CN112231744B - Method and system for limiting and reading public file - Google Patents
Method and system for limiting and reading public file Download PDFInfo
- Publication number
- CN112231744B CN112231744B CN201910694383.XA CN201910694383A CN112231744B CN 112231744 B CN112231744 B CN 112231744B CN 201910694383 A CN201910694383 A CN 201910694383A CN 112231744 B CN112231744 B CN 112231744B
- Authority
- CN
- China
- Prior art keywords
- private key
- limited
- public
- restricted
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- GNFTZDOKVXKIBK-UHFFFAOYSA-N 3-(2-methoxyethoxy)benzohydrazide Chemical compound COCCOC1=CC=CC(C(=O)NN)=C1 GNFTZDOKVXKIBK-UHFFFAOYSA-N 0.000 claims description 4
- YTAHJIFKAKIKAV-XNMGPUDCSA-N [(1R)-3-morpholin-4-yl-1-phenylpropyl] N-[(3S)-2-oxo-5-phenyl-1,3-dihydro-1,4-benzodiazepin-3-yl]carbamate Chemical compound O=C1[C@H](N=C(C2=C(N1)C=CC=C2)C1=CC=CC=C1)NC(O[C@H](CCN1CCOCC1)C1=CC=CC=C1)=O YTAHJIFKAKIKAV-XNMGPUDCSA-N 0.000 claims description 4
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims description 2
- 239000000463 material Substances 0.000 description 11
- 238000010586 diagram Methods 0.000 description 6
- 239000000284 extract Substances 0.000 description 3
- 238000007796 conventional method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention relates to a public file limited reading method and a public file limited reading system, which are used for a non-member and a member to read, wherein the non-member can only read non-limited contents, and the member can read limited contents besides the non-limited contents. And importing a blockchain technology to provide files to all non-members and members so as to ensure the accuracy and consistency of the files and the like, wherein a provider of the files only needs to provide one file to the non-members and does not occupy the storage space of the non-members and members. And acquiring the data which can be identified from the file to determine whether the system receiving the file meets membership or not, and automatically opening the limited content of the file to realize the limited reading method of the public file.
Description
Technical Field
The invention belongs to the technical field of document disclosure, in particular to a method and a system for viewing a part of disclosure and a part of limited disclosure document.
Background
With the popularity of computers and the Internet, electronic documents have gradually replaced paper documents, becoming the main media for document exchange.
Although, electronic documents have advantages over traditional paper documents in terms of internet delivery; however, electronic documents still present some problems with respect to authenticity, transmissibility, replicability, confidentiality, etc. Authenticity refers to the fact that an electronic document is not easy to determine who the issuer is, even if the issuer can be confirmed, but the electronic document is highly likely to be tampered with; transmissibility and replicability refer to the fact that electronic documents easily propagate through the internet to all corners of the world and are replicated; and confidentiality refers to the fact that the electronic file can be read only by means of encryption and decryption.
In some electronic document applications, such as investment exposure books, stock proposal books, contract exposure books, etc., different contents are provided according to the needs or grades of different viewers. The traditional method is that different encrypted contents can be provided for different readers, so that a specific reader can read the electronic file related to the reader in a decryption mode of the reader; however, when the number of viewers is large, it is necessary to create and provide "multiple" electronic files corresponding to the number of viewers, and the creation process is very complicated and is not conducive to the transmission and storage of the electronic files; in an extended application, the electronic file is imported into the blockchain technology for the purpose of obtaining the authenticity of the electronic file, and all viewers have the electronic files of all viewers at the same time in the process of importing the blockchain technology; in practice, however, a single viewer need only have one electronic document associated with himself, and no electronic documents of other people.
The conventional method solves the problem of the authenticity of the electronic file, and simultaneously enables a designated reader to read the electronic file; however, conventional methods still suffer from a number of drawbacks, such as:
1. all viewers need to back up all electronic files, meaning that all viewers need extra space to store all electronic files, including their own and others.
2. For customized electronic files provided to each viewer, a separate encryption and decryption process is required for the electronic files, which would burden the system.
3. Because all electronic documents are customized, they cannot be immediately and dynamically provided to non-customized viewers, for example, some content of the investment exposure book can be arbitrarily disclosed to unrestricted viewers, thereby attracting unrestricted viewers to view, and if unrestricted viewers want to obtain the complete investment exposure book, the complete investment exposure book content can be obtained by adding members.
4. The customized electronic file needs to have a private key by a reader to acquire the content of the investment disclosure, so that the reader can read the electronic file only by decrypting, and the action is not confusing for the reader, but the mode is not technical for the age of speed and science and technology.
In view of the above, the present invention provides a method and a system for viewing public file definitions, so as to solve the drawbacks of the prior art.
Disclosure of Invention
The invention mainly aims to provide a public file limited reading method and a public file limited reading system, and a first aim is to provide a public file limited reading method which can select non-limited content and limited content in a single file to manufacture files for members and non-members to read.
A second object of the present invention is to provide a limited viewing method for a document according to the above-described publication, which enables a non-member to view non-limited contents of the document and a member to view limited contents of the document in addition to the non-limited contents.
The third object of the present invention is to introduce a blockchain technique according to the above-mentioned publication limited browsing method, and provide files to all non-members and members, so as to ensure the correctness and consistency of the files.
A fourth object of the present invention is to define a browsing method according to the above-mentioned publication, in which a provider of a document only needs to provide a document to non-members and members without occupying storage spaces of the non-members and members.
A fifth object of the present invention is to obtain data from a document for identification according to the above-mentioned limited viewing method of the publication, to determine whether the system receiving the document is membership-compliant, and to automatically open the limited contents of the document.
A sixth object of the present invention is to implement a limited viewing method of a publication according to the above-described limited viewing system of a publication.
To achieve the above or other objects, the present invention provides a limited viewing method for a public file, which is applied to a public file, wherein the public file is composed of a public data section, a first limited data section and a second limited data section, the public file provides a general member, at least one of the first member and the second member for conditionally reading the public data section, the first limited data section and the second limited data section, wherein the public file is encoded based on a hypertext markup language (HyperText Markup Language), the limited viewing method for the public file comprises the steps of a, obtaining a first public key of the first member and a second public key of the second member, and the first member has a first private key corresponding to the first public key and the second member has a second private key corresponding to the second public key; step b, establishing a public data section, a first limit data section and a second limit data section in the claim mark of the public file, wherein the public data section provides the public content, the first content of the first limit data section is encrypted by a first limit public key, the second content of the second limit data section is encrypted by a second limit public key, the first limit public key has a corresponding first limit private key and the second limit public key has a corresponding second limit private key; step c, inserting a general member identity section, a first member identity section of a first member and a second member identity section of a second member respectively in the declaration mark of the disclosure document; step d, selectively encrypting at least one of the first limited private key and the second limited private key with a first public key in a first member identity segment, and selectively encrypting at least one of the first limited private key and the second limited private key with a second public key in a second member identity segment, wherein the first member identity segment and the second member identity segment respectively select the first limited private key and the second limited private key; and step e, the public file is issued to the general member, the first member and the second member located in the Internet.
Further, the method also comprises the following steps:
step f: the general member, the first member and the second member obtaining the publication from the Internet and viewing the disclosure of the piece of publication from the publication;
step g: decoding the first member identity segment and the second member identity segment by using the first private key of the first member to obtain the first limited private key, the second limited private key or both; and
step h: decrypting the first restricted content with the first restricted private key to view the first content and decrypting the second restricted content with the second restricted private key to view the second content.
Further, the step g further includes the following steps:
step i, if the first private key of the first member decodes the first member identity segment, the first limited private key, the second limited private key or both cannot be obtained, the first member cannot decode the first limited data segment through the first limited private key and the first member cannot decode the second limited data segment through the second limited private key; if the second private key of the second member decodes the first member identity segment and the first restricted private key, the second restricted private key or both cannot be obtained, the second member cannot decode the first restricted data segment by the first restricted private key and the second member cannot decode the second restricted data segment by the second restricted private key.
Further, in step c, the method further includes the following step j:
step j-1: obtaining a third public key of a third member, wherein the third member has a third private key corresponding to the third public key;
step j-2: adding a third membership segment to the asserted mark of the publication;
step j-3: selectively encrypting at least one of the first restricted private key and the second restricted private key with a third public key in the third member identity segment; and
step j-4: the update disclosure including the third membership section is located in place of the Internet disclosure.
Further, after step j, step k is further included:
step k-1: the third member obtaining the updated disclosure document from the Internet and viewing the disclosure content of the piece of disclosure data from the updated disclosure document;
step k-2: decoding the third member identity segment using the third private key of the third member to obtain the first restricted private key, the second restricted private key, or both, respectively; and
step k-3: decrypting the first restricted content with the first restricted private key to view the first content and decrypting the second restricted content with the second restricted private key to view the second content.
Further, in step k2, the method further comprises the steps of:
step k-4: if the third private key of the third member decodes the third member identity segment and the first limited private key, the second limited private key or both cannot be obtained, the third member cannot decode the first limited data segment through the first limited private key, and the third member cannot decode the second limited data segment through the second limited private key.
Further, the general member, the first member, the second member and the third member have the same share of the update disclosure.
In order to achieve the above and other objects, the present invention provides a public file limited viewing system, which is applied to a public file for a general member, a first member and a second member to conditionally read the public file, wherein the first member has a first public key and a first private key, and the second member has a second public key and a second private key, and the public file limited viewing system comprises a database, a processing unit, a servo unit and a viewing unit. The database stores the disclosure. The processing unit is connected with the database. The processing unit encodes the public file by using the hypertext markup language, establishes a first member identity section, a second member identity section, a public data section, a first limit data section and a second limit data section in the public file, and sets the authority of the first member and the second member to read the public data section, the first limit data section and the second limit data section in the first member identity section and the second member identity section respectively. The servo unit is connected with the processing unit. The server unit receives the disclosure document and issues the disclosure document in the Internet; and the browsing unit is connected with the Internet. The browsing unit provides the general member, the first member and the second member with an access request for acquiring the public file, the general member, the first member and the second member acquire the first private key of the first member or the second private key of the second member according to the mark in the public file, then automatically acquire the identity section of the first member or the second member, acquire the private key allowed to browse the first limited data section to decode the first limited data section so as to browse the first content or acquire the private key allowed to browse the second limited data section so as to decode the second limited data section so as to browse the second content, and further combine the content of the public data section with the first content and the second content allowed to browse to the corresponding general member, the first member and the second member to browse.
Further, the processing unit encrypts the first limited data segment with a first limited public key, encrypts the second limited data segment with a second limited public key, and inserts a first limited private key corresponding to the first limited public key, a second limited private key corresponding to the second limited public key, or the first limited private key and the second limited private key into the first member identity segment and the second member identity segment of the disclosure, respectively, wherein the first limited private key and the second limited private key of the second limited public key are encrypted with the first public key of the first member and the second public key of the second member, respectively.
Further, the first private key of the first member decrypts the first member identity segment and the second private key of the second member decrypts the second member identity segment to obtain the first restricted private key for decrypting the first restricted data segment and the second restricted private key for decrypting the second restricted data segment, respectively.
Compared with the prior art, the invention provides a method and a system for limiting and reading the public file, which can have the following advantages through the inventive concept:
1. all viewers do not need to store/back up all electronic files, but only need to obtain one electronic file.
2. Only special judging conditions are added in the process of encoding the electronic file, and the burden of a system is not caused.
3. The method can be provided for the non-member immediately and dynamically, the non-member can read the public information without limitation, and if the non-member is attracted by the public information, the complete investment disclosure content can be obtained by updating the electronic document by adding the member.
Drawings
Fig. 1 is a flow chart of a disclosure-limited viewing method according to a first embodiment of the present invention.
Fig. 2 is a schematic diagram illustrating a method for limiting viewing of the disclosure document of fig. 1 according to the present invention.
Fig. 3 is a coding schematic illustrating the disclosure of fig. 1 of the present invention.
Fig. 4 is a block diagram of a disclosure-defining viewing system according to a second embodiment of the present invention.
Description of the reference numerals
2. Disclosure of the document
4. Internet network
10. Public file limiting reading system
12. Database
14. Processing unit
16. Servo unit
18. Browsing unit
VR Access request
S11-S15 method steps.
Detailed Description
For a thorough understanding of the objects, features and effects of the present invention, reference will now be made in detail to the following detailed description of the invention taken in conjunction with the accompanying drawings. The description is as follows:
in the present disclosure, "a" or "an" are used to describe the units, elements, and components described herein. This is for convenience of description only and is not intended to be limiting in any way. Thus, unless expressly stated otherwise, such description should be understood as including one, at least one, and the singular also includes the plural.
The terms "comprising," "including," "having," "containing," or any other similar language are intended to cover a non-exclusive inclusion. For example, an element, structure, article, or device containing a plurality of elements is not limited to only those elements listed herein but may include other elements not expressly listed but inherent to such element, structure, article, or device. In addition, unless explicitly stated to the contrary, the term "or" refers to an inclusive "or" and not to an exclusive "or". Referring to fig. 1, a flow chart of a single disclosure definition viewing method according to a first embodiment of the present invention is shown. In fig. 1, a publication restriction viewing method is applied to a publication. A publication consists of a publication section, a first constraint section and a second constraint section. The disclosure document provides for the general member, the first member, and the second member to conditionally read at least one of the disclosure material segment, the first restriction material segment, and the second restriction material segment. Wherein the disclosure is encoded based on a hypertext markup language (HyperText Markup Language). The public file limiting and reading method comprises the following steps:
beginning with step S11, a first public key of a first member and a second public key of a second member are obtained. Wherein the first member has a first private key corresponding to the first public key and the second member has a second private key corresponding to the second public key.
Step S12, establishing a public data section, a first limit data section and a second limit data section at the declaring mark of the public document. The public data section provides public content, the first content of the first limited data section is encrypted by a first limited public key, the second content of the second limited data section is encrypted by a second limited public key, the first limited public key has a corresponding first limited private key, and the second limited public key has a corresponding second limited private key.
In step S13, the declaration mark of the disclosure is inserted into the general member identity segment of the related general member, the first member identity segment of the first member, and the second member identity segment of the second member, respectively.
Step S14, selectively encrypting at least one of the first limited private key and the second limited private key with the first public key in the first membership section, and selectively encrypting at least one of the first limited private key and the second limited private key with the second public key in the second membership section.
Step S15, the public file is issued to the general member, the first member and the second member located in the Internet.
In another embodiment, after step S15, the following steps may be further included for conditional viewing of the restricted content by the general member, the first member and the second member.
Step S16, the general member, the first member and the second member obtain the public file from the Internet and read the disclosure content of the public data section from the public file.
In step S17, the first member identity segment and the second member second private key of the first member are decoded by using the first private key of the first member to decrypt the second member identity segment, so as to obtain the first limited private key, the second limited private key or both. In another embodiment, if the first private key of the first member decodes the first member identity segment, the first restricted private key, the second restricted private key, or both, the first member cannot decode the first restricted data segment with the first restricted private key and the first member cannot decode the second restricted data segment with the second restricted private key; if the second private key of the second member decodes the first member identity segment, the first limited private key, the second limited private key or both cannot be obtained, the second member cannot decode the first limited data segment through the first limited private key and the second member cannot decode the second limited data segment through the second limited private key.
In step S18, the first limited content is decrypted with the first limited private key to browse the first content, and the second limited content is decrypted with the second limited private key to browse the second content.
In another embodiment, if the disclosure document is published, if a third member is to be added, the step is (1) obtaining a third public key of the third member, wherein the third member has a third private key corresponding to the third public key; (2) Adding a third membership segment to the declarative indicia of the publication; (3) Selectively encrypting at least one of the first restricted private key and the second restricted private key with a third public key in a third member identity segment; and (4) an update disclosure comprising a third membership segment in place of the Internet disclosure.
Therefore, the general member, the first member, the second member and the third member all obtain the same updated disclosure document. Wherein the third member can obtain the updated disclosure document from the Internet and read the disclosure content of the published material segment from the updated disclosure document; decoding the third member identity segment by using the third private key of the third member to obtain the first limited private key, the second limited private key or both; and decrypting the first restricted content with the first restricted private key to browse the first content and decrypting the second restricted content with the second restricted private key to browse the second content; in the foregoing, if the third private key of the third member decodes the third member identity segment, the first limited private key, the second limited private key or both of them cannot be obtained, the third member cannot decode the first limited data segment through the first limited private key and the third member cannot decode the second limited data segment through the second limited private key.
According to the above steps, a schematic state diagram of the disclosure document limited viewing method of fig. 1 of the present invention will be described with reference to fig. 2. In fig. 2, a plurality of main endpoints are included, which are a client, a browser, a key vault, a server, and a file, respectively. The server provides files to the user side (including non-members and members) and the user side browses the files through the browser.
For example, the server extracts the document language code of the document, and the document program code of the document is provided with the document, the identification information of the user end related to the member and the non-member is embedded in advance, the declaration labels related to the member and the non-member are defined in the HTML head label of the document, for example, the labels of < member > </member > and < non-member > </non-member >, and the number of the labels can be one or a plurality of; and, declaration tags regarding limited content and non-limited content, such as tags of < non-limited content > </non-limited content > and < limited content > </limited content >, the number of which may be one or more.
Here, three clients a, B and C with membership, and two clients D and E with membership of two general members (or called non-membership) are taken as examples, and it is assumed that the client a can read the restricted contents 1,2 and 3, respectively; the user side B can read the restricted contents 1 and 2; and, the client C can read the limited content 2. In addition, the user terminals a, B and C can read the unrestricted content freely. It should be noted that, in this embodiment, the file refers to a single file, and the files are all stored in the clients a, B, C, D and E, and the content of the files is consistent.
According to the above claims, the specified restrictions 1,2, and 3 can be claimed between tags < member a > </member a >, the private keys of which are encrypted by the public key of the user terminal a; the private key specifying the restricted contents 1 and 2 is declared to be encrypted by the public key of the user side B between the member B </member B >; the private key specifying the restricted content 2 is declared to be encrypted by the public key of the user terminal C among the < member C > </member C >; and the remaining non-member clients D and E are not additionally declared. Meanwhile, the tags < unlimited content > </unlimited content > and < limited content > </limited content > are filled in corresponding materials, for example, limited contents 1,2 and 3 have three parts, respectively distinguished by the tags < limited content 1> </limited content 1>, < limited content 2> </limited content 2> and < limited content 3> </limited content 3>, wherein the limited contents between < limited content 1> </limited content 1> are encrypted with a public key related to limited content 1, and so on, the limited contents between < limited content 2> </limited content 2> are encrypted with a public key related to limited content 2, etc., and in other embodiments, the number or paragraph of limited contents thereof may be increased or decreased according to the requirement thereof.
Returning to the state diagram of fig. 2, it is assumed that the clients a, B, C, D and E respectively send access requests to the server through the browser to obtain the file, where the clients a, B and C are members (hereinafter referred to as members) and the clients D and E are non-members (hereinafter referred to as non-members). Wherein, in the encoding process (for example, using the hypertext markup language), the file defines the declaration labels about the member and the non-member in the file, for example < member A > limits contents 1,2, and 3, the private key of the member A … < member C > limits the private key of the content 2 by the public key of the user side A, and the labels of < member C >, < non-member D > </non-member > and < non-member E > </non-member > by the public key of the user side C. In the same document, there are tags of limited contents and non-limited contents, that is, < limited content 1> </limited content 1> (encrypted with the public key related to limited content 1) </limited content 1>, < limited content 2> </limited content 2> (encrypted with the public key related to limited content 2) </limited content 2 >) is distinguished from < limited content 3> </limited content 3> (encrypted with the public key related to limited content 3> </limited content 3 >.
Then, the server sends the file with the file language code to the browser to which all members A, B and C and non-members D and E belong, so that all members A, B and C and non-members D and E can see the unrestricted content of the file by unpacking the package through the browser, and the browser also receives the encryption program from the key vault and the public key related to members A, B and C.
Taking member a as an example, when the browser of member a displays non-restricted content, the browser extracts the identification data of the browser from member a and the private key thereof according to the content of the HTML head tag of the file (if the identity is that member a can browse restricted contents 1,2 and 3), and if the identification data of member a accords with (or is matched with) the identification data of the file, the browser decrypts restricted browsing contents 1,2 and 3 by the private key of member a and displays the restricted browsing contents 1,2 and 3 on the browser of member a; on the contrary, if the identification data of the member a does not match (or not match) the identification identity information of the document, no message is displayed, that is, the limited viewing contents 1,2 and 3 cannot be viewed, but the unlimited viewing contents can still be read; in addition, taking member C as an example, when the browser of member C displays non-restricted content, the browser extracts its identification data and its private key from member C according to the HTML head tag content of the file (if the identity is that member C can browse restricted content 2), and when the identification data of member C matches (or is said to match) the identification information of the file, the browser decrypts restricted content 2 with the private key of member C according to the above manner, and it is noted that, since the HTML head tag of the file only claims that member C can browse restricted content 2, non-claims browse restricted contents 1 and 3. Even for member C, it cannot view the restricted contents 1 and 3, but can read the unrestricted viewing contents.
Thus, it will be appreciated from the foregoing description that the present invention provides a single document, and by enabling all members and non-members to obtain only one document in the claiming of the HTML head tag, the present invention is able to distinguish between the members and the non-member viewing content according to the claiming content, and is able to further distinguish which member the plurality of restricted content can be viewed by among the members, and further realize that the designated member can view the designated one or more restricted content.
For example, the present invention can be applied to blockchains, which are characterized by decentralization, enabling members on the internet to share a single public file with each other, and the public file sets the viewing authority of each member. A single publication is based on a hypertext markup language encoding consisting of a public data segment, a first constraint data segment, and a second constraint data segment. Reference is made to the schematic diagram of fig. 3.
It is assumed that the members on the Internet have a general member, a first member, and a second member, which can obtain a single public file from the Internet. The issuer of the publication document desires that the general member, the first member, and the second member, after acquiring the publication document, be able to conditionally read some or all of the contents of the publication document according to the inventor's settings.
The issuer first obtains a first public key of a first member and a second public key of a second member. The first member has a first private key owned by the member in addition to the first public key, wherein the second public key and the second private key are mutually a key pair; the same applies to the second member, which has its own second private key in addition to the second public key, wherein the second public key and the second private key are mutually key pairs.
The issuer establishes a public data segment, a first constraint data segment, and a second constraint data segment at the declaring tag < header > of the public document. Here, the public data section is defined to provide the public content for general members or public to view, and the first restriction data section and/or the second restriction data section enables only the first member or the second member to view.
The issuer encrypts the first content of the first limited data segment with a first limited public key in the public file, and the first limited public key corresponds to a first limited private key which can be used for decrypting and utilizing the first limited public key to obtain the first content; the same applies to the second restricted data segment, the second content of the second restricted data segment is encrypted with the second restricted public key, and the second restricted public key corresponds to the second restricted private key, and the second restricted private key can be used for decrypting and utilizing the second restricted public key to obtain the second content.
Further, the declarative indicia in the disclosure inserts a general member identity field associated with the general member, a first member identity field associated with the first member, and a second member identity field associated with the second member, such as illustrated by the first member identity field, respectively, the first member identity field being operable to store encrypted first and second restricted private keys. In the setup of fig. 3, a first member can view the disclosure, the first content, and the second content through a first member identification segment, and a second member can view the disclosure and the first content through a second member identification segment.
Therefore, the issuer can issue the disclosure document to the general member, the first member, and the second member located on the internet, in other words, the general member, the first member, and the second member have the same disclosure document.
To achieve the above object, the issuer encrypts the first limited private key and the second limited private key with the first public key of the first member in the first member identity segment. Therefore, when the first member uses the first private key to decrypt the first limited private key and the second limited private key encrypted by the first public key, the first limited private key and the second limited private key can be obtained. After the first member obtains the first limited private key, the first limited public key is decrypted by the first limited private key to obtain the first content, and the second limited public key is decrypted by the second limited private key to obtain the second content.
Likewise, the issuer encrypts the first restricted private key with the second public key of the second member at the second member identity stage. Thus, when the second member decrypts the second public key encrypted first restriction private key using the second private key, the first restriction private key can be obtained. After the second member obtains the first limited private key, the second member decrypts the first limited public key by using the first limited private key to obtain the first content. It is noted that the second member identity segment only has the second public key to encrypt the first limited private key, which cannot obtain the second limited private key, and thus cannot read the second content.
Therefore, in the same publication, it is possible to restrict different members from individually acquiring the content to be viewed.
In yet another embodiment, the issuer may disassemble the identity segment and the data segment of the disclosure document into two disclosure documents, and issue the two disclosure documents on the blockchain, and when the issuer wants to add or delete members, it is only necessary to add/delete member identity segments again on the disclosure document of the identity segment, so as to realize the purpose of designating each member to view the designated viewing content. Based on the characteristic of block chain, the issuer can reissue the re-edited public identity section file to Internet, so that all members hold the latest public identity section file without reissuing the public file of the data section, and if the content of the data section is updated, the public file of the data section is required to be reissued to Internet.
