CN110324359A - The publication of internet individual information safety, access method and system - Google Patents
The publication of internet individual information safety, access method and system Download PDFInfo
- Publication number
- CN110324359A CN110324359A CN201910709611.6A CN201910709611A CN110324359A CN 110324359 A CN110324359 A CN 110324359A CN 201910709611 A CN201910709611 A CN 201910709611A CN 110324359 A CN110324359 A CN 110324359A
- Authority
- CN
- China
- Prior art keywords
- internet
- individual information
- recording
- database
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of internet individual information safety publication, access method and systems, this method comprises: the variation of real-time monitoring Intranet personal information database;Changed data-base recording is encrypted, and is converted into recording text;Recording text is synchronized in the internet individual information publication database being isolated with intranet security.The present invention can effectively avoid hacker from directly acquiring the initial data of personal information by internet, dramatically increase difficulty and cost that hacker obtains internet individual information.
Description
Technical field
The present invention relates to computer information safety technique fields, it particularly relates to which a kind of internet individual information is safe
Publication, access method and system.
Background technique
Many internet individual information publication applications all suffer from data security protecting problem, such as medical treatment Internet-based
Healthy convenience service etc..On the one hand, these applications all utilize the technical advantage of internet, greatly meet the quick clothes of user
Business demand, but on the other hand, individual privacy information is often related in the publication application of these internet individual informations, these letters
If breath is directly deposited on internet, and accessible by network protocol, then the system for storing them, including master
Including machine, operating system, database etc., it is possible to attacked from internet by hacker, and then stolen a large amount of individual privacies etc.
Sensitive data brings harm to social stability.
Obviously, internet individual information publication is applied wants the safety of summed data to protect requirement in data service convenience
There is conflict in aspect, i.e., should guarantee normal data access, also to prevent large-scale data theft, while also want to protect
The software compatibility of existing application is demonstrate,proved, cannot require to modify to application program.
Therefore, it is necessary to a kind of big data method for security protection and system for supporting internet individual information publication application.
Summary of the invention
It is an object of the invention to propose a kind of internet individual information publication, access method and system safely, Ji Nengman
The normal user of foot accesses Internet application requirement, hacker can be prevented to steal Internet application by internet attack pattern again
In mass data, to realize flat between internet individual information publication application service ability and data security protecting ability
Weighing apparatus.
To realize the above-mentioned technical purpose, the technical scheme of the present invention is realized as follows:
The safe dissemination method of internet individual information, which comprises
1) variation of real-time monitoring Intranet personal information database;
2) changed data-base recording is encrypted, and is converted into recording text;
3) recording text is synchronized in the internet individual information publication database being isolated with intranet security.
Further, the combination according to personal characteristic information or personal characteristic information and other fields is to changed
Data-base recording is encrypted.
Internet individual information secure publication system, the system comprises:
Intranet personal information database, for storing the initial data of personal information;
Individuation data library recording of encrypted module, for monitoring the variation of Intranet personal information database, to changed number
It is encrypted according to library record, and is converted into recording text;
Data synchronize sending module, for recording text to be synchronized to the synchronous receiving module of the data in internet;
Data synchronize receiving module, for monitor the recording text come from the synchronous sending module transmission of data, and by the record
Text is updated into the internet individual information publication database being isolated with intranet security;
Internet individual information publication database, for storing the recording text.
Further, the individuation data library recording of encrypted module is according to personal characteristic information or personal characteristic information
Combination with other fields encrypts changed data-base recording.
Internet individual information safety access method, which comprises
1) internet login personal information delivery system;
2) access request is issued to internet individual information publication database;
3) access request is intercepted, and request content is converted to encryption note in internet individual information publication database
The access of record inquires the relative recording in internet individual information publication database according to access request, if there is relative recording, into
Row following below scheme;
4) key is generated according to access request, the relative recording is decrypted, and the result after decryption is returned into interconnection
Net personal information delivery system.
Further, according in the personal characteristic information inquiry internet individual information publication database in access request
Relative recording and according in access request personal characteristic information generate key.
Further, the time interval threshold value that user accesses same data-base recording under certain number is set, user is worked as
When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit
Ask the response time of session.
