CN113872934A - Encryption platform based on micro-service architecture - Google Patents
Encryption platform based on micro-service architecture Download PDFInfo
- Publication number
- CN113872934A CN113872934A CN202110967239.6A CN202110967239A CN113872934A CN 113872934 A CN113872934 A CN 113872934A CN 202110967239 A CN202110967239 A CN 202110967239A CN 113872934 A CN113872934 A CN 113872934A
- Authority
- CN
- China
- Prior art keywords
- encryption
- decryption
- platform
- information
- algorithms
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims abstract description 24
- 230000008569 process Effects 0.000 claims abstract description 20
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 230000003993 interaction Effects 0.000 claims abstract description 5
- 238000012545 processing Methods 0.000 claims abstract description 5
- 238000011161 development Methods 0.000 claims description 8
- 230000000694 effects Effects 0.000 claims description 7
- 230000008878 coupling Effects 0.000 claims description 4
- 238000010168 coupling process Methods 0.000 claims description 4
- 238000005859 coupling reaction Methods 0.000 claims description 4
- 238000012423 maintenance Methods 0.000 claims description 4
- 230000008520 organization Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an encryption platform based on a micro-service architecture, which comprises the following steps: a1, before data interaction between platforms and ports is carried out in the background, encryption processing is carried out on user information and service information according to a certain operation rule to carry out server deployment, a2, encrypted client information is hidden in request information through an encryption platform interface, a3, encryption and decryption algorithms of corresponding platforms are automatically called and processed through various mixed encryption algorithms, a4, the encryption and decryption platforms are deployed in an intranet environment and accessed through an internal VPN channel, and the safety and the privacy of information transmission in the calling process are guaranteed. The scheme can realize different encryption and decryption methods for different platforms and ports, greatly improves the safety of each platform and port, provides on-line encryption and decryption services, also provides encryption and decryption interface services, and can reduce the time cost of a developer for integrating encryption and decryption algorithms.
Description
Technical Field
The invention relates to the technical field of internet, in particular to an encryption platform based on a micro-service architecture.
Background
With the rapid promotion of user quantity and service quantity, how to ensure the safety of information becomes an important problem, user information and service information are firstly encrypted according to a certain operation rule before each platform and each port carry out data interaction in the background, so that the original contents of the user information and the service information are lost, and then the user information and the service information are hidden in request information, so that the transmitted information is safer, even if an attacker captures the encrypted information, the content of the encrypted information hidden in the background cannot be distinguished, and the safety of the user information and the service information is greatly protected.
The existing encryption platform is an encryption system used in communication of each platform in a company, is used for supporting encryption and decryption services of technical departments, cannot realize services for providing encryption and decryption algorithms for different platforms and ports, cannot isolate encryption and decryption of the platforms and the ports, reduces the safety of the platforms and the ports, cannot prevent the encryption algorithm of one port from being cracked, and causes information security leakage accidents that other platforms are cracked.
Disclosure of Invention
The invention aims to provide an encryption platform based on a micro-service architecture, and aims to solve the problems that the existing encryption platform based on the background technology cannot realize the service of providing encryption and decryption algorithms for different platforms and ports, the encryption and decryption of the platforms and the ports cannot be isolated, the safety of the platforms and the ports is reduced, the encryption algorithm of one port cannot be prevented from being cracked, and the information security leakage accidents that other platforms are cracked are caused.
In order to achieve the purpose, the invention provides the following technical scheme: an encryption platform based on a micro-service architecture comprises the following steps:
a1, before data interaction between each platform and each port in the background, encrypting user information and service information according to a certain operation rule to deploy a server;
a2, hiding the encrypted client information into the request information through the encryption platform interface;
a3, automatically calling encryption and decryption algorithms of corresponding platforms, and processing by multiple mixed encryption algorithms;
a4, the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, so that the safety and the privacy of information transmission in the calling process are ensured;
a5, when decrypting, firstly decrypting the first block of the ciphertext, and then enabling the result and the IV to obtain the decryption effect.
Preferably, the encryption and decryption platform bottom layer uses an AES-CBC mode encryption and decryption algorithm as a basis, the AES algorithm is packaged, different encryption and decryption algorithms are executed according to different platforms, and therefore the data encryption and decryption process is simplified.