Referring to fig. 4, a block diagram of a viewing system is defined in a disclosure document according to a second embodiment of the present invention. In fig. 4, the publication definition viewing system 10 is applied to a publication for conditional reading of the publication by a general member, a first member, and a second member. Wherein the first member has a first public key and a first private key and the second member has a second public key and a second private key.
The document limited viewing system 10 includes a database 12, a processing unit 14, a server unit 16, and a viewing unit 18.
The database 12 stores the disclosure 2. The disclosure document 2 may be from a file, a scanner, or an image capturing device.
The processing unit 14 is connected to the database 12 for retrieving the disclosure 2. The processing unit 14 encodes the disclosure document 2 by using the hypertext markup language, establishes a first member identity section, a second member identity section, a disclosure material section, a first restriction material section and a second restriction material section in the disclosure document 2, and sets the authority of the first member and the second member to read the disclosure material section, the first restriction material section and the second restriction material section in the first member identity section and the second member identity section, respectively. In another embodiment, the processing unit encrypts the first restricted data segment with the first restricted public key and the second restricted data segment with the second restricted public key in the public document 2, respectively, and inserts the first restricted private key corresponding to the first restricted public key, the second restricted private key corresponding to the second restricted public key, or the first restricted private key and the second restricted private key in the first member identity segment and the second member identity segment of the public document. The first limited private key and the second limited private key of the second limited public key are encrypted by the first public key of the first member and the second public key of the second member respectively. In addition, the first private key of the first member decrypts the first member identity segment and the second private key of the second member decrypts the second member identity segment to obtain the first limited private key for decrypting the first limited data segment and the second limited private key for decrypting the second limited data segment, respectively
The servo unit 16 is connected to the processing unit 14. The server unit 16 receives the disclosure document 2 and issues the disclosure document 2 on the Internet 4.
The browsing unit 18 is connected to the internet 4. The browsing unit 18 provides the general member, the first member and the second member with an access request VR for obtaining the disclosure document 2 to the server unit 16. After obtaining the first private key of the first member or the second private key of the second member according to the mark in the disclosure 2, the general member, the first member and the second member automatically go to the identity section of the first member or the second member, obtain the private key allowed to browse the first limited data section to decode the first limited data section and browse the first content, and obtain the private key allowed to browse the second limited data section to decode the second limited data section and browse the second content, and further combine the content of the disclosure data section with the first content and the second content allowed to browse the corresponding general member, the first member and the second member.
Compared with the prior art, the invention provides a method and a system for limiting and reading public files, which have the following advantages by virtue of the inventive concept:
1. all viewers do not need to store/back up all electronic files, but only need to obtain one electronic file.
2. Only special judging conditions are added in the process of encoding the electronic file, and the burden of a system is not caused.
3. The method can be provided for the non-member immediately and dynamically, the non-member can read the public information without limitation, and if the non-member is attracted by the public information, the electronic document can be updated by adding the member, so that the complete investment disclosure content can be obtained.
The invention has been described in terms of preferred embodiments, but it will be understood by those skilled in the art that the embodiments are merely illustrative of the invention and should not be construed as limiting the scope of the invention. It should be noted that all changes and substitutions equivalent to the embodiment are intended to be included in the scope of the present invention. Accordingly, the scope of the invention is defined by the appended claims.
Claims (8)
1. A method for viewing a publication document, comprising: applied to a publication consisting of a publication section, a first restriction section, and a second restriction section, the publication providing a general member, a first member, and a second member for conditionally reading at least one of the publication section, the first restriction section, and the second restriction section, wherein the publication is encoded based on a hypertext markup language, the publication defining a viewing method comprising:
step a: obtaining a first public key of the first member and a second public key of the second member, wherein the first member has a first private key corresponding to the first public key, and the second member has a second private key corresponding to the second public key;
step b: establishing the public data section, the first restriction data section and the second restriction data section at the claiming mark of the public document, wherein the public data section provides public content, the first content of the first restriction data section is encrypted by a first restriction public key, the second content of the second restriction data section is encrypted by a second restriction public key, the first restriction public key has a corresponding first restriction private key, and the second restriction public key has a corresponding second restriction private key;
step c: inserting a general member identity field, a first member identity field of a first member, and a second member identity field of a second member, respectively, in association with a general member at an asserted token of the publication;
step d: selectively encrypting at least one of the first restricted private key and the second restricted private key with a first public key in the first membership segment, and selectively encrypting at least one of the first restricted private key and the second restricted private key with a second public key in the second membership segment; and
step e: issuing the public document to the general member, the first member and the second member located in the Internet;
step f: the general member, the first member and the second member obtaining the publication from the Internet and viewing the disclosure of the piece of publication from the publication;
step g: decoding the first member identity segment and the second member identity segment by using the first private key of the first member to obtain the first limited private key, the second limited private key or both; and
step h: decrypting the first restricted data segment with the first restricted private key to view first content and decrypting the second restricted data segment with the second restricted private key to view second content.
2. The method of claim 1, wherein the step g further comprises the steps of:
step i: if the first private key of the first member decodes the first member identity segment, the first restricted private key, the second restricted private key or both of them cannot be obtained, the first member cannot decode the first restricted data segment by the first restricted private key and the first member cannot decode the second restricted data segment by the second restricted private key; if the second private key of the second member decodes the second member identity segment, the first restricted private key, the second restricted private key, or both, cannot be obtained, the second member cannot decode the first restricted data segment by the first restricted private key, and the second member cannot decode the second restricted data segment by the second restricted private key.
3. The method of claim 1, further comprising, in step c, the step j of:
step j-1: obtaining a third public key of a third member, wherein the third member has a third private key corresponding to the third public key;
step j-2: adding a third membership segment to the asserted mark of the publication;
step j-3: selectively encrypting at least one of the first restricted private key and the second restricted private key with a third public key in the third member identity segment; and
step j-4: the update disclosure including the third membership section is located in place of the Internet disclosure.
4. A method of viewing a publication as claimed in claim 3, further comprising, after step j, step k:
step k-1: the third member obtaining the updated disclosure document from the Internet and viewing the disclosure content of the piece of disclosure data from the updated disclosure document;
step k-2: decoding the third member identity segment using the third private key of the third member to obtain the first restricted private key, the second restricted private key, or both, respectively; and
step k-3: decrypting the first restricted data segment with the first restricted private key to view the first content and decrypting the second restricted data segment with the second restricted private key to view the second content.
5. The method of claim 4, further comprising the step of, in step k 2:
step k-4: if the third private key of the third member decodes the third member identity segment and the first limited private key, the second limited private key or both cannot be obtained, the third member cannot decode the first limited data segment through the first limited private key, and the third member cannot decode the second limited data segment through the second limited private key.
6. The method of claim 3, wherein the general member, the first member, the second member and the third member have the same updated disclosure.
7. A public file definition viewing system for a public file for conditional reading by a general member, a first member having a first public key and a first private key, and a second member having a second public key and a second private key, the public file definition viewing system comprising:
a database for storing the disclosure document;
the processing unit is connected with the database, encodes the public file by utilizing a hypertext markup language, establishes a first member identity section, a second member identity section, a public data section, a first limit data section and a second limit data section in the public file, and respectively sets the authority of the first member and the second member to read the public data section, the first limit data section and the second limit data section in the first member identity section and the second member identity section;
the servo unit is connected with the processing unit, receives the disclosure document and issues the disclosure document in the Internet;
the browsing unit is connected with the Internet, the browsing unit provides an access request for obtaining the public file to the servo unit, the general member, the first member and the second member automatically access to the identity section of the first member or the second member after obtaining a first private key of the first member or a second private key of the second member according to the mark in the public file, obtains a private key allowed to browse the first limited data section to decode the first limited data section and browse the first content, obtains a private key allowed to browse the second limited data section to decode the second limited data section and browse the second content, and further combines the content of the public data section with the first content and the second content allowed to browse to the corresponding general member, the first member and the second member;
the processing unit encrypts the first limited data segment with a first limited public key, encrypts the second limited data segment with a second limited public key, and inserts a first limited private key corresponding to the first limited public key, a second limited private key corresponding to the second limited public key, or the first limited private key and the second limited private key into the first member identity segment and the second member identity segment of the disclosure, wherein the first limited private key and the second limited private key of the second limited public key are encrypted with the first public key of the first member and the second public key of the second member, respectively.
8. The public file limited viewing system according to claim 7 wherein the first member's first private key decrypts a first member's identity segment and the second member's second private key decrypts a second member's identity segment to obtain the first limited private key for decrypting the first limited data segment and the second limited private key for decrypting the second limited data segment, respectively.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW108124870 | 2019-07-15 | ||
| TW108124870A TWI687839B (en) | 2019-07-15 | 2019-07-15 | Public document limited viewing method and system thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112231744A CN112231744A (en) | 2021-01-15 |
| CN112231744B true CN112231744B (en) | 2024-02-02 |
Family
ID=69184508
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910694383.XA Active CN112231744B (en) | 2019-07-15 | 2019-07-30 | Method and system for limiting and reading public file |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112231744B (en) |
| TW (1) | TWI687839B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1462940A (en) * | 2002-05-29 | 2003-12-24 | 明日工作室股份有限公司 | Deciphering system and method for a browser |
| CN1832398A (en) * | 2006-04-14 | 2006-09-13 | 中国软件与技术服务股份有限公司 | Method and system of file encipher share |
| TW200928994A (en) * | 2007-12-28 | 2009-07-01 | Trade Van Information Services Co | A system and method for protecting electronic media contents with RFID |
| US7921450B1 (en) * | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
| CN103561034A (en) * | 2013-11-11 | 2014-02-05 | 武汉理工大学 | Secure file sharing system |
| TW201447635A (en) * | 2013-06-10 | 2014-12-16 | Jie Chen | Content verification method based on digital signature codes |
| TW201601079A (en) * | 2014-06-25 | 2016-01-01 | Zhen-Yan Shen | Cluster data sharing method and system thereof |
| CN105743646A (en) * | 2016-02-03 | 2016-07-06 | 四川长虹电器股份有限公司 | Encryption method and system based on identity |
| TWM530445U (en) * | 2016-07-14 | 2016-10-11 | Super Fast Digital Technology Printing Co Ltd | School electronic information storage and browsing device |
| CN106233299A (en) * | 2014-04-25 | 2016-12-14 | 三星电子株式会社 | The method of social networking service is provided and performs the server of the method |
| CN107832632A (en) * | 2017-10-30 | 2018-03-23 | 天逸财金科技服务股份有限公司 | Asset certification authorization query method, system, electronic device and computer readable storage medium |
| CN108881240A (en) * | 2018-06-26 | 2018-11-23 | 广州友谱网络科技有限公司 | Member's private data guard method based on block chain |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030208686A1 (en) * | 2002-05-06 | 2003-11-06 | Thummalapally Damodar R. | Method of data protection |
| US9285981B1 (en) * | 2012-07-16 | 2016-03-15 | Wickr Inc. | Discouraging screen capture |
| CN109471844B (en) * | 2018-10-10 | 2022-02-18 | 深圳市达仁基因科技有限公司 | File sharing method and device, computer equipment and storage medium |
-
2019
- 2019-07-15 TW TW108124870A patent/TWI687839B/en active
- 2019-07-30 CN CN201910694383.XA patent/CN112231744B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7921450B1 (en) * | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
| CN1462940A (en) * | 2002-05-29 | 2003-12-24 | 明日工作室股份有限公司 | Deciphering system and method for a browser |
| CN1832398A (en) * | 2006-04-14 | 2006-09-13 | 中国软件与技术服务股份有限公司 | Method and system of file encipher share |
| TW200928994A (en) * | 2007-12-28 | 2009-07-01 | Trade Van Information Services Co | A system and method for protecting electronic media contents with RFID |
| TW201447635A (en) * | 2013-06-10 | 2014-12-16 | Jie Chen | Content verification method based on digital signature codes |
| CN103561034A (en) * | 2013-11-11 | 2014-02-05 | 武汉理工大学 | Secure file sharing system |
| CN106233299A (en) * | 2014-04-25 | 2016-12-14 | 三星电子株式会社 | The method of social networking service is provided and performs the server of the method |
| TW201601079A (en) * | 2014-06-25 | 2016-01-01 | Zhen-Yan Shen | Cluster data sharing method and system thereof |
| CN105743646A (en) * | 2016-02-03 | 2016-07-06 | 四川长虹电器股份有限公司 | Encryption method and system based on identity |
| TWM530445U (en) * | 2016-07-14 | 2016-10-11 | Super Fast Digital Technology Printing Co Ltd | School electronic information storage and browsing device |
| CN107832632A (en) * | 2017-10-30 | 2018-03-23 | 天逸财金科技服务股份有限公司 | Asset certification authorization query method, system, electronic device and computer readable storage medium |
| CN108881240A (en) * | 2018-06-26 | 2018-11-23 | 广州友谱网络科技有限公司 | Member's private data guard method based on block chain |
Non-Patent Citations (1)
| Title |
|---|
| 电商运营平台中监控与后台管理系统的设计;吴跃;《中国优秀硕士学位论文全文数据库 信息科技辑》(第06期);I138-852 * |
Also Published As
| Publication number | Publication date |
|---|---|
| TWI687839B (en) | 2020-03-11 |
| CN112231744A (en) | 2021-01-15 |
| TW201942786A (en) | 2019-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8909924B2 (en) | Digital asset management system | |
| KR101603149B1 (en) | A system and method to protect user privacy in multimedia uploaded to internet sites | |
| TW533723B (en) | Secure distributing services network system and method thereof | |
| JP4999751B2 (en) | Data sharing techniques | |
| KR101287518B1 (en) | Apparatus and method for digital rights management for epub-based contents, and apparatus and method for providing epub-based contents according to user authority | |
| JP5615716B2 (en) | Apparatus and method for digital rights management | |
| KR100822596B1 (en) | Recording medium having electronic document management program recorded, electronic document management system and electronic document management method | |
| US8204226B2 (en) | Encoding and recording apparatus, playback apparatus, and program | |
| US20050154923A1 (en) | Single use secure token appliance | |
| US8359473B1 (en) | System and method for digital rights management using digital signatures | |
| US20040078586A1 (en) | Terminal apparatus capable of using a recording medium with a copyright protecting function | |
| CN101408962A (en) | Portable digital content device and methods for use therewith | |
| WO2005024645A1 (en) | Information processing server and information processing method | |
| US20120259635A1 (en) | Document Certification and Security System | |
| US20060107325A1 (en) | Method for creating and processing data streams that contain encrypted and decrypted data | |
| US20100125736A1 (en) | Method and system for sharing contents with removable storage | |
| US20120197688A1 (en) | Systems and Methods for Verifying Ownership of Printed Matter | |
| JP2003304226A (en) | Method for providing contents, computer device, program, and method for reproducing contents | |
| CN112231744B (en) | Method and system for limiting and reading public file | |
| US7958363B2 (en) | Toolbar signature | |
| US11132674B2 (en) | Micro trusted network | |
| JP4956969B2 (en) | Document distribution apparatus, program, and document distribution system | |
| Brown | Copyright Exceptions for Libraries in the Digital Age: US Copyright Office considers reform of Section 108, highlights of the symposium | |
| US20100250383A1 (en) | Steganographic media payment system | |
| JP2007173972A (en) | Client unit, server unit, program and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |