CN108319863A - A kind of enterprise-level key decrypting method and device - Google Patents

A kind of enterprise-level key decrypting method and device Download PDF

Info

Publication number
CN108319863A
CN108319863A CN201710053433.7A CN201710053433A CN108319863A CN 108319863 A CN108319863 A CN 108319863A CN 201710053433 A CN201710053433 A CN 201710053433A CN 108319863 A CN108319863 A CN 108319863A
Authority
CN
China
Prior art keywords
document
digital certificates
security
decrypted
enterprise
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710053433.7A
Other languages
Chinese (zh)
Inventor
范炜锋
潘俊荣
张俊鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kingsoft Office Software Inc
Zhuhai Kingsoft Office Software Co Ltd
Guangzhou Kingsoft Mobile Technology Co Ltd
Guangzhou Jinshan Mobile Technology Co Ltd
Original Assignee
Beijing Kingsoft Office Software Inc
Zhuhai Kingsoft Office Software Co Ltd
Guangzhou Jinshan Mobile Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Office Software Inc, Zhuhai Kingsoft Office Software Co Ltd, Guangzhou Jinshan Mobile Technology Co Ltd filed Critical Beijing Kingsoft Office Software Inc
Priority to CN201710053433.7A priority Critical patent/CN108319863A/en
Publication of CN108319863A publication Critical patent/CN108319863A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2125Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation

Abstract

The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:It determines and disconnects and determine the security document that needs are decrypted with document security management system;It obtains the digital certificates in electronic certificate device and needs the security document being decrypted to be decrypted so that the security document is converted into common document to described by the digital certificates;Security document is converted into common document by digital certificates, it realizes in the case where being disconnected with document security management system, security document is converted into common document, common document can thus be operated, solve the technical issues of can not being operated to security document in the case where document security Tomcat-AdminPortal collapses.

