CN116089986A - Electronic document management method, device, equipment and medium capable of configuring security policy - Google Patents

Electronic document management method, device, equipment and medium capable of configuring security policy Download PDF

Info

Publication number
CN116089986A
CN116089986A CN202310364498.9A CN202310364498A CN116089986A CN 116089986 A CN116089986 A CN 116089986A CN 202310364498 A CN202310364498 A CN 202310364498A CN 116089986 A CN116089986 A CN 116089986A
Authority
CN
China
Prior art keywords
document module
document
module
key
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310364498.9A
Other languages
Chinese (zh)
Other versions
CN116089986B (en
Inventor
钟一民
郭峰
顾燕福
张晋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Tiangu Information Technology Co ltd
Original Assignee
Shenzhen Tiangu Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Tiangu Information Technology Co ltd filed Critical Shenzhen Tiangu Information Technology Co ltd
Priority to CN202310364498.9A priority Critical patent/CN116089986B/en
Publication of CN116089986A publication Critical patent/CN116089986A/en
Application granted granted Critical
Publication of CN116089986B publication Critical patent/CN116089986B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Abstract

The embodiment of the invention discloses an electronic document management method, an electronic document management device, computer equipment and a storage medium capable of configuring a security policy, and relates to the technical field of security. The method comprises the following steps: acquiring a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; determining an encrypted document module with reading authority of a receiver as a target encrypted document module based on the confidentiality grade of the receiver to the confidentiality grade and the confidentiality grade of the encrypted document module; based on the secret level private key of the secret class of the receiver, decrypting the target encrypted document module to obtain the document module corresponding to the target encrypted document module, so that each receiver can only read the document module with the reading authority, and the secret requirement of the electronic document cross-organization online cooperation scene is met.

Description

Electronic document management method, device, equipment and medium capable of configuring security policy
Technical Field
The present invention relates to the field of security technologies, and in particular, to a method, an apparatus, a computer device, and a storage medium for managing an electronic document with a configurable security policy.
Background
In the current file management technology, there is a concept of security level, for example, classified into four levels according to security attribute from high to low: secret, confidential, secret, non-secret. If a user belongs to the confidential level, the files with the confidential level and the levels below can be read; if a user belongs to the confidentiality level, the files with the confidentiality level and below can be read, but the files with the confidentiality level cannot be read; similarly, a user with security level can read the document with security level and a user with non-security level can only read the document with non-security level.
However, in the scenario of online collaboration of electronic documents across organizations, the above manner of setting the security level of the document often cannot fully meet the actual requirements. Specifically, for the same electronic document, the security policies of different organizations on the sensitive information are different, the definition and classification of the sensitive information and the reader thereof are different, the security level definition of the sensitive information of different classifications is also different, and the role authority of the reader is also different. Obviously, if only one security level is set for the electronic document, the security requirement of the above scenario cannot be met. Meanwhile, there are also the following problems:
First, the security policy cannot be shared between different organizations, otherwise the internal information of the organization is revealed.
Secondly, even if two different organizations share a security policy, if a document processing member needs to process a document according to the security policy of the other organization, the document processing member will bear excessive document processing work, so that the problems of complex operation, low performance and the like in terms of user experience are caused, and finally the working efficiency of the document processing member is reduced.
Third, even if the user can bear the above problem, since different keys are required to be maintained for sensitive information of different roles and different properties, and ciphertext encrypted by using different keys is stored, the workload of key management and the storage amount of ciphertext will be large, and especially when the document receiver is more or the security policy of the document receiver is more complex, the workload of key management and the storage amount of ciphertext will be linearly increased. Since the key is critical data that can directly decrypt the sensitive information, a greater number of keys also represents a greater risk of exposing the sensitive information to the system.
Disclosure of Invention
The embodiment of the invention provides an electronic document management method, device, computer equipment and storage medium capable of configuring a security policy, which aim to solve the problem that the security requirement of a cross-organization online collaboration scene of an electronic document cannot be met in the existing document security.
