CN108319863A - A kind of enterprise-level key decrypting method and device - Google Patents
A kind of enterprise-level key decrypting method and device Download PDFInfo
- Publication number
- CN108319863A CN108319863A CN201710053433.7A CN201710053433A CN108319863A CN 108319863 A CN108319863 A CN 108319863A CN 201710053433 A CN201710053433 A CN 201710053433A CN 108319863 A CN108319863 A CN 108319863A
- Authority
- CN
- China
- Prior art keywords
- document
- digital certificates
- security
- decrypted
- enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2125—Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation
Abstract
The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:It determines and disconnects and determine the security document that needs are decrypted with document security management system;It obtains the digital certificates in electronic certificate device and needs the security document being decrypted to be decrypted so that the security document is converted into common document to described by the digital certificates;Security document is converted into common document by digital certificates, it realizes in the case where being disconnected with document security management system, security document is converted into common document, common document can thus be operated, solve the technical issues of can not being operated to security document in the case where document security Tomcat-AdminPortal collapses.
Description
Technical field
The present invention relates to file decryption field more particularly to a kind of enterprise-level key decrypting methods and device.
Background technology
Document security management system refers to the value-added service of " the one-stop Office Service platforms of WPS+ ", is WPS Office
Primary security function, function module includes WPS Office client documents security functions and server management backstage.WPS pacifies
Since full text shelves just remain that ciphertext state, only authorized user can open document and carry out related behaviour being created
Make, enterprise administrator can be directed to department and user carries out security document priority assignation.Ensure that the confidential data of enterprise can only be by
By the people of mandate, (such as enterprises) carry out specified application operating, and whole process in the application environment of mandate
Can by it is detailed, completely record.
In the case that managing the server crash of system in document security can not either connect, security document can not be beaten
It opens, can not also carry out any operation, and in the case where document security Tomcat-AdminPortal collapses, can not also carry out
On-line funchon, such case can cause serious loss for enterprise.
Therefore, it is ability that can not carry out operation to security document in the case where document security Tomcat-AdminPortal collapses
Field technique personnel's technical issues that need to address.
Invention content
An embodiment of the present invention provides a kind of enterprise-level key decrypting method and devices, for solving in document security management
The technical issues of system server can not operate security document in the case of collapsing.
The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:
S1:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
S2:It obtains the digital certificates in electronic certificate device and needs to be decrypted to described by the digital certificates
Security document is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the peace
Full text shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described
Online password needs to manage the verification of system by the document security when opening.
Preferably, further include before the step S1:
Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
Preferably, further include before the step S1:
Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
The electronic certificate device is moveable storage medium.
Preferably, further include after the step S2:
Decryption daily record to the document security, which is uploaded, when restoring to connect with document security management system manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, solution
Close result.
Preferably, the quantity of the digital certificates is one or more, is preserved respectively to different digital certificates dresses
In setting, the step S2 is specifically included:
It obtains the digital certificates in one of electronic certificate device and needs to carry out to described by the digital certificates
The security document of decryption is decrypted so that the security document is converted into common document;
The digital certificates are one-to-one relationship with the electronic certificate device.
The embodiment of the present invention provides a kind of enterprise-level cipher key decryp-tion means, including:
Determining module, for determining the safety text for disconnecting and determining that needs are decrypted with document security management system
Shelves;
Deciphering module, for obtaining the digital certificates in electronic certificate device and by the digital certificates to the needs
The security document being decrypted is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the peace
Full text shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described
Online password needs to manage the verification of system by the document security when opening.
Preferably, the embodiment of the invention also includes:
Security document generation module, for generating corresponding security document text according to the corresponding public key encryption of digital certificates
Part.
Preferably, the embodiment of the invention also includes:
Digital certificates obtain and preserving module, and digital certificates are obtained and by the digital certificates for awarding card center to certificate
It preserves to electronic certificate device;
The electronic certificate device is moveable storage medium.
Preferably, the embodiment of the invention also includes:
Daily record uploading module is decrypted, for uploading decryption daily record extremely when restoring to connect with document security management system
The document security manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, solution
Close result.
Preferably, the quantity of the digital certificates is one or more, is preserved respectively to different digital certificates dresses
In setting;
The deciphering module is specifically used for the digital certificates obtained in one of electronic certificate device and passes through the electricity
Sub- certificate needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;
The digital certificates are one-to-one relationship with the electronic certificate device.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:
The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:It determines disconnected with document security management system
It opens connection and determines the security document for needing to be decrypted;It obtains the digital certificates in electronic certificate device and passes through the electronics
Certificate needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;Pass through electricity
Security document is converted into common document by sub- certificate, is realized in the case where being disconnected with document security management system, will
Security document is converted into common document, thus can be operated to common document, solves in document security management system clothes
The technical issues of security document can not being operated in the case of business device collapse.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention without having to pay creative labor, may be used also for those of ordinary skill in the art
To obtain other attached drawings according to these attached drawings.
Fig. 1 is a kind of schematic diagram of one embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention;
Fig. 2 is a kind of schematic diagram of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic diagram of one embodiment of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of enterprise-level key decrypting method and devices, for solving in document security management
The technical issues of system server can not operate security document in the case of collapsing.
In order to make the invention's purpose, features and advantages of the invention more obvious and easy to understand, below in conjunction with the present invention
Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that disclosed below
Embodiment be only a part of the embodiment of the present invention, and not all embodiment.Based on the embodiments of the present invention, this field
All other embodiment that those of ordinary skill is obtained without making creative work, belongs to protection of the present invention
Range.
Referring to Fig. 1, a kind of one embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention, including:
101:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
102:It obtains the digital certificates in electronic certificate device and the needs is decrypted by the digital certificates
Security document be decrypted so that the security document is converted into common document;
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can
Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through
Cross the verification of document security management system.
It should be noted that security document is that generation is encrypted by the corresponding public key of digital certificates, it is a kind of close
Literary state, when decryption, digital certificates are exactly the corresponding key of public key, and security document passes through public key encryption, but cannot lead to
Cross public key decryptions, it is necessary to pass through secret key decryption.And online password is a verification means of document security management system.It is online close
Code is to carry out specially treated generation according to the data of digital certificates.
The format of digital certificates is the same, but their data are different, has uniqueness.Digital certificates can be stored
In mobile memory medium, such as USB flash disk, mobile hard disk etc..
It is detailed to a kind of one embodiment progress of enterprise-level key decrypting method provided in an embodiment of the present invention above
Description, a kind of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention will be carried out below detailed
Description.
Referring to Fig. 2, a kind of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention, packet
It includes:
201:Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
202:Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
203:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
204:Obtain the digital certificates in one of electronic certificate device and by the digital certificates to the needs
The security document being decrypted is decrypted so that the security document is converted into common document;
205:Decryption daily record is uploaded to the document security management when restoring to connect with document security management system
System.
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can
Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through
Cross the verification of document security management system.
Electronic certificate device is moveable storage medium.
Decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot
Fruit.
The quantity of digital certificates is one or more, is preserved respectively into different electronic certificate devices.
Above-mentioned digital certificates are one-to-one relationship with above-mentioned electronic certificate device.
Certificate authority, that is, CA.
It is detailed to a kind of another embodiment progress of enterprise-level key decrypting method provided in an embodiment of the present invention above
Thin description, below will be detailed to a kind of one embodiment progress of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention
Description.
Referring to Fig. 3, a kind of one embodiment of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention, including:
Determining module 301 disconnects and determines the peace that needs are decrypted for determining and document security management system
Full text shelves;
Deciphering module 302, for obtaining the digital certificates in electronic certificate device and by digital certificates to needing to carry out
The security document of decryption is decrypted so that security document is converted into common document;
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can
Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through
Cross the verification of document security management system.
The embodiment of the invention also includes:
Security document generation module 303, for generating corresponding security document according to the corresponding public key encryption of digital certificates
File.
The embodiment of the invention also includes:
Digital certificates obtain with preserving module 304, obtain digital certificates and by digital certificates for awarding card center to certificate
It preserves to electronic certificate device;
Electronic certificate device is moveable storage medium.
The embodiment of the invention also includes:
Daily record uploading module 305 is decrypted, for uploading decryption daily record extremely when restoring to connect with document security management system
Document security manages system;
Decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot
Fruit.
The quantity of digital certificates is one or more, is preserved respectively into different electronic certificate devices;
Deciphering module 302 is specifically used for the digital certificates obtained in one of electronic certificate device and passes through digital certificates
The security document that needs are decrypted is decrypted so that security document is converted into common document;
Digital certificates are one-to-one relationship with electronic certificate device.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to before
Stating embodiment, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to preceding
The technical solution recorded in each embodiment is stated to modify or equivalent replacement of some of the technical features;And these
Modification or replacement, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of enterprise-level key decrypting method, which is characterized in that including:
S1:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
S2:Obtain the digital certificates in electronic certificate device and by the digital certificates to the safety for needing to be decrypted
Document is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the safety text
Shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described online
Password needs to manage the verification of system by the document security when opening.
2. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped before the step S1
It includes:
Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
3. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped before the step S1
It includes:
Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
The electronic certificate device is moveable storage medium.
4. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped after the step S2
It includes:
Decryption daily record to the document security, which is uploaded, when restoring to connect with document security management system manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot
Fruit.
5. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that the quantity of the digital certificates
It for one or more, is preserved respectively into different electronic certificate devices, the step S2 is specifically included:
It obtains the digital certificates in one of electronic certificate device and the needs is decrypted by the digital certificates
Security document be decrypted so that the security document is converted into common document;
The digital certificates are one-to-one relationship with the electronic certificate device.
6. a kind of enterprise-level cipher key decryp-tion means, which is characterized in that including:
Determining module disconnects and determines the security document that needs are decrypted for determining and document security management system;
Deciphering module, for obtaining the digital certificates in electronic certificate device and needing to carry out to described by the digital certificates
The security document of decryption is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the safety text
Shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described online
Password needs to manage the verification of system by the document security when opening.
7. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Security document generation module, for generating corresponding security document file according to the corresponding public key encryption of digital certificates.
8. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Digital certificates obtain and preserving module, for awarding card center acquisition digital certificates to certificate and preserving the digital certificates
To electronic certificate device;
The electronic certificate device is moveable storage medium.
9. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Daily record uploading module is decrypted, for uploading decryption daily record to described when restoring to connect with document security management system
Document security manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot
Fruit.
10. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that the number of the digital certificates
Amount is one or more, is preserved respectively into different electronic certificate devices;
The deciphering module is specifically used for the digital certificates obtained in one of electronic certificate device and is demonstrate,proved by the electronics
Book needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;
The digital certificates are one-to-one relationship with the electronic certificate device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710053433.7A CN108319863A (en) | 2017-01-18 | 2017-01-18 | A kind of enterprise-level key decrypting method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710053433.7A CN108319863A (en) | 2017-01-18 | 2017-01-18 | A kind of enterprise-level key decrypting method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108319863A true CN108319863A (en) | 2018-07-24 |
Family
ID=62892284
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710053433.7A Pending CN108319863A (en) | 2017-01-18 | 2017-01-18 | A kind of enterprise-level key decrypting method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108319863A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102156844A (en) * | 2011-04-22 | 2011-08-17 | 南京邮电大学 | Implementation method of electronic document on-line/off-line safety management system |
CN102404120A (en) * | 2011-10-28 | 2012-04-04 | 哈尔滨朗威电子技术开发有限公司 | Encryption method and encryption system for electronic documents |
CN103220295A (en) * | 2013-04-26 | 2013-07-24 | 福建伊时代信息科技股份有限公司 | Document encryption and decryption method, device and system |
CN103679050A (en) * | 2013-12-31 | 2014-03-26 | 中国电子科技集团公司第三研究所 | Security management method for enterprise-level electronic documents |
CN106254342A (en) * | 2016-09-23 | 2016-12-21 | 西安邮电大学 | The secure cloud storage method of file encryption is supported under Android platform |
-
2017
- 2017-01-18 CN CN201710053433.7A patent/CN108319863A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102156844A (en) * | 2011-04-22 | 2011-08-17 | 南京邮电大学 | Implementation method of electronic document on-line/off-line safety management system |
CN102404120A (en) * | 2011-10-28 | 2012-04-04 | 哈尔滨朗威电子技术开发有限公司 | Encryption method and encryption system for electronic documents |
CN103220295A (en) * | 2013-04-26 | 2013-07-24 | 福建伊时代信息科技股份有限公司 | Document encryption and decryption method, device and system |
CN103679050A (en) * | 2013-12-31 | 2014-03-26 | 中国电子科技集团公司第三研究所 | Security management method for enterprise-level electronic documents |
CN106254342A (en) * | 2016-09-23 | 2016-12-21 | 西安邮电大学 | The secure cloud storage method of file encryption is supported under Android platform |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2013101722A4 (en) | Data security management system | |
CN105103488B (en) | By the policy Enforcement of associated data | |
KR101508360B1 (en) | Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer | |
CN101605137B (en) | Safe distribution file system | |
US8379867B2 (en) | Secure email communication system | |
US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
CN106790037B (en) | User mode encrypted instant messaging method and system | |
CN109543434B (en) | Block chain information encryption method, decryption method, storage method and device | |
CN105450395A (en) | Information encryption and decryption processing method and system | |
CN102484638A (en) | Layered protection and validation of identity data delivered online via multiple intermediate clients | |
US20180115535A1 (en) | Blind En/decryption for Multiple Clients Using a Single Key Pair | |
CN107154848A (en) | A kind of data encryption based on CPK certifications and storage method and device | |
CN110708291B (en) | Data authorization access method, device, medium and electronic equipment in distributed network | |
CN106936579A (en) | Cloud storage data storage and read method based on trusted third party agency | |
CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
CN107332666A (en) | Terminal document encryption method | |
CN103544453A (en) | USB (universal serial bus) KEY based virtual desktop file protection method and device | |
CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
CN102404337A (en) | Data encryption method and device | |
CN110771190A (en) | Controlling access to data | |
CN109347923A (en) | Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond | |
CN100530028C (en) | Method and system for controlling the disclosure time of information | |
EP0959584B1 (en) | Method and encryption system for secure data transmission | |
CN101197822B (en) | System for preventing information leakage and method based on the same | |
JP2009515393A (en) | Method for securely depositing digital data, method for restoring related digital data, related apparatus for implementing these methods, and system comprising said apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180724 |