Description

A kind of enterprise-level key decrypting method and device
Technical field
The present invention relates to file decryption field more particularly to a kind of enterprise-level key decrypting methods and device.
Background technology
Document security management system refers to the value-added service of " the one-stop Office Service platforms of WPS+ ", is WPS Office Primary security function, function module includes WPS Office client documents security functions and server management backstage.WPS pacifies Since full text shelves just remain that ciphertext state, only authorized user can open document and carry out related behaviour being created Make, enterprise administrator can be directed to department and user carries out security document priority assignation.Ensure that the confidential data of enterprise can only be by By the people of mandate, (such as enterprises) carry out specified application operating, and whole process in the application environment of mandate Can by it is detailed, completely record.
In the case that managing the server crash of system in document security can not either connect, security document can not be beaten It opens, can not also carry out any operation, and in the case where document security Tomcat-AdminPortal collapses, can not also carry out On-line funchon, such case can cause serious loss for enterprise.
Therefore, it is ability that can not carry out operation to security document in the case where document security Tomcat-AdminPortal collapses Field technique personnel's technical issues that need to address.
Invention content
An embodiment of the present invention provides a kind of enterprise-level key decrypting method and devices, for solving in document security management The technical issues of system server can not operate security document in the case of collapsing.
The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:
S1:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
S2:It obtains the digital certificates in electronic certificate device and needs to be decrypted to described by the digital certificates Security document is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the peace Full text shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described Online password needs to manage the verification of system by the document security when opening.
Preferably, further include before the step S1:
Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
Preferably, further include before the step S1:
Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
The electronic certificate device is moveable storage medium.
Preferably, further include after the step S2:
Decryption daily record to the document security, which is uploaded, when restoring to connect with document security management system manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, solution Close result.
Preferably, the quantity of the digital certificates is one or more, is preserved respectively to different digital certificates dresses In setting, the step S2 is specifically included:
It obtains the digital certificates in one of electronic certificate device and needs to carry out to described by the digital certificates The security document of decryption is decrypted so that the security document is converted into common document;
The digital certificates are one-to-one relationship with the electronic certificate device.
The embodiment of the present invention provides a kind of enterprise-level cipher key decryp-tion means, including:
Determining module, for determining the safety text for disconnecting and determining that needs are decrypted with document security management system Shelves;
Deciphering module, for obtaining the digital certificates in electronic certificate device and by the digital certificates to the needs The security document being decrypted is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the peace Full text shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described Online password needs to manage the verification of system by the document security when opening.
Preferably, the embodiment of the invention also includes:
Security document generation module, for generating corresponding security document text according to the corresponding public key encryption of digital certificates Part.
Preferably, the embodiment of the invention also includes:
Digital certificates obtain and preserving module, and digital certificates are obtained and by the digital certificates for awarding card center to certificate It preserves to electronic certificate device;
The electronic certificate device is moveable storage medium.
Preferably, the embodiment of the invention also includes:
Daily record uploading module is decrypted, for uploading decryption daily record extremely when restoring to connect with document security management system The document security manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, solution Close result.
Preferably, the quantity of the digital certificates is one or more, is preserved respectively to different digital certificates dresses In setting;
The deciphering module is specifically used for the digital certificates obtained in one of electronic certificate device and passes through the electricity Sub- certificate needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;
The digital certificates are one-to-one relationship with the electronic certificate device.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:
The embodiment of the present invention provides a kind of enterprise-level key decrypting method, including:It determines disconnected with document security management system It opens connection and determines the security document for needing to be decrypted;It obtains the digital certificates in electronic certificate device and passes through the electronics Certificate needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;Pass through electricity Security document is converted into common document by sub- certificate, is realized in the case where being disconnected with document security management system, will Security document is converted into common document, thus can be operated to common document, solves in document security management system clothes The technical issues of security document can not being operated in the case of business device collapse.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention without having to pay creative labor, may be used also for those of ordinary skill in the art To obtain other attached drawings according to these attached drawings.
Fig. 1 is a kind of schematic diagram of one embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention;
Fig. 2 is a kind of schematic diagram of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic diagram of one embodiment of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of enterprise-level key decrypting method and devices, for solving in document security management The technical issues of system server can not operate security document in the case of collapsing.
In order to make the invention's purpose, features and advantages of the invention more obvious and easy to understand, below in conjunction with the present invention Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that disclosed below Embodiment be only a part of the embodiment of the present invention, and not all embodiment.Based on the embodiments of the present invention, this field All other embodiment that those of ordinary skill is obtained without making creative work, belongs to protection of the present invention Range.
Referring to Fig. 1, a kind of one embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention, including:
101:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
102:It obtains the digital certificates in electronic certificate device and the needs is decrypted by the digital certificates Security document be decrypted so that the security document is converted into common document;
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through Cross the verification of document security management system.
It should be noted that security document is that generation is encrypted by the corresponding public key of digital certificates, it is a kind of close Literary state, when decryption, digital certificates are exactly the corresponding key of public key, and security document passes through public key encryption, but cannot lead to Cross public key decryptions, it is necessary to pass through secret key decryption.And online password is a verification means of document security management system.It is online close Code is to carry out specially treated generation according to the data of digital certificates.
The format of digital certificates is the same, but their data are different, has uniqueness.Digital certificates can be stored In mobile memory medium, such as USB flash disk, mobile hard disk etc..
It is detailed to a kind of one embodiment progress of enterprise-level key decrypting method provided in an embodiment of the present invention above Description, a kind of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention will be carried out below detailed Description.
Referring to Fig. 2, a kind of another embodiment of enterprise-level key decrypting method provided in an embodiment of the present invention, packet It includes:
201:Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
202:Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
203:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
204:Obtain the digital certificates in one of electronic certificate device and by the digital certificates to the needs The security document being decrypted is decrypted so that the security document is converted into common document;
205:Decryption daily record is uploaded to the document security management when restoring to connect with document security management system System.
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through Cross the verification of document security management system.
Electronic certificate device is moveable storage medium.
Decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot Fruit.
The quantity of digital certificates is one or more, is preserved respectively into different electronic certificate devices.
Above-mentioned digital certificates are one-to-one relationship with above-mentioned electronic certificate device.
Certificate authority, that is, CA.
It is detailed to a kind of another embodiment progress of enterprise-level key decrypting method provided in an embodiment of the present invention above Thin description, below will be detailed to a kind of one embodiment progress of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention Description.
Referring to Fig. 3, a kind of one embodiment of enterprise-level cipher key decryp-tion means provided in an embodiment of the present invention, including:
Determining module 301 disconnects and determines the peace that needs are decrypted for determining and document security management system Full text shelves;
Deciphering module 302, for obtaining the digital certificates in electronic certificate device and by digital certificates to needing to carry out The security document of decryption is decrypted so that security document is converted into common document;
Security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, and security document can Be decrypted into common document by digital certificates or opened by online password, security document needed when being opened by online password through Cross the verification of document security management system.
The embodiment of the invention also includes:
Security document generation module 303, for generating corresponding security document according to the corresponding public key encryption of digital certificates File.
The embodiment of the invention also includes:
Digital certificates obtain with preserving module 304, obtain digital certificates and by digital certificates for awarding card center to certificate It preserves to electronic certificate device;
Electronic certificate device is moveable storage medium.
The embodiment of the invention also includes:
Daily record uploading module 305 is decrypted, for uploading decryption daily record extremely when restoring to connect with document security management system Document security manages system;
Decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot Fruit.
The quantity of digital certificates is one or more, is preserved respectively into different electronic certificate devices;
Deciphering module 302 is specifically used for the digital certificates obtained in one of electronic certificate device and passes through digital certificates The security document that needs are decrypted is decrypted so that security document is converted into common document;
Digital certificates are one-to-one relationship with electronic certificate device.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to before Stating embodiment, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to preceding The technical solution recorded in each embodiment is stated to modify or equivalent replacement of some of the technical features;And these Modification or replacement, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution.

Claims (10)

1. a kind of enterprise-level key decrypting method, which is characterized in that including:
S1:It determines and disconnects and determine the security document that needs are decrypted with document security management system;
S2:Obtain the digital certificates in electronic certificate device and by the digital certificates to the safety for needing to be decrypted Document is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the safety text Shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described online Password needs to manage the verification of system by the document security when opening.
2. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped before the step S1 It includes:
Corresponding security document file is generated according to the corresponding public key encryption of digital certificates.
3. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped before the step S1 It includes:
Card center acquisition digital certificates are awarded to certificate and preserve the digital certificates to electronic certificate device;
The electronic certificate device is moveable storage medium.
4. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that also wrapped after the step S2 It includes:
Decryption daily record to the document security, which is uploaded, when restoring to connect with document security management system manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot Fruit.
5. a kind of enterprise-level key decrypting method according to claim 1, which is characterized in that the quantity of the digital certificates It for one or more, is preserved respectively into different electronic certificate devices, the step S2 is specifically included:
It obtains the digital certificates in one of electronic certificate device and the needs is decrypted by the digital certificates Security document be decrypted so that the security document is converted into common document;
The digital certificates are one-to-one relationship with the electronic certificate device.
6. a kind of enterprise-level cipher key decryp-tion means, which is characterized in that including:
Determining module disconnects and determines the security document that needs are decrypted for determining and document security management system;
Deciphering module, for obtaining the digital certificates in electronic certificate device and needing to carry out to described by the digital certificates The security document of decryption is decrypted so that the security document is converted into common document;
The security document is by the corresponding public key encryption of digital certificates and to be provided with the document of online password, the safety text Shelves can be decrypted into common document by digital certificates or be opened by the online password, and the security document passes through described online Password needs to manage the verification of system by the document security when opening.
7. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Security document generation module, for generating corresponding security document file according to the corresponding public key encryption of digital certificates.
8. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Digital certificates obtain and preserving module, for awarding card center acquisition digital certificates to certificate and preserving the digital certificates To electronic certificate device;
The electronic certificate device is moveable storage medium.
9. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that further include:
Daily record uploading module is decrypted, for uploading decryption daily record to described when restoring to connect with document security management system Document security manages system;
The decryption daily record includes security document title by decryption, decryption time, the device name being decrypted, decryption knot Fruit.
10. a kind of enterprise-level cipher key decryp-tion means according to claim 6, which is characterized in that the number of the digital certificates Amount is one or more, is preserved respectively into different electronic certificate devices;
The deciphering module is specifically used for the digital certificates obtained in one of electronic certificate device and is demonstrate,proved by the electronics Book needs the security document being decrypted to be decrypted so that the security document is converted into common document to described;
The digital certificates are one-to-one relationship with the electronic certificate device.
CN201710053433.7A 2017-01-18 2017-01-18 A kind of enterprise-level key decrypting method and device Pending CN108319863A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710053433.7A CN108319863A (en) 2017-01-18 2017-01-18 A kind of enterprise-level key decrypting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710053433.7A CN108319863A (en) 2017-01-18 2017-01-18 A kind of enterprise-level key decrypting method and device

Publications (1)

Publication Number Publication Date
CN108319863A true CN108319863A (en) 2018-07-24

Family

ID=62892284

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710053433.7A Pending CN108319863A (en) 2017-01-18 2017-01-18 A kind of enterprise-level key decrypting method and device

Country Status (1)

Country Link
CN (1) CN108319863A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102156844A (en) * 2011-04-22 2011-08-17 南京邮电大学 Implementation method of electronic document on-line/off-line safety management system
CN102404120A (en) * 2011-10-28 2012-04-04 哈尔滨朗威电子技术开发有限公司 Encryption method and encryption system for electronic documents
CN103220295A (en) * 2013-04-26 2013-07-24 福建伊时代信息科技股份有限公司 Document encryption and decryption method, device and system
CN103679050A (en) * 2013-12-31 2014-03-26 中国电子科技集团公司第三研究所 Security management method for enterprise-level electronic documents
CN106254342A (en) * 2016-09-23 2016-12-21 西安邮电大学 The secure cloud storage method of file encryption is supported under Android platform

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102156844A (en) * 2011-04-22 2011-08-17 南京邮电大学 Implementation method of electronic document on-line/off-line safety management system
CN102404120A (en) * 2011-10-28 2012-04-04 哈尔滨朗威电子技术开发有限公司 Encryption method and encryption system for electronic documents
CN103220295A (en) * 2013-04-26 2013-07-24 福建伊时代信息科技股份有限公司 Document encryption and decryption method, device and system
CN103679050A (en) * 2013-12-31 2014-03-26 中国电子科技集团公司第三研究所 Security management method for enterprise-level electronic documents
CN106254342A (en) * 2016-09-23 2016-12-21 西安邮电大学 The secure cloud storage method of file encryption is supported under Android platform

Similar Documents

Publication Publication Date Title
AU2013101722A4 (en) Data security management system
CN105103488B (en) By the policy Enforcement of associated data
KR101508360B1 (en) Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer
CN101605137B (en) Safe distribution file system
US8379867B2 (en) Secure email communication system
US20110145576A1 (en) Secure method of data transmission and encryption and decryption system allowing such transmission
CN106790037B (en) User mode encrypted instant messaging method and system
CN109543434B (en) Block chain information encryption method, decryption method, storage method and device
CN105450395A (en) Information encryption and decryption processing method and system
CN102484638A (en) Layered protection and validation of identity data delivered online via multiple intermediate clients
US20180115535A1 (en) Blind En/decryption for Multiple Clients Using a Single Key Pair
CN107154848A (en) A kind of data encryption based on CPK certifications and storage method and device
CN110708291B (en) Data authorization access method, device, medium and electronic equipment in distributed network
CN106936579A (en) Cloud storage data storage and read method based on trusted third party agency
CN107094156A (en) A kind of safety communicating method and system based on P2P patterns
CN107332666A (en) Terminal document encryption method
CN103544453A (en) USB (universal serial bus) KEY based virtual desktop file protection method and device
CN104200154A (en) Identity based installation package signing method and identity based installation package signing device
CN102404337A (en) Data encryption method and device
CN110771190A (en) Controlling access to data
CN109347923A (en) Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond
CN100530028C (en) Method and system for controlling the disclosure time of information
EP0959584B1 (en) Method and encryption system for secure data transmission
CN101197822B (en) System for preventing information leakage and method based on the same
JP2009515393A (en) Method for securely depositing digital data, method for restoring related digital data, related apparatus for implementing these methods, and system comprising said apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180724