In a first aspect, an embodiment of the present invention provides an electronic document management method capable of configuring a security policy, where an electronic document management system includes an identification password server, a document management server, and a receiver terminal, sensitive information in an electronic document is divided into document modules, the document modules are set with security classes and security levels, and a security level private key of each security class of a receiver are preset in the receiver terminal, and the method is applied to the receiver terminal, and includes:
acquiring a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade;
determining an encrypted document module with reading authority of the receiver as a target encrypted document module based on the confidentiality grade of the receiver to the confidentiality category and the confidentiality grade of the encrypted document module;
and decrypting the target encrypted document module based on the secret level private key of the secret class of the receiver to obtain the document module corresponding to the target encrypted document module.
In a second aspect, an embodiment of the present invention provides an electronic document management method capable of configuring a security policy, where an electronic document management system includes a sender terminal, an identification password server, a document management server, and a receiver terminal for executing the method of the first aspect, sensitive information in an electronic document is divided into document modules, and the method is applied to the sender terminal, and includes:
generating a document module key of the document module;
encrypting the document module through the document module key to obtain an encrypted document module;
generating a document module temporary private key of the document module aiming at the receiver terminal, and generating a document module temporary public key corresponding to the document module temporary private key;
the public key of the receiver terminal, the public key of the identification password server and the temporary private key of the document module are calculated based on a preset bilinear pair function to obtain a document module key encryption key aiming at the receiver terminal;
encrypting the document module key by the document module key encryption key to obtain an encrypted document module key;
and generating a final document based on the encrypted document module, the document module temporary public key and the encrypted document module key, and transmitting the final document to a document management server.
In a third aspect, an embodiment of the present invention provides an electronic document management method capable of configuring a security policy, an electronic document management system including a sender terminal for executing the method according to the second aspect, an identification password server, a document management server, and a receiver terminal for executing the method according to the first aspect, sensitive information in an electronic document being divided into document modules, the document modules being set with a security class and a security level, the method being applied to the document management server, the method comprising:
receiving a final document sent by a sender terminal, wherein the final document comprises an encrypted document module, a temporary public key of the document module and a secret key of the encrypted document module;
generating a receiver temporary private key and acquiring a receiver temporary public key corresponding to the receiver temporary private key;
according to a preset public key of the confidentiality class of the document module, a preset system public key of the confidentiality class of the document module and the temporary private key of the receiver, calculating a class key of the confidentiality class of the document module based on a preset bilinear pair function;
encrypting a temporary public key of the document module corresponding to the document module based on a hierarchical key of the security level of the document module to obtain an encrypted temporary public key of the document module corresponding to the document module;
And generating a document with a security policy based on the encrypted document module, the encrypted document module temporary public key and the encrypted document module key.
In a fourth aspect, an embodiment of the present invention further provides an electronic document management apparatus with a configurable security policy, which includes a unit for executing the above method.
In a fifth aspect, an embodiment of the present invention further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the method when executing the computer program.
In a sixth aspect, embodiments of the present invention also provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the above method.
According to the technical scheme, sensitive information in an electronic document is divided into document modules, and security categories and security levels of the document modules are set; the receiving side sets a security level and a security level private key for each security class. The receiving terminal obtains a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade; the receiving party terminal determines the encrypted document module with the reading authority of the receiving party as a target encrypted document module based on the confidentiality grade of the receiving party on the confidentiality grade and the confidentiality grade of the encrypted document module; the receiving party terminal decrypts the target encrypted document module based on the secret grade private key of the secret class of the receiving party to obtain the document module corresponding to the target encrypted document module, so that each receiving party can only read the document module with the reading authority, and the secret requirement of the electronic document cross-organization online collaboration scene is met.
