CN110941845A - File acquisition method and device, computer equipment and storage medium - Google Patents

File acquisition method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN110941845A
CN110941845A CN201911281454.XA CN201911281454A CN110941845A CN 110941845 A CN110941845 A CN 110941845A CN 201911281454 A CN201911281454 A CN 201911281454A CN 110941845 A CN110941845 A CN 110941845A
Authority
CN
China
Prior art keywords
file
target
client
acquisition request
file acquisition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911281454.XA
Other languages
Chinese (zh)
Inventor
程云鹏
万月亮
火一莽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Ruian Technology Co Ltd
Original Assignee
Beijing Ruian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Ruian Technology Co Ltd filed Critical Beijing Ruian Technology Co Ltd
Priority to CN201911281454.XA priority Critical patent/CN110941845A/en
Publication of CN110941845A publication Critical patent/CN110941845A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a file acquisition method, a file acquisition device, computer equipment and a storage medium, wherein the method comprises the following steps: receiving a file acquisition request sent by a client through a secure file management system; and determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode. The technical scheme of the embodiment of the invention can realize the safety control of the file, thereby improving the safety of the file on the basis of reducing the maintenance cost and avoiding the leakage of file data.

Description

File acquisition method and device, computer equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of data processing, in particular to a file acquisition method, a file acquisition device, computer equipment and a storage medium.
Background
For the checking and control of files, especially sensitive files with high requirements on security level, leakage risk control measures are generally adopted to ensure the security of circulation and checking in the file checking or downloading process, that is, the security of the files is ensured to be controllable, so that the information of the files is prevented from being leaked.
In the prior art, there are two main ways for leakage risk control measures taken by a file: (1) traditional document paper medium management, namely, the traditional document paper medium management is performed in a handwriting mode or is printed out and placed in a special document cabinet, and a responsible person is appointed to be responsible for viewing and controlling document files; (2) and through an intranet file management system, the whole process of creating, revising, publishing, archiving and viewing the management file is recorded, and the executor of each operation step and the specific execution operation are recorded.
In the process of implementing the invention, the inventor finds that the prior art has the following defects: managing files through a conventional document paper medium can cause the files to be very inconvenient to find and the maintenance cost to be too high; although online management and monitoring of files can be achieved by managing files through an intranet file management system, cache information is easily generated locally in file preview, and the cache information may cause leakage of file information.
Disclosure of Invention
Embodiments of the present invention provide a file acquisition method and apparatus, a computer device, and a storage medium, which implement security control on a file, thereby improving the security of the file on the basis of reducing maintenance cost and avoiding leakage of file data.
In a first aspect, an embodiment of the present invention provides a file obtaining method, including:
receiving a file acquisition request sent by a client through a secure file management system;
and determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode.
In a second aspect, an embodiment of the present invention further provides a file obtaining method, including:
sending a file acquisition request to a server through a secure file management system;
and receiving the target file fed back by the server in a streaming transmission mode.
In a third aspect, an embodiment of the present invention further provides a file acquiring apparatus, including:
the file acquisition request receiving module is used for receiving a file acquisition request sent by a client through the secure file management system;
and the target file feedback module is used for determining a target file according to the file acquisition request and feeding the target file back to the client in a streaming transmission mode.
In a fourth aspect, an embodiment of the present invention further provides a file acquiring apparatus, including:
the file acquisition request sending module is used for sending a file acquisition request to the server through the security file management system;
and the target file receiving module is used for receiving the target file fed back by the server side in a streaming transmission mode.
In a fifth aspect, an embodiment of the present invention further provides a computer device, where the computer device includes:
one or more processors;
storage means for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the file retrieval method of any of the first aspects.
In a sixth aspect, an embodiment of the present invention further provides a computer storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the file acquisition method described in any of the first aspects.
In a seventh aspect, an embodiment of the present invention further provides a computer device, where the computer device includes:
one or more processors;
storage means for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the file retrieval method of any of the second aspects.
In an eighth aspect, an embodiment of the present invention further provides a computer storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the file acquisition method described in any of the second aspects.
According to the embodiment of the invention, the client sends the file acquisition request to the server through the security file management system, the server determines the target file according to the file acquisition request and feeds the target file back to the client in a streaming transmission mode, so that the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
Drawings
Fig. 1a is a flowchart of a file acquisition method according to an embodiment of the present invention;
FIG. 1b is a schematic diagram of a secure envelope encapsulation technique according to an embodiment of the present invention;
FIG. 1c is a schematic diagram of a security envelope generation structure provided in accordance with an embodiment of the present invention;
fig. 2 is a flowchart of a file acquisition method according to a second embodiment of the present invention;
fig. 3a is a flowchart of a file acquiring method according to a third embodiment of the present invention;
FIG. 3b is a schematic view of a document reading principle provided by a third embodiment of the present invention;
fig. 3c is a schematic flowchart of a file obtaining method according to a third embodiment of the present invention;
fig. 4 is a schematic diagram of a file acquiring apparatus according to a fourth embodiment of the present invention;
fig. 5 is a schematic diagram of a file acquiring apparatus according to a fifth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a computer device according to a sixth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention.
It should be further noted that, for the convenience of description, only some but not all of the relevant aspects of the present invention are shown in the drawings. Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations (or steps) as a sequential process, many of the operations can be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Example one
Fig. 1a is a flowchart of a file obtaining method according to an embodiment of the present invention, where this embodiment is applicable to a case where a server provides a file to a client securely, and the method may be executed by a file obtaining apparatus, where the apparatus may be implemented by software and/or hardware, and may be generally integrated in a server and used in cooperation with a client for completing a file obtaining function. Accordingly, as shown in fig. 1a, the method comprises the following operations:
s110, receiving a file acquisition request sent by a client through a secure file management system.
The secure file management system may be a system for securely managing files, among others. The type of the file may include, but is not limited to, a document file or an audio/video data file, and the like, and the specific type of the file that can be managed by the secure file management system is not limited in the embodiment of the present invention. Preferably, the type of the target file may be a document type. Accordingly, an OFD (Open file-layout Document) layout Document system may be adopted as the secure file management system. The file obtaining request may be a request sent by the client to the server to obtain the target file.
In the embodiment of the invention, the security file management system can be used for managing files with higher security level requirements, and when a client applies for acquiring the files from the server, the client can send file acquisition requests to the server through the security file management system.
And S120, determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode.
The target file is a file requested to be obtained by the client, and the streaming transmission mode may be a data transmission mode for performing fragmentation transmission on the file.
Correspondingly, after the server receives the file acquisition request and determines the target file from the locally stored files according to the file acquisition request, the target file can be fed back to the client by adopting a streaming transmission mode. Optionally, in order to further ensure the security of the file, before the server feeds the target file back to the client in a streaming transmission manner, the server may further add a watermark to the target file, and if it is determined that the watermark needs to be added to the target file, the client also needs to have a function of verifying the watermark, so that tracing after information leakage is achieved, and a file leakage source is discovered in time.
It should be noted that the streaming transmission mode is not only beneficial to network transmission and fast opening, but also can improve the performance of the client for processing large files, for example, the effect of "second opening" of digital processing files with more than 300 pages (30M) is realized, thereby greatly improving the appearance performance and user experience of the client system, and greatly reducing the demand on the cache capacity of the client system. Therefore, the file is sent and received in a streaming transmission mode, the client can cache the fragmented target file only by using a small amount of memory without reserving any temporary file on a disk, so that the risk of leakage of important files caused by caching in the traditional file acquisition mode is avoided, and the safety of the file acquisition mode is improved.
In an optional embodiment of the present invention, the feeding back the target file to the client by using a streaming transmission method may include: segmenting the target file to obtain a target unit file; and feeding back the target unit file to the client by adopting the streaming transmission mode.
The target unit file may be a file fragment formed by segmenting a file.
Correspondingly, when the server feeds the target file back to the client in a streaming transmission mode, the target file needs to be segmented firstly, that is, the target file is segmented into 'fragment' files with smaller volumes as target unit files by using a file segmentation technology. After the target unit file is obtained, the transmission link can be encrypted by adopting a line encryption technology, so that the link security target is realized, and the security of file transmission is further ensured.
In addition, it should be noted that the terminal can bind to realize the control of the number of the reading terminals of the user, and the target file can be obtained on the terminal through the client only when the user has the use right of the terminal or is authorized.
In an optional embodiment of the present invention, the file obtaining request is initiated by the client through a secure envelope associated application; the file acquisition request is used for downloading the target file to the client; after determining the target file according to the file acquisition request, the method may further include: and performing traceable label packaging processing, offline authority control packaging processing, anti-tampering control packaging processing and content protection packaging processing on the target file.
Wherein the secure envelope associated application may be a component or application for initiating secure envelope encapsulation techniques. For example, a reader, an application system, or a related plug-in installed by a client and used for initiating a secure envelope request may all be used as the secure envelope associated application, and the specific type of the secure envelope associated application is not limited in the embodiment of the present invention.
When a client applies for obtaining a file from a server, there is often a need to download an applied target file to the local. Aiming at the condition that the target file needs to be downloaded to local processing under a special scene, the target file needing to be downloaded can be subjected to offline security envelope by using a security envelope packaging technology, so that the propagation and utilization of the target file are comprehensively and safely controlled, the target file can be propagated and utilized only in a controlled range, and the illegal leakage and falsification of file information are prevented.
Accordingly, a client may initiate a file acquisition request to a server through a secure envelope associated application, such as a reader or an application system, and respond to the file acquisition request by a file conversion cluster or a content service in the server.
Specifically, the server may perform traceable label encapsulation processing, offline authority control encapsulation processing, tamper-resistant control encapsulation processing, and content protection encapsulation processing on the determined target file. The packaging process of the traceable label can include embedding relevant information (including time, user, machine characteristics or application and the like) generated and used by the file in a security envelope by adopting an electronic watermarking technology, so that the source of the target file is labeled and traceable. The offline permission control encapsulation processing may include permission controls such as content responsibility control, screen capture operation, printing operation, annotation operation, file valid access control, and overdue destruction. That is, the secure envelope encapsulation technique can provide an interactive permission control mechanism, so that the user can only access and interactively operate the target file within the appointed permission range. The tamper-resistant control encapsulation process can be in butt joint with an existing Public Key Infrastructure (PKI) system through a digital signature interface so as to digitally sign the content of the target file, ensure the authenticity and integrity of the target file and enable the target file to be non-repudiatable and non-tampable. The content protection packaging processing can adopt an encryption and decryption technology to encrypt and package a target file entering a safety envelope, so that the file content is prevented from being illegally acquired. In order to realize the content protection packaging processing, the server can be connected with the encryption service of the password service platform through the encryption and decryption interface.
Fig. 1b is a schematic diagram of a security envelope encapsulation technique according to a first embodiment of the present invention, and fig. 1c is a schematic diagram of a structure generated by a security envelope according to a first embodiment of the present invention. As shown in fig. 1b, an original electronic document to be utilized offline may be packaged in a "security envelope", and a protection measure is loaded on the electronic document by using a related security policy, such as watermark, electronic signature, content encryption or access control, so as to achieve the purpose of offline file management and control. It should be noted that the secure envelope encapsulation technology supports multiple file format conversions, so as to generate a controllable file, so that functions of file source tracing, tamper resistance, authority control, access authentication, file decryption and the like can be realized in the file utilization process.
In a specific example, as shown in fig. 1c, on the premise that it is confirmed that the user at the client passes the identity authentication and authorization, the server may obtain a target file (an ODF-formatted file) from the OFD file index and storage of the application system through a content resource interface of the controllable reading service, encrypt the target file through a cryptographic service platform interfaced with the encryption interface, perform watermarking on the target file, perform ODF paging on the finally formed target file to form a plurality of file fragments, and push the file fragments of the target file to the reader plug-in of the client for downloading and lookup by using a streaming transmission method. Therefore, the target file is downloaded by adopting a safe envelope packaging technology, and the target file can be ensured to be spread and utilized only in a controlled range, so that the illegal leakage and falsification of file data are prevented.
It should be noted that the secure envelope can be opened by a client professional version reader or a related plug-in, and there is no special requirement for an application system except that the function related to online verification of the tag in the document action requires the system to provide a corresponding verification service.
In summary, the file acquisition method provided by the embodiment of the invention can realize an all-dimensional file security guarantee mechanism, thereby preventing files from being illegally stolen and diffused, tracing and verifying file sources at any time, accelerating the file opening and loading speed, and ensuring the controlled use of files.
According to the embodiment of the invention, the server receives the file acquisition request sent by the client through the security file management system, the target file is determined according to the file acquisition request, and the streaming transmission mode is adopted to feed the target file back to the client, so that the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
Example two
Fig. 2 is a flowchart of a file obtaining method according to a second embodiment of the present invention, where this embodiment is applicable to a case where a client applies for a secure file obtaining from a server, and the method may be executed by a file obtaining apparatus, and the apparatus may be implemented by software and/or hardware, and may be generally integrated in a terminal device (typically, various terminal devices such as a personal computer, a smart phone, or a tablet computer) and used in cooperation with a server for completing a file providing function. Accordingly, as shown in fig. 2, the method includes the following operations:
s210, sending a file acquisition request to a server through a security file management system.
In the embodiment of the invention, the security file management system can be used for managing files with higher security level requirements, and when a client applies for acquiring the files from the server, the client can send file acquisition requests to the server through the security file management system.
And S220, receiving the target file fed back by the server side in a streaming transmission mode.
Correspondingly, after the server receives the file acquisition request and determines the target file from the locally stored files according to the file acquisition request, the target file can be fed back to the client by adopting a streaming transmission mode. Optionally, in order to further ensure the security of the file, before the server feeds the target file back to the client in a streaming transmission manner, the server may further add a watermark to the target file, and if it is determined that the watermark needs to be added to the target file, the client also needs to have a function of verifying the watermark, so that tracing after information leakage is achieved, and a file leakage source is discovered in time.
In an optional embodiment of the present invention, the target file is a target unit file obtained by splitting the target file.
Correspondingly, when the server feeds the target file back to the client in a streaming transmission mode, the target file needs to be segmented firstly, that is, the target file is segmented into 'fragment' files with smaller volumes as target unit files by using a file segmentation technology. After the target unit file is obtained, the transmission link can be encrypted by adopting a line encryption technology, so that the link security target is realized, and the security of file transmission is further ensured.
In an optional embodiment of the present invention, the file acquisition request is initiated by a secure envelope associated application; the file acquisition request is used for downloading the target file to the client; the file acquisition request may include: the target file, the tracing identifier, the offline authority control, the file anti-tampering, the content encryption protection and the access control.
The associated information may be information included in the file acquisition request data and used for acquiring the target file and implementing security control in cooperation with the server. The associated information may be used by the server to implement secure envelope encapsulation techniques.
When a client applies for obtaining a file from a server, there is often a need to download an applied target file to the local. Aiming at the condition that the target file needs to be downloaded to local processing under a special scene, the target file needing to be downloaded can be subjected to offline security envelope by using a security envelope packaging technology, so that the propagation and utilization of the target file are comprehensively and safely controlled, the target file can be propagated and utilized only in a controlled range, and the illegal leakage and falsification of file information are prevented.
Correspondingly, a client may initiate a file acquisition request to a server through a secure envelope associated application, such as a reader or an application system, where the file acquisition request data may include a target file (which may be an ODF file) to be processed, associated information such as a traceback identifier that needs to be attached, offline permission control, file tamper resistance, content encryption protection, access control, and the like, and upload the associated information to the server as a whole in the form of a HTTP (hypertext Transfer Protocol) POST. After receiving the file acquisition request, the server may respond to the file acquisition request through a built-in file conversion cluster or a content service.
In summary, the file acquisition method provided by the embodiment of the invention can realize an all-dimensional file security guarantee mechanism, thereby preventing files from being illegally stolen and diffused, tracing and verifying file sources at any time, accelerating the file opening and loading speed, and ensuring the controlled use of files.
According to the embodiment of the invention, the client sends the file acquisition request to the server through the security file management system, so that the server determines the target file according to the file acquisition request, and feeds the target file back to the client in a streaming transmission mode, the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
EXAMPLE III
Fig. 3a is a flowchart of a file obtaining method according to a third embodiment of the present invention, which is applicable to a case where a client interacts with a server to obtain a file safely. Accordingly, as shown in fig. 3a, the method comprises the following operations:
s310, the client sends a file acquisition request to the server through the secure file management system.
S320, the server side determines a target file according to the file acquisition request.
And S330, the server feeds the target file back to the client in a streaming transmission mode.
Fig. 3b is a schematic view of a document reading principle provided by a third embodiment of the present invention. Fig. 3c is a schematic flowchart of a file obtaining method according to a third embodiment of the present invention. In a specific example, as shown in fig. 3b, the file acquisition application system may be composed of two parts, namely a server and a reading terminal for installing a client. A controllable reading service in the server uses a server processing module on a file transmission path to segment a large file into file fragments so as to shorten the time consumed by a reading terminal for downloading and analyzing the file and realize the quick opening of the file. Data between the client and the server can be transmitted by using HTTP after being encrypted by the encryption service platform. Assuming that a client of a format reading terminal applies for obtaining a target file for online reading from a server, as shown in fig. 3c, a specific process of the file obtaining method may be as follows:
(1) the user uses a nationwide terminal computer as a format reading terminal, logs in a security browser client of the format reading terminal, inputs IP (Internet Protocol, Protocol interconnected between networks)/domain name and accesses the security browser client through a security access gateway.
(2) And identifying the user identity with an identity authentication and authorization system to perform identity authentication.
(3) The user identity information is verified through a PKI/CA (Certificate Authority) infrastructure, and after the authentication is passed, a Token (Token) is issued to the user.
(4) And after the user authentication and authorization are completed, pulling up the secure browser through the secure access gateway client.
(5) And performing application authority authorization according to the authority of the user identity.
(6) The safety browser calls an OFD format document system, so that the safety of document transmission and reading in the online document reading process is improved, and the reading controllability is ensured; the file opening and loading speed can be increased, and the user experience is improved; and dynamic control and behavior audit of user operation are realized.
(7) And performing user authentication and authorization again.
(8) And (4) allowing the user to access the service flow to pass through the safety cleaning center, detecting abnormal flow and analyzing safety data, sensing external environment risks in real time, judging risks, and performing corresponding operations such as dynamic blocking based on the risk judgment result.
(9) The client is allowed to access the file stored in the service application of the server only if the client is confirmed to be normal.
(10) When a user accesses a file stored in a service application of a server, the user is allowed to read online only after the user is confirmed to have the authority of the file.
Therefore, the file acquisition method provided by the embodiment of the invention can effectively solve the problem of file data leakage in the file lookup process by means of OFD format documents, a secure browser and other technical means in an intranet environment.
According to the embodiment of the invention, the client sends the file acquisition request to the server through the security file management system, the server determines the target file according to the file acquisition request and feeds the target file back to the client in a streaming transmission mode, so that the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
It should be noted that any permutation and combination between the technical features in the above embodiments also belong to the scope of the present invention.
Example four
Fig. 4 is a schematic diagram of a file acquiring apparatus according to a fourth embodiment of the present invention, and as shown in fig. 4, the apparatus includes: a file acquisition request receiving module 410 and a target file feedback module 420, wherein:
a file obtaining request receiving module 410, configured to receive a file obtaining request sent by a client through a secure file management system;
and the target file feedback module 420 is configured to determine a target file according to the file acquisition request, and feed the target file back to the client in a streaming transmission manner.
According to the embodiment of the invention, the server receives the file acquisition request sent by the client through the security file management system, the target file is determined according to the file acquisition request, and the streaming transmission mode is adopted to feed the target file back to the client, so that the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
Optionally, the target file feedback module 420 includes: the file splitting unit is used for splitting the target file to obtain a target unit file; and the file transmission unit is used for feeding back the target unit file to the client by adopting the streaming transmission mode.
Optionally, the file acquisition request is initiated by the client through a secure envelope associated application; the file acquisition request is used for downloading the target file to the client; the device further comprises: and the target file encapsulation processing module is used for carrying out traceable label encapsulation processing, offline authority control encapsulation processing, anti-tampering control encapsulation processing and content protection encapsulation processing on the target file.
The file acquisition device can execute the file acquisition method provided by the embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method. For details of the file acquisition method provided in the first embodiment of the present invention, reference may be made to the technical details not described in detail in the present embodiment.
EXAMPLE five
Fig. 5 is a schematic diagram of a file acquiring apparatus according to a fifth embodiment of the present invention, and as shown in fig. 5, the apparatus includes: a file obtaining request sending module 510 and a target file receiving module 520, wherein:
a file obtaining request sending module 510, configured to send a file obtaining request to a server through a secure file management system;
a target file receiving module 520, configured to receive a target file fed back by the server in a streaming manner.
According to the embodiment of the invention, the client sends the file acquisition request to the server through the security file management system, so that the server determines the target file according to the file acquisition request, and feeds the target file back to the client in a streaming transmission mode, the problems of low security or high maintenance cost and the like in the existing file management and control method are solved, the security management and control of the file are realized, the security of the file is improved on the basis of reducing the maintenance cost, and the leakage of file data is avoided.
Optionally, the target file is a target unit file obtained by segmenting the target file.
Optionally, the file acquisition request is initiated through a security envelope associated application; the file acquisition request is used for downloading the target file to the client; the file acquisition request includes: the target file, the tracing identifier, the offline authority control, the file anti-tampering, the content encryption protection and the access control.
The file acquisition device can execute the file acquisition method provided by the second embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method. For details of the file acquisition method provided in the second embodiment of the present invention, reference may be made to the technical details not described in detail in this embodiment.
EXAMPLE six
Fig. 6 is a schematic structural diagram of a computer device according to a sixth embodiment of the present invention. FIG. 6 illustrates a block diagram of a computer device 612 suitable for use in implementing embodiments of the present invention. The computer device 612 shown in fig. 6 is only an example and should not bring any limitations to the functionality or scope of use of embodiments of the present invention. The computer device 612 is typically a computing device that assumes the functionality of a server.
As shown in fig. 6, the computer device 612 is in the form of a general purpose computing device. Components of computer device 612 may include, but are not limited to: one or more processors 616, a memory device 628, and a bus 618 that couples the various system components including the memory device 628 and the processors 616.
Bus 618 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Computer device 612 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by computer device 612 and includes both volatile and nonvolatile media, removable and non-removable media.
Storage 628 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) 630 and/or cache Memory 632. The computer device 612 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 634 may be used to read from or write to non-removable, nonvolatile magnetic media (not shown in FIG. 6, commonly referred to as a "hard disk drive"). Although not shown in FIG. 6, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a Compact disk-Read Only Memory (CD-ROM), a Digital Video disk (DVD-ROM), or other optical media) may be provided. In such cases, each drive may be connected to bus 618 by one or more data media interfaces. Storage device 628 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program 636 having a set (at least one) of program modules 626 may be stored, for example, in storage device 628, such program modules 626 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may include an implementation of a network environment. Program modules 626 generally perform the functions and/or methodologies of embodiments of the invention as described herein.
Computer device 612 may also communicate with one or more external devices 614 (e.g., keyboard, pointing device, camera, display 624, etc.), with one or more devices that enable a user to interact with computer device 612, and/or with any devices (e.g., network card, modem, etc.) that enable computer device 612 to communicate with one or more other computing devices. Such communication may be through an Input/Output (I/O) interface 622. Further, computer device 612 may also communicate with one or more networks (e.g., a Local Area Network (LAN), Wide Area Network (WAN), and/or a public Network, such as the internet) via Network adapter 620. As shown, the network adapter 620 communicates with the other modules of the computer device 612 via the bus 618. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the computer device 612, including but not limited to: microcode, device drivers, Redundant processing units, external disk drive arrays, disk array (RAID) systems, tape drives, and data backup storage systems, to name a few.
The processor 616 executes various functional applications and data processing, such as implementing the file acquisition method provided by the above-described embodiments of the present invention, by running programs stored in the storage device 628.
That is, the processing unit implements, when executing the program: receiving a file acquisition request sent by a client through a secure file management system; and determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode.
EXAMPLE seven
A seventh embodiment of the present invention is an apparatus for executing a file acquiring method according to the second embodiment of the present invention, where the apparatus includes: one or more processors; storage means for storing one or more programs; when the one or more programs are executed by the one or more processors, the one or more processors implement the file acquisition method according to the second embodiment of the present invention: sending a file acquisition request to a server through a secure file management system; and receiving the target file fed back by the server in a streaming transmission mode. The specific structure and the details thereof can be referred to fig. 6 and the sixth embodiment.
Example eight
An eighth embodiment of the present invention further provides a computer storage medium storing a computer program, where the computer program is executed by a computer processor to perform the file acquisition method according to the first embodiment of the present invention: receiving a file acquisition request sent by a client through a secure file management system; and determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM) or flash Memory), an optical fiber, a portable compact disc Read Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, Radio Frequency (RF), etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
Example nine
The ninth embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, can implement the file obtaining method described in the second embodiment: sending a file acquisition request to a server through a secure file management system; and receiving the target file fed back by the server in a streaming transmission mode. The specific details thereof are described with reference to example eight.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A file acquisition method is characterized by comprising the following steps:
receiving a file acquisition request sent by a client through a secure file management system;
and determining a target file according to the file acquisition request, and feeding the target file back to the client in a streaming transmission mode.
2. The method of claim 1, wherein the streaming of the target file to the client comprises:
segmenting the target file to obtain a target unit file;
and feeding back the target unit file to the client by adopting the streaming transmission mode.
3. The method of claim 2, wherein the file acquisition request is initiated by the client through a secure envelope association application; the file acquisition request is used for downloading the target file to the client;
after determining the target file according to the file acquisition request, the method further comprises the following steps:
and performing traceable label packaging processing, offline authority control packaging processing, anti-tampering control packaging processing and content protection packaging processing on the target file.
4. A file acquisition method is characterized by comprising the following steps:
sending a file acquisition request to a server through a secure file management system;
and receiving the target file fed back by the server in a streaming transmission mode.
5. The method according to claim 4, wherein the object file is a split object unit file.
6. The method of claim 5, wherein the file acquisition request is initiated by a secure envelope association application; the file acquisition request is used for downloading the target file to the client;
the file acquisition request includes: the target file, the tracing identifier, the offline authority control, the file anti-tampering, the content encryption protection and the access control.
7. A file acquisition apparatus, characterized by comprising:
the file acquisition request receiving module is used for receiving a file acquisition request sent by a client through the secure file management system;
and the target file feedback module is used for determining a target file according to the file acquisition request and feeding the target file back to the client in a streaming transmission mode.
8. A file acquisition apparatus, characterized by comprising:
the file acquisition request sending module is used for sending a file acquisition request to the server through the security file management system;
and the target file receiving module is used for receiving the target file fed back by the server side in a streaming transmission mode.
9. A computer device, characterized in that the computer device comprises:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the file retrieval method of any one of claims 1-3, or the file retrieval method of any one of claims 4-6.
10. A computer storage medium having stored thereon a computer program, characterized in that the program, when being executed by a processor, implements a file acquisition method according to any one of claims 1-3, or implements a file acquisition method according to any one of claims 4-6.
CN201911281454.XA 2019-12-13 2019-12-13 File acquisition method and device, computer equipment and storage medium Pending CN110941845A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911281454.XA CN110941845A (en) 2019-12-13 2019-12-13 File acquisition method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911281454.XA CN110941845A (en) 2019-12-13 2019-12-13 File acquisition method and device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN110941845A true CN110941845A (en) 2020-03-31

Family

ID=69910586

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911281454.XA Pending CN110941845A (en) 2019-12-13 2019-12-13 File acquisition method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110941845A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625854A (en) * 2020-05-25 2020-09-04 聚好看科技股份有限公司 Document encryption method, access method, server and system
CN113836586A (en) * 2021-11-26 2021-12-24 北京指掌易科技有限公司 File management method, device, equipment and storage medium
CN115103002A (en) * 2022-06-20 2022-09-23 中国银行股份有限公司 Data interaction method, device and system
CN116127916A (en) * 2022-11-18 2023-05-16 百望股份有限公司 Method and device for dynamically adding watermark
CN116127916B (en) * 2022-11-18 2024-05-28 百望股份有限公司 Method and device for dynamically adding watermark

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611716A (en) * 2011-01-19 2012-07-25 华为技术有限公司 Method and device for transmitting media file
CN106993054A (en) * 2017-05-05 2017-07-28 腾讯科技(深圳)有限公司 Document distribution method, node and system
CN107277081A (en) * 2016-04-06 2017-10-20 北京优朋普乐科技有限公司 Section method for down loading and device, the stream media system of stream medium data
CN108664803A (en) * 2018-04-04 2018-10-16 中国电子科技集团公司第三十研究所 A kind of document content fine granularity access control system based on password

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611716A (en) * 2011-01-19 2012-07-25 华为技术有限公司 Method and device for transmitting media file
CN107277081A (en) * 2016-04-06 2017-10-20 北京优朋普乐科技有限公司 Section method for down loading and device, the stream media system of stream medium data
CN106993054A (en) * 2017-05-05 2017-07-28 腾讯科技(深圳)有限公司 Document distribution method, node and system
CN108664803A (en) * 2018-04-04 2018-10-16 中国电子科技集团公司第三十研究所 A kind of document content fine granularity access control system based on password

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625854A (en) * 2020-05-25 2020-09-04 聚好看科技股份有限公司 Document encryption method, access method, server and system
CN113836586A (en) * 2021-11-26 2021-12-24 北京指掌易科技有限公司 File management method, device, equipment and storage medium
CN113836586B (en) * 2021-11-26 2022-11-22 北京指掌易科技有限公司 File management method, device, equipment and storage medium
CN115103002A (en) * 2022-06-20 2022-09-23 中国银行股份有限公司 Data interaction method, device and system
CN116127916A (en) * 2022-11-18 2023-05-16 百望股份有限公司 Method and device for dynamically adding watermark
CN116127916B (en) * 2022-11-18 2024-05-28 百望股份有限公司 Method and device for dynamically adding watermark

Similar Documents

Publication Publication Date Title
CN108595607B (en) Method, device, equipment, system and storage medium for processing registration information
CN110414268B (en) Access control method, device, equipment and storage medium
US9906509B2 (en) Method for offline DRM authentication and a system thereof
CN110941845A (en) File acquisition method and device, computer equipment and storage medium
US8452982B2 (en) Methods and systems for migrating content licenses
CN110324358B (en) Video data management and control authentication method, module, equipment and platform
CN111698312B (en) Service processing method, device, equipment and storage medium based on open platform
CN109981680B (en) Access control implementation method and device, computer equipment and storage medium
CN113411638A (en) Video file playing processing method and device, electronic equipment and storage medium
US10694330B2 (en) Validating mobile applications for accessing regulated content
US9734346B2 (en) Device and method for providing security in remote digital forensic environment
CN113468599A (en) File storage certificate method, device, system, equipment and storage medium
WO2019178763A1 (en) Certificate importing method and terminal
CN103297816B (en) A kind of method for safely downloading and receiving terminal for digital television
JP2006343825A (en) Web page authenticity checking device, web page authenticity checking method, and program therefor
CN103095482A (en) Program development maintenance system
WO2019001084A1 (en) Authentication method and device for video stream address
US20220130401A1 (en) Systems and methods for watermarking audio of saas applications
CN114615031A (en) File storage method and device, electronic equipment and storage medium
US8745375B2 (en) Handling of the usage of software in a disconnected computing environment
US10275604B2 (en) Security record transfer in a computing system
KR100886235B1 (en) A method of synchronizing data of personal portable device and a system thereof
KR20180008187A (en) Video export processing server, video export web server and video export management system, and digital video integraty verification method for encrypted videos
US8301894B2 (en) Method and apparatus for applying digital signatures to translated content
CN112214464A (en) Evidence preservation method and system based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200331