CN104125069B - It is a kind of towards shared secure file catalogue file encryption system - Google Patents
It is a kind of towards shared secure file catalogue file encryption system Download PDFInfo
- Publication number
- CN104125069B CN104125069B CN201410323581.2A CN201410323581A CN104125069B CN 104125069 B CN104125069 B CN 104125069B CN 201410323581 A CN201410323581 A CN 201410323581A CN 104125069 B CN104125069 B CN 104125069B
- Authority
- CN
- China
- Prior art keywords
- file
- encryption
- decryption control
- user
- control strategy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000011217 control strategy Methods 0.000 claims abstract description 177
- 230000008569 process Effects 0.000 claims abstract description 60
- 238000000034 method Methods 0.000 claims abstract description 51
- 238000012545 processing Methods 0.000 claims description 25
- 230000004048 modification Effects 0.000 claims description 21
- 238000012986 modification Methods 0.000 claims description 21
- 238000013519 translation Methods 0.000 claims description 8
- 230000015572 biosynthetic process Effects 0.000 claims description 7
- 230000008859 change Effects 0.000 claims description 7
- 230000000694 effects Effects 0.000 claims description 6
- 238000001914 filtration Methods 0.000 claims description 5
- 230000009466 transformation Effects 0.000 claims description 4
- 230000009471 action Effects 0.000 claims description 2
- 238000000151 deposition Methods 0.000 claims description 2
- 238000004321 preservation Methods 0.000 claims description 2
- 230000033772 system development Effects 0.000 claims description 2
- 238000004364 calculation method Methods 0.000 claims 1
- 230000001360 synchronised effect Effects 0.000 claims 1
- 238000007726 management method Methods 0.000 description 46
- 238000005516 engineering process Methods 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 5
- 238000006243 chemical reaction Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
Abstract
The present invention relates to a kind of towards shared secure file catalogue file encryption system, the file encryption system includes secure file catalogue, the close filter of file and file encryption filter assisted process;File in the secure file catalogue is encrypted automatically by the close filter of file;Each file directory in secure file catalogue, which sets or inherited, corresponding file decryption control strategy, for providing which personal authorized user and colony authorized user can decrypt the encryption file in file directory;When file is encrypted file close filter the file decryption control strategy of file directory where file turn into encryption file file decryption control strategy, and be converted to file decryption control data be stored in decryption file in;File encryption filter assisted process is used to complete the operation that file encryption filter can not be completed in inner nuclear layer;The client of cloud storage system is arranged to untrusted process so that it is guaranteed that the file for uploading to cloud storage system is encrypted during for file cloud storage.
Description
Technical field
The invention belongs to field of information security technology, be it is a kind of towards shared secure file catalogue file encryption system,
Particularly a kind of cloud storage that fits through is shared safely and using the file encryption system of file between many people.
Background technology
File cloud storage brings great convenience to user, receives the welcome of users.It is now not only personal to use
Family is using file cloud storage system, and increasing enterprise, mechanism particularly medium-sized and small enterprises, mechanism is also using file
Cloud storage system, including public cloud storage system.
Many file cloud storage systems are provided with the user of file-sharing function, i.e., one by a file at present
The user using file can be shared by being specified while passing to the cloud system of file cloud storage system, including specify specific personal
User or group user.Current file cloud storage system is that the safety that file is realized by access control mechanisms is shared mostly
's.The shortcoming of this technical scheme is:If shared file is related to individual privacy or corporate secret, then the operation of cloud storage system
Guardian (O&M person) is the content it can be seen that shared file, or have when cloud storage system is by assault can
The situation that file is stolen, private information is compromised can occur, these are all the problem of cloud storage user worry very much.Solve this
The best solution of one safety problem is that first file is added before file to be uploaded to user the cloud system of cloud storage system
It is close, and ensure that the user being only licensed could decrypt encrypted file (encryption file).But, for adding for personal document
It is close be from the encryption for shared file it is different, the latter is more complicated, it is necessary to consider how distribution, shared file encryption key
Problem, and realize that shared file encryption must also consider a factor under public cloud storage environment:In order to realize that file adds
Close particularly shared file is encrypted and the cloud storage system disposed is modified and is nearly impossible, in order to shared text
The scheme that part increases encryption function and transformed file cloud storage system is difficult to be received by cloud storage operator.For cloud
The cryptography issue of shared file is stored, the applicant is in a kind of its patent application " file encryption system towards shared file "
(number of patent application:201410151619.2) in propose it is a kind of without the shared file that be transformed file cloud storage system
Encipherment scheme.Manual file encryption is combined (text by this scheme with the autofile decryption based on file encryption filter
Part encryption filter is merely responsible for decryption), user can be entered by manual mode to the All Files in a single or file directory
Row cryptographic operation and user, colony's sharing policy are shared to the individual of file it is managed and (including strategy setting, change and delete
Remove or remove) and encryption file is encrypted public key renewal operation, the file after encryption is then uploaded into cloud storage system
It is shared for authorized user;The user for having downloaded encryption shared file from cloud storage system can when using encryption shared file
Processing is decrypted to encryption shared file by the way that file encryption filter is automatic, so as to not change shared file user's
The use of encryption shared file is realized in the case of operating with the operation processing mode of custom and program.But patent application
201410151619.2 in scheme there is also following problem:1) user is needed to carry out file encryption by manual mode;Though 2)
The All Files in one file directory can so be set by manual mode personal shared user and colony's sharing policy with
And be encrypted, if but add new file in file directory after completing file policy setting and cryptographic operation, it is new to add
The file entered still needs to again mode by hand and sets personal and colony's sharing policy and be encrypted.It is all these all to user with
Very big inconvenience is carried out.
The present invention is by the basis of the file encryption system in patent application 201410151619.2, with reference to based on file
The transparent file encipherment scheme of encryption filter, proposes that one kind carries out file encryption by manual mode without user and set repeatedly
Shared file encipherment scheme putting decryption control strategy, being suitable for file cloud storage.
The content of the invention
It is suitable for realizing the shared file of file security by file cloud storage system the purpose of the present invention is to propose to a kind of
Encryption system, to overcome the shortcomings of existing scheme.
To achieve these goals, the technical solution adopted in the present invention is:
It is a kind of towards shared secure file catalogue file encryption system, the file encryption system includes secure file mesh
Record, file encryption filter and file encryption filter assisted process, wherein:
Secure file catalogue:One file directory of the selected computer file system for carrying out safeguard protection of user;It is described
The file preserved in the file preserved in secure file catalogue, and subordinate's file directory of secure file catalogue is by file
Encryption filter encrypts the encryption file of generation automatically;The encryption file has after same file with the file before encryption
Sew, i.e., keep file type constant before and after file encryption;The secure file catalogue and its subordinate's file directory be provided with or after
File decryption control strategy is held;The file decryption control strategy of one file directory (set or inherit) defines file directory
Under encryption file default decryption control strategy and authorized user;If in secure file catalogue a file directory (including
The direct subordinate of secure file catalogue or indirect subordinate's file directory) be not provided with file decryption control strategy, then this file mesh
The file decryption control strategy of its higher level's file directory is inherited in record;If a file directory in secure file catalogue is not provided with
File decryption control strategy and its higher level's file directory is also not provided with file decryption control strategy, then its higher level's file directory
File decryption control strategy inherits the file decryption control strategy of more upper level file directory, is set with north on this until inheriting one
It is equipped with the file decryption control strategy of the upper file catalogue of file decryption control strategy;The file decryption control of the file directory
System strategy includes decrypting control strategy for the personal decryption control strategy of personal user and for the colony of group user, its
In, a personal decryption control strategy of file directory provides that a specific personal user has the personal decryption control plan of decryption
The authority of close encryption file under the slightly targeted or file directory that is acted on, and a colony of file directory decryption control plan
Slightly regulation has user's (such as belonging to some group or the user with certain role) of given feature or meets the use of specified criteria
Authority of the family with the encryption file under the file directory that decryption colony decryption control strategy is targeted or is acted on;It is described literary
The personal user that can decrypt encryption file of the personal decryption control strategy license of part catalogue is referred to as personal decryption control strategy
Targeted or the file directory acted on and the personal authorized user of encryption file, the personal authorized user are divided into management and used again
Family and domestic consumer;The management user refers to can be to the file directory in secure file catalogue (including secure file catalogue itself)
It is managed with the file decryption control strategy of encryption file and to encrypting the user that is updated of encrypted public key of file (no
Same file directory can have different management users);Colony's decryption control strategy license by file directory can
The user of decryption encryption file is referred to as that colony's decryption control strategy is targeted or group of the file directory that is acted on and encryption file
Body authorized user;A file decryption control strategy (including personal decryption control strategy and the colony's decryption of the file directory
Control strategy) it is targeted or effect file directory refer to set or inherit the file directory of this document control strategy;It is described
One file decryption control strategy of file directory is targeted or encryption file that acted on refers to be directly deposited in this document solution
Close control strategy is targeted or the file directory that is acted under encryption file;Secure file catalogue generation when creating has
One default personal decryption control strategy for creating user, the establishment user of regulation secure file catalogue is secure file
The management user of catalogue, so that the file decryption control strategy with the file directory in management secure file mesh and encryption file
Authority;The automatic file decryption control strategy for inheriting place file directory during one encryption file generated;One encryption file
Personal decryption control strategy define and can decrypt the personal authorized user of the encryption file and include management user and common use
Family;Colony's decryption control strategy of one encryption file, which is defined, can decrypt the colony authorized user of the encryption file;Safety
The data of each encryption file (including encryption file in the subprime directory of secure file catalogue) in file directory include two
Part:File data and file decryption control data;The file data for encrypting file is as before the encryption corresponding to encryption file
Original non-encrypted file data through a symmetric key generated at random use symmetric key cipher algorithm for encryption after institute
The data of formation;The symmetric key generated at random referred to as file encryption key;Encrypt the file decryption control data of file
Produced according to the file decryption control strategy of the encryption file;Corresponding to the personal decryption control strategy and colony's solution of encryption file
Close control strategy, the file decryption control data of encryption file includes personal decryption control data and colony's decryption control data,
Wherein, including the use of (every personal decryption control strategy defined of encryption file) encryption file in people's decryption control data
Each personal authorized user file encryption key (how many personal authorized user, with regard to how many for encrypting respectively of public key
The file encryption key that part is encrypted respectively with the public key of personal authorized user), and colony's decryption control data is included with shared
Colony's decryption control strategy of the file encryption key of encrypted public key encryption and the encryption file encrypted with file encryption key;
The shared encrypted public key is a public public key that the file encryption key for encrypting file is encrypted, its corresponding private key
File decryption for colony authorized user is handled;The file decryption control data of the encryption file is when encrypting file generated
Produce;The file decryption control data of the encryption file is after encryption file generated through managing user's modification file decryption control
System is tactful and changes;
File encryption filter:The subordinate of secure file catalogue is included to the file being stored in the secure file catalogue
A filtering being inserted into the driving stack of computer file system for processing is encrypted and decrypted in file in catalogue automatically
The driving of device type;When the file of a unencryption is saved in secure file catalogue by a process (trusted or untrusted process)
When including in subordinate's file directory of secure file catalogue, the file encryption filter is added automatically to the file of preservation
Close processing;When the file that a process opens a unencryption in secure file catalogue includes subordinate's mesh of secure file catalogue
During the file of a unencryption in record, the file encryption of unencryption is first turned into encryption file by the file encryption filter,
Then follow-up operation processing is carried out again;The file encryption of one unencryption is being turned into an encryption text by file encryption filter
During part, the file decryption control strategy generation encryption file of the file directory (set or inherit) according to where file
File decryption control data;When a trusted process includes secure file catalogue to the encryption file in the secure file catalogue
Subordinate's file directory in encryption file when being read out or deposit write operation file encryption filter write automatically to reading or depositing
File data be decrypted or encryption;When a untrusted process is to the encryption file bag in the secure file catalogue
When including the encryption file in subordinate's file directory of secure file catalogue and being read, the file encryption filter is not right
Processing is decrypted in the file data that untrusted process is read;The trusted process is allowed to read encryption text with plaintext version
The program process of the file data of part;The untrusted process is the number of files for being not allowed to read encryption file with clear-text way
According to program process;The trusted process and untrusted process are determined by the file encryption system developer in system development
And Mobile state renewal is entered by online updating mode, or by being set using user's manual configuration of file encryption system;Work as institute
The encryption file that stating the encryption file in secure file catalogue is included in the subprime directory of secure file catalogue is used to upload or same
File cloud storage system (or general file storage system) is walked share in use, the client quilt of file cloud storage system
It is set to untrusted process;The file encryption filter, which is provided with right mouse button menu, to be used for the text in secure file catalogue
Part catalogue (including secure file catalogue itself) and file decryption control strategy (including the personal decryption control strategy for encrypting file
Control strategy is decrypted with colony) it is managed, including set, change, removing decryption control strategy, and to encrypting the text of file
Encrypted public key (public key and shared encrypted public key that include personal authorized user) in part decryption control data is updated operation;
File encryption filter assisted process:One operates in (User under subscriber computer operating system user model
Mode) the program process of (or client layer or application layer), is responsible for completing file encryption filter in System kernel mode
The operation processing that (Kernel Mode) (or inner nuclear layer) can not be completed;
Decryption as a user by right mouse button menu to the file directory in secure file catalogue and encryption file
When control strategy is managed operation or when the encrypted public key renewal operation of file is encrypted, file encryption filter or file
Encryption filter assisted process first determines whether user is file directory or encrypts one of file management user, if so, then after
Continuous operation processing, otherwise, hang up processing.
As a user by right mouse button menu to the file directory in secure file catalogue and the file of encryption file
When decryption control strategy is managed operation or when the encrypted public key renewal operation of file is encrypted, the file encryption filtering
Device or file encryption filter assisted process determine whether user is file directory or encrypts a pipe of file as follows
Manage user:
If what user was operated by right mouse button menu is a file directory, file encryption filter or file
Encryption filter assisted process first obtains the file decryption control strategy of the file directory operated by user, then checks and determines to use
Whether family computer local (in crypto module) has one in file decryption control strategy personal decryption control strategy institute pin
To management user private key, if so, then determining that user is one of file directory management user, otherwise, uncertain user is
One management user of file directory;
If what user was operated by right mouse button menu is an encryption file, file encryption filter or file
Encryption filter assisted process first obtains the personal decryption control data in the file decryption control data of file, then checks true
Determine whether subscriber computer local (in crypto module) has personal decrypt that file encryption key is encrypted in control data
Management user public key corresponding to private key, if so, then determine user be encrypt file management user, otherwise, do not know
User is a management user for encrypting file.
In file directory and encryption document creation or generation, the file encryption filter is in secure file catalogue
File directory and the title of encryption file carry out name translation, including under secure file catalogue itself and secure file catalogue
Level file directory and the title of the encryption file in subordinate's file directory carry out name translation and (preserved on a storage medium
Name is the name after conversion);Name is carried out again (when such as file enumeration, open file operation) when carrying out file I/O operation
Inverse transformation so that file encryption filter not normally start when user or program process seen by file directory title and plus
(original) the file directory title and encryption filename used when close file name is with file directory and encryption document creation
Claim different (being such as shown as mess code).
The file encryption filter includes under secure file catalogue in the unencrypted file in secure file catalogue
Unencrypted file in level file directory generates the file decryption control data of encryption file as follows when being encrypted:
File decryption control strategy (the file solution that file directory is directly set of file directory where obtaining unencrypted file
Close control strategy or the file decryption control strategy of succession), and turn into the file decryption control strategy for encrypting file with this;Use
Every personal public key for decrypting the targeted each personal authorized user of control strategy in the file decryption control strategy of acquisition
The file encryption key generated at random is encrypted respectively, the personal decryption control data of encryption file is formed, using shared
Encrypted public key is encrypted to the file encryption key generated at random and the file decryption of acquisition is controlled with file encryption key
Colony's decryption control strategy in strategy is encrypted, and forms colony's decryption control data of encryption file;By the individual of formation
Decryption control data and colony's decryption control data merge the file decryption control data to form encryption file, then by formation
File decryption control data is put into encryption file.
When user is included to secure file mesh by right mouse button menu to an encryption file in secure file catalogue
When an encryption file in subordinate's file directory of record carries out the setting of file decryption control strategy or modification, the file encryption
Filter or file encryption filter assisted process are it is determined that user is as follows to pipe after the management user for encrypting file
The file decryption control strategy set by user or changed is managed to be handled:
Private key decryption using the current management user for carrying out the setting of file decryption control strategy or modification operation adds
The file encryption key with the public key encryption for currently managing user in the personal decryption control data of ciphertext part;Then use and work as
Preceding management user set or the file decryption control strategy of modification in every personal decryption control strategy it is targeted per each and every one
File encryption key is encrypted respectively for the public key that people authorized user includes current management user, forms the individual of encryption file
Decrypt control data;File encryption key is encrypted using shared encrypted public key and with file encryption key to current management
Colony's decryption control strategy in the file decryption control strategy that user sets or changed is encrypted, and forms the group of encryption file
Body decrypts control data;The personal decryption control data of formation and colony's decryption control data are merged to the text to form encryption file
Part decrypts control data, finally replaces original file decryption control number in encryption file with the file decryption control data formed
According to;
Currently set by management user or in the file decryption control strategy of modification, working as operation, is being configured or changed
Preceding management user is always set or file decryption control strategy of modification in a personal decryption control strategy it is targeted
Manage user.
When user is included to secure file mesh by right mouse button menu to an encryption file in secure file catalogue
When the file decryption control strategy of an encryption file in subordinate's file directory of record is purged, the file encryption filtering
Device or file encryption filter assisted process are it is determined that user is grasped as follows to removing after the management user for encrypting file
As being handled:
Remove clear using carrying out in the colony's decryption control data and personal decryption control data of removing encryption file
Division operation management user public key encryption file encryption key outside other useful public key encryptions file encryption key
And the colony's decryption control strategy encrypted using file encryption key.