Preferably, the encryption and decryption platform uses a SpringBoot micro-service architecture, the development process is simple and direct, centralized management is realized, the code coupling rate is low, and the development and maintenance of internal personnel are facilitated.
Preferably, the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, so that the security and the privacy of information transmission in a calling process are ensured.
Preferably, the AES-CBC mode encryption needs an initialization vector during encryption and decryption, and the initialization vector is used for XOR with plaintext or ciphertext before or after each encryption or decryption.
Preferably, in the decryption, the first block of the ciphertext is decrypted, and the decryption effect is obtained by comparing the result with the IV.
Preferably, the encryption and decryption function of the configuration center accesses a next/encrypt and/decrypt endpoint to perform encryption and decryption functions, where the two endpoints are both POST requests, and the encryption and decryption information needs to be sent through a request body, and taking a curl command as an example, the encryption and decryption endpoints can be called.
Preferably, the asymmetric key configuration is to configure the information related to the keystore according to the environment variables to obtain better security, so that sensitive password information is stored in the environment variables of the configuration center to be selected, and the degree of key configuration is high.
Compared with the prior art, the invention has the beneficial effects that:
1) the platform can realize different encryption and decryption methods for different platforms and ports, greatly improves the safety of each platform and port, provides on-line encryption and decryption services, also provides encryption and decryption interface services, and can reduce the time cost of a developer for integrating encryption and decryption algorithms;
2) the encryption and decryption platform executes the encryption and decryption algorithms according to the source parameters transmitted by the user, and returns the encrypted and decrypted contents to the user after the execution is finished, so that the risk that the encryption and decryption algorithms are leaked at the front end can be avoided, the encryption and decryption service records the logs of the encryption and decryption process at the same time, and the calling records of the user are convenient to trace;
3) the encryption platform is an encryption system used in communication of each platform in a company, is used for supporting encryption and decryption services of technical departments, realizes services for providing encryption and decryption algorithms for different platforms and ports, realizes encryption and decryption isolation of different platforms and ports, improves safety of different platforms and ports, and effectively prevents information security leakage accidents caused by the fact that encryption algorithms of a certain port are cracked and other platforms are also cracked.
Drawings
FIG. 1 is a schematic view of the flow structure of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Referring to fig. 1, the present invention provides a technical solution: an encryption platform based on a micro-service architecture comprises the following steps:
a1, before data interaction between each platform and each port in the background, encrypting user information and service information according to a certain operation rule to deploy a server;
a2, hiding the encrypted client information into the request information through the encryption platform interface;
a3, automatically calling encryption and decryption algorithms of corresponding platforms, and processing by multiple mixed encryption algorithms;
a4, the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, so that the safety and the privacy of information transmission in the calling process are ensured;
a5, when decrypting, firstly decrypting the first block of the ciphertext, and then enabling the result and the IV to obtain the decryption effect.
The encryption and decryption platform bottom layer uses an AES-CBC mode encryption and decryption algorithm as a basis, the AES algorithm is packaged, different encryption and decryption algorithms are executed according to different platforms, and therefore the data encryption and decryption process is simplified.
The encryption and decryption platform uses a SpringBoot micro-service architecture, the development process is simple and direct, centralized management is realized, the code coupling rate is low, and the development and maintenance of internal personnel are facilitated.
The encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, and the safety and the privacy of information transmission in the calling process are guaranteed.
AES-CBC mode encryption requires an initialization vector for encryption and decryption, and the initialization vector is used for XOR with plaintext or ciphertext before or after each encryption or decryption.
When decrypting, the first block of the ciphertext is decrypted, and the result and the IV are different to obtain the decryption effect.
The encryption and decryption functions of the configuration center access a next/encrypt and/decrypt endpoint to perform encryption and decryption functions, the two endpoints are POST requests, the encryption and decryption information needs to be sent through a request body, and a curl command is taken as an example, the encryption and decryption endpoints can be called.
The asymmetric key configuration can obtain better security by configuring the related information of the key bank according to the environment variables, so that sensitive password information is stored in the environment variables of the configuration center for selection, and the key configuration degree is high.
The method comprises the following operation steps:
s1, can dispose on the server, offer the uninterrupted encryption and decryption service for users, users only need to call the interface of the encryption platform and can realize the encryption process, no longer need to realize encryption algorithm and encryption and decryption logic locally, this system has provided the front end page and called the entrance of the encryption and decryption service, facilitate users to call the encryption and decryption service manually, after users call the encryption service through the front end, after the encryption backstage receives users and introduces the data needing to encrypt and decrypt, will call the encryption and decryption algorithm of the corresponding platform automatically, after processing through many mixed encryption algorithms, return the encryption result to the front end, the front end shows the encryption result that the encryption service returns on the front end page;
s2, the encryption and decryption platform bottom layer uses an AES-CBC mode encryption and decryption algorithm as a basis, different encryption and decryption algorithms are executed according to different platforms through the AES algorithm being packaged, so that the data encryption and decryption process is simplified, the platform provides an interface calling inlet, a user only needs to transmit contents and sources needing to be encrypted to the encryption and decryption platform, the encryption and decryption platform executes the encryption and decryption algorithms of the corresponding platforms according to source parameters transmitted by the user, the encrypted and decrypted contents are returned to the user after the execution is completed, the risk that the encryption and decryption algorithms are leaked at the front end can be avoided, the encryption and decryption service records logs of the encryption and decryption process at the same time, and the calling records of the user are convenient to trace;
1. the encryption and decryption platform uses a SpringBoot micro-service architecture, the development process is simple and direct, centralized management is realized, the code coupling rate is low, and the development and maintenance of internal personnel are facilitated;
2. the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, so that the safety and the privacy of information transmission in the calling process are guaranteed;
s3, AES-CBC mode encryption needs an initialization vector for encryption and decryption, and the initialization vector and plaintext are used to generate encryption or decryption effects before or after each encryption.
S4, during encryption, firstly carrying out exclusive OR on a plaintext and an IV, then carrying out block encryption on a result to obtain an output which is a ciphertext, and the steps are as follows:
configuration encryption in code
After the configuration information is added, the configuration center is restarted, and then the/encrypt/status endpoint is accessed, and the following contents are obtained:
{
"status":"OK"
}
at this time, the encryption and decryption functions of the configuration center are used, and the encryption and decryption functions are performed by accessing the encryption/decryption and/decryption endpoints, and both endpoints are POST requests, and the encryption and decryption information needs to be sent through a request body, taking a curl command as an example, we can call the encryption and decryption endpoints in the following manner:
$curl localhost:7001/encrypt-d didispace
3c70a809bfa24ab88bcb5e1df51cb9e4dd4b8fec88301eb7a18177f1769c849ae9c9f29400c920480be2c99406ae28c7
$curl localhost:7001/decrypt-d
3c70a809bfa24ab88bcb5e1df51cb9e4dd4b8fec88301eb7a18177f1769c849ae9c9f29400c920480be2c99406ae28c7
didispace
the KEY parameter is configured to specify the implementation mode of the KEY, symmetric encryption is adopted, the implementation mode is simple, only one parameter needs to be configured, and in addition, the environment variable ENCRYPT _ KEY can be used for configuration, so that the KEY information is stored externally.
By non-encryption symmetry, the configuration center can use not only symmetric encryption but also asymmetric encryption (such as RSA key pair), so that higher security is achieved.
Asymmetric encryption requires the generation of a key pair by a keytool, which is a key and certificate management tool in JDK, and enables a user to manage his own public/private key pair and related certificates for self-authentication (by digital signature) (the user authenticates himself to another user/service) or data integrity and authentication services, which is included in later versions of JDK 1.4, and located: % JAVA _ HOME% \ bin \ keytool.
The specific command to generate the key is as follows:
$keytool-genkeypair-alias config-server-keyalg RSA-keystore config-server.keystore
entering the keystore password:
the new password is entered again:
what are your first and last names?
[Unknown]:zhaiyongchao
What is your name of organization unit?
[Unknown]:company
What is your organization name?
[Unknown]:organization
What is your name of the city or area?
[Unknown]:city
What is your province/city/municipality name?
[Unknown]:province
What is the unit's two-letter country/region code?
[Unknown]:china
CN zhahiyougchao, OU ═ company, O ═ organization, L ═ city, ST ═ business, C ═ china, and correct?
[ NO ] y
Entering a Key password for < config-Server >
(if the same as the keystore password, press enter):
the new password is entered again:
in addition, if we do not want to enter those hints step by step, we can use-dname to specify directly, while the keystore password and the key password can be specified directly using-storepass and-keypass.
Therefore, we can directly create the same keystore as the above command by:
$keytool-genkeypair-alias config-server-keyalg RSA\
-dname"CN=zhaiyongchao,OU=company,O=organization,L=city,ST=province,C=china"\
-keypass 222222\
-keystore config-server.keystore\
-storepass 111111\
the above command creates a key with a validity period of only 90 days by default, and if it is desired to adjust the validity period, it can be implemented by adding a validity parameter, for example, the following command can be used to extend the validity period of the key to one year:
$keytool-genkeypair-alias config-server-keyalg RSA\
-dname"CN=zhaiyongchao,OU=company,O=organization,L=city,ST=province,C=china"\
-keypass 222222\
-keystore config-server.keystore\
-storepass 111111\
-validity 365\
the three command generation methods described above will eventually generate a config-server keystore file under the current execution directory of the command, which needs to be stored in a certain location in the file system of the configuration center.
Better security can be obtained by configuring the related information of the key bank through the environment variables, and sensitive password information can be stored in the environment variables of the configuration center as a good choice.
S5, a network request is initiated through an encryption and decryption platform interface, plaintext content and port information are transmitted to an encryption and decryption platform, the platform judges according to interface parameters, the parameters are illegal, error information is directly returned to a requesting party, if the parameters are legal, whether encryption or decryption is judged, if encryption is called, an encryption algorithm is called, otherwise, a decryption algorithm is called, finally, the encrypted and decrypted content is returned to the requesting party, and encryption protection is completed.
Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that various changes, modifications, equivalents, and improvements may be made without departing from the spirit and scope of the invention.
Claims (8)
1. An encryption platform based on a micro-service architecture comprises the following steps:
a1, before data interaction between each platform and each port in the background, encrypting user information and service information according to a certain operation rule to deploy a server;
a2, hiding the encrypted client information into the request information through the encryption platform interface;
a3, automatically calling encryption and decryption algorithms of corresponding platforms, and processing by multiple mixed encryption algorithms;
a4, the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, so that the safety and the privacy of information transmission in the calling process are ensured;
a5, when decrypting, firstly decrypting the first block of the ciphertext, and then enabling the result and the IV to obtain the decryption effect.
2. The microservice architecture-based encryption platform of claim 1, wherein: the encryption and decryption platform bottom layer uses an AES-CBC mode encryption and decryption algorithm as a basis, the AES algorithm is packaged, different encryption and decryption algorithms are executed according to different platforms, the data encryption and decryption process is simplified, the platform provides an interface calling inlet, a user only needs to transmit contents and sources needing to be encrypted to the encryption and decryption platform newly, the encryption and decryption platform executes the encryption and decryption algorithms of the corresponding platforms according to source parameters transmitted by the user, the encrypted and decrypted contents are returned to the user after the execution is completed, the risk that the encryption and decryption algorithms are leaked at the front end can be avoided, the encryption and decryption service simultaneously records logs of the encryption and decryption process, and the calling records of the user are convenient to trace.
3. The microservice architecture-based encryption platform of claim 1, wherein: the encryption and decryption platform uses a SpringBoot micro-service architecture, the development process is simple and direct, centralized management is realized, the code coupling rate is low, and the development and maintenance of internal personnel are facilitated.
4. The microservice architecture-based encryption platform of claim 1, wherein: the encryption and decryption platform is deployed in an intranet environment and accessed through an internal VPN channel, and the safety and the privacy of information transmission in the calling process are guaranteed.
5. A microservice architecture-based encryption platform according to claim 2, characterized in that: the AES-CBC mode encryption needs an initialization vector for encryption and decryption, and the initialization vector is used for XOR with plaintext or ciphertext before or after each encryption or decryption.
6. A microservice architecture-based encryption platform according to claim 2, characterized in that: when decrypting, the first block of the ciphertext is decrypted, and the result is different from the IV to obtain the decryption effect.
7. A microservice architecture-based encryption platform according to claim 2, characterized in that: the encryption and decryption functions of the configuration center access a next/encrypt and/decrypt endpoint to perform encryption and decryption functions, the two endpoints are POST requests, the encryption and decryption information needs to be sent through a request body, and the encryption and decryption endpoints can be called by taking a curl command as an example.
8. A microservice architecture-based encryption platform according to claim 2, characterized in that: the asymmetric key configuration can obtain better security by configuring the related information of the key bank according to the environment variables, so that sensitive password information is stored in the environment variables of the configuration center for selection, and the key configuration degree is high.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110967239.6A CN113872934B (en) | 2021-08-23 | 2021-08-23 | Encryption and decryption platform based on micro-service architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110967239.6A CN113872934B (en) | 2021-08-23 | 2021-08-23 | Encryption and decryption platform based on micro-service architecture |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113872934A true CN113872934A (en) | 2021-12-31 |
| CN113872934B CN113872934B (en) | 2023-10-31 |
Family
ID=78988105
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110967239.6A Active CN113872934B (en) | 2021-08-23 | 2021-08-23 | Encryption and decryption platform based on micro-service architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113872934B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106100842A (en) * | 2016-06-22 | 2016-11-09 | 广西咪付网络技术有限公司 | A kind of dynamic encryption and decryption method and system |
| CN110533317A (en) * | 2019-08-26 | 2019-12-03 | 国网河北省电力有限公司保定供电分公司 | One kind being based on Internet technology mobile job-oriented terminal system and method |
| CN111313545A (en) * | 2020-01-08 | 2020-06-19 | 国网内蒙古东部电力有限公司检修分公司 | Extra-high voltage transmission line on-line monitoring platform based on big data |
| US20200358757A1 (en) * | 2019-05-09 | 2020-11-12 | Sap Se | Provisioning initial keystore for multi-tenant, microservice architecture-based integration service in a cloud computing environment setup |
-
2021
- 2021-08-23 CN CN202110967239.6A patent/CN113872934B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106100842A (en) * | 2016-06-22 | 2016-11-09 | 广西咪付网络技术有限公司 | A kind of dynamic encryption and decryption method and system |
| US20200358757A1 (en) * | 2019-05-09 | 2020-11-12 | Sap Se | Provisioning initial keystore for multi-tenant, microservice architecture-based integration service in a cloud computing environment setup |
| CN110533317A (en) * | 2019-08-26 | 2019-12-03 | 国网河北省电力有限公司保定供电分公司 | One kind being based on Internet technology mobile job-oriented terminal system and method |
| CN111313545A (en) * | 2020-01-08 | 2020-06-19 | 国网内蒙古东部电力有限公司检修分公司 | Extra-high voltage transmission line on-line monitoring platform based on big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113872934B (en) | 2023-10-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6483920B2 (en) | Key recovery process used for strong encryption of messages | |
| US6490679B1 (en) | Seamless integration of application programs with security key infrastructure | |
| US9619632B2 (en) | System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data | |
| US6804777B2 (en) | System and method for application-level virtual private network | |
| US7688975B2 (en) | Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure | |
| CN110489996B (en) | Database data security management method and system | |
| US20050193199A1 (en) | Accessing protected data on network storage from multiple devices | |
| US20060010324A1 (en) | Secure messaging system with derived keys | |
| US20010029581A1 (en) | System and method for controlling and enforcing access rights to encrypted media | |
| US7571467B1 (en) | System and method to package security credentials for later use | |
| US7788710B2 (en) | Architecture and design for central authentication and authorization in an on-demand utility environment using a secured global hashtable | |
| US7266705B2 (en) | Secure transmission of data within a distributed computer system | |
| WO2004107646A1 (en) | System and method for application-level virtual private network | |
| Gittler et al. | The DCE security service | |
| CN101043335A (en) | Information security control system | |
| CN105429962B (en) | A kind of general go-between service construction method and system towards encryption data | |
| CN111597583B (en) | Data sharing and exchanging method based on block chain | |
| CN113992702A (en) | Storage state encryption reinforcing method and system for ceph distributed file system | |
| CN111698203A (en) | Cloud data encryption method | |
| WO2021139338A1 (en) | Data access permission verification method and apparatus, computer device, and storage medium | |
| CN113872934B (en) | Encryption and decryption platform based on micro-service architecture | |
| CN112131597A (en) | Method and device for generating encrypted information and intelligent equipment | |
| JP2000112860A (en) | Method for safe information transmitting/sharing service | |
| US20230297708A1 (en) | System and method for managing data-file transmission and access right to data files | |
| JP2002135239A (en) | Encryption data distribution service system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |