CN111241575A - Test method and device for data protection equipment and storage medium - Google Patents
Test method and device for data protection equipment and storage medium Download PDFInfo
- Publication number
- CN111241575A CN111241575A CN201911381576.6A CN201911381576A CN111241575A CN 111241575 A CN111241575 A CN 111241575A CN 201911381576 A CN201911381576 A CN 201911381576A CN 111241575 A CN111241575 A CN 111241575A
- Authority
- CN
- China
- Prior art keywords
- seed
- data
- data protection
- protection device
- conditional
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a test method and a device for data protection equipment and a storage medium, wherein the method comprises the following steps: establishing a seed library comprising a plurality of conditional seeds; generating a plurality of permutation combinations of the plurality of conditional seeds; providing each of the plurality of permutation combinations to the data protection device to test a data backup process and a data recovery process of the data protection device. The technical scheme of the invention can ensure that each combination condition of condition seeds cannot be missed in the test of the data protection equipment.
Description
Technical Field
The present invention relates to the field of data protection technologies, and in particular, to a test method and device for data protection devices, and a storage medium.
Background
The data protection device has the function of protecting the data of the user and can ensure that the user has absolute control capability on the data of the user. The data protection device can serve the user to generate a pair of asymmetric keys, and the key pair can participate in the protection process of the user data.
However, the existing method of testing the data protection device requires manual testing, which makes the testing very difficult.
Disclosure of Invention
In view of the above problems in the related art, the present invention provides an improved test method and apparatus for a data protection device, and a storage medium.
The technical scheme of the invention is realized as follows:
according to one aspect of the invention, a test method for a data protection device is provided, wherein the data protection device generates at least one conditional seed and backs up a key tag by using the at least one conditional seed in a data backup process; the data protection equipment decrypts at least one condition seed and recovers the key label in the data recovery process; the test method comprises the following steps:
establishing a seed library comprising a plurality of conditional seeds;
generating a plurality of permutation combinations of a plurality of conditional seeds;
each of the plurality of permutation combinations is provided to the data protection device to test the data backup process and the data recovery process of the data protection device.
According to an embodiment of the invention, the test method further comprises: generating each seed in the provided combination; encrypting user data; the user key label is backed up with each seed.
According to the embodiment of the present invention, after the user key label is backed up by each seed, the method further includes: deleting the backed-up user key label; after decrypting the user data, recovering each seed; recovering the user key label by utilizing each recovered seed; and decrypting the user data by using the recovered user key label.
According to an embodiment of the present invention, the plurality of condition seeds in the seed repository include a code seed and a secret machine seed.
According to an embodiment of the present invention, a plurality of condition seeds in the seed repository correspond to each of a plurality of condition types.
According to an aspect of the present invention, there is also provided a testing apparatus for a data protection device, where the data protection device generates at least one conditional seed and backs up a key tag using the at least one conditional seed in a data backup process; the data protection equipment decrypts at least one condition seed and recovers the key label in the data recovery process;
the test device comprises:
a seed bank comprising a plurality of conditional seeds;
a permutation module for generating a plurality of permutation combinations of the plurality of conditional seeds;
and the test module is used for providing each of the plurality of permutation and combination to the data protection device so as to test the data backup process and the data recovery process of the data protection device.
According to an embodiment of the invention, the test apparatus further comprises: a generation module for generating each seed in the provided combination; an encryption module for encrypting user data; and the backup module is used for utilizing each seed to backup the user key label.
According to an embodiment of the invention, the test apparatus further comprises: the deleting module is used for deleting the backed-up user key label; a seed recovery module for recovering each seed after decrypting the user data; the label recovery module is used for recovering the user key label by utilizing each recovered seed; and the decryption module is used for decrypting the user data by utilizing the recovered user key label.
According to an embodiment of the present invention, the plurality of condition seeds in the seed repository include a code seed and a secret machine seed.
According to an aspect of the present invention, there is also provided a storage medium storing a program executed to perform the above-described test method.
According to the technical scheme, the seed library is established and the permutation and combination of all the conditional seeds are generated, so that each combination condition of the conditional seeds cannot be missed in the test of the data protection equipment.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a data backup process and a data recovery process and flow diagram of a data protection device according to an embodiment of the present invention;
FIG. 2 is a flow diagram of a test method for a data protection device according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a test setup for a data protection device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the embodiments given herein are intended to be within the scope of the present invention.
A data protection device called Doe provides a very secure key backup and recovery mechanism. The Doe data protection device does not operate directly on the key throughout the process, but rather recovers the key label (tag) of the key. The backup process and the recovery process of the Doe data protection device are shown in fig. 1. As shown in fig. 1, the data protection device generates at least one (i.e., one or more) conditional seed during the data backup process, and then backs up the key label using the at least one conditional seed. In addition, the data protection device decrypts the at least one conditional seed and recovers the key label during the data recovery process.
As shown in fig. 1, condition seeds are involved in the backup process and the recovery process of the data protection device, and each seed contains a condition. The condition seed may include two types, one type is a code, one type is a form encrypted by an encryption machine, and the condition of the condition seed may include an approver (may or may not), a signer (may or may not be, may be the user himself), a person (one or more persons) who helps to recover the key.
The DOE data protection device provides a JavaScript API (an application program interface written by a JavaScript language), and a cross-platform unified interface of DOE SDK (software development kit) is realized through a node. Thus, the DOE data protection device can be tested in the following manner: based on a fact Native (an open-source cross-platform mobile application development framework), a do JavaScript API is accessed, an app (application program) is generated and installed in an android system, and interface test of backup and recovery is carried out. However, the testing difficulties of DOE data protection devices are: due to the diversity of the conditional seeds, the combination of the conditional seeds is very large, and it is very difficult to manually test each combination.
Accordingly, the present invention provides a testing method that may be used to test data protection devices, such as DOE data protection devices. FIG. 2 is a flow chart of a test method for a data protection device according to an embodiment of the present invention. As shown in fig. 2, the testing method of the present invention comprises the steps of:
step S101, establishing a seed library comprising a plurality of conditional seeds. Specifically, one seed is placed in the seed repository for each condition type, in other words, the plurality of condition seeds in the seed repository correspond to each of the plurality of condition types.
Step S103, generating a plurality of permutation and combination of the plurality of conditional seeds. Specifically, a list of a plurality of permutation combinations of seeds may be automatically generated by the program.
In one exemplary embodiment, the plurality of seeds in the seed repository may include:
seed 1, code seed;
seed 2, encryptor seed, approver A, signer B, relatives C and D;
seed 3, encryptor seed, without approver, signer is oneself, relatives C.
In this embodiment, the generated permutation and combination may include:
combination 1: seed 1, seed 2;
and (3) combination 2: seed 2, seed 3.
In other embodiments, the plurality of seeds in the seed repository may be any suitable number and type of conditions.
Step S105, cyclically obtaining each combination in the combination list, and providing each combination in the plurality of permutation combinations to the data protection device, so as to test the data backup process and the data recovery process of the data protection device.
Step S107, generating each seed in the provided combination.
Step S109, encrypts the user data.
Step S111, backing up the user key label using each seed.
In step S113, the backed-up user key label is deleted.
Step S115, after decrypting the user data, at step S117, restoring the each seed.
Step S119, recovering the user key label using each recovered seed.
Step S121, decrypting the user data by using the recovered user key label.
In summary, the testing method of the present invention establishes the seed library and automatically implements permutation and combination of all condition seeds through the program, thereby ensuring that each combination condition of the condition seeds is not missed in the test of the data protection device.
According to an aspect of the present invention, there is also provided a testing apparatus for a data protection device, where the data protection device generates at least one conditional seed and backs up a key tag using the at least one conditional seed in a data backup process; the data protection device decrypts the at least one conditional seed and recovers the key tag during a data recovery process.
The test device may include: a seed repository 301 comprising a plurality of conditional seeds; a permutation module 302 for generating a plurality of permutation combinations of a plurality of conditional seeds; a testing module 303, configured to provide each of the plurality of permutation combinations to the data protection device to test a data backup process and a data recovery process of the data protection device.
According to an embodiment of the invention, the test apparatus further comprises: a generation module for generating each seed in the provided combination; an encryption module for encrypting user data; and the backup module is used for utilizing each seed to backup the user key label.
According to an embodiment of the invention, the test apparatus further comprises: the deleting module is used for deleting the backed-up user key label; a seed recovery module for recovering each seed after decrypting the user data; the label recovery module is used for recovering the user key label by utilizing each recovered seed; and the decryption module is used for decrypting the user data by utilizing the recovered user key label.
According to an embodiment of the present invention, the plurality of condition seeds in the seed repository include a code seed and a secret machine seed.
According to an aspect of the present invention, there is also provided a storage medium storing a program executed to perform the above-described test method.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (10)
1. A test method for a data protection device is characterized in that the data protection device generates at least one conditional seed and backs up a key tag by using the at least one conditional seed in a data backup process; the data protection device decrypts the at least one conditional seed and recovers the key label in a data recovery process; the test method comprises the following steps:
establishing a seed library comprising a plurality of conditional seeds;
generating a plurality of permutation combinations of the plurality of conditional seeds;
providing each of the plurality of permutation combinations to the data protection device to test a data backup process and a data recovery process of the data protection device.
2. The test method for a data protection device of claim 1, further comprising:
generating each seed in the provided combination;
encrypting user data;
and backing up the user key label by using each seed.
3. The testing method for a data protection device according to claim 2, further comprising, after backing up the user key tag with each seed:
deleting the backed-up user key label;
recovering said each seed after decrypting said user data;
recovering the user key label by using each recovered seed;
decrypting the user data using the recovered user key tag.
4. The test method for a data protection device of claim 1, wherein the plurality of conditional seeds in the seed repository include a code seed and a secret machine seed.
5. The testing method for a data protection device of claim 1, wherein the plurality of conditional seeds in the seed repository correspond to each of a plurality of condition types.
6. A testing device for a data protection device is characterized in that the data protection device generates at least one conditional seed and backs up a key tag by using the at least one conditional seed in a data backup process; the data protection device decrypts the at least one conditional seed and recovers the key label in a data recovery process;
the test device includes:
a seed bank comprising a plurality of conditional seeds;
a permutation module for generating a plurality of permutation combinations of the plurality of conditional seeds;
and the testing module is used for providing each permutation combination to the data protection equipment so as to test the data backup process and the data recovery process of the data protection equipment.
7. The test apparatus for a data protection device of claim 6, wherein the test apparatus further comprises:
a generation module for generating each seed in the provided combination;
an encryption module for encrypting user data;
and the backup module is used for utilizing each seed to backup the user key label.
8. The test apparatus for a data protection device of claim 7, further comprising:
a deleting module, configured to delete the backed-up user key tag;
a seed recovery module for recovering each seed after decrypting the user data;
a label recovery module, configured to recover the user key label using each recovered seed;
and the decryption module is used for decrypting the user data by utilizing the recovered user key label.
9. The test apparatus for a data protection device of claim 6, wherein the plurality of condition seeds in the seed repository include a code seed and a secret machine seed.
10. A storage medium storing a program which is executed to execute the test method of any one of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911381576.6A CN111241575B (en) | 2019-12-27 | 2019-12-27 | Test method and device for data protection equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911381576.6A CN111241575B (en) | 2019-12-27 | 2019-12-27 | Test method and device for data protection equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111241575A true CN111241575A (en) | 2020-06-05 |
CN111241575B CN111241575B (en) | 2021-07-30 |
Family
ID=70870396
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911381576.6A Active CN111241575B (en) | 2019-12-27 | 2019-12-27 | Test method and device for data protection equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111241575B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112804053A (en) * | 2020-12-31 | 2021-05-14 | 北京深思数盾科技股份有限公司 | Data recovery method, encryption device, terminal device and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106209895A (en) * | 2016-07-28 | 2016-12-07 | 维沃移动通信有限公司 | A kind of data encryption and transmission method and intelligent terminal |
CN106357649A (en) * | 2016-09-23 | 2017-01-25 | 浙江神州量子网络科技有限公司 | User identity authentication system and method |
CN107257279A (en) * | 2017-06-29 | 2017-10-17 | 努比亚技术有限公司 | A kind of clear data encryption method and equipment |
CN109617680A (en) * | 2018-12-06 | 2019-04-12 | 中国移动通信集团福建有限公司 | Encryption method, device, equipment and medium |
CN110147693A (en) * | 2019-05-23 | 2019-08-20 | 拉扎斯网络科技(上海)有限公司 | Acquisition of information and display methods, device, electronic equipment and storage medium |
-
2019
- 2019-12-27 CN CN201911381576.6A patent/CN111241575B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106209895A (en) * | 2016-07-28 | 2016-12-07 | 维沃移动通信有限公司 | A kind of data encryption and transmission method and intelligent terminal |
CN106357649A (en) * | 2016-09-23 | 2017-01-25 | 浙江神州量子网络科技有限公司 | User identity authentication system and method |
CN107257279A (en) * | 2017-06-29 | 2017-10-17 | 努比亚技术有限公司 | A kind of clear data encryption method and equipment |
CN109617680A (en) * | 2018-12-06 | 2019-04-12 | 中国移动通信集团福建有限公司 | Encryption method, device, equipment and medium |
CN110147693A (en) * | 2019-05-23 | 2019-08-20 | 拉扎斯网络科技(上海)有限公司 | Acquisition of information and display methods, device, electronic equipment and storage medium |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112804053A (en) * | 2020-12-31 | 2021-05-14 | 北京深思数盾科技股份有限公司 | Data recovery method, encryption device, terminal device and storage medium |
CN112804053B (en) * | 2020-12-31 | 2022-03-15 | 北京深思数盾科技股份有限公司 | Data recovery method, encryption device, terminal device and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN111241575B (en) | 2021-07-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ES2822997T3 (en) | Method to satisfy a cryptographic request that requires a value of a private key | |
CN110278078B (en) | Data processing method, device and system | |
CN106685645B (en) | A kind of cipher key backup for safety chip business cipher key and restoration methods and system | |
WO2019129842A1 (en) | Method and system for cryptographic activation of a plurality of equipement items | |
CN111385084A (en) | Key management method and device for digital assets and computer readable storage medium | |
CN112632007B (en) | Log storage and extraction method, device, equipment and storage medium | |
CN107124279B (en) | Method and device for erasing terminal data | |
CN104135531B (en) | A kind of upgrade method and device of Web softwares | |
CN111241575B (en) | Test method and device for data protection equipment and storage medium | |
CN110166458B (en) | Three-level key encryption method | |
US10110373B2 (en) | System and method for manipulating both the plaintext and ciphertext of an encryption process prior to dissemination to an intended recipient | |
US10255171B2 (en) | Test methodology for detection of unwanted cryptographic key destruction | |
US10235218B2 (en) | Automatic correction of cryptographic application program interfaces | |
CN112631836A (en) | Method and device for block chain, storage medium and electronic equipment | |
JPWO2006118101A1 (en) | CONFIDENTIAL INFORMATION PROCESSING HOST DEVICE AND CONFIDENTIAL INFORMATION PROCESSING METHOD | |
US11601270B1 (en) | Methods, systems and computer program products for rotating cryptographic keys for encrypted files | |
KR101699176B1 (en) | Hadoop Distributed File System Data Encryption and Decryption Method | |
CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
CN110737910B (en) | Android log decryption management method, device, equipment and medium | |
JP2014238546A (en) | Data regeneration device, data regeneration method and program | |
CN103795547A (en) | User data encryption method and device | |
CN111008837B (en) | Block chain account private key recovery method and device, computer equipment and storage medium | |
CN112784292B (en) | Configuration file processing method and device | |
CN114491580B (en) | Database sensitive information encryption method and device | |
JP2012054889A (en) | Cipher key provision system and cipher key provision method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee after: Beijing Shendun Technology Co.,Ltd. Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. |