CN105635055A - Cloud data safety usage method - Google Patents
Cloud data safety usage method Download PDFInfo
- Publication number
- CN105635055A CN105635055A CN201410601149.5A CN201410601149A CN105635055A CN 105635055 A CN105635055 A CN 105635055A CN 201410601149 A CN201410601149 A CN 201410601149A CN 105635055 A CN105635055 A CN 105635055A
- Authority
- CN
- China
- Prior art keywords
- data
- ekey
- cloud
- clouds
- certification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a cloud data safety usage method. The method is characterized in that important data is stored in a cloud; when network connection exists, a user logs in the cloud through an account+password; an EKEY must be inserted, and, after authentication is passed through, the data can be checked and downloaded; the downloaded data is automatically encrypted, and can be normally and locally used; after the encrypted data is uploaded, a secret key is called when the encrypted data is opened, and usage of the cloud is not influenced; if the EKEY is not identified, or the authentication is not passed through, the data cannot be checked and downloaded; and, when the network connection does not exist, an EKEY off-line strategy is firstly read if the encrypted data is opened, and the opened data is limited by time, the frequency and the like. The cloud data safety usage method provided by the invention solves the information safety problem when cloud data interacts with local data, data safety can be effectively improved, and an influence cannot generated on user's usage.
Description
Technical field
The present invention relates to a kind of method that cloud data safe uses.
Background technology
The Internet, cloud computing, big data have become as three main trend that future network develops, and Situation on Information Security is also increasingly severeer. Internet firm is proposed the cloud storage instrument of oneself one after another, and various jumbo cloud disk is arisen at the historic moment, and has carried out great convenience to our data tape, but the safety of data has much room for improvement. As long as account number, password are stolen, it is easy to obtain private data message, and locally downloading data are easier to be stolen.
Summary of the invention
The present invention is to solve the deficiencies in the prior art, it is provided that a kind of method that cloud data safe uses, solution high in the clouds data and local data information security issue time mutual, it is possible to effectively improve Information Security, and the use of user is not produced impact.
For solving above-mentioned technical problem, the method that a kind of cloud data safe provided by the invention uses, adopt the following technical scheme that
A kind of method that cloud data safe uses, it is characterised in that comprise the steps:
S1: user inputs user name, password, inserts EKEY and first logs into high in the clouds, and cloud database can record EKEY serial number, binds with user name, password, and downloads key in EKEY;
S2:EKEY hardware includes EKEY serial number (having unique encodings mode), encryption section (encryption library, key, off-line counting module), memory area (storage data), reserved area (Function Extension);
S3: space, high in the clouds comprises shared storage area and private memory area, accesses shared storage area without EKEY certification, accesses private memory area and needs EKEY certification;
S4: user downloads data need to first pass through EKEY certification, the encryption library in EKEY is called in certification after passing through, it is ensured that locally downloading data are in encrypted state, and this encryption technology adopts transparent encryption technology, and adds ciphertext data and can normally use in this locality;
S5: open data in this locality, can judge whether data encrypt, expressly directly opens, and ciphertext first scans EKEY information, and whether checking EKEY is effective, calls key in EKEY and open data after being verified, and authentication failed calls off-line strategy;
S6: when None-identified EKEY or certification do not pass through, opens and adds ciphertext data and can read the off-line effect duration of EKEY, and trigger automatic counting function, limits the use natural law of data, number of times.
Specifically, the local ciphertext data that adds uploads to high in the clouds and is still in encrypted state, opens high in the clouds and adds ciphertext data and have two ways, and a kind of needs are cached to the key calling in EKEY in this locality and open, and one directly invokes high in the clouds key and opens.
Specifically, described EKEY includes headspace, memory space and encryption section.
The method that a kind of cloud data safe provided by the invention uses, solution high in the clouds data and local data information security issue time mutual, it is possible to effectively improve Information Security, and the use of user is not produced impact.
Accompanying drawing explanation
Fig. 1 is the step schematic diagram of the method that a kind of cloud data safe described in the embodiment of the present invention uses.
Fig. 2 is that in the method that a kind of cloud data safe described in the embodiment of the present invention is practical, EKEY comprises information schematic diagram.
Detailed description of the invention
The method that the cloud data safe embodiment of the present invention being supplied to below in conjunction with accompanying drawing uses is described in detail.
