CN103685239A - Real-time encryption and decryption system and real-time encryption and decryption method for mobile products - Google Patents
Real-time encryption and decryption system and real-time encryption and decryption method for mobile products Download PDFInfo
- Publication number
- CN103685239A CN103685239A CN201310599842.9A CN201310599842A CN103685239A CN 103685239 A CN103685239 A CN 103685239A CN 201310599842 A CN201310599842 A CN 201310599842A CN 103685239 A CN103685239 A CN 103685239A
- Authority
- CN
- China
- Prior art keywords
- server end
- mobile terminal
- data
- module
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a real-time encryption and decryption system and a real-time encryption and decryption method for mobile products. When a mobile terminal is in an encryption mode, any file data operation refers to downloading encrypted data from a server side and authorizing the mobile terminal to decrypt the encrypted data to display to a user in a clear text mode, and any user operation result is stored in the server side after being encrypted; after the user quits the encryption mode, the mobile terminal cannot contact with the encrypted data, the user enters a common mode, and operation data are stored in the mobile terminal at the moment. According to the real-time encryption and decryption system and the real-time encryption and decryption method, existing operation modes and use habits of the user are not changed, input and output data quantity is not increased, and high safety is achieved.
Description
Technical field
The present invention relates to data security field, particularly a kind of real-time encryption and decryption system and method for mobile product.
Background technology
The mobile products such as mobile phone have become us and have lived an indispensable part, and along with hardware is soft, the high speed development of network, mobile product function will be more powerful, will be faced with the threat of information security unavoidably.
Main several cipher modes that at present mobile product such as mobile phone is used have: change the encryption of suffix name, displacement mode, hiding attribute is set, cell-phone lock is encrypted, encryption software (phone smart encrypt etc.) encrypt file.
Can find out, several cipher modes that mobile phone uses at present, basic ideas or traditional " anti-, stifled " pattern, its major defect has two aspects:
1) fail safe is not high.Several cipher modes that the mobile products such as current mobile phone are used, we can crack by other instruments substantially.In fact, these modes are relatively simple at present, for current general user, can also accept, but for the higher client of security requirement, or after popularizing along with cell-phone function is further, these modes cannot meet our security requirement.
2) trivial operations, produces extra inputoutput data amount, efficiency is low.File could be used after must first deciphering, and when checking an encrypt file, must check that plaintext-> deletes process expressly through being decrypted into plaintext->.If need to revise an encrypt file, need the process of encrypting through deciphering-> modification-> preservation->.In these operations, having step over half is the extra work causing because of file encryption.
Real-time encryption and decryption technology (Real Time Encryption/Decryption) be start last century end to occur a kind of encryption technology.This technology encryption and decryption demand to data in user's normal workpiece is processed in real time, there is no explicit encryption and decryption process, does not also produce temporary file.
Summary of the invention
The object of the invention is to the information security hidden danger for mobile products such as mobile phones, a set of brand-new real-time encryption and decryption method is provided, the starting point of its security strategy is not by how preventing that file from being revealed, but all confidential datas are all to encrypt form deposit and use, thereby allowing user enjoying mobile product simultaneously easily, can provide safety guarantee.
In order to achieve the above object, first technical scheme of the present invention is to provide a kind of real-time encryption and decryption system of mobile product, and it comprises:
Server end, and at this server end by the mobile terminal of identity and certification authentication;
Described mobile terminal, is responsible under encryption mode the real-time encrypted one-tenth ciphertext of operating data and is sent to server end, and obtains enciphered data and be decrypted into expressly to carry out data manipulation from described server end;
Described server end, receives the also enciphered data of memory mobile terminal, and returns to its required enciphered data to the mobile terminal by identity and certification authentication.
Preferably, in described mobile terminal, comprise:
User logins module, is responsible for processing the account password information of user interface input, and makes corresponding processing according to returning results in user interface of server end;
Certification authentication module, is responsible for the processing of mobile terminal certificate, and in user interface, server end the result is made to corresponding response, is verified and makes described mobile terminal enter encryption mode;
Data encryption module, is responsible for the real-time encrypted one-tenth ciphertext of any operating result of user under encryption mode preserving to can pass to server end;
Data deciphering module, the encrypt data of being responsible for that server end is transmitted is decrypted into and is expressly shown to user and operates;
Mixed-media network modules mixed-media, the network data sending and receiving of responsible mobile terminal and server end.
Preferably, in described server end, comprise:
Mixed-media network modules mixed-media, the network data of charge server end and mobile terminal sends and data receiver;
Memory module, is responsible for preserving validated user information, safety certificate management information, user encryption data message;
Whether legal subscriber authentication module, be responsible for authentication of users log-on message;
Certification authentication module, is responsible for authentication of users terminal and whether has safety operation authority.
Second technical scheme of the present invention is to provide a kind of mobile product that uses real-time encryption and decryption system;
Described mobile product enters encryption mode after by the server end good authentication identity being connected and certificate, make described mobile product download enciphered data and to be decrypted into expressly to carry out data manipulation from server end, the result of operation is sent to server end preservation after real-time encrypted;
The operating data of described mobile product after exiting encryption mode is kept in this mobile product.
Preferably, described mobile product is mobile phone.
The 3rd technical scheme of the present invention is to provide a kind of real-time encryption and decryption method of mobile product, and it comprises following steps:
1) user of user by mobile terminal logins module and accounts information is sent to enciphered data by the network sending module of mobile terminal preserves server;
2) the network receiver module of server end successfully receives after user account information, in the memory module of the subscriber authentication module contrast server end by server end, whether validated user information database comes interpretation login user legal, and the result is returned to mobile terminal by the network sending module of server end;
3) subscriber authentication legal after, need to be by the mobile terminal certificate of authority certification authentication module by mobile terminal by the network sending module of mobile terminal, send to server end;
The network receiver module of server end successfully receives after certificate of authority information, certificate management database in the memory module of the certification authentication module contrast server end of server end, and the result returns to mobile terminal by the network sending module of server end;
4) after being verified, enter mobile terminal encryption mode, user is the data to server end request current operation interface by the network sending module of mobile terminal;
Enciphered data database in server end solution rope memory module, the data that afterwards solution rope gone out return to mobile terminal;
The network receiver module of mobile terminal successfully receives after return data, and the deciphering module that calls mobile terminal is parsed and is expressly shown to user;
5) user is encrypted to encrypt data by the encrypting module that starts mobile terminal at mobile terminal to any operating result expressly, and the network sending module by mobile terminal sends to server end;
The network receiver module of server end is saved in the enciphered data database in memory module by the encrypt data receiving;
6) operate mobile terminal and exited encryption mode.
Preferably, mobile terminal carries out all real-time encrypted one-tenth ciphertexts be sent to server end and preserve of operating result newly-built, that browse, edit or preserve to data under encryption mode.
A set of real-time encryption and decryption technical solution that the present invention designs for mobile products such as mobile phones.This scheme main advantage is:
1) completely transparent user experiences.User when the encrypt file using based on real-time encryption and decryption technology with general clear text file sensuously without any difference, after this file encryption, be called " transparent " with the identical user's experience of non-encrypted file in the use.Transparent user experiences and means that user does not need to change their existing mode of operation and use habit because of using secrecy system.
2) fail safe is higher.When using encrypt file, there is no the decrypting process on memory, therefore the encrypt file on memory is can be not decrypted because of use, even if the current file just in use of operator does not have clear data yet and exists on memory, the relative conventional encryption technique of this feature has higher fail safe.Conventional encryption technique is because encrypt file is deciphered in use and become clear text file, and therefore in use without any protection, the most under attack causing divulged a secret.
3) do not increase inputoutput data amount.Real-time encryption and decryption technology is when application requests encrypted file data and non-decrypting whole encrypt file, but deciphering as required only provides instant operation required clear data to application program.