Internet individual information security access system, the system comprises:
Internet individual information issues application system, logs in for user, issues and visit to internet individual information publication database
It asks request and returns to corresponding data-base recording to user;
Internet individual information publication database, for storing recording text;
Database broker for intercepting to the access request, and request content is converted to internet individual information
The related note in internet individual information publication database is inquired in the access of scrambled record in publication database according to access request
Record, and generate the data-base recording that key pair inquires and be decrypted and decrypted result is returned into internet individual information hair
Cloth application.
Further, the database broker is for intercepting the access request, according in access request
People's characteristic information inquires the relative recording in internet individual information publication database, and generates according to the personal characteristic information
The data-base recording that key pair inquires is decrypted and decrypted result is returned to internet individual information publication application.
Further, further includes:
Setting module works as user for setting the time interval threshold value that user accesses same data-base recording under certain number
When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit
Ask the response time of session.
Beneficial effects of the present invention: by the way that the initial data of personal information is deposited in the Intranet being isolated with internet security
In, personal information is stored on the internet in a manner of ciphertext, stores personal information original number so as to avoid hacker attack
According to database, and then a possibility that directly acquire personal information;According to personal characteristic information or personal characteristic information and its
The combination of its field encrypts personal information, record so as to avoid all database using identical Encryption Algorithm and
Encryption keys, and then improve difficulty and cost acquisition that hacker's batch obtains personal information;By setting module, avoid
Hacker decodes the time cost that mode obtains personal information using violence.
Detailed description of the invention
Fig. 1 is the flow chart of the safe dissemination method of internet individual information of the present invention;
Fig. 2 is the structural block diagram of internet individual information secure publication system of the present invention;
Fig. 3 is the flow chart of internet individual information safety access method of the present invention;
Fig. 4 is the structural block diagram of internet individual information secure publication system of the present invention.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground description.
As shown in Figure 1, the safe dissemination method of internet individual information described in embodiment according to the present invention, the method
Include:
Step 101: the variation of real-time monitoring Intranet personal information database (as increased, deleting and modifying data-base recording).It is interior
Net personal information database is not specific to some certain database, but sends out in Intranet to internet individual information including those
Cloth database provides data synchronous all Production databases, and Intranet is isolated with internet security, cannot directly be visited from internet
Ask Intranet system.
Step 102: changed data-base recording being encrypted, and is converted into recording text, guarantees internet
Every data library record in people's information publication database is all ciphertext.
Step 103: recording text is synchronized in the internet individual information publication database being isolated with intranet security.Mutually
Networking personal information publication database be located at internet-accessible cyberspace, in Intranet production system (including with it is a
People's information generates relevant database and application) network security isolation is kept, user cannot be accessed in Intranet from internet
Production system, to guarantee that production system is reliably and securely run.Internet individual information publication database can be used and is identical to
Or it is different from Production database relevant to personal information in Intranet, for example Intranet may use oracle database, and interconnect
Net personal information publication database may use MySQL or oracle database, to guarantee the business of the existing production system of user
The flexibility of continuity and new business.
In a preferred embodiment of the present invention, according to personal characteristic information (such as name, identification card number or other
Unique features) changed data-base recording is encrypted, to guarantee in internet individual information publication database
Every data library record all may be different;Or the combination according to personal characteristic information and other fields, to prevent by poor
Decryption of the act method to certain categorical datas (such as age).
Corresponding with the safe dissemination method of above-mentioned internet individual information, the embodiment of the invention also provides a kind of internets
Personal information security delivery system.As shown in Fig. 2, the system comprises:
Intranet personal information database 201, for storing the initial data of personal information;
Individuation data library recording of encrypted module 202, for monitoring the variation of Intranet personal information database 201, to becoming
The data-base recording of change is encrypted, and is converted into recording text;
Data synchronize sending module 203, for recording text to be synchronized to the synchronous receiving module 204 of the data in internet;
Data synchronize receiving module 204, for monitor the recording text come from the synchronous transmission of sending module 203 of data, and by institute
Recording text is stated to update into the internet individual information publication database 205 being isolated with intranet security;
Internet individual information publication database 205, for storing the recording text.