As user by right mouse button menu to the file directory progress file decryption control in secure file catalogue
When strategy setting or modification, file encryption filter or the file encryption filter assisted process is it is determined that user is file mesh
Handled as follows managing the file decryption control strategy set by user or changed after the management user of record:
The file mesh that the file decryption control strategy replacement management user for being set or being changed using management user is being operated
The file decryption control strategy of record, wherein, set by management user or in the file decryption control strategy of modification, carry out
Set or modification operation management user is always set or file decryption control strategy of modification in a personal decryption control
The targeted management user of system strategy;For the management user file decryption control strategy that is setting or changing is targeted or institute
Each encryption file of effect, file decryption is configured or changes by management user by right mouse button menu to encryption file
Processing mode when control strategy is operated is handled the file decryption control strategy for setting or changing.
Controlled when user removes file decryption by right mouse button menu to a file directory in secure file catalogue
When tactful, file encryption filter or the file encryption filter assisted process is it is determined that the management that user is file directory is used
The operation that management user removes file decryption control strategy is handled as follows behind family:
Remove in the file decryption control strategy that management user passes through the file directory of right mouse button menu operation and remove pin
To the every other file decryption control strategy outside the personal decryption control strategy of the management user operated, including
Individual's decryption control strategy and colony's decryption control strategy;The file decryption control strategy institute pin removed for management user
Pair or effect each encryption file, by management user by right mouse button menu to encryption file be purged file decryption control
Processing mode during policing action processed is purged the processing of file decryption control strategy.
When user is included to secure file mesh by right mouse button menu to an encryption file in secure file catalogue
When public key renewal operation is encrypted in an encryption file in subordinate's file directory of record, the file encryption filter or text
Part encryption filter assisted process it is determined that user be encrypt file management user after, check management user public key is encrypted
Update each public affairs that file encryption key is encrypted in the file decryption control data of the targeted encryption file of operation
Key, includes the public key and shared encrypted public key for the authorized user that file encryption key is encrypted, it is determined that be each examined
Whether public key has the public key of renewal, if so, then first with the private key for the current management user that public key renewal operation is encrypted
The file encryption key by currently management client public key encryption in the personal decryption control data of decryption encryption file, Ran Houyong
The public key of renewal is encrypted to the file encryption key that decryption is obtained again, is replaced afterwards with the file encryption key after re-encrypted
Encrypt the file encryption key of the original public key encryption of use in the file decryption control data of file.
When user by right mouse button menu to a file directory in secure file catalogue include secure file catalogue
Itself be encrypted public key update operation when, file encryption filter or the file encryption filter assisted process it is determined that with
After family is the management user for encrypting file, include for each encryption file in the file directory that is operating of management user
Encryption file in the subordinate's file directory for the file directory that management user is operating, right mouse button dish is passed through by management user
The processing of public key renewal is encrypted in the processing mode that single pair of encryption file is encrypted when public key updates operation.
From the above description it can be seen that, the present invention is by the encryption of transparent file based on file encryption filter and for peace
The setting of the file decryption control strategy of whole file catalogue and its subordinate's file directory, realizes shared file in file directory
The decryption control data of automatic encryption and encryption file is automatically generated, it is to avoid user need to carry out manual to shared file repeatedly
Encryption and strategy setting operation.Further, the present invention is by the file directory title and filename in secure file catalogue
Claim carry out name translation so that file encryption filter not normally start when user or program process seen by file directory title
The file directory title and file name used during with encryption file name from file directory and encryption document creation is different, than
Mess code is such as shown as, reminds user file encryption filter not yet to start, it is to avoid because file encryption filter does not start normally
So that the file in secure file catalogue is not encrypted, and the file for uploading to file cloud storage system is avoided not to be encrypted.
When for file cloud storage, by the way that the client of file cloud storage system is set into untrusted process so that upload to text
The shared file that is used for of part cloud storage system is encrypted, and can realize that safety is shared between the user of mandate.
Brief description of the drawings
Fig. 1 is the structure chart of the system of the present invention.
Fig. 2 is the data composition schematic diagram for encrypting file of the invention.
Embodiment
The invention will be further described with reference to the accompanying drawings and examples.
The present invention system can the applicant a kind of another patent application " file encryption system towards shared file
System " (number of patent application:201410151619.2) implement on the basis of the shared file encipherment scheme in, it is perhaps many to implement
It is the same or similar with the implementation in patent application 201410151619.2 or extends in the above, it is specific as follows.
Public-key cipher technology:For the same patent application of public-key cipher technology used in encryption file
As in 201410151619.2, can be used identify-based encryption technology (Identity Based Encryption,
IBE), the use and the implementation of IBE cipher key service systems of extension identity are included.
Personal authorized user and colony authorized user:Personal authorized user in the present invention corresponds to patent application
Individual in 201410151619.2 shares user, but the personal authorized user in the present invention be further divided into management user and
Domestic consumer;User shares in the colony that the colony authorized user of the present invention corresponds in patent application 201410151619.2.
Secure file catalogue:Secure file catalogue can be any one file directory of subscriber computer file system, use
Family can be secure file catalogue by some file directory of right mouse button menu designated computer file system, or cancel
The secure file catalogue of setting, relevant configuration information can be stored in the file directory of file encryption system program storage.
File decryption control strategy:Colony's decryption control strategy in the present invention corresponds to patent application
201410151619.2 in colony's sharing policy;The personal decryption control strategy of the present invention is in patent application
201410151619.2 in without correspondence;The personal decryption control strategy of the present invention and the form of colony's decryption control strategy can be certainly
Define (text or XML) or using standard criterion form (such as XACML, eXtensible Access Control Markup
Language).It is (including individual for each file directory in secure file catalogue and the file decryption control strategy for encrypting file
People and colony's decryption control strategy) storage, can using leave concentratedly or it is scattered deposit by the way of, such as, leave concentratedly
In a toy data base on subscriber computer, or the file decryption control that All Files catalogue and encryption file will be included
The file (i.e. strategy file) of strategy is stored in the file directory of file encryption system program storage, or will include all texts
The strategy file of the file decryption control strategy of part catalogue and encryption file is stored in secure file catalogue (root), or
By a file directory and the strategy file of the file decryption control strategy for the encryption file being stored directly under this document catalogue
Deposit under this document catalogue (scattered storage scheme).
If the strategy file for preserving file decryption control strategy is left concentratedly in secure file catalogue or disperses to be stored in peace
In each file directory of whole file catalogue, then the filename of strategy file also carries out name conversion and in the form of hidden file
Preserve, file encryption filter does not return to the enumerations information of policy file when handling file enumeration operation.In order to ensure text
Part decrypts the safety of control strategy, prevents unauthorized modification, and strategy file available (last) is set or modification file solution
The private-key digital signature of the management user of close control strategy.
Encrypt file:Specific embodiment (i.e. the composition of file data) same patent application of encrypted file data
The embodiment of encryption file in 201410151619.2 is substantially the same, is the text for encrypting file in the present invention
The encryption text that personal decryption control data in part decryption control data corresponds in application for a patent for invention 201410151619.2
The public key with personal shared user in the key data of part file encryption key is encrypted the data formed afterwards, this hair
Colony's decryption control data in the file decryption control data of encryption file in bright corresponds to application for a patent for invention
Use in the key data of encryption file in 201410151619.2 shares the file encryption key and use of encrypted public key encryption
Colony's sharing policy of file encryption key encryption.It should be noted that, although encryption file includes or indirectly comprising encryption text
File decryption control strategy data in the personal decryption control strategy and colony decryption control strategy, but secure file catalogue of part
The file decryption control strategy of encryption file is still preserved in storehouse or strategy file.
File encryption filter:File encryption filter can the encrypted filter of file in patent application 201410151619.2
Extended on the basis of device, increase file encryption function of the present invention.
File encryption filter assisted process:Any application-development technologies for being suitable for subscriber computer can be used
Exploitation.What the data exchange between file encryption filter assisted process and file encryption filter can be provided using operating system
Data exchange mechanism (the data exchange between inner nuclear layer and client layer that such as Windows is provided between inner nuclear layer and client layer
Mechanism).
File name and file directory name translation:File name and a kind of embodiment of file directory name translation are
Ring shift left is carried out by low 7 of each byte of the byte serial of name or moves to right 1;Or owning the byte serial of name
Low 7 merging of byte, carry out ring shift left or move to right 1, then by the data after displacement by every 7 bit allocation to name after merging
The corresponding byte of the byte serial of word;Or Base64 coding (this schemes directly are carried out to file name and file directory title
The length of name can be changed).Name conversion is carried out in file directory or encryption document creation;Carrying out file I/O operation
Shi Jinhang inverse transformations (as carried out shift reverse or Base64 decodings).File name and file directory name translation and inverse transformation by
File encryption filter is carried out.
Public key updates:The meaning of the public key of the renewal of the present invention is as in patent application 201410151619.2.
Encrypt the decryption of file:The embodiment of the shared encryption file of personal authorized user decryption of the present invention and patent Shen
The embodiment that individual that please be in 201410151619.2 shares the shared encryption file of user's decryption is identical;Colony in the present invention
The embodiment of the shared encryption file of authorized user's decryption shares user's solution with the colony in patent application 201410151619.2
The scheme of close shared encryption file is identical, including implements the file solution in patent application 201410151619.2 for group of subscribers
Close server and identity management system.
Other aspects realized for technology, are self-evident for the technology developer of association area.
Claims (10)
1. a kind of towards shared secure file catalogue file encryption system, the file encryption system includes secure file mesh
Record, file encryption filter and file encryption filter assisted process, wherein:
Secure file catalogue:One file directory of the selected computer file system for carrying out safeguard protection of user;The safety
The file preserved in the file preserved in file directory, and subordinate's file directory of secure file catalogue is by file encryption
Filter encrypts the encryption file of generation automatically;The encryption file has same file suffixes with the file before encryption, i.e.,
Keep file type constant before and after file encryption;The secure file catalogue and its subordinate's file directory are provided with or inherited text
Part decrypts control strategy;The file decryption control strategy of one file directory defines the default of the encryption file under file directory
Decrypt control strategy and authorized user;If a file directory in secure file catalogue is not provided with file decryption control plan
Slightly, then this file directory inherits the file decryption control strategy of its higher level's file directory;If a text in secure file catalogue
Part catalogue is not provided with file decryption control strategy and its higher level's file directory is also not provided with file decryption control strategy, then its
The file decryption control strategy of upper file catalogue inherits the file decryption control strategy of more upper level file directory, with north on this
File decryption control strategy until inheriting a upper file catalogue for being provided with file decryption control strategy;The file mesh
The file decryption control strategy of record includes solving for the personal decryption control strategy of personal user and for the colony of group user
Close control strategy, wherein, a personal decryption control strategy of file directory provides that a specific personal user has decryption
Individual's decryption control strategy is targeted or authority of encryption file under the file directory that is acted on, and a group of file directory
Body decryption control strategy provides there is the decryption control of decryption colony with the user for giving feature or the user for meeting specified criteria
Strategy is targeted or authority of encryption file under the file directory that is acted on;The personal decryption control plan by file directory
The personal user that can decrypt encryption file slightly permitted is referred to as the file mesh that personal decryption control strategy is targeted or is acted on
Record and the personal authorized user of encryption file, the personal authorized user are divided into management user and domestic consumer again;The management
User, which refers to, to be managed and right to the file decryption control strategy of the file directory in secure file catalogue and encryption file
The user that the encrypted public key of encryption file is updated;It is described to be solved by what colony's decryption control strategy of file directory was permitted
The user of close encryption file is referred to as that colony's decryption control strategy is targeted or colony of the file directory that is acted on and encryption file
Authorized user;One file decryption control strategy of the file directory it is targeted or effect file directory refer to set or after
The file directory that this document decrypts control strategy is held;One file decryption control strategy of the file directory is targeted or institute
The encryption file of effect refer to be directly deposited in this document decryption control strategy is targeted or the file directory that is acted under plus
Ciphertext part;Secure file catalogue generation when creating has a default personal decryption control plan for creating user
Slightly, the establishment user of regulation secure file catalogue is the management user of secure file catalogue, so that with management secure file mesh
The authority of the file decryption control strategy of file directory and encryption file in record;Institute is inherited during one encryption file generated automatically
In the file decryption control strategy of file directory;The personal decryption control strategy of one encryption file defines and can decrypt and should add
The personal authorized user of ciphertext part includes management user and domestic consumer;Colony's decryption control strategy regulation of one encryption file
It can decrypt the colony authorized user of the encryption file;The data of each encryption file in secure file catalogue include two
Point:File data and file decryption control data;The file data for encrypting file is as before the encryption corresponding to encryption file
Institute's shape after the non-encrypted file data of original use symmetric key cipher algorithm for encryption through a symmetric key generated at random
Into data;The symmetric key generated at random referred to as file encryption key;Encrypt the file decryption control data root of file
Produced according to the file decryption control strategy of the encryption file;Personal decryption control strategy and colony's decryption corresponding to encryption file
Control strategy, the file decryption control data of encryption file includes personal decryption control data and colony's decryption control data, its
In, the file encrypted respectively including the use of the public key of each personal authorized user of encryption file in individual's decryption control data adds
Key, and colony's decryption control data includes the file encryption key encrypted with shared encrypted public key and uses file encryption
Colony's decryption control strategy of the encryption file of key encryption;The shared encrypted public key is one and the file for encrypting file is added
The public public key that key is encrypted, the file decryption that its corresponding private key is used for colony authorized user is handled;The encryption
The file decryption control data of file is produced when encrypting file generated;The file decryption control data of the encryption file is adding
Change after close file generated through managing user's modification file decryption control strategy;
File encryption filter:The subprime directory of secure file catalogue is included to the file being stored in the secure file catalogue
In file be encrypted and decrypted automatically processing be inserted into computer file system driving stack in a filter class
The driving of type;Include when the file of a unencryption is saved in secure file catalogue by a process under secure file catalogue
When in level file directory, the file of preservation is encrypted the file encryption filter automatically;When a process is opened
The file of a unencryption in secure file catalogue includes the text of a unencryption in the subprime directory of secure file catalogue
During part, the file encryption of unencryption is first turned into encryption file by the file encryption filter, and follow-up operation is then carried out again
Processing;File encryption filter is during the file encryption of a unencryption to be turned into an encryption file, according to file
The file decryption control data of the file decryption control strategy generation encryption file of the file directory at place;When a trusted process
Include the encryption file in subordinate's file directory of secure file catalogue to the encryption file in the secure file catalogue to carry out
File encryption filter is decrypted or encryption to reading or depositing the file data write automatically when reading or deposit write operation;When
One untrusted process includes in subordinate's file directory of secure file catalogue to the encryption file in the secure file catalogue
Encryption file when being read, the file encryption filter is not solved to the file data that untrusted process is read
Close processing;The trusted process is allowed to read the program process of the file data of encryption file with plaintext version;It is described non-
Trusted process is the program process for being not allowed to read the file data of encryption file with clear-text way;The trusted process and non-
Trusted process is determined in system development by the file encryption system developer and enters Mobile state more by online updating mode
Newly, or by being set using user's manual configuration of file encryption system;When the encryption file bag in the secure file catalogue
Including the encryption file in the subprime directory of secure file catalogue is used to upload or be synchronized to file cloud storage system and share to make
Used time, the client of file cloud storage system is arranged to untrusted process;The file encryption filter is provided with right mouse
Key menu is used to be managed the file decryption control strategy of the file directory in secure file catalogue and encryption file, including
Set, change, removing decryption control strategy, and the encrypted public key in the file decryption control data of encryption file is carried out more
New operation;
File encryption filter assisted process:One program process for operating under subscriber computer operating system user model,
It is responsible for completing the operation processing that file encryption filter can not be completed in System kernel mode;
When a user is controlled the decryption of the file directory in secure file catalogue and encryption file by right mouse button menu
When strategy is managed operation or when the encrypted public key renewal operation of file is encrypted, file encryption filter or file encryption
Filter assisted process first determines whether user is file directory or encrypts a management user of file, if so, then continuing to grasp
Deal with, otherwise, hang up processing.
2. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:When a use
Family is carried out by right mouse button menu to the file decryption control strategy of the file directory in secure file catalogue and encryption file
During management operation or when the encrypted public key renewal operation of file is encrypted, the file encryption filter or file encryption filtering
Device assisted process determines whether user is file directory or encrypts a management user of file as follows:
If what user was operated by right mouse button menu is a file directory, file encryption filter or file encryption
Filter assisted process first obtains the file decryption control strategy of the file directory operated by user, then checks and determines user's meter
Whether calculation machine locally has the private key of the targeted management user of one in file decryption control strategy personal decryption control strategy,
If so, then determining that user is a management user of file directory, otherwise, uncertain user is that a management of file directory is used
Family;
If what user was operated by right mouse button menu is an encryption file, file encryption filter or file encryption
Filter assisted process first obtains the personal decryption control data in the file decryption control data of file, then checks and determines to use
Whether family computer locally has the public key institute for the management user that file encryption key is encrypted in personal decryption control data
Corresponding private key, if so, then determining that user is the management user for encrypting file, otherwise, uncertain user is encrypt file one
Individual management user.
3. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:
In file directory and encryption document creation or generation, the file encryption filter is to the file in secure file catalogue
Catalogue and the title of encryption file carry out name translation, including to subordinate's text of secure file catalogue itself and secure file catalogue
The title of encryption file in part catalogue and subordinate's file directory carries out name translation;Enter again when carrying out file I/O operation
Row name inverse transformation so that file encryption filter not normally start when user or program process seen by file directory name
The file directory title and encryption file name for claiming and being used when encrypting file name with file directory and encryption document creation
It is different.
4. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:
Unencrypted file of the file encryption filter in secure file catalogue includes subordinate's text of secure file catalogue
Unencrypted file in part catalogue generates the file decryption control data of encryption file as follows when being encrypted:
The file decryption control strategy of file directory where obtaining unencrypted file, and turn into the file decryption for encrypting file with this
Control strategy;Awarded using every targeted each individual of personal decryption control strategy in the file decryption control strategy of acquisition
The file encryption key generated at random is encrypted respectively for the public key of power user, forms the personal decryption control number of encryption file
According to the file encryption key generated at random being encrypted using shared encrypted public key and with text of the file encryption key to acquisition
Colony's decryption control strategy in part decryption control strategy is encrypted, and forms colony's decryption control data of encryption file;Will
The personal decryption control data and colony's decryption control data of formation merge the file decryption control data to form encryption file, so
The file decryption control data of formation is put into encryption file afterwards.
5. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:
When user is included to secure file catalogue by right mouse button menu to an encryption file in secure file catalogue
When an encryption file in subordinate's file directory carries out the setting of file decryption control strategy or modification, the file encryption filtering
Device or file encryption filter assisted process are it is determined that user is management to be used as follows after the management user for encrypting file
Family is set or file decryption control strategy of modification is handled:
Use the private key decryption encryption text for the current management user for carrying out the setting of file decryption control strategy or modification operation
The file encryption key with the public key encryption for currently managing user in the personal decryption control data of part;Then use and work as front tube
Every targeted each individual of personal decryption control strategy in the file decryption control strategy that reason user sets or changed awards
File encryption key is encrypted respectively for the public key that power user includes current management user, forms the personal decryption of encryption file
Control data;File encryption key is encrypted using shared encrypted public key and with file encryption key to current management user
Colony's decryption control strategy in the file decryption control strategy for setting or changing is encrypted, and forms colony's solution of encryption file
Close control data;The personal decryption control data of formation and colony's decryption control data are merged to the file solution to form encryption file
Close control data, finally replaces original file decryption control data in encryption file with the file decryption control data formed;
Currently set by management user or in the file decryption control strategy of modification, be configured or change operation works as front tube
Manage that user is always set or file decryption control strategy of modification in the targeted management of a personal decryption control strategy
User.
6. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:
When user is included to secure file catalogue by right mouse button menu to an encryption file in secure file catalogue
When the file decryption control strategy of one in subordinate's file directory encryption file is purged, the file encryption filter or
File encryption filter assisted process it is determined that user be encrypt file management user after clear operation is entered as follows
Row processing:
Remove the colony's decryption control data for encrypting file and remove to use in personal decryption control data and be purged behaviour
Work management user public key encryption file encryption key outside the file encryption key of other useful public key encryptions and
Control strategy is decrypted by the colony encrypted using file encryption key.
7. according to claim 1 or 5 towards shared secure file catalogue file encryption system, it is characterized in that:
As user by right mouse button menu to the file directory progress file decryption control strategy in secure file catalogue
When setting or changing, file encryption filter or the file encryption filter assisted process is it is determined that user is file directory
Handled as follows managing the file decryption control strategy set by user or changed after management user:
The file directory that the file decryption control strategy replacement management user for being set or being changed using management user is being operated
File decryption control strategy, wherein, set by management user or in the file decryption control strategy of modification, it is configured
Modification operation management user is always set or file decryption control strategy of modification in a personal decryption control plan
Slightly targeted management user;It is targeted or acted on for the management user file decryption control strategy that is setting or changing
Each encryption file, by management user by right mouse button menu to encryption file be configured or change file decryption control
Processing mode during policing action is handled the file decryption control strategy for setting or changing.
8. according to claim 1 or 6 towards shared secure file catalogue file encryption system, it is characterized in that:
As user by right mouse button menu to the file directory removing file decryption control strategy in secure file catalogue
When, file encryption filter or the file encryption filter assisted process is after it is determined that user is the management user of file directory
The operation that management user removes file decryption control strategy is handled as follows:
Remove removing for just in the file decryption control strategy that management user passes through the file directory of right mouse button menu operation
Every other file decryption control strategy outside the personal decryption control strategy of the management user operated, including individual
Decrypt control strategy and colony's decryption control strategy;For the file decryption control strategy removed of management user it is targeted or
Each encryption file of effect, is purged file decryption to encryption file by right mouse button menu by management user and controls plan
Processing mode when slightly operating is purged the processing of file decryption control strategy.
9. it is according to claim 1 towards shared secure file catalogue file encryption system, it is characterized in that:
When user is included to secure file catalogue by right mouse button menu to an encryption file in secure file catalogue
When public key renewal operation is encrypted in an encryption file in subordinate's file directory, the file encryption filter or file add
Close filter assisted process it is determined that user be encrypt file management user after, check management user be encrypted public key renewal
Each public key that file encryption key is encrypted in the file decryption control data of the targeted encryption file of operation, bag
The public key and shared encrypted public key for the authorized user that file encryption key is encrypted are included, it is determined that each examined public key is
No have the public key of renewal, if so, then first being added with the private key decryption that the current management user that public key updates operation is encrypted
The file encryption key by currently management client public key encryption in the personal decryption control data of ciphertext part, then uses what is updated
Public key is encrypted to the file encryption key that decryption is obtained again, replaces encryption text with the file encryption key after re-encrypted afterwards
The file encryption key of the original public key encryption of use in the file decryption control data of part.
