CN112637153A - Method and system for removing duplicate in storage encryption - Google Patents
Method and system for removing duplicate in storage encryption Download PDFInfo
- Publication number
- CN112637153A CN112637153A CN202011462625.1A CN202011462625A CN112637153A CN 112637153 A CN112637153 A CN 112637153A CN 202011462625 A CN202011462625 A CN 202011462625A CN 112637153 A CN112637153 A CN 112637153A
- Authority
- CN
- China
- Prior art keywords
- data
- plaintext
- data block
- deduplication
- hash
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 230000000903 blocking effect Effects 0.000 claims abstract description 16
- 238000004519 manufacturing process Methods 0.000 claims description 16
- 238000004364 calculation method Methods 0.000 claims description 9
- 230000003247 decreasing effect Effects 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000017525 heat dissipation Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method and a system for removing duplicate in storage encryption, wherein the method comprises the steps of carrying out variable-length blocking on a source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts; calculating the hash characteristic value of each data block plaintext; respectively comparing each hash characteristic value with the characteristic data index query stored in the deduplication storage; and if the hash characteristic value does not exist in the deduplication storage, encrypting the data block plaintext corresponding to the hash characteristic value, and transmitting the encrypted data block plaintext to the deduplication storage to finish storage encryption and deduplication. The invention generates a unique and safe encryption key according to different characteristics of the source data, thereby not only ensuring the safety of the data, but also ensuring the accessibility of the data, and being capable of removing the duplication of the encrypted data.
Description
Technical Field
The invention belongs to the technical field of encryption, and particularly relates to a method and a system for removing duplicate in storage encryption.
Background
Data encryption generally adopts a symmetric encryption algorithm, and plaintext original data and an encryption key are encrypted together to generate a complex encrypted ciphertext for transmission. If different keys are used for encrypting the same original data, the final ciphertext will be different even if the same encryption algorithm is used.
Data deduplication, also called data deduplication, is to store only one copy of the same data. Data deduplication technology generally adopts a blocking algorithm (a fixed-length or variable-length blocking algorithm) to divide data into different small blocks of data, calculates a characteristic value of the blocked data through a hash algorithm, compares the characteristic value with a characteristic value of stored data, and if the characteristic value is the same as the characteristic value of the stored data, the data is duplicated and is not stored repeatedly.
After different keys of the same data are encrypted, the ciphertexts are different, and the characteristic values calculated by the hash algorithm are different, so that the repeated data cannot be removed based on the comparison result.
Disclosure of Invention
Aiming at the problems, the invention provides a method and a system for storage encryption deduplication, which generate a unique and safe encryption key according to different characteristics of source data, ensure the security of the data and the accessibility of the data, and can deduplicate the encrypted data.
In order to achieve the technical purpose and achieve the technical effects, the invention is realized by the following technical scheme:
in a first aspect, the present invention provides a method for storage encryption deduplication, including:
carrying out variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
calculating the hash characteristic value of each data block plaintext;
respectively comparing each hash characteristic value with the characteristic data index query stored in the deduplication storage;
and if the hash characteristic value does not exist in the deduplication storage, encrypting the data block plaintext corresponding to the hash characteristic value, and transmitting the encrypted data block plaintext to the deduplication storage to finish storage encryption and deduplication.
Optionally, if there is no hash feature value in the deduplication storage, encrypting a plaintext of a data block corresponding to the hash feature value, and transmitting the encrypted plaintext to the deduplication storage, specifically including the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on the data set S, and stores the asymmetric key pair Kp and Ki in a user key index which is deleted repeatedly, wherein Kp is a public key, and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the plaintext of the data block to the obfuscated value Sa to generate a data encryption key Kd;
generating a data block ciphertext De by using a data encryption key Kd for the data block plaintext through an encryption algorithm, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted using the private key Ki for a and stored as metadata of the data set S in the deduplication stored data set metadata index.
Optionally, the encrypting the data encryption key Kd with the private key Ki further includes, after the step of saving the metadata of the data set S in the metadata index of the data set stored in deduplication:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
Optionally, the step of comparing each feature value with the feature data index query stored in the deduplication storage respectively further includes:
if a certain characteristic value exists in the deduplication storage, increasing the plaintext reference count of the corresponding data block by 1 on the characteristic data index;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
Optionally, the hash feature value calculation method specifically includes: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
In a second aspect, the present invention provides a system for storage encryption deduplication, which includes a production server, a network switch and a deduplication storage connected in sequence;
the production server performs variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
the production server calculates the hash characteristic value of each data block plaintext;
the production server respectively compares each hash characteristic value with the characteristic data index query stored in the deduplication storage;
and if the hash characteristic value does not exist in the deduplication storage, the production server encrypts the data block plaintext corresponding to the hash characteristic value and transmits the data block plaintext to the deduplication storage through the network switch to finish storage encryption and deduplication.
Optionally, if there is no hash feature value in the deduplication storage, encrypting a plaintext of a data block corresponding to the hash feature value, and transmitting the encrypted plaintext to the deduplication storage, specifically including the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on the data set S, and stores the asymmetric key pair Kp and Ki in a user key index which is deleted repeatedly, wherein Kp is a public key, and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the plaintext of the data block to the obfuscated value Sa to generate a data encryption key Kd;
generating a data block ciphertext De by using a data encryption key Kd for the data block plaintext through an encryption algorithm, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted using the private key Ki for a and stored as metadata of the data set S in the deduplication stored data set metadata index.
Optionally, the encrypting the data encryption key Kd with the private key Ki further includes, after the step of saving the metadata of the data set S in the metadata index of the data set stored in deduplication:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
Optionally, the step of comparing each feature value with the feature data index query stored in the deduplication storage respectively further includes:
if a certain characteristic value exists in the deduplication storage, increasing the plaintext reference count of the corresponding data block by 1 on the characteristic data index;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
Optionally, the hash feature value calculation method specifically includes: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
Compared with the prior art, the invention has the beneficial effects that:
for the security of encrypted data, different encryption keys are used for different user different data sets, and ciphertexts of the same source data encrypted by different keys are different, so that the traditional deduplication algorithm cannot process the same type of source data. The invention generates a unique and safe encryption key according to different characteristics of the source data, thereby not only ensuring the safety of the data, but also ensuring the accessibility of the data, and being capable of removing the duplication of the encrypted data.
Drawings
In order that the present disclosure may be more readily and clearly understood, reference is now made to the following detailed description of the present disclosure taken in conjunction with the accompanying drawings, in which:
FIG. 1 is a schematic diagram illustrating a method for removing duplicate storage encryption according to an embodiment of the present invention;
FIG. 2 is a second schematic diagram illustrating a method for removing duplicate data in a storage encryption system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a system for storage encryption deduplication according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the scope of the invention.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
Example 1
The embodiment of the invention provides a method for removing duplicate in storage encryption, which comprises the following steps as shown in figure 1:
(1) carrying out variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
(2) calculating the hash characteristic value of each data block plaintext, wherein the data blocks plaintext with the same heat dissipation characteristic value can be regarded as data blocks plaintext with the same data content;
(3) respectively comparing each hash characteristic value with the characteristic data index query stored in the deduplication storage;
(4) and if the hash characteristic value does not exist in the deduplication storage, encrypting the data block plaintext corresponding to the hash characteristic value, and transmitting the encrypted data block plaintext to the deduplication storage to finish storage encryption and deduplication.
In a specific implementation manner of the embodiment of the present invention, as shown in fig. 2, if there is no hash feature value in the deduplication storage, encrypting a plaintext of a data block corresponding to the hash feature value, and transmitting the encrypted plaintext to the deduplication storage specifically includes the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on a data set S (namely a data set which needs to be encrypted and deleted), and stores the asymmetric key pair Kp and Ki in a user key index stored in the deleting device, wherein Kp is a public key and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the data block plaintext Dt to an obfuscated value Sa (the obfuscated value may be randomly generated) to generate a data encryption key Kd;
generating a data block ciphertext De for the data block plaintext Dt through an encryption algorithm by using a data encryption key Kd, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted by using a private key Ki for A, and is stored in a data set metadata index in deduplication storage as metadata of a data set S user A, so that the security of the data encryption key Kd can be protected, the Kd cannot be acquired by other users, and different user encryption Kd use the own key Ki of the user.
In a specific implementation manner of the embodiment of the present invention, the encrypting the data encryption key Kd with the private key Ki, and after the step of storing the metadata as metadata of the data set S in the metadata index of the data set stored in the deduplication module, the encrypting further includes:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
In a specific implementation manner of the embodiment of the present invention, after the step of respectively comparing the feature values with the feature data index query stored in the deduplication storage, the method further includes:
if a certain characteristic value exists in the deduplication storage, increasing the corresponding data block plaintext reference count by 1 on the characteristic data index, and marking that the data block plaintext has different places to use;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
In a specific implementation manner of the embodiment of the present invention, the method for calculating the hash feature value specifically includes: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
In summary, the following steps:
for the security of encrypted data, different encryption keys are used for different user different data sets, and ciphertexts of the same source data encrypted by different keys are different, so that the traditional deduplication algorithm cannot process the same type of source data. The invention generates a unique and safe encryption key according to different characteristics of the source data, thereby not only ensuring the safety of the data, but also ensuring the accessibility of the data, and being capable of removing the duplication of the encrypted data.
Example 2
The embodiment of the invention provides a system for storage encryption and deduplication, which comprises a production server, a network switch and a deduplication storage device, wherein the production server, the network switch and the deduplication storage device are sequentially connected with one another as shown in fig. 3;
the production server performs variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
the production server calculates the hash characteristic value of each data block plaintext;
the production server respectively compares each hash characteristic value with the characteristic data index query stored in the deduplication storage;
and if the hash characteristic value does not exist in the deduplication storage, the production server encrypts the data block plaintext corresponding to the hash characteristic value and transmits the data block plaintext to the deduplication storage through the network switch to finish storage encryption and deduplication.
In a specific implementation manner of the embodiment of the present invention, as shown in fig. 2, if there is no hash feature value in the deduplication storage, encrypting a plaintext of a data block corresponding to the hash feature value, and transmitting the encrypted plaintext to the deduplication storage specifically includes the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on the data set S, and stores the asymmetric key pair Kp and Ki in a user key index which is deleted repeatedly, wherein Kp is a public key, and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the plaintext of the data block to the obfuscated value Sa to generate a data encryption key Kd;
generating a data block ciphertext De by using a data encryption key Kd for the data block plaintext through an encryption algorithm, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted using the private key Ki for a and stored as metadata of the data set S in the deduplication stored data set metadata index.
In a specific implementation manner of the embodiment of the present invention, the encrypting the data encryption key Kd with the private key Ki, and after the step of storing the metadata as metadata of the data set S in the metadata index of the data set stored in the deduplication module, the encrypting further includes:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
In a specific implementation manner of the embodiment of the present invention, after the step of respectively comparing the feature values with the feature data index query stored in the deduplication storage, the method further includes:
if a certain characteristic value exists in the deduplication storage, increasing the plaintext reference count of the corresponding data block by 1 on the characteristic data index;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
In a specific implementation manner of the embodiment of the present invention, the method for calculating the hash feature value specifically includes: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (10)
1. A method for storage encryption deduplication, comprising:
carrying out variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
calculating the hash characteristic value of each data block plaintext;
respectively comparing each hash characteristic value with the characteristic data index query stored in the deduplication storage;
and if the hash characteristic value does not exist in the deduplication storage, encrypting the data block plaintext corresponding to the hash characteristic value, and transmitting the encrypted data block plaintext to the deduplication storage to finish storage encryption and deduplication.
2. The method according to claim 1, wherein if there is no hash eigenvalue in the deduplication storage, encrypting a plaintext of a data block corresponding to the hash eigenvalue and transmitting the plaintext to the deduplication storage, specifically comprises the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on the data set S, and stores the asymmetric key pair Kp and Ki in a user key index which is deleted repeatedly, wherein Kp is a public key, and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the plaintext of the data block to the obfuscated value Sa to generate a data encryption key Kd;
generating a data block ciphertext De by using a data encryption key Kd for the data block plaintext through an encryption algorithm, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted using the private key Ki for a and stored as metadata of the data set S in the deduplication stored data set metadata index.
3. The method of claim 2, wherein the data encryption key Kd encrypted using the private key Ki is stored as metadata of a data set S in a deduplication stored data set metadata index further comprising, after the step of:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
4. The method according to claim 1, wherein the step of comparing the respective eigenvalue with the index query of the eigenvalue stored in the deduplication storage further comprises:
if a certain characteristic value exists in the deduplication storage, increasing the plaintext reference count of the corresponding data block by 1 on the characteristic data index;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
5. The method for storage encryption deduplication as claimed in claim 1, wherein the calculation method of the hash feature value is specifically: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
6. A system for storage encryption deduplication, comprising: the system comprises a production server, a network switch and a deduplication storage which are connected in sequence;
the production server performs variable-length blocking on the source data plaintext by using a blocking algorithm to obtain a plurality of data block plaintexts;
the production server calculates the hash characteristic value of each data block plaintext;
the production server respectively compares each hash characteristic value with the characteristic data index query stored in the deduplication storage;
and if the hash characteristic value does not exist in the deduplication storage, the production server encrypts the data block plaintext corresponding to the hash characteristic value and transmits the data block plaintext to the deduplication storage through the network switch to finish storage encryption and deduplication.
7. The system according to claim 6, wherein if there is no hash eigenvalue in the deduplication storage, the plaintext of the data block corresponding to the hash eigenvalue is encrypted and transmitted to the deduplication storage, and the method specifically includes the following steps:
the user A generates an asymmetric key pair Kp and Ki by using an asymmetric encryption algorithm based on the data set S, and stores the asymmetric key pair Kp and Ki in a user key index which is deleted repeatedly, wherein Kp is a public key, and Ki is a private key;
acquiring a data block plaintext corresponding to the hash characteristic value;
adding the hash characteristic value of the plaintext of the data block to the obfuscated value Sa to generate a data encryption key Kd;
generating a data block ciphertext De by using a data encryption key Kd for the data block plaintext through an encryption algorithm, and storing the data block ciphertext De in a deduplication data set stored in deduplication;
the data encryption key Kd is encrypted using the private key Ki for a and stored as metadata of the data set S in the deduplication stored data set metadata index.
8. A system for storage encryption deduplication as described in claim 7, wherein the data encryption key Kd encrypted using the private key Ki further comprises, after the step of saving metadata for the data set S in the deduplication stored data set metadata index:
when a user needs to obtain the plaintext of an original data block, a corresponding public key Kp is obtained from a user key index according to user authentication information by utilizing deduplication storage, metadata of a data set S is obtained from a data set metadata index, an encryption key Kd of the data set S is obtained by decrypting the obtained public key Kp of the user, and the ciphertext De of the data block is decrypted by using the Kd to obtain the plaintext of the original data block.
9. The system for storage encryption deduplication as claimed in claim 6, wherein the step of comparing each eigenvalue with the index query of the eigenvalue on the deduplication storage further comprises:
if a certain characteristic value exists in the deduplication storage, increasing the plaintext reference count of the corresponding data block by 1 on the characteristic data index;
when the data is deleted, the corresponding data block plaintext reference count is decreased, and when the data block plaintext reference count is 0, the corresponding data block plaintext is indicated to be discardable.
10. The system for storage encryption deduplication as claimed in claim 6, wherein the hash feature value is calculated by: and carrying out hash calculation on the plaintext of the data block by using a hash algorithm to generate a hash characteristic value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011462625.1A CN112637153B (en) | 2020-12-14 | 2020-12-14 | Method and system for storing encryption and deduplication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011462625.1A CN112637153B (en) | 2020-12-14 | 2020-12-14 | Method and system for storing encryption and deduplication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112637153A true CN112637153A (en) | 2021-04-09 |
| CN112637153B CN112637153B (en) | 2024-02-20 |
Family
ID=75312325
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011462625.1A Active CN112637153B (en) | 2020-12-14 | 2020-12-14 | Method and system for storing encryption and deduplication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112637153B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530201A (en) * | 2013-07-17 | 2014-01-22 | 华中科技大学 | Safety data repetition removing method and system applicable to backup system |
| CN103699854A (en) * | 2013-12-31 | 2014-04-02 | 华为技术有限公司 | Data storing method, data access method and storing equipment |
| CN104932841A (en) * | 2015-06-17 | 2015-09-23 | 南京邮电大学 | Saving type duplicated data deleting method in cloud storage system |
| US20160124704A1 (en) * | 2014-10-30 | 2016-05-05 | Samsung Electronics Co., Ltd. | Method and electronic device for storing audio data |
| CN106612320A (en) * | 2016-06-14 | 2017-05-03 | 四川用联信息技术有限公司 | Encrypted data dereplication method for cloud storage |
| AU2019101343A4 (en) * | 2019-11-05 | 2019-12-12 | Anson, Mark Rodney Mr | A computer system implemented method for generating a symmetric encryption key for encrypting and decrypting secure data |
| CN110569245A (en) * | 2019-09-10 | 2019-12-13 | 天津理工大学 | Fingerprint index prefetching method based on reinforcement learning in data de-duplication system |
| CN111143343A (en) * | 2019-12-27 | 2020-05-12 | 南京壹进制信息科技有限公司 | Data efficient deleting method and system based on source-end deduplication |
-
2020
- 2020-12-14 CN CN202011462625.1A patent/CN112637153B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530201A (en) * | 2013-07-17 | 2014-01-22 | 华中科技大学 | Safety data repetition removing method and system applicable to backup system |
| CN103699854A (en) * | 2013-12-31 | 2014-04-02 | 华为技术有限公司 | Data storing method, data access method and storing equipment |
| US20160124704A1 (en) * | 2014-10-30 | 2016-05-05 | Samsung Electronics Co., Ltd. | Method and electronic device for storing audio data |
| CN104932841A (en) * | 2015-06-17 | 2015-09-23 | 南京邮电大学 | Saving type duplicated data deleting method in cloud storage system |
| CN106612320A (en) * | 2016-06-14 | 2017-05-03 | 四川用联信息技术有限公司 | Encrypted data dereplication method for cloud storage |
| CN110569245A (en) * | 2019-09-10 | 2019-12-13 | 天津理工大学 | Fingerprint index prefetching method based on reinforcement learning in data de-duplication system |
| AU2019101343A4 (en) * | 2019-11-05 | 2019-12-12 | Anson, Mark Rodney Mr | A computer system implemented method for generating a symmetric encryption key for encrypting and decrypting secure data |
| CN111143343A (en) * | 2019-12-27 | 2020-05-12 | 南京壹进制信息科技有限公司 | Data efficient deleting method and system based on source-end deduplication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112637153B (en) | 2024-02-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11023477B2 (en) | Method and system for fuzzy keyword search over encrypted data | |
| EP3356988B1 (en) | Method and system for verifiable searchable symmetric encryption | |
| Raykova et al. | Secure anonymous database search | |
| WO2019178958A1 (en) | Data encryption method, data query method, data encryption apparatus, data query apparatus, device and storage medium | |
| CN108400970B (en) | Similar data message locking, encrypting and de-duplicating method in cloud environment and cloud storage system | |
| CN112270006A (en) | Searchable encryption method for hiding search mode and access mode in e-commerce platform | |
| Yao et al. | Privacy-preserving search over encrypted personal health record in multi-source cloud | |
| CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
| CN108768639B (en) | Public key order-preserving encryption method | |
| CN112800445B (en) | Boolean query method for forward and backward security and verifiability of ciphertext data | |
| CN110602099A (en) | Privacy protection method based on verifiable symmetric searchable encryption | |
| CN107094075B (en) | Data block dynamic operation method based on convergence encryption | |
| Zhang et al. | Dynamic and Efficient Private Keyword Search over Inverted Index--Based Encrypted Data | |
| CN113067702A (en) | Identity-based encryption method supporting ciphertext equivalence test function | |
| CN110851848B (en) | Privacy protection method for symmetric searchable encryption | |
| CN115580402A (en) | Data hiding query method for secure multi-party computation | |
| CN113434739B (en) | Forward-safe multi-user dynamic symmetric encryption retrieval method in cloud environment | |
| CN108011713B (en) | Ciphertext retrieval method based on homomorphic encryption in cloud storage | |
| Park et al. | PKIS: practical keyword index search on cloud datacenter | |
| Liu et al. | Multi-user image retrieval with suppression of search pattern leakage | |
| CN112637153B (en) | Method and system for storing encryption and deduplication | |
| Pang et al. | Privacy-preserving noisy keyword search in cloud computing | |
| CN113065146A (en) | Homomorphic encryption method for block chain data protection | |
| CN115361218B (en) | Cloud data existence verification method with query hiding characteristic | |
| CN116599768B (en) | Data encryption method for private data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: Building 1, 6th Floor, Changfeng Building, No.14 Xinghuo Road, Research and Innovation Park, Jiangbei New District, Nanjing City, Jiangsu Province, 210031 Applicant after: Aerospace One System (Jiangsu) Information Technology Co.,Ltd. Address before: 210014 Building C, Building 3, No. 5 Baixia High-tech Park, No. 5 Yongzhi Road, Qinhuai District, Nanjing City, Jiangsu Province Applicant before: NANJING UNARY INFORMATION TECHNOLOGY Co.,Ltd. Country or region before: China |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |