201310494894A CN103516523A CN 103516523 A CN103516523 A CN 103516523A CN 201310494894 A CN201310494894 A CN 201310494894A CN 103516523 A CN103516523 A CN 103516523A
Authority
CN
China
Prior art keywords
key
cloud computing
customer
symmetric
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310494894.XA
Other languages
Chinese (zh)
Inventor
付丽莉
于建彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
IEIT Systems Co Ltd
Original Assignee
Inspur Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Electronic Information Industry Co Ltd filed Critical Inspur Electronic Information Industry Co Ltd
Priority to CN201310494894.XA priority Critical patent/CN103516523A/en
Publication of CN103516523A publication Critical patent/CN103516523A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to the field of cloud storage systems, and discloses a data encryption system structure based on cloud storage. The data encryption system comprises a cloud computing secret key client, a cloud computing secret key management server, a customer private secret key carrier, a symmetric cryptography server, and a digital certificate center, wherein the customer private secret key carrier comprises a private key to decrypt a symmetric secret key. For a cloud storage provider, the file cannot be decrypted without the private key, so that the system structure improves the security of client data information, can effectively prevent the private information of the customer from being obtained and illegally utilized by other users or the cloud storage provider. The structure faces various cloud computing applications, and can realize uniform and standard secret key management. The file decryption needs to be executed by the customer private key, which effectively protects the security of customer data. The structure further has the advantages of simpleness and expandability.

Description

一种基于云存储的数据加密体系架构A Data Encryption Architecture Based on Cloud Storage

技术领域 technical field

本发明涉及云存储系统领域,具体涉及一种基于云存储的数据加密安全体系结构。 The invention relates to the field of cloud storage systems, in particular to a data encryption security architecture based on cloud storage.

技术背景 technical background

随着云计算(Cloud Computing)的广泛推广和应用,给巨大的中国互联网市场注入了新的活力和动力。当前比较知名的基于云计算模式的应用主要有:Google、Yahoo、百度等搜索引擎公司的云搜索,Amazon、EMC等存储方案商提出的云存储,瑞星、趋势、金山等杀毒软件厂商的云安全,以及Salesforce等在线软件服务提供商实现的诸多云服务。随着云计算的普及,企业将越来越多的核心业务以及重要数据都存储在了云端,然而,企业对于存储在云端的数据的担心也越来越高,云计算技术的发展应用也引起了人们对信息安全问题的担忧。 With the widespread promotion and application of cloud computing (Cloud Computing), it has injected new vitality and impetus into the huge Chinese Internet market. Currently well-known cloud computing-based applications mainly include: cloud search by search engine companies such as Google, Yahoo, and Baidu; cloud storage proposed by storage solution providers such as Amazon and EMC; and cloud security by antivirus software manufacturers such as Rising, Trend, and Kingsoft. , and many cloud services implemented by online software service providers such as Salesforce. With the popularization of cloud computing, enterprises store more and more core business and important data in the cloud. However, enterprises are more and more worried about the data stored in the cloud. address people's concerns about information security.

 很多研究都显示关于谁应该承担客户数据的安全责任方面,云服务供应商及其客户之间存在很大分歧:供应商将责任交到客户手中,但客户通常不同意。根据Ponemon研究所去年的调查显示,十个云服务供应商中有七个供应商将客户数据的安全责任交给客户,只有30%的客户同意。这就使提供数据加密安全的云存储服务越来越受欢迎,通过加密数据,客户可以确保他们的信息是安全的,即使发生数据泄露事故,而且还能保密于云服务供应商。 Many studies have shown that there is a big divide between cloud service providers and their customers on who should bear the responsibility for the security of customer data: the provider puts the responsibility in the hands of the customer, but the customer usually does not agree. According to a survey conducted by the Ponemon Institute last year, seven out of ten cloud service providers hand over the security responsibility of customer data to customers, and only 30% of customers agree. This has made cloud storage services that provide data encryption and security more and more popular. By encrypting data, customers can ensure that their information is safe even in the event of a data breach, and it can be kept confidential from the cloud service provider.

分析表明,云存储的加密最好的解决方案是那些允许客户控制密钥或者部分密钥的解决方案,通过控制密钥,客户还可以控制对数据的访问,甚至还可以防止云服务供应商访问数据。专业人士表示,如果所有信息都被加密,而且是通过客户控制的一个密钥来进行的,即使云管理员也不能看到密钥,这样就很安全。安全地加密数据并不是云安全服务的技术障碍,困难之处在于找到一种方法来安全地管理密钥。 Analysis shows that the best solutions for cloud storage encryption are those that allow the customer to control the key or part of the key. By controlling the key, the customer can also control the access to the data, and even prevent the cloud service provider from accessing it. data. Professionals say it's safe if all information is encrypted and done through a key that the customer controls and that even cloud administrators can't see. Encrypting data securely isn't a technical hurdle for cloud security services, the difficulty lies in finding a way to securely manage the keys.

数据安全是企业的生命线。任何一个云服务商都尽力宣称他们的服务完全安全,与传统的存储相比,大量的用户核心数据放在云存储中,用户并不知道具体存储位置,难免令用户放心不下,任何客户都担心个人资料例如照片,个人信息以及技术文档被泄露或成为公众浏览的传播对象,造成信息以及人身安全隐患。一些供应商将密钥保存在数据相同的云环境中,这样并不安全;还有一些供应商则将密钥外包给第三方或者让客户自己管理密钥,但又都不是理想的密钥保存方法。 Data security is the lifeline of an enterprise. Any cloud service provider tries their best to claim that their services are completely safe. Compared with traditional storage, a large amount of user core data is placed in cloud storage, and users do not know the specific storage location, which inevitably makes users feel uneasy. Any customer is worried about personal data Materials such as photos, personal information, and technical documents are leaked or become objects of public browsing, causing information and personal safety hazards. Some vendors store keys in the same cloud environment as the data, which is not secure; others outsource keys to third parties or let customers manage keys themselves, neither of which is ideal for key storage method.

发明内容 Contents of the invention

本发明要解决的技术问题是:使客户确保其数据的保密性,同时简化密钥管理,并提高客户数据的安全性。 The technical problem to be solved by the invention is to enable customers to ensure the confidentiality of their data, simplify key management and improve the security of customer data.

本发明里涉及两种密钥,一种是对称密钥存储在云计算管理服务器中,另外一种私钥用于解密对称密钥,存储在客户私人密钥载体中。 The present invention involves two kinds of keys, one is the symmetric key stored in the cloud computing management server, and the other private key is used to decrypt the symmetric key and stored in the customer's private key carrier.

本发明所采用的技术方案为:一种基于云存储的数据加密体系架构,该系统架构包括:云计算密钥客户端,云计算密钥管理服务器,客户私人密钥载体,对称密码服务器,数字证书中心,其中: The technical solution adopted in the present invention is: a data encryption system architecture based on cloud storage, the system architecture includes: cloud computing key client, cloud computing key management server, customer private key carrier, symmetric cipher server, digital Certificate Authority, where:

云计算密钥客户端是驻留在云计算服务中的密码服务客户端,负责向该云计算服务器中的云计算应用提供密钥服务,通过标准的密钥管理协议,向密钥管理服务器申请密钥产生; The cloud computing key client is a cryptographic service client residing in the cloud computing service, responsible for providing key services to the cloud computing applications in the cloud computing server, and applying to the key management server through the standard key management protocol. key generation;

云计算密钥管理服务器负责密钥的产生,恢复,更新等管理服务,并将密钥返回到客户端;云计算密钥管理服务器中存有分散密钥,需要客户私人密钥中的私钥才可以将密钥完整还原; The cloud computing key management server is responsible for management services such as key generation, recovery, and update, and returns the key to the client; the cloud computing key management server stores distributed keys, which require the private key in the client's private key Only then can the key be completely restored;

客户私人密钥载体负责存储数字证书及分散密钥还原时所需的私钥; The customer's private key carrier is responsible for storing the digital certificate and the private key required for the restoration of the distributed key;

对称密码服务器对文件采用对称密钥进行加密,对称密钥需要利用客户私人密钥中的公钥进行加密; The symmetric encryption server encrypts the file with a symmetric key, and the symmetric key needs to be encrypted with the public key in the client's private key;

数字证书中心负责向客户颁发数字证书,用于数字签名的认证; The digital certificate center is responsible for issuing digital certificates to customers for digital signature certification;

客户通过下载数字签名证书到客户私人密钥载体中,该载体中除了数字认证中心提供的数字签名外,还包含用于破解对称密钥的私钥。 The customer downloads the digital signature certificate to the customer's private key carrier. In addition to the digital signature provided by the digital certification center, the carrier also contains the private key used to crack the symmetric key.

客户登陆时需要用户名和密码,并提供数字证书,通过身份验证登陆云计算密钥客户端,对于云存储供应商来说,没有此私钥是无法对文件进行解密的,因此该发明提高了客户数据信息的安全性。 When customers log in, they need a user name and password, and provide a digital certificate, and log in to the cloud computing key client through identity verification. For cloud storage providers, it is impossible to decrypt files without this private key. Therefore, this invention improves customer Security of data information.

客户私人密钥载体可体现为有一定容量的存储设备。 The customer's private key carrier can be embodied as a storage device with a certain capacity.

所述客户私人密钥载体为U盾,方便客户携带。 The carrier of the client's private key is a USB-shield, which is convenient for the client to carry.

基于上述架构的一种云计算加密密钥产生过程,包括以下过程: A cloud computing encryption key generation process based on the above architecture includes the following process:

云计算密钥客户端生成密钥请求包并向云计算管理服务器发送密钥请求,所述密钥请求包包含请求包头部(REQ Header)操作类型(GET)和密钥对象(Symmetric Key),标识符(UID);云计算管理服务器收到密钥请求后,根据请求内容,从对称密码服务器获取对称密钥,再生成密钥回复包,包含回复包头部(Response Header),密钥对象(Symmetric Key),标识符(UID)和对称密钥(Key Value)。 The cloud computing key client generates a key request packet and sends a key request to the cloud computing management server. The key request packet includes a request packet header (REQ Header) operation type (GET) and a key object (Symmetric Key), Identifier (UID); after receiving the key request, the cloud computing management server obtains the symmetric key from the symmetric cipher server according to the content of the request, and then generates a key reply packet, including the response header (Response Header), the key object ( Symmetric Key), identifier (UID) and symmetric key (Key Value).

其中对称密码服务器对文件采用对称密钥进行加密,并将对称密钥通过云计算密钥管理服务器返回云计算密钥客户端,解密对称密钥需要存储在客户私人密钥载体中的私钥。 The symmetric encryption server encrypts the file with a symmetric key, and returns the symmetric key to the cloud computing key client through the cloud computing key management server. Decrypting the symmetric key requires the private key stored in the customer's private key carrier.

这种方式有效提高了客户数据的安全性。这种密钥混合保存的方法,有点类似银行的保险箱,银行持有一个密钥,客户持有另一个密钥,而银行的密钥依赖于客户手中的密钥执行解密过程。 This approach effectively improves the security of customer data. This method of mixed storage of keys is somewhat similar to a bank's safe. The bank holds one key, the customer holds another key, and the bank's key relies on the key in the customer's hand to perform the decryption process.

本发明的有益效果为:本发明提出一种密钥混合保存的方法,即客户私人密钥载体中包含了破解对称密钥的私钥,对于云存储供应商来说,没有此私钥是无法对文件进行解密的,因此该发明提高了客户数据信息的安全性,可以有效的防止客户的私有信息被其它用户或者云存储供应商获取和非法利用。该架构面向各种云计算应用,可以实现统一,标准的密钥管理。文件解密需要客户私钥执行,有效的保护了客户数据安全。该架构还具有简单和可扩展的优点。 The beneficial effects of the present invention are: the present invention proposes a method for key hybrid storage, that is, the customer's private key carrier contains the private key to crack the symmetric key. For cloud storage providers, without this private key, it is impossible The file is decrypted, so the invention improves the security of customer data information, and can effectively prevent the customer's private information from being obtained and illegally used by other users or cloud storage providers. The architecture is oriented to various cloud computing applications and can realize unified and standard key management. File decryption requires the customer's private key to execute, which effectively protects the security of customer data. The architecture also has the advantages of simplicity and scalability.

附图说明 Description of drawings

图1为云计算密钥管理架构示意图; Figure 1 is a schematic diagram of cloud computing key management architecture;

图2为云计算加密密钥获取示意图; Fig. 2 is a schematic diagram of cloud computing encryption key acquisition;

附图标记说明:1、云计算密钥客户端,2、云计算密钥管理服务器,3、客户私人密钥载体,4、对称密码服务器,5、数字证书中心。 Description of reference signs: 1. Cloud computing key client, 2. Cloud computing key management server, 3. Customer private key carrier, 4. Symmetric encryption server, 5. Digital certificate center.

具体实施方式 Detailed ways

下面参照附图,结合实施例对本发明详细说明。 Referring to the accompanying drawings, the present invention will be described in detail in conjunction with the embodiments.

实施例1: Example 1:

一种基于云存储的数据加密体系架构,该系统架构包括:云计算密钥客户端1,云计算密钥管理服务器2,客户私人密钥载体3,对称密码服务器4,数字证书中心5,其中: A data encryption architecture based on cloud storage, the system architecture includes: cloud computing key client 1, cloud computing key management server 2, customer private key carrier 3, symmetric cipher server 4, digital certificate center 5, wherein :

云计算密钥客户端1是驻留在云计算服务中的密码服务客户端,负责向该云计算服务器中的云计算应用提供密钥服务,通过标准的密钥管理协议,向密钥管理服务器申请密钥产生; The cloud computing key client 1 is a cryptographic service client residing in the cloud computing service, responsible for providing key services to the cloud computing applications in the cloud computing server, and sending key services to the key management server through standard key management protocols. Application key generation;

云计算密钥管理服务器2负责密钥的产生,恢复,更新等管理服务,并将密钥返回到客户端;云计算密钥管理服务器中存有分散密钥,需要客户私人密钥中的私钥才可以将密钥完整还原; The cloud computing key management server 2 is responsible for management services such as key generation, recovery, and update, and returns the key to the client; there are distributed keys in the cloud computing key management server, and the private key in the client's private key is required. The key can be fully restored;

客户私人密钥载体3负责存储数字证书及分散密钥还原时所需的私钥; The customer's private key carrier 3 is responsible for storing the digital certificate and the private key required for the restoration of the distributed key;

对称密码服务器4对文件采用对称密钥进行加密,对称密钥需要利用客户私人密钥中的公钥进行加密; The symmetric encryption server 4 encrypts the file using a symmetric key, and the symmetric key needs to be encrypted using the public key in the client's private key;

数字证书中心5负责向客户颁发数字证书,用于数字签名的认证; The digital certificate center 5 is responsible for issuing digital certificates to customers for the authentication of digital signatures;

客户通过下载数字签名证书到客户私人密钥载体3中,该载体中除了数字认证中心5提供的数字签名外,还包含用于破解对称密钥的私钥。 The customer downloads the digital signature certificate to the customer's private key carrier 3, which contains the private key used to crack the symmetric key in addition to the digital signature provided by the digital certification center 5.

客户登陆时需要用户名和密码,并提供数字证书,通过身份验证登陆云计算密钥客户端,对于云存储供应商来说,没有此私钥是无法对文件进行解密的,因此该发明提高了客户数据信息的安全性。 When customers log in, they need a user name and password, and provide a digital certificate, and log in to the cloud computing key client through identity verification. For cloud storage providers, it is impossible to decrypt files without this private key. Therefore, this invention improves customer Security of data information.

实施例2: Example 2:

在实施例1的基础上,本实施例所述客户私人密钥载体可体现为有一定容量的存储设备。 On the basis of Embodiment 1, the customer private key carrier described in this embodiment can be embodied as a storage device with a certain capacity.

实施例3: Example 3:

在实施例2的基础上,本实施例所述客户私人密钥载体为U盾,方便客户携带。 On the basis of Embodiment 2, the carrier of the customer's private key in this embodiment is a USB shield, which is convenient for the customer to carry.