In a preferred embodiment of the present invention, the individuation data library recording of encrypted module 202 is according to individual
The combination of characteristic information or personal characteristic information and other fields encrypts changed data-base recording.
The invention also discloses a kind of internet individual information safety access methods, as shown in Figure 3, which comprises
Step 301: user's internet login personal information delivery system.
Step 302: access request is issued to internet individual information publication database.Internet individual information issues data
Data source in the library Production database relevant to personal information in Intranet, when production relevant to personal information in Intranet
When database changes, associated change translates into text entry and is updated in real time or as early as possible to internet individual information publication number
According in library.
Step 303: access request being intercepted, and request content is converted to, data is issued to internet individual information
The access of scrambled record in library inquires the relative recording in internet individual information publication database according to access request, if nothing
Relative recording, access terminates, if there is relative recording, carries out following below scheme.
Step 304: key being generated according to access request, the relative recording is decrypted, and by the result after decryption
Return to internet individual information delivery system.
In a preferred embodiment of the invention, according to the personal characteristic information inquiry internet in access request
Relative recording in people's information publication database and key is generated according to the personal characteristic information in access request.
In a preferred embodiment of the invention, an access frequency is set in internet individual information publication database
Rate field sets user accesses same data-base recording under certain number time interval threshold value and (for example accesses three times recently
The time interval of specific record), when user is more than described to the time interval of same database access under the number of setting
Between interval threshold when, extend the response time of user's current accessed session, the ciphertext data library record in a manner of slowing down through violence
Degree of risk.
Corresponding with above-mentioned internet individual information safety access method, the embodiment of the invention also provides a kind of internets
Personal information security accesses system.As shown in figure 4, the system comprises:
Internet individual information issues application system 401, logs in for user, to internet individual information publication database 404
It issues access request and returns to corresponding data-base recording to user;
Internet individual information publication database 404, for storing recording text;
Database broker 403 inquires internet individual information hair according to access request for intercepting to the access request
Relative recording in cloth database 404, and generate the data-base recording that key pair inquires and be decrypted and by decrypted result
Internet individual information publication is returned to using 401.
In a preferred embodiment of the embodiment of the present invention, the database broker 403 is for asking the access
It asks and is intercepted, according to the phase in the personal characteristic information inquiry internet individual information publication database 404 in access request
Record is closed, and generates the data-base recording that key pair inquires according to the personal characteristic information and is decrypted and will decrypt knot
Fruit returns to internet individual information publication using 401.
In a preferred embodiment of the embodiment of the present invention, further includes:
Setting module 402, for setting the time interval threshold value that user accesses same data-base recording under certain number, when with
When family is more than the time interval threshold value to the time interval of same database access under the number of setting, it is current to extend user
The response time of access session.
In addition, in flow charts indicate or logic and/or step described otherwise above herein, for example, can be recognized
For the order list for being executable instruction for realizing logic function, any computer-readable medium may be embodied in
In, for instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be with
From instruction execution system, device or equipment instruction fetch and the system that executes instruction) use, or combine these instruction execution systems,
Device or equipment and use.For the purpose of this specification, " computer-readable medium " can be it is any may include, store, communicating,
Propagate or transfer program for instruction execution system, device or equipment or in conjunction with these instruction execution systems, device or equipment and
The device used.The more specific example (non-exhaustive list) of computer-readable medium include the following: there is one or more
The electrical connection section (electronic device) of wiring, portable computer diskette box (magnetic device), random access memory (RAM) are read-only
Memory (ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk
Read-only memory (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other
Suitable medium, because can then be edited for example by carrying out optical scanner to paper or other media, be interpreted or necessary
When handled with other suitable methods electronically to obtain described program, be then stored in computer storage
In.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Within mind and principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.
Claims (10)
1. the safe dissemination method of internet individual information, which is characterized in that the described method includes:
1) variation of real-time monitoring Intranet personal information database;
2) changed data-base recording is encrypted, and is converted into recording text;
3) recording text is synchronized in the internet individual information publication database being isolated with intranet security.
2. the method according to claim 1, wherein foundation personal characteristic information or individual are special in step 2
The combination that reference ceases with other fields encrypts changed data-base recording.
3. internet individual information secure publication system, which is characterized in that the system comprises:
Intranet personal information database, for storing the initial data of personal information;
Individuation data library recording of encrypted module, for monitoring the variation of Intranet personal information database, to changed number
It is encrypted according to library record, and is converted into recording text;
Data synchronize sending module, for recording text to be synchronized to the synchronous receiving module of the data in internet;
Data synchronize receiving module, for monitor the recording text come from the synchronous sending module transmission of data, and by the record
Text is updated into the internet individual information publication database being isolated with intranet security;
Internet individual information publication database, for storing the recording text.
4. system according to claim 3, which is characterized in that the individuation data library recording of encrypted module is according to personal
The combination of characteristic information or personal characteristic information and other fields encrypts changed data-base recording.
5. internet individual information safety access method, which is characterized in that the described method includes:
1) internet login personal information delivery system;
2) access request is issued to internet individual information publication database;
3) access request is intercepted, and request content is converted to encryption note in internet individual information publication database
The access of record inquires the relative recording in internet individual information publication database according to access request, if there is relative recording, into
Row following below scheme;
4) key is generated according to access request, the relative recording is decrypted, and the result after decryption is returned into interconnection
Net personal information delivery system.
6. according to the method described in claim 5, it is characterized in that, inquiring interconnection according to the personal characteristic information in access request
Relative recording in net personal information publication database and key is generated according to the personal characteristic information in access request.
7. according to the method described in claim 6, visiting it is characterized in that, setting user under certain number same data-base recording
The time interval threshold value asked, when user is more than the time between the time interval of same database access under the number of setting
When threshold value, extend the response time of user's current accessed session.
8. internet individual information security access system, which is characterized in that the system comprises:
Internet individual information issues application system, logs in for user, issues and visit to internet individual information publication database
It asks request and returns to corresponding data-base recording to user;
Internet individual information publication database, for storing recording text;
Database broker for intercepting to the access request, and request content is converted to internet individual information
The related note in internet individual information publication database is inquired in the access of scrambled record in publication database according to access request
Record, and generate the data-base recording that key pair inquires and be decrypted and decrypted result is returned into internet individual information hair
Cloth application.
9. system according to claim 8, which is characterized in that the database broker is used to carry out the access request
It intercepts, according to the relative recording in the personal characteristic information inquiry internet individual information publication database in access request, and
The data-base recording that inquires of key pair is generated according to the personal characteristic information to be decrypted and return to decrypted result
Internet individual information publication application.
10. system according to claim 9, which is characterized in that further include:
Setting module works as user for setting the time interval threshold value that user accesses same data-base recording under certain number
When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit
Ask the response time of session.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910709611.6A CN110324359A (en) | 2019-08-02 | 2019-08-02 | The publication of internet individual information safety, access method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910709611.6A CN110324359A (en) | 2019-08-02 | 2019-08-02 | The publication of internet individual information safety, access method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110324359A true CN110324359A (en) | 2019-10-11 |
Family
ID=68125252
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910709611.6A Pending CN110324359A (en) | 2019-08-02 | 2019-08-02 | The publication of internet individual information safety, access method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110324359A (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101976321A (en) * | 2010-09-21 | 2011-02-16 | 北京工业大学 | Generated encrypting method based on face feature key |
CN102629926A (en) * | 2012-04-06 | 2012-08-08 | 上海凯卓信息科技有限公司 | Encrypting cloud storage method based on intelligent mobile terminal |
CN103236933A (en) * | 2013-05-13 | 2013-08-07 | 陈勇 | Online real-name certification system for online medical system and certification method of online real-name certification system |
CN103560892A (en) * | 2013-11-21 | 2014-02-05 | 深圳中兴网信科技有限公司 | Secret key generation method and secret key generation device |
CN105871902A (en) * | 2016-05-25 | 2016-08-17 | 安徽问天量子科技股份有限公司 | Data encryption and isolation system |
CN107370725A (en) * | 2017-06-21 | 2017-11-21 | 西安电子科技大学 | The access method and system of general encrypting database under a kind of cloud environment |
CN107959663A (en) * | 2016-10-17 | 2018-04-24 | 孙建松 | One kind utilizes the encrypted internet diagnosis and therapy system of patient identification information and method |
US10289830B2 (en) * | 2015-10-28 | 2019-05-14 | Min Ni | Interception-proof authentication and encryption system and method |
CN109936643A (en) * | 2019-03-12 | 2019-06-25 | 青岛理工大学 | A kind of attendance system and method based on IPv6 network |
-
2019
- 2019-08-02 CN CN201910709611.6A patent/CN110324359A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101976321A (en) * | 2010-09-21 | 2011-02-16 | 北京工业大学 | Generated encrypting method based on face feature key |
CN102629926A (en) * | 2012-04-06 | 2012-08-08 | 上海凯卓信息科技有限公司 | Encrypting cloud storage method based on intelligent mobile terminal |
CN103236933A (en) * | 2013-05-13 | 2013-08-07 | 陈勇 | Online real-name certification system for online medical system and certification method of online real-name certification system |
CN103560892A (en) * | 2013-11-21 | 2014-02-05 | 深圳中兴网信科技有限公司 | Secret key generation method and secret key generation device |
US10289830B2 (en) * | 2015-10-28 | 2019-05-14 | Min Ni | Interception-proof authentication and encryption system and method |
CN105871902A (en) * | 2016-05-25 | 2016-08-17 | 安徽问天量子科技股份有限公司 | Data encryption and isolation system |
CN107959663A (en) * | 2016-10-17 | 2018-04-24 | 孙建松 | One kind utilizes the encrypted internet diagnosis and therapy system of patient identification information and method |
CN107370725A (en) * | 2017-06-21 | 2017-11-21 | 西安电子科技大学 | The access method and system of general encrypting database under a kind of cloud environment |
CN109936643A (en) * | 2019-03-12 | 2019-06-25 | 青岛理工大学 | A kind of attendance system and method based on IPv6 network |
Non-Patent Citations (1)
Title |
---|
曹静: "基于物理隔离的分布式数据库同步", 《计算机工程》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6789195B1 (en) | Secure data processing method | |
CN105453105B (en) | System and method for cloud data safety | |
Vijayakumar et al. | RETRACTED ARTICLE: E-Health Cloud Security Using Timing Enabled Proxy Re-Encryption | |
DE69628789T2 (en) | Key distribution and authentication system and method between a host processor and a portable device | |
CN105593871B (en) | Attribute information providing method and attribute information provide system | |
EP1850233A1 (en) | Authentication method, authentication system, and tag device thereof, information reference client, authentication server, and information server | |
CN101965574B (en) | Authentication information generation system, authentication information generation method and a client device | |
CN102656589A (en) | Verifiable trust for data through wrapper composition | |
JP4167476B2 (en) | Data protection / storage method / server | |
CN110489996A (en) | A kind of database data method for managing security and system | |
US20140156988A1 (en) | Medical emergency-response data management mechanism on wide-area distributed medical information network | |
Zhang et al. | Inference attack-resistant e-healthcare cloud system with fine-grained access control | |
CN106131225A (en) | The security system accessed for medical treatment case information | |
WO2022206453A1 (en) | Method and apparatus for providing cross-chain private data | |
EP2988291B1 (en) | Method, system and computer program for personal data sharing | |
KR20220125567A (en) | System and method for sharing patient's medical data in medical cloud environment | |
CN117454414A (en) | Dynamic searchable encryption method and system based on distributed storage | |
CN110022207A (en) | Key management and the method and apparatus for handling data | |
JP5441726B2 (en) | Information processing system, management device, server device, and information processing device | |
JP4657706B2 (en) | Authority management system, authentication server, authority management method, and authority management program | |
JP2000331101A (en) | System and method for managing information related to medical care | |
CN110324359A (en) | The publication of internet individual information safety, access method and system | |
CN114257436B (en) | Access security management method and system suitable for fort machine, electronic equipment and readable storage medium | |
CN110138792A (en) | A kind of public health geodata goes privacy processing method and system | |
CN115879156A (en) | Dynamic desensitization method, device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191011 |