As shown in Figure 1, 2, the method that a kind of cloud data safe that the embodiment of the present invention provides uses, it is characterised in that comprise the steps:
S1: user inputs user name, password, inserts EKEY and first logs into high in the clouds, and cloud database can record EKEY serial number, binds with user name, password, and downloads key in EKEY;
S2:EKEY hardware includes EKEY serial number (having unique encodings mode), encryption section (encryption library, key, off-line counting module), memory area (storage data), reserved area (Function Extension);
S3: space, high in the clouds comprises shared storage area and private memory area, accesses shared storage area without EKEY certification, accesses private memory area and needs EKEY certification;
S4: user downloads data need to first pass through EKEY certification, the encryption library in EKEY is called in certification after passing through, it is ensured that locally downloading data are in encrypted state, and this encryption technology adopts transparent encryption technology, and adds ciphertext data and can normally use in this locality;
S5: open data in this locality, can judge whether data encrypt, expressly directly opens, and ciphertext first scans EKEY information, and whether checking EKEY is effective, calls key in EKEY and open data after being verified, and authentication failed calls off-line strategy;
S6: when None-identified EKEY or certification do not pass through, opens and adds ciphertext data and can read the off-line effect duration of EKEY, and trigger automatic counting function, limits the use natural law of data, number of times.
Specifically, the local ciphertext data that adds uploads to high in the clouds and is still in encrypted state, opens high in the clouds and adds ciphertext data and have two ways, and a kind of needs are cached to the key calling in EKEY in this locality and open, and one directly invokes high in the clouds key and opens.
Specifically, described EKEY includes headspace, memory space and encryption section.
Embodiment:
1, user have registered a cloud disk, stores and has collected substantial amounts of data message, when logging in cloud disk, inputs user name, password can log in. As long as at web page horse hanging, it is possible to obtain account number, password easily, steal private data.
2, logging in now cloud disk and need certification EKEY, this EKEY is by cloud disk provider or company's unified payment, and cloud server captures EKEY serial number, is stored in cloud database, then issues the key mated with user name in EKEY;
3, when needs download data from high in the clouds, first authenticating whether EKEY mates, certification, by downloading data, is downloaded data and can be triggered the encryption library in EKEY, the data that encryption is downloaded automatically;
4, user opens the data of encryption, first can trigger EKEY and high in the clouds certification, after certification is passed through, calls the key in EKEY and opens and add ciphertext data, certification not by or None-identified EKEY information then cannot open and add ciphertext data;
5, when user is not connected to network, open and add ciphertext data EKEY and with high in the clouds certification, can cannot automatically read the off-line effect duration in EKEY, call key and open and add ciphertext data, and self-clocking.
Local cipher files passe, to high in the clouds personal air, is first debugged key, just can normally be opened when opening.
The method that a kind of cloud data safe provided by the invention uses, solution high in the clouds data and local data information security issue time mutual, it is possible to effectively improve Information Security, and the use of user is not produced impact.
The above; being only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, any those familiar with the art is in the technical scope that the invention discloses; change can be readily occurred in or replace, all should be encompassed within protection scope of the present invention. Therefore, protection scope of the present invention should described be as the criterion with scope of the claims.
Claims (3)
1. the method that a cloud data safe uses, it is characterised in that comprise the steps:
S1: user inputs user name, password, inserts EKEY and first logs into high in the clouds, and cloud database can record EKEY serial number, binds with user name, password, and downloads key in EKEY;
S2:EKEY hardware includes EKEY serial number (having unique encodings mode), encryption section (encryption library, key, off-line counting module), memory area (storage data), reserved area (Function Extension);
S3: space, high in the clouds comprises shared storage area and private memory area, accesses shared storage area without EKEY certification, accesses private memory area and needs EKEY certification;
S4: user downloads data need to first pass through EKEY certification, the encryption library in EKEY is called in certification after passing through, it is ensured that locally downloading data are in encrypted state, and this encryption technology adopts transparent encryption technology, and adds ciphertext data and can normally use in this locality;
S5: open data in this locality, can judge whether data encrypt, expressly directly opens, and ciphertext first scans EKEY information, and whether checking EKEY is effective, calls key in EKEY and open data after being verified, and authentication failed calls off-line strategy;
S6: when None-identified EKEY or certification do not pass through, opens and adds ciphertext data and can read the off-line effect duration of EKEY, and trigger automatic counting function, limits the use natural law of data, number of times.
2. the method that cloud data safe according to claim 1 uses, it is characterized in that, the local ciphertext data that adds uploads to high in the clouds and is still in encrypted state, open high in the clouds to add ciphertext data and have two ways, a kind of needs are cached to the key calling in EKEY in this locality and open, and one directly invokes high in the clouds key and opens.
3. the method that cloud data safe according to claim 1 uses, it is characterised in that described EKEY includes headspace, memory space and encryption section.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410601149.5A CN105635055A (en) | 2014-11-01 | 2014-11-01 | Cloud data safety usage method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410601149.5A CN105635055A (en) | 2014-11-01 | 2014-11-01 | Cloud data safety usage method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105635055A true CN105635055A (en) | 2016-06-01 |
Family
ID=56049561
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410601149.5A Pending CN105635055A (en) | 2014-11-01 | 2014-11-01 | Cloud data safety usage method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105635055A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1773994A (en) * | 2005-10-28 | 2006-05-17 | 广东省电信有限公司研究院 | Method for realizing data safety storing business |
| CN102291391A (en) * | 2011-07-21 | 2011-12-21 | 西安百盛信息技术有限公司 | Safe transmission method for data in cloud service platform |
| CN102629926A (en) * | 2012-04-06 | 2012-08-08 | 上海凯卓信息科技有限公司 | Encrypting cloud storage method based on intelligent mobile terminal |
| CN103559456A (en) * | 2013-10-24 | 2014-02-05 | 广东明创软件科技有限公司 | Data protecting method and terminal based on time |
| CN103916404A (en) * | 2014-04-23 | 2014-07-09 | 北京淦蓝润和信息技术有限公司 | Data management method and system |
| CN103973699A (en) * | 2014-05-20 | 2014-08-06 | 中国联合网络通信集团有限公司 | Data encryption and decryption methods and devices |
-
2014
- 2014-11-01 CN CN201410601149.5A patent/CN105635055A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1773994A (en) * | 2005-10-28 | 2006-05-17 | 广东省电信有限公司研究院 | Method for realizing data safety storing business |
| CN102291391A (en) * | 2011-07-21 | 2011-12-21 | 西安百盛信息技术有限公司 | Safe transmission method for data in cloud service platform |
| CN102629926A (en) * | 2012-04-06 | 2012-08-08 | 上海凯卓信息科技有限公司 | Encrypting cloud storage method based on intelligent mobile terminal |
| CN103559456A (en) * | 2013-10-24 | 2014-02-05 | 广东明创软件科技有限公司 | Data protecting method and terminal based on time |
| CN103916404A (en) * | 2014-04-23 | 2014-07-09 | 北京淦蓝润和信息技术有限公司 | Data management method and system |
| CN103973699A (en) * | 2014-05-20 | 2014-08-06 | 中国联合网络通信集团有限公司 | Data encryption and decryption methods and devices |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6941146B2 (en) | Data security service | |
| CN103731475B (en) | A kind of data protection system | |
| CN104333580B (en) | A kind of account management system and its method based on cloud service | |
| US20180232266A1 (en) | Kernel program including relational database, and method and apparatus for executing said program | |
| CN103095847B (en) | Cloud storage safety-ensuring method and system thereof | |
| CN104123506B (en) | Data access method, device, data encryption, storage and access method, device | |
| CN104852925A (en) | Method for leakproof, secure storage and backup of data of mobile smart terminal | |
| CN104123769B (en) | The unblanking of a kind of safety intelligent lock, close lock control method | |
| CN104468664A (en) | Method and device for uploading files to cloud storage system, and method and device for downloading files from cloud storage system | |
| CN103825741B (en) | The solution of certificate of the injection with signature in a kind of encryption device production process | |
| CN102567233A (en) | Data protection method of USB storage device based on magnetic disc virtual technology | |
| CN105740725A (en) | File protection method and system | |
| CN103516523A (en) | Data encryption system structure based on cloud storage | |
| CN107609410A (en) | Android system data guard method, terminal device and storage medium based on HOOK | |
| CN102622547A (en) | Key based server data reading method | |
| CN103780584A (en) | Cloud computing-based identity authentication fusion method | |
| CN109076054A (en) | System and method for managing the encryption key of single-sign-on application program | |
| CN103577769A (en) | File content safety management method and management system | |
| CN102495990A (en) | Software protection method based on microchip | |
| CN111046405A (en) | Data processing method, device, equipment and storage medium | |
| CN103501292B (en) | Method and system for achieving data safety protection by using standby mobile phone | |
| CN102426637B (en) | A kind of embedded database cryptographic storage method | |
| US10311240B1 (en) | Remote storage security | |
| CN109474431A (en) | Client certificate method and computer readable storage medium | |
| CN104463510A (en) | Finance management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160601 |
|
| WD01 | Invention patent application deemed withdrawn after publication |