Accompanying drawing explanation
Fig. 1 is mobile terminal structure schematic diagram in real-time encryption and decryption system of the present invention;
Fig. 2 is server end structural representation in real-time encryption and decryption system of the present invention;
Fig. 3 is the flow chart of real-time encryption and decryption method of the present invention;
Fig. 4 is the design sketch of real-time encryption and decryption method of the present invention.
Embodiment
For portable mobile product, for example mobile phone, is divided into general data and enciphered data by its data in the present invention.General data is kept on user mobile phone, and enciphered data is kept at server end.
When user is connected to enciphered data server end, and by after authentication and mobile phone certification authentication, mobile phone will enter encryption mode, under this pattern, the operation of any document data (comprise newly-built, browse, edit, change etc.) be all to download enciphered data from server end, after authorizing mobile phone terminal deciphering, be expressly shown to user, and any operating result of user will be kept at server end after encryption.
When user exits after encryption mode, mobile phone terminal cannot touch enciphered data, and user enters general mode, and at this time operating data is kept at user mobile phone.
Real-time encryption and decryption equipment of the present invention, comprises: two parts of mobile terminal and server end:
As shown in Figure 1, in mobile terminal, comprise following module:
1) user logins module, is responsible for processing the account password information of user interface input, and makes corresponding processing according to returning results in user interface of server end.
2) certification authentication module, is responsible for the processing of mobile terminal certificate, can make corresponding response to server end the result in user interface simultaneously, is verified and enters under encryption mode.
3) data encryption module, user enters any operating result under encryption mode and real-time this module encrypt of passing through is become ciphertext to pass to server end to preserve.
4) data deciphering module, the encrypt data of being responsible for server end to transmit is decrypted, and the plaintext after deciphering is the most at last shown to user and operates.
5) mixed-media network modules mixed-media, the network data transmission of responsible mobile terminal and server end, carries out data transmission and data receiver by network sending module and network receiver module correspondence.
As shown in Figure 2, the following module of Server Side Include:
1) mixed-media network modules mixed-media, the network data transmission of charge server end and mobile terminal, carries out data transmission and data receiver by network sending module and network receiver module correspondence.
2) memory module, is responsible for preserving validated user information, safety certificate management information, user encryption data message.
3) whether legal subscriber authentication module, be responsible for authentication of users log-on message.
4) certification authentication module, is responsible for authentication of users terminal and whether has safety operation authority.
The flow chart of the present invention under encryption mode be as shown in Figure 3:
1) user of user by mobile terminal logins module and accounts information is sent to enciphered data by the network sending module of mobile terminal preserves server,
2) the network receiver module of server end successfully receives after user account information, in subscriber authentication module contrast memory module by server end, whether validated user information database comes interpretation login user legal, and the result is returned to mobile terminal by the network sending module of server end.
3) subscriber authentication legal after, the mobile terminal certificate of authority need to be sent to server end by certification authentication module by the network sending module of mobile terminal, the network receiver module of server end successfully receives after certificate of authority information, certificate management database in certification authentication module contrast memory module, the result returns to mobile terminal by the network sending module of server end.
4) after being verified, enter mobile terminal encryption mode, user is the data to server request current operation interface by the network sending module of mobile terminal, and server end will be separated enciphered data database in rope memory module, return to mobile terminal afterwards by separating the data that rope goes out.The network receiver module of mobile terminal successfully receives after return data, and the deciphering module that calls mobile terminal is parsed and is expressly shown to user.
5) user is encrypted to encrypt data by the encrypting module that starts mobile terminal to any operation expressly (newly-built, browse, edit, preservation etc.) result, network sending module by mobile terminal sends to server end, and the network receiver module of server end is saved in the encrypt data receiving enciphered data database in the memory module of server end.In the present invention, the design sketch of file real-time encryption and decryption as shown in Figure 4.
6) operated and exited encryption mode.
Although content of the present invention has been done detailed introduction by above preferred embodiment, will be appreciated that above-mentioned description should not be considered to limitation of the present invention.Those skilled in the art, read after foregoing, for multiple modification of the present invention with to substitute will be all apparent.Therefore, protection scope of the present invention should be limited to the appended claims.
Claims (7)
1. a real-time encryption and decryption system for mobile product, is characterized in that, comprises:
Server end, and at this server end by the mobile terminal of identity and certification authentication;
Described mobile terminal, is responsible under encryption mode the real-time encrypted one-tenth ciphertext of operating data and is sent to server end, and obtains enciphered data and be decrypted into expressly to carry out data manipulation from described server end;
Described server end, receives the also enciphered data of memory mobile terminal, and returns to its required enciphered data to the mobile terminal by identity and certification authentication.
2. real-time encryption and decryption system as claimed in claim 1, is characterized in that,
In described mobile terminal, comprise:
User logins module, is responsible for processing the account password information of user interface input, and makes corresponding processing according to returning results in user interface of server end;
Certification authentication module, is responsible for the processing of mobile terminal certificate, and in user interface, server end the result is made to corresponding response, is verified and makes described mobile terminal enter encryption mode;
Data encryption module, is responsible for the real-time encrypted one-tenth ciphertext of any operating result of user under encryption mode preserving to can pass to server end;
Data deciphering module, the encrypt data of being responsible for that server end is transmitted is decrypted into and is expressly shown to user and operates;
Mixed-media network modules mixed-media, the network data sending and receiving of responsible mobile terminal and server end.
3. real-time encryption and decryption system as claimed in claim 1 or 2, is characterized in that,
In described server end, comprise:
Mixed-media network modules mixed-media, the network data of charge server end and mobile terminal sends and data receiver;
Memory module, is responsible for preserving validated user information, safety certificate management information, user encryption data message;
Whether legal subscriber authentication module, be responsible for authentication of users log-on message;
Certification authentication module, is responsible for authentication of users terminal and whether has safety operation authority.
4. a mobile product that uses real-time encryption and decryption system, is characterized in that,
Described mobile product enters encryption mode after by the server end good authentication identity being connected and certificate, make described mobile product download enciphered data and to be decrypted into expressly to carry out data manipulation from server end, the result of operation is sent to server end preservation after real-time encrypted;
The operating data of described mobile product after exiting encryption mode is kept in this mobile product.
5. mobile product as claimed in claim 4, is characterized in that,
Described mobile product is mobile phone.
6. a real-time encryption and decryption method for mobile product, is characterized in that, comprises following steps:
1) user of user by mobile terminal logins module and accounts information is sent to enciphered data by the network sending module of mobile terminal preserves server;
2) the network receiver module of server end successfully receives after user account information, in the memory module of the subscriber authentication module contrast server end by server end, whether validated user information database comes interpretation login user legal, and the result is returned to mobile terminal by the network sending module of server end;
3) subscriber authentication legal after, need to be by the mobile terminal certificate of authority certification authentication module by mobile terminal by the network sending module of mobile terminal, send to server end;
The network receiver module of server end successfully receives after certificate of authority information, certificate management database in the memory module of the certification authentication module contrast server end of server end, and the result returns to mobile terminal by the network sending module of server end;
4) after being verified, enter mobile terminal encryption mode, user is the data to server end request current operation interface by the network sending module of mobile terminal;
Enciphered data database in server end solution rope memory module, the data that afterwards solution rope gone out return to mobile terminal;
The network receiver module of mobile terminal successfully receives after return data, and the deciphering module that calls mobile terminal is parsed and is expressly shown to user;
5) user is encrypted to encrypt data by the encrypting module that starts mobile terminal at mobile terminal to any operating result expressly, and the network sending module by mobile terminal sends to server end;
The network receiver module of server end is saved in the enciphered data database in memory module by the encrypt data receiving;
6) operate mobile terminal and exited encryption mode.
7. real-time encryption and decryption method as claimed in claim 6, is characterized in that,
Mobile terminal carries out all real-time encrypted one-tenth ciphertexts be sent to server end and preserve of operating result newly-built, that browse, edit or preserve to data under encryption mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310599842.9A CN103685239A (en) | 2013-11-25 | 2013-11-25 | Real-time encryption and decryption system and real-time encryption and decryption method for mobile products |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310599842.9A CN103685239A (en) | 2013-11-25 | 2013-11-25 | Real-time encryption and decryption system and real-time encryption and decryption method for mobile products |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103685239A true CN103685239A (en) | 2014-03-26 |
Family
ID=50321554
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310599842.9A Pending CN103685239A (en) | 2013-11-25 | 2013-11-25 | Real-time encryption and decryption system and real-time encryption and decryption method for mobile products |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685239A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337964A (en) * | 2015-09-30 | 2016-02-17 | 宇龙计算机通信科技(深圳)有限公司 | Data security protection method and device |
| CN106022806A (en) * | 2016-05-27 | 2016-10-12 | 乐视控股(北京)有限公司 | Mobile terminal examination method and device, and electronic terminal |
| CN106357678A (en) * | 2016-10-24 | 2017-01-25 | 宇龙计算机通信科技(深圳)有限公司 | Cloud encryption storage method for intelligent terminal and intelligent terminal |
| CN107666389A (en) * | 2017-09-16 | 2018-02-06 | 杭州弼木建筑科技有限公司 | A kind of structural strengthening model lightweight secrecy system based on BIM |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098295A (en) * | 2010-12-28 | 2011-06-15 | 上海华御信息技术有限公司 | Method for improving data security under SaaS application |
-
2013
- 2013-11-25 CN CN201310599842.9A patent/CN103685239A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102098295A (en) * | 2010-12-28 | 2011-06-15 | 上海华御信息技术有限公司 | Method for improving data security under SaaS application |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105337964A (en) * | 2015-09-30 | 2016-02-17 | 宇龙计算机通信科技(深圳)有限公司 | Data security protection method and device |
| CN105337964B (en) * | 2015-09-30 | 2019-06-11 | 宇龙计算机通信科技(深圳)有限公司 | The guard method of data safety and device |
| CN106022806A (en) * | 2016-05-27 | 2016-10-12 | 乐视控股(北京)有限公司 | Mobile terminal examination method and device, and electronic terminal |
| CN106357678A (en) * | 2016-10-24 | 2017-01-25 | 宇龙计算机通信科技(深圳)有限公司 | Cloud encryption storage method for intelligent terminal and intelligent terminal |
| CN107666389A (en) * | 2017-09-16 | 2018-02-06 | 杭州弼木建筑科技有限公司 | A kind of structural strengthening model lightweight secrecy system based on BIM |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10142107B2 (en) | Token binding using trust module protected keys | |
| CN101051904B (en) | Method for landing by account number cipher for protecting network application sequence | |
| CN109347835A (en) | Information transferring method, client, server and computer readable storage medium | |
| CN103259651B (en) | A kind of method and system to terminal data encryption and decryption | |
| CN104917741B (en) | A kind of plain text document public network secure transmission system based on USBKEY | |
| CN109547198B (en) | System for network transmission video file | |
| CN111770088A (en) | Data authentication method, device, electronic equipment and computer readable storage medium | |
| CN103237305B (en) | Password protection method for smart card on facing moving terminal | |
| CN108111497A (en) | Video camera and server inter-authentication method and device | |
| CN108809633B (en) | Identity authentication method, device and system | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
| CN109684129B (en) | Data backup recovery method, storage medium, encryption machine, client and server | |
| CN108199847B (en) | Digital security processing method, computer device, and storage medium | |
| CN107579903B (en) | Picture message secure transmission method and system based on mobile device | |
| CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
| CN103701596A (en) | Document access method, system and equipment and document access request response method, system and equipment | |
| CN112597523B (en) | File processing method, file conversion encryption machine, terminal, server and medium | |
| CN103327034A (en) | Safe login method, system and device | |
| CN102404337A (en) | Data encryption method and device | |
| CN112564887A (en) | Key protection processing method, device, equipment and storage medium | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| US20020021804A1 (en) | System and method for data encryption | |
| Fauziah et al. | Design and implementation of AES and SHA-256 cryptography for securing multimedia file over android chat application | |
| CN113726725A (en) | Data encryption and decryption method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140326 |