10. it is according to claim 9 towards shared secure file catalogue file encryption system, it is characterized in that:
When user by right mouse button menu to a file directory in secure file catalogue include secure file catalogue itself
When public key renewal operation is encrypted, file encryption filter or the file encryption filter assisted process is it is determined that user is
After the management user for encrypting file, each encryption file in the file directory operated for management user includes management
Encryption file in the subordinate's file directory for the file directory that user is operating, right mouse button menu pair is passed through by management user
The processing of public key renewal is encrypted in the processing mode that encryption file is encrypted when public key updates operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410323581.2A CN104125069B (en) | 2014-07-07 | 2014-07-07 | It is a kind of towards shared secure file catalogue file encryption system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410323581.2A CN104125069B (en) | 2014-07-07 | 2014-07-07 | It is a kind of towards shared secure file catalogue file encryption system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104125069A CN104125069A (en) | 2014-10-29 |
| CN104125069B true CN104125069B (en) | 2017-07-25 |
Family
ID=51770341
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410323581.2A Active CN104125069B (en) | 2014-07-07 | 2014-07-07 | It is a kind of towards shared secure file catalogue file encryption system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104125069B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104734847B (en) * | 2015-04-21 | 2018-01-19 | 武汉理工大学 | Towards the shared symmetric key data encryption and decryption method of public key cryptography application |
| CN105224882B (en) * | 2015-09-23 | 2018-04-20 | 武汉理工大学 | A kind of file encryption system based on bridge file system |
| CN105426766B (en) * | 2015-10-27 | 2018-05-18 | 武汉理工大学 | A kind of file encryption system based on shadow file |
| CN105590067B (en) * | 2015-12-17 | 2018-06-19 | 武汉理工大学 | A kind of file encryption system based on user's space file system |
| CN105740725B (en) * | 2016-01-29 | 2018-08-28 | 北京大学 | A kind of document protection method and system |
| CN106599728A (en) * | 2016-12-02 | 2017-04-26 | 山东中创软件商用中间件股份有限公司 | File filtering drive framework-based system file protection method and apparatus |
| CN106650492B (en) * | 2016-12-14 | 2019-06-07 | 北京大学 | A kind of multiple device file guard method and device based on security catalog |
| CN108632206A (en) * | 2017-03-19 | 2018-10-09 | 上海格尔软件股份有限公司 | A kind of system that encryption cloud storage is combined with explorer |
| CN110381029B (en) * | 2019-06-20 | 2022-03-01 | 视联动力信息技术股份有限公司 | Monitoring resource synchronization method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103825953A (en) * | 2014-03-04 | 2014-05-28 | 武汉理工大学 | User mode encrypt file system |
| CN103841113A (en) * | 2014-03-20 | 2014-06-04 | 武汉理工大学 | Safe network file system based on user mode file system |
| CN103888467A (en) * | 2014-03-31 | 2014-06-25 | 武汉理工大学 | Sharing-oriented safety file folder encryption system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2107492B1 (en) * | 2007-01-24 | 2019-07-24 | Humming Heads Inc. | Method, device, and program for converting data in storage medium |
-
2014
- 2014-07-07 CN CN201410323581.2A patent/CN104125069B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103825953A (en) * | 2014-03-04 | 2014-05-28 | 武汉理工大学 | User mode encrypt file system |
| CN103841113A (en) * | 2014-03-20 | 2014-06-04 | 武汉理工大学 | Safe network file system based on user mode file system |
| CN103888467A (en) * | 2014-03-31 | 2014-06-25 | 武汉理工大学 | Sharing-oriented safety file folder encryption system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104125069A (en) | 2014-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104125069B (en) | It is a kind of towards shared secure file catalogue file encryption system | |
| CN105378649B (en) | More permissions data safety and access | |
| CN103825953B (en) | A kind of user model encrypted file system | |
| CN103916480B (en) | A kind of file encryption system towards shared file | |
| CN105122265B (en) | Data safety service system | |
| CN103841113B (en) | A kind of secure network file system based on user model file system | |
| CN104063334A (en) | Encryption method and system based on data attributions | |
| CN103686716A (en) | Android access control system for enhancing confidentiality and integrality | |
| US11494508B2 (en) | Secrets as a service | |
| CN106656997B (en) | One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption | |
| CN103546547A (en) | Cryptosystem for cloud storage files | |
| CN109617855B (en) | File sharing method, device, equipment and medium based on CP-ABE layered access control | |
| CN102215214B (en) | Selective-transparent-encryption/decryption-based file protection method and system | |
| CN107426162A (en) | A kind of method based on attribute base encryption Implement Core mutual role help | |
| CN102945356A (en) | Access control method and system for search engine under cloud environment | |
| Zhang et al. | A dynamic cryptographic access control scheme in cloud storage services | |
| CN109327448A (en) | A kind of cloud file sharing method, device, equipment and storage medium | |
| JP6092057B2 (en) | File access control device, file access control program, and file access control method | |
| CN106603544A (en) | Data storage and cloud control method capable of lightweight auditing | |
| Ramesh et al. | Implementing One Time Password based security mechanism for securing personal health records in cloud | |
| Gurav et al. | Scalable and secure sharing of personal health records in cloud computing using attribute based encryption | |
| Fimiani | Supporting privacy in a cloud-based health information system by means of fuzzy conditional identity-based proxy re-encryption (FCI-PRE) | |
| Suma et al. | Blockchain usage in the electronic health record system using attribute-based signature | |
| Wu et al. | A trusted and efficient cloud computing service with personal health record | |
| Dara | Privacy Patterns in Public Clouds |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20190813 Address after: 314112 2 Floor 2, No. 383 Huimin Avenue, Huimin Street, Jiashan County, Jiaxing City, Zhejiang Province Patentee after: Jiaxing Guao Gene Technology Co.,Ltd. Address before: 430070 Hubei Province, Wuhan city Hongshan District Luoshi Road No. 122 Patentee before: Wuhan University of Technology |
|
| TR01 | Transfer of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A Share-Oriented Security File Directory File Encryption System Effective date of registration: 20220822 Granted publication date: 20170725 Pledgee: Zhejiang Jiashan rural commercial bank Limited by Share Ltd. science and technology sub branch Pledgor: Jiaxing Guao Gene Technology Co.,Ltd. Registration number: Y2022330001863 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230728 Granted publication date: 20170725 Pledgee: Zhejiang Jiashan rural commercial bank Limited by Share Ltd. science and technology sub branch Pledgor: Jiaxing Guao Gene Technology Co.,Ltd. Registration number: Y2022330001863 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A Shared Oriented Secure File Catalog File Encryption System Effective date of registration: 20230801 Granted publication date: 20170725 Pledgee: Zhejiang Jiashan rural commercial bank Limited by Share Ltd. science and technology sub branch Pledgor: Jiaxing Guao Gene Technology Co.,Ltd. Registration number: Y2023110000319 |