The invention has the beneficial effects that:
the invention endows the document receiver with the capability of customizing the confidentiality classification, confidentiality level and access role of the sensitive information of the electronic document, can meet the requirement of the document receiver on the custom setting confidentiality strategy, greatly improves the flexibility of the scheme, expands the application scene of the scheme, and does not increase larger key storage amount or ciphertext storage amount;
2, the sensitive information is ciphertext in the final document sent to the document manager, so that any network member irrelevant to the sensitive information of the electronic document comprises the document manager and cannot acquire the sensitive information;
the document management service is used for managing the security policies, so that the security policies among different organizations are prevented from being exposed when the documents are in online collaboration, or the workload caused by processing the security policies by the two parties is avoided, and the workload of each party in online collaboration of the documents is greatly reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic view of an application scenario of an electronic document management method capable of configuring security policies according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a method for managing an electronic document with configurable security policies according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of a method for managing an electronic document with configurable security policies according to an embodiment of the invention;
FIG. 4 is a schematic flow chart of another method for managing electronic documents with configurable security policies according to an embodiment of the invention;
FIG. 5 is a schematic block diagram of an electronic document management apparatus with configurable security policies according to an embodiment of the invention;
FIG. 6 is another schematic block diagram of an electronic document management apparatus with configurable security policies in accordance with an embodiment of the invention;
FIG. 7 is a further schematic block diagram of an electronic document management apparatus with configurable security policies in accordance with an embodiment of the invention;
fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that some, but not all embodiments of the invention are described. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Referring to fig. 1, fig. 1 is a schematic view of an application scenario of an electronic document management method capable of configuring security policies according to an embodiment of the present invention. As shown in fig. 1, the electronic document management system includes a sender terminal 100, an identification password server 300, a document management server 200, and a receiver terminal 400. The sender terminal 100, i.e., the terminal used by the sender, identifies the password server 300, i.e., the server set up by the key manager, the document management server 200, i.e., the server set up by the document manager, and the receiver terminal 400, i.e., the terminal used by the document receiver. The document sender: is responsible for electronic document sketching and basic encryption; document manager: the method is responsible for encrypting the classification and grading of the electronic documents and forwarding the electronic documents; key management side: is responsible for the management of key related services; the document receiving side: organizations that have a need to review electronic documents include organization members of various security levels. It will be appreciated that a scene document sender may be interchangeable with a document receiver for cross-organizational online collaboration of electronic documents.
The technical scheme of the embodiment of the invention needs to perform the following preparation work in advance:
preparation 1, identification password system construction
The key management side builds an identification password server with a private key s and a public key Pub.
The identification password server issues a private key ska=s×h (IDA) for a document sender a (sender terminal), and issues a private key skb=s×h (IDB) for a document receiver B (receiver terminal), where s is a private key of the identification password server, H refers to a hash function, IDA refers to an ID (identification number) of the document sender a, and IDB refers to an ID of the document receiver B.
For example, when the document receiver B is an organization, each member of the document receiver B is assigned with SKB; or the SKB is placed in the equipment appointed by the document receiver B, and each member of the document receiver B logs in the equipment through the existing identity authentication technology, so that the SKB can be called.
Preparation 2, determination of privacy policy
The representative of the document receiver B proposes a security policy specific to the document receiver B to the document manager.
Wherein the representative of the document recipient has the highest document reading rights within the organization, i.e., the security level obtained by the representative is the highest within the organization for each security class.
The security policy includes:
(1) The security class and the security level of the document module are classified, namely the module security policy.
(2) The role type of each member of the document receiver, namely the role security policy.
Preparation 21, determination of module security policy
Among all document types of the document online collaboration, a document receiver firstly divides and classifies sensitive fields of all document types, and obtains L secret categories, namely 1-L categories, according to different content attributes of the document types; l is an integer of 1 or more.
For example, a representative from document receiver B classifies the privacy categories of all sensitive information into 4 categories, namely signer information (category 1), target information (category 2), financial information (category 3), legal terms information (category 4); the representative of the document receiver C classifies the original document module into 2 categories, namely legal information (type 1) and financial information (type 2); the representative of the document recipient D classifies the original document module into 3 categories, namely signer information (category 1), transaction information (category 2), legal terms information (category 3).
According to the requirement of the document receiver on security level setting, the highest security level of the sensitive information in the document is set as M, namely the security level is 0~M, and the total security level is M+1.
And then the document receiver B carries out security level division on each security category to obtain the security level of all the document modules. The security level of the document module refers to the security level of the document module under the security class to which it belongs. For example, after the document receiver B classifies the document sensitive data into 4 types, security levels are set for the document modules under each security type.
Preparation 22, determination of role security policy
The document receiver is internally provided with a plurality of role types (namely a plurality of receivers), and the reading rights of each security category are respectively and correspondingly configured for each role type.
The role security policy may be represented by a role security policy table containing security levels of a plurality of different roles to document modules of different security categories.
The document receiver opens member accounts at the document manager, and each account can be associated with 1 or more roles.
For example, in one embodiment, the role security policy table for document recipient B is shown in table 1 below.
Figure SMS_1
Table 1 role privacy policy table for document receiver B
It can be seen that the security class of the document module among all document types that the document receiver B may receive may be classified into 4 kinds, and the role of the document receiver B is classified into 6 kinds. Aiming at the role type of the financial staff of the document receiver B, according to the information in the table 1, a list of information corresponding to the financial staff is taken out, and the information which can be read by the financial staff is signing party information and target information with the security level of 1 or less, financial information with the security level of 2 or less and legal term information with the security level of 0; any higher security document module is not readable, such as signer information and target information with security levels above 1, financial information with security levels above 2, and legal provision information with security levels above 0. For each role type, a rank key will be issued for each security class later, for example, for the financial officer described above, 4 rank keys will be issued, plus the storage or recall capability for the SKB, the financial officer will be able to decrypt all document modules in all document types, and the amount of key maintenance is not great.
Preparation 3, generating a secret key conforming to a security policy
For any one security class T of the document receiver B, according to the definition of the identification cryptography, the public key pkt=h (idb||idt) of the security class T can be obtained, and the private key skt=s|pkt of the security class T, wherein PKT refers to the public key of the security class T, H refers to the hash function, IDB refers to the ID of the document receiver B, IDT refers to the ID of the security class T, and s is the private key for identifying the cryptographic server.
The identification password server generates a privacy level private key for a plurality of privacy levels of the privacy class T. If the security level is not the highest level, the security level private key of the security level is calculated from the security level private key of the security level higher by one level, namely SKT (i-1) =st (i-1) ×pkt, where sT (i-1) =hsk (SKTi) is the system private key of the (i-1) th security level, SKTi is the security level private key of the i th security level, HSK is a hash function, SKT (i-1) is the security level private key of the (i-1) th security level, and PKT is the public key of the security class T.
If the security level is the highest level, the security level private key of the security level is calculated from the private key SKT of the security class T, that is SKT (M) =st (M) ×pkt, where sT (M) =hsk (SKT) is the system private key of the mth security level, SKT is the private key of the security class T, HSK is a hash function, PKT is the public key of the security class T, SKT (M) is the security level private key of the mth security level, and M refers to the highest level of the security class T.
The system public key pubti= sTi ×p identifying a plurality of security levels of the security class T generated by the cryptographic server and disclosed. Wherein PubTi is the system public key of the ith security level, sTi is the system private key of the ith security level, P is the generator of the identification password server, and i is 0 or a positive integer less than or equal to M.
For example, when m=2,
skt2=st2×pkt, where St2=hsk (SKT)
Skt1=st1×pkt, where st1=hsk (SKT 2)
Skt0=st0×pkt, where st0=hsk (SKT 1)
PubT2=sT2*P,PubT1=sT1*P,PubT0=sT0*P。
The identification password server sends the secret level private key SKTi of the ith secret level of the secret class T to the recipients (a specific recipient terminal in the document recipients B) of the document recipients B with reading authority for the ith secret level of the secret class T, respectively. For example, the security levels of the aforementioned financial staff for signer information (class 1), subject information (class 2), financial information (class 3), legal term information (class 4) are respectively level 1, level 2, level 0, so that the security level private keys received by the financial staff are SK11, SK21, SK32, SK40.
Referring to fig. 2, in the embodiment of the present invention, for a sender terminal, the following steps are mainly performed: S11-S16.
S11, generating a document module key of the document module.
In specific implementation, after the document sender A composes the electronic document, the electronic document is divided into a non-sensitive part which has no requirement on security level configuration and a sensitive part which has a requirement on security level configuration according to different content attributes. The non-sensitive portion may be disclosed to members that are not relevant to the benefit of the document, including the document manager.
The sensitive part is only disclosed to the relevant members of the benefit of the document, namely only disclosed to the document receiver according to the rule of the security level, and any member which is irrelevant to the benefit of the document including the document manager cannot read the information of any sensitive part.
The sensitive part is divided into N different document modules P1-PN according to the sequence, namely the sensitive part of the electronic document is formed by sequentially combining Pn (N E [1, N ]), wherein N is an integer greater than or equal to 1. At this time, the security policy of the document sender a on the sensitive information by the document receiver B is not clear, and the document sender a is likely to need to send the electronic document to other document receivers, so that the document sender a performs custom division on the sensitive information of the electronic document, and does not determine the security level.
Electronic document = { insensitive part, P1-PN }.
Example 2: when n=6, the sensitive part of a certain electronic document may be composed of document modules shown in the following table 2
Figure SMS_2
Table 2, document Module partition Table
A random number is set for each document module Pn to obtain a document module key KPn of the document module Pn. Thus, all the document module keys KP 1-KPN can be obtained.
S12, encrypting the document module through the document module key to obtain an encrypted document module.
In a specific implementation, pn is symmetrically encrypted by the document module key KPn to obtain an encrypted document module En, i.e., en=se (Pn, KPn), where SE is a symmetric encryption algorithm, such as AES, SM4, etc.
S13, generating a document module temporary private key of the document module aiming at the receiver terminal, and generating a document module temporary public key corresponding to the document module temporary private key.
In specific implementation, a random number is set for each document module Pn to obtain a temporary private key rn for the document module of the document receiver B. Thus, all the temporary private keys r 1-rN of the document modules can be obtained.
And then calculating a document module temporary public key Un corresponding to the document module temporary private key rn, namely Un=rn×P, wherein P is a generator for identifying the password server. Thus, all the temporary public keys U1-UN of the document modules can be obtained.
S14, calculating the public key of the receiver terminal, the public key of the identification password server and the temporary private key of the document module based on a preset bilinear pair function to obtain the document module key encryption key aiming at the receiver terminal.
In specific implementation, the document module key encryption key Kn for the document receiver B is calculated by the formula kn=e (PKB, pub)/(rn), where PKB is the public key of the receiver terminal (the terminal used by the document receiver B), pub is the public key of the identification cryptographic server, rn is the document module temporary private key, and e refers to a bilinear pairing function.
S15, encrypting the document module key through the document module key encryption key to obtain an encrypted document module key.
In a specific implementation, the document module key KPn is encrypted symmetrically by the document module key encryption key Kn, so as to obtain an encrypted document module key Cn, namely cn=se (KPn, kn), where SE is a symmetric encryption algorithm, such as AES, SM4, etc.
S16, generating a final document based on the encrypted document module, the document module temporary public key and the encrypted document module key, and sending the final document to a document management server.
In a specific implementation, the final document includes a non-sensitive portion of the electronic document, all of the encrypted document modules E1-EN, all of the document module temporary public keys U1-UN, and all of the encrypted document module keys C1-CN. The final document can be represented by the set { insensitive part, E1-EN, U1-UN, C1-CN }.
The document sender a sends the final document to the document management server. It will be appreciated that when there are a plurality of document receivers, each document receiver corresponds to a set of document module temporary public keys U1 to UN and a set of encrypted document module keys C1 to CN.
Therefore, the method is used for sending the sensitive information to the final document of the document management server, and the sensitive information is ciphertext, so that any network member irrelevant to the sensitive information of the document cannot acquire the sensitive information, including the document manager.
Referring to fig. 3, in the embodiment of the present invention, for the document management server, the following steps are mainly performed: S21-S25.
S21, receiving a final document sent by the sender terminal, wherein the final document comprises an encrypted document module, a temporary public key of the document module and a secret key of the encrypted document module.
In particular implementations, a document management server receives a final document sent by a sender terminal, the final document including an encrypted document module, a document module temporary public key, and an encrypted document module key. That is, the final document is { insensitive part, E1-EN, U1-UN, C1-CN }.
Further, the document management server applies the module security policy to the electronic document, for example, for the electronic document corresponding to table 2, determines the security class and the security level for the document modules P1 to PN respectively, and generates a module security policy table, where the module security policy table includes the security class classification result and the security level classification result of each document module. The document management server knows the actual content of the document modules P1 to PN from the description of the non-sensitive portion, for example, the non-sensitive portion describes the content contained in the document modules P1 to PN; or the description of the document modules P1 to PN by the sender terminal is known, for example, the sender terminal sends out a communication message and describes the content of the document modules P1 to PN. After the document management server knows the actual content of the document modules P1-PN, the document modules P1-PN are respectively matched with the module confidentiality strategies of the document receiver, and the document modules P1-PN respectively correspond to a confidentiality category and a confidentiality grade.
For example, for the electronic document corresponding to the foregoing table 2, a module security policy table is obtained as shown in table 3 below.
Figure SMS_3
TABLE 3 Module Security policy Table
S22, generating a temporary private key of a receiver, and acquiring a temporary public key of the receiver corresponding to the temporary private key of the receiver.
In specific implementation, the document management server takes a random number r as a receiver temporary private key for the document receiver B, and calculates a receiver temporary public key U corresponding to the receiver temporary private key through a formula u=r×p, where r is the receiver temporary private key, and P is a generator for identifying the cryptographic server.
S23, calculating a grade key of the security grade of the document module based on a preset bilinear pair function according to a preset public key of the security class of the document module, a preset system public key of the security grade of the document module and the temporary private key of the receiver.
In a specific implementation, the security class T includes M security levels, where M is an integer greater than or equal to 1. The document management server calculates a class key wi of each security class of the security class T through a formula wi=e (PKT, pubTi)/(r), wherein PKT is a public key of the security class T, pubTi is a system public key of an ith security class, r is a temporary private key of a receiving party, and i is a positive integer of 0 or less than M.
For example, when m=2, w2=e (PKT, pubT 2) ≡r; w1=e (PKT, pubT 1) ≡r; w0=e (PKT, pubT 0) ≡r. If the security level of the document module is level 2, the level key of the security level of the document module is w2.
S24, encrypting the temporary public key of the document module corresponding to the document module based on the grade key of the confidentiality grade of the document module to obtain the temporary public key of the encrypted document module corresponding to the document module.
In particular, for document module Pn, the security class is Tn (one of L security classes) and the security level is Gn ε [0, M ].
Then, for the document module temporary public key Un corresponding to the security level Gn of the document module Pn, the document module temporary public key Un is symmetrically encrypted using the level key wGn corresponding to the security level Gn of the document module Pn to obtain an encrypted document module temporary public key Un-Gn, that is, un-gn=se (Un, wGn), where SE is a symmetric encryption algorithm such as AES, SM4, or the like. Based on the same calculation mode, all temporary public keys U1-G1-UN-GN of the encrypted document module are obtained.
S25, generating a document with a security policy based on the encrypted document module, the encrypted document module temporary public key and the encrypted document module key.
In specific implementation, the document with the security policy comprises a non-sensitive part of the electronic document, all the encrypted document modules E1-EN, the temporary public key U of the receiver, all the temporary public keys U1-G1-UN-GN of the encrypted document modules and all the encrypted document module keys C1-CN. The documents with security policies can be expressed as { insensitive part, E1-EN, U1-G1-UN-GN, C1-CN }.
Referring to fig. 4, in the embodiment of the present invention, a security class and a security class private key of each security class of a receiver are preset in a receiver terminal, and for the receiver terminal, the following steps are mainly performed: S31-S33.
S31, acquiring a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade.
In particular implementations, a recipient terminal (a terminal used by the document recipient B) obtains a document with a privacy policy for the document recipient B from a document management server. The document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade.
For example, in one embodiment, the security policy-bearing document is { insensitive section, E1-EN, U1-G1-UN-GN, C1-CN }. The documents with the security policies comprise non-sensitive parts of the electronic documents, all the encrypted document modules E1-EN, the temporary public keys U of the receiving party, all the temporary public keys U1-G1-UN-GN of the encrypted document modules and all the encrypted document module keys C1-CN. The security class and security level of the document module are shown in Table 3.
S32, determining the encrypted document module with the reading authority of the receiver as a target encrypted document module based on the confidentiality grade of the receiver on the confidentiality grade and the confidentiality grade of the encrypted document module.
In particular implementations, for each security class, the recipient is configured with a security level, specifically determined by the role of the recipient. For example, referring to table 1, if the role of the receiving party is a financial officer, it is known that the financial officer has a security level of 1 for signing party information (class 1), a security level of 1 for target information (class 2), a security level of 2 for financial information (class 3), and a security level of 0 for legal term information (class 4). Thus, the information which can be read by the financial staff is signing party information and target information with the security level of 1 or less, financial information with the security level of 2 or less and legal term information with the security level of 0; any higher security document module is not readable, such as signer information and target information with security levels above 1, financial information with security levels above 2, and legal provision information with security levels above 0.
In one embodiment, the step S32 specifically includes: judging whether the confidentiality grade of the confidentiality class of the encrypted document module by the receiver is more than or equal to the confidentiality grade of the encrypted document module; and if the confidentiality grade of the confidentiality class of the receiving party on the encrypted document module is greater than or equal to the confidentiality grade of the encrypted document module, judging that the encrypted document module is the target encrypted document module.
In specific implementation, for each encrypted document module, whether the security level of the security class of the encrypted document module by the receiver is greater than or equal to the security level of the encrypted document module is judged, if yes, the receiver is judged to have the reading authority on the encrypted document module, otherwise, the receiver is judged to have no reading authority on the encrypted document module.
S33, decrypting the target encrypted document module based on the secret grade private key of the secret class of the receiver to obtain the document module corresponding to the target encrypted document module.
Further, the security class of the target encrypted document module En is T, the security level is the ith level, and the receiving terminal decrypts the target encrypted document module En based on the security level private key SKTi to obtain the document module Pn.
In one embodiment, the encrypted document module is obtained by encrypting the document module with a preset document module key; for example, by step S12.
The encrypted document module key is obtained by encrypting the document module key through a preset document module key encryption key; for example, by step S15.
The temporary public key of the encrypted document module is obtained by encrypting a temporary public key of the document module preset by the document module by a grade key corresponding to the confidentiality grade of the document module; for example, by step S24.
The document module key encryption key is obtained by calculating a public key of the receiver terminal, a public key of the identification password server and a document module temporary private key corresponding to the document module temporary public key based on a preset bilinear pair function; for example, by step S14.
The grade key corresponding to the security grade of the document module is obtained by calculating a public key of the security class of the document module, a system public key of the security grade of the document module and a temporary private key of a receiver corresponding to the temporary public key of the receiver based on a preset bilinear pair function; for example, by step S23.
The above step S33 includes the steps of: S331-S335.
S331, calculating the class key of each security class of the receiver based on a preset bilinear pair function according to the security class private key of each security class of the receiver and the receiver temporary public key.
In specific implementation, the characteristics based on the bilinear pair function can be known:
wi=e (PKT, pubTi)/(r=e (PKT, sTi x P)/(r=e (sTi x PKT, r x P) =e (SKTi, U)), where PKT is a public key of the security class T, pubTi is a system public key of the ith security class of the security class T, r is a receiver temporary private key, i is a positive integer equal to or less than M, sTi is a system private key of the ith security class of the security class T, P is a generator for identifying a cryptographic server, SKTi is a security class private key of the ith security class of the security class T, and U is a receiver temporary public key. Thus, the class key wi of the ith security class of the security class T can be calculated from the security class private key SKTi and the receiver temporary public key U.
Meanwhile, the lower-level security level private key SKTj can be calculated by the security level private key SKTi, for example, by the manner described in the preparation 3, where j is 0 or a positive integer smaller than i. The j-th security level class secret key wj of the security class T can be obtained by calculation according to the security level secret key SKTj and the receiver temporary public key U. Therefore, when the receiving party receives the documents with the security policies, which are sent by other members with different roles in the same organization and are generated by the document management server for the members with the different roles, and when the security level of a document module in the documents with the security policies is lower than or equal to the security level of the receiving party for the security class of the document module, the receiving party can decrypt and read, otherwise, the receiving party can not decrypt and read. Therefore, when the document with the security policy flows in the organization, the reading rule of the encrypted document module by the members with different roles also meets the requirement of the organization on the security policy.
S332, decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module based on the grade key of the confidentiality class of the target encrypted document module by the receiver to obtain the temporary public key of the document module corresponding to the target encrypted document module.
In the implementation, the temporary public key of the document module corresponding to the target encrypted document module is decrypted based on the class key of the confidentiality class of the target encrypted document module by the receiver, so as to obtain the temporary public key of the document module corresponding to the target encrypted document module.
For example, in one embodiment, each security class is provided with a plurality of security levels from high to low, and the security level private key of the security level of the low level is generated based on the security level private key of the security level of the previous level; for example, the operation is performed in the manner described in the preparation 3. The step S332 includes: S3321-S3322.
S3321, if the security level of the security class of the target encrypted document module by the receiver is equal to the security level of the target encrypted document module, decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the security level key of the security class of the target encrypted document module by the receiver, and obtaining the temporary public key of the document module corresponding to the target encrypted document module.
In a specific implementation, if the security level of the security class of the target encrypted document module by the receiver is equal to the security level of the target encrypted document module, for example, the security level of the security class of the target encrypted document module by the receiver is the ith level, and the security level of the target encrypted document module is also the ith level.
The temporary public key of the document module corresponding to the target encrypted document module can be obtained by directly decrypting the temporary public key of the document module corresponding to the target encrypted document module through the grade key wi.
S3321, if the confidentiality grade of the confidentiality class of the target encrypted document module by the receiver is greater than the confidentiality grade of the target encrypted document module, generating a confidentiality grade private key of the confidentiality grade of the target encrypted document module based on the confidentiality grade private key of the confidentiality class of the target encrypted document module by the receiver; according to the security level private key of the security level of the target encrypted document module and the temporary public key of the receiver, calculating a level key of the security level of the target encrypted document module based on a preset bilinear pair function; and decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the grade key of the security grade of the target encrypted document module to obtain the temporary public key of the document module corresponding to the target encrypted document module.
In a specific implementation, if the security level of the security class of the target encrypted document module by the receiver is greater than the security level of the target encrypted document module, for example, the security level of the security class of the target encrypted document module by the receiver is the ith level, the security level of the target encrypted document module is the jth level, and j is 0 or a positive integer less than i.
The lower-level security level private key SKTj can be calculated from the security level private key SKTi, for example, by the manner described in the preparation 3. The j-th security level class secret key wj of the security class T can be obtained by calculation according to the security level secret key SKTj and the receiver temporary public key U.
And decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module through the grade key wj to obtain the temporary public key of the document module corresponding to the target encrypted document module.
S333, according to the temporary public key of the document module corresponding to the target encrypted document module and the private key of the receiver terminal, calculating the document module key encryption key corresponding to the target encrypted document module based on a preset bilinear pair function.
In specific implementation, the characteristics based on the bilinear pair function can be known:
Kn=e (PKB, pub)/(rn=e (SKB, un), where Kn is a document module decryption key, PKB is a public key of a receiver terminal (a terminal used by the document receiver