实施例4: Example 4:

基于上述实施例的一种云计算加密密钥产生过程,包括以下过程: A kind of cloud computing encryption key generation process based on above-mentioned embodiment, comprises following process:

云计算密钥客户端生成密钥请求包并向云计算管理服务器发送密钥请求,所述密钥请求包包含请求包头部(REQ Header)操作类型(GET)和密钥对象(Symmetric Key),标识符(UID);云计算管理服务器收到密钥请求后,根据请求内容,从对称密码服务器获取对称密钥,再生成密钥回复包,包含回复包头部(Response Header),密钥对象(Symmetric Key),标识符(UID)和对称密钥(Key Value)。 The cloud computing key client generates a key request packet and sends a key request to the cloud computing management server. The key request packet includes a request packet header (REQ Header) operation type (GET) and a key object (Symmetric Key), Identifier (UID); after receiving the key request, the cloud computing management server obtains the symmetric key from the symmetric cipher server according to the content of the request, and then generates a key reply packet, including the response header (Response Header), the key object ( Symmetric Key), identifier (UID) and symmetric key (Key Value).

其中对称密码服务器对文件采用对称密钥进行加密,并将对称密钥通过云计算密钥管理服务器返回云计算密钥客户端,解密对称密钥需要存储在客户私人密钥载体中的私钥。 The symmetric encryption server encrypts the file with a symmetric key, and returns the symmetric key to the cloud computing key client through the cloud computing key management server. Decrypting the symmetric key requires the private key stored in the customer's private key carrier.

Claims (4)

1.一种基于云存储的数据加密体系架构,其特征在于:该系统架构包括:云计算密钥客户端(1),云计算密钥管理服务器(2),客户私人密钥载体(3),对称密码服务器(4),数字证书中心(5),其中: 1. A data encryption architecture based on cloud storage, characterized in that: the system architecture includes: cloud computing key client (1), cloud computing key management server (2), customer private key carrier (3) , a symmetric cryptographic server (4), a digital certificate center (5), where: 云计算密钥客户端是驻留在云计算服务中的密码服务客户端,负责向该云计算服务器中的云计算应用提供密钥服务,通过标准的密钥管理协议,向密钥管理服务器申请密钥产生; The cloud computing key client is a cryptographic service client residing in the cloud computing service, responsible for providing key services to the cloud computing applications in the cloud computing server, and applying to the key management server through the standard key management protocol. key generation; 云计算密钥管理服务器负责密钥的产生,恢复,更新等管理服务,并将密钥返回到客户端;云计算密钥管理服务器中存有分散密钥,需要客户私人密钥中的私钥才可以将密钥完整还原; The cloud computing key management server is responsible for management services such as key generation, recovery, and update, and returns the key to the client; the cloud computing key management server stores distributed keys, which require the private key in the client's private key Only then can the key be completely restored; 客户私人密钥载体负责存储数字证书及分散密钥还原时所需的私钥; The customer's private key carrier is responsible for storing the digital certificate and the private key required for the restoration of the distributed key; 对称密码服务器对文件采用对称密钥进行加密,对称密钥需要利用客户私人密钥中的公钥进行加密; The symmetric encryption server encrypts the file with a symmetric key, and the symmetric key needs to be encrypted with the public key in the client's private key; 数字证书中心负责向客户颁发数字证书,用于数字签名的认证; The digital certificate center is responsible for issuing digital certificates to customers for digital signature certification; 客户通过下载数字签名证书到客户私人密钥载体中,该载体中除了数字认证中心提供的数字签名外,还包含用于破解对称密钥的私钥; The customer downloads the digital signature certificate to the customer's private key carrier, which contains the private key used to crack the symmetric key in addition to the digital signature provided by the digital certification center; 客户登陆时需要用户名和密码,并提供数字证书,通过身份验证登陆云计算密钥客户端。 When customers log in, they need a user name and password, and provide a digital certificate, and log in to the cloud computing key client through identity verification. 2.根据权利要求1所述的一种基于云存储的数据加密体系架构,其特征在于:所述客户私人密钥载体为有一定容量的存储设备。 2. A data encryption architecture based on cloud storage according to claim 1, characterized in that: the customer private key carrier is a storage device with a certain capacity. 3.根据权利要求2所述的一种基于云存储的数据加密体系架构,其特征在于:所述客户私人密钥载体为U盾。 3. A data encryption architecture based on cloud storage according to claim 2, characterized in that: the customer private key carrier is a USB-Shield. 4.一种基于上述任一权利要求的云计算加密密钥产生方法,其特征在于:所述方法包括以下过程: 4. A cloud computing encryption key generation method based on any of the preceding claims, characterized in that: the method comprises the following processes: 云计算密钥客户端生成密钥请求包并向云计算管理服务器发送密钥请求,所述密钥请求包包含请求包头部操作类型和密钥对象,标识符;云计算管理服务器收到密钥请求后,根据请求内容,从对称密码服务器获取对称密钥,再生成密钥回复包,所述密钥回复包包含回复包头部,密钥对象,标识符和对称密钥;其中对称密码服务器对文件采用对称密钥进行加密,并将对称密钥通过云计算密钥管理服务器返回云计算密钥客户端,解密对称密钥需要存储在客户私人密钥载体中的私钥。 The cloud computing key client generates a key request packet and sends a key request to the cloud computing management server. The key request packet contains the request packet header operation type and key object, identifier; the cloud computing management server receives the key After the request, according to the content of the request, obtain the symmetric key from the symmetric encryption server, and then generate a key reply packet, which includes the header of the reply packet, the key object, the identifier and the symmetric key; The file is encrypted with a symmetric key, and the symmetric key is returned to the cloud computing key client through the cloud computing key management server. Decrypting the symmetric key requires the private key stored in the customer's private key carrier.
CN201310494894.XA 2013-10-22 2013-10-22 Data encryption system structure based on cloud storage Pending CN103516523A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310494894.XA CN103516523A (en) 2013-10-22 2013-10-22 Data encryption system structure based on cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310494894.XA CN103516523A (en) 2013-10-22 2013-10-22 Data encryption system structure based on cloud storage

Publications (1)

Publication Number Publication Date
CN103516523A true CN103516523A (en) 2014-01-15

Family

ID=49898605

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310494894.XA Pending CN103516523A (en) 2013-10-22 2013-10-22 Data encryption system structure based on cloud storage

Country Status (1)

Country Link
CN (1) CN103516523A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105208044A (en) * 2015-10-29 2015-12-30 成都卫士通信息产业股份有限公司 Key management method suitable for cloud computing
CN106302411A (en) * 2016-08-03 2017-01-04 西安邮电大学 The secure cloud storage method and system of support file encryption based on windows platform
CN106341236A (en) * 2016-09-09 2017-01-18 深圳大学 Access control method facing cloud storage service platform and system thereof
CN106973070A (en) * 2017-05-17 2017-07-21 济南浪潮高新科技投资发展有限公司 A kind of big data calculates trusteeship service security certification system and method
CN107872532A (en) * 2017-11-27 2018-04-03 北京天诚安信科技股份有限公司 A kind of storage of third party cloud storage platform, the method and system downloaded
CN109598145A (en) * 2018-12-07 2019-04-09 无锡予果科技有限公司 It is a kind of to prevent the data divulged a secret transmission and method for cloud storage and system
CN111064738A (en) * 2019-12-26 2020-04-24 山东方寸微电子科技有限公司 TLS (transport layer Security) secure communication method and system
CN112152804A (en) * 2020-09-16 2020-12-29 北京奇艺世纪科技有限公司 Method, device and system for dynamically configuring private key for cloud server
CN112422563A (en) * 2020-11-18 2021-02-26 深圳市气象局(深圳市气象台) Weather data encryption and decryption service system based on hybrid cryptography
CN114580001A (en) * 2022-03-11 2022-06-03 合肥工业大学 A kind of encryption and decryption algorithm and file protection method for excel file

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562040A (en) * 2008-04-15 2009-10-21 航天信息股份有限公司 High-security mobile memory and data processing method thereof
CN103312690A (en) * 2013-04-19 2013-09-18 无锡成电科大科技发展有限公司 System and method for key management of cloud computing platform

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562040A (en) * 2008-04-15 2009-10-21 航天信息股份有限公司 High-security mobile memory and data processing method thereof
CN103312690A (en) * 2013-04-19 2013-09-18 无锡成电科大科技发展有限公司 System and method for key management of cloud computing platform

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
孙磊,戴紫珊,郭锦娣: "云计算密钥管理框架研究", 《电信科学》 *
郑志勇,朱郑之: "基于密钥分散管理的服务器登录控制", 《信息安全与通信保密》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105208044A (en) * 2015-10-29 2015-12-30 成都卫士通信息产业股份有限公司 Key management method suitable for cloud computing
CN106302411A (en) * 2016-08-03 2017-01-04 西安邮电大学 The secure cloud storage method and system of support file encryption based on windows platform
CN106341236A (en) * 2016-09-09 2017-01-18 深圳大学 Access control method facing cloud storage service platform and system thereof
CN106973070A (en) * 2017-05-17 2017-07-21 济南浪潮高新科技投资发展有限公司 A kind of big data calculates trusteeship service security certification system and method
CN107872532A (en) * 2017-11-27 2018-04-03 北京天诚安信科技股份有限公司 A kind of storage of third party cloud storage platform, the method and system downloaded
CN107872532B (en) * 2017-11-27 2020-09-25 北京天诚安信科技股份有限公司 Method and system for storing and downloading third-party cloud storage platform
CN109598145A (en) * 2018-12-07 2019-04-09 无锡予果科技有限公司 It is a kind of to prevent the data divulged a secret transmission and method for cloud storage and system
CN111064738A (en) * 2019-12-26 2020-04-24 山东方寸微电子科技有限公司 TLS (transport layer Security) secure communication method and system
CN111064738B (en) * 2019-12-26 2022-09-30 山东方寸微电子科技有限公司 TLS (transport layer Security) secure communication method and system
CN112152804A (en) * 2020-09-16 2020-12-29 北京奇艺世纪科技有限公司 Method, device and system for dynamically configuring private key for cloud server
CN112422563A (en) * 2020-11-18 2021-02-26 深圳市气象局(深圳市气象台) Weather data encryption and decryption service system based on hybrid cryptography
CN114580001A (en) * 2022-03-11 2022-06-03 合肥工业大学 A kind of encryption and decryption algorithm and file protection method for excel file

Similar Documents

Publication Publication Date Title
JP6941146B2 (en) Data security service
CN109144961B (en) Authorization file sharing method and device
US11855767B2 (en) Methods and systems for distributing encrypted cryptographic data
CN103516523A (en) Data encryption system structure based on cloud storage
US9805350B2 (en) System and method for providing access of digital contents to offline DRM users
US9419799B1 (en) System and method to provide secure credential
JP6678457B2 (en) Data security services
US11750397B2 (en) Attribute-based encryption keys as key material for key-hash message authentication code user authentication and authorization
US20140112470A1 (en) Method and system for key generation, backup, and migration based on trusted computing
WO2014081698A2 (en) Delegate authorization in cloud-based storage system
JP2012518329A (en) A framework for trusted cloud computing and services
JP2012518330A (en) Reliable cloud computing and cloud service framework
WO2008121157A2 (en) Cryptographic key management system facilitating secure access of data portions to corresponding groups of users
Gajmal et al. Blockchain-based access control and data sharing mechanism in cloud decentralized storage system
CN104333545A (en) Method for encrypting cloud storage file data
Shen et al. SecDM: Securing data migration between cloud storage systems
CN1889426B (en) Method and system for realizing network safety storing and accessing
Thilakanathan et al. Secure multiparty data sharing in the cloud using hardware-based TPM devices
Raghuwanshi et al. MS2: Practical data privacy and security framework for data at rest in cloud
Reddy et al. Secured privacy data using multi key encryption in cloud storage
Suthar et al. EncryScation: A novel framework for cloud iaas, daas security using encryption and obfuscation techniques
Albaroodi et al. A proposed framework for outsourcing and secure encrypted data on OpenStack object storage (Swift)
CN106790100B (en) Data storage and access control method based on asymmetric cryptographic algorithm
Jang-Jaccard et al. Portable key management service for cloud storage
Sawle et al. Survey on data classification and data encryption techniques used in cloud computing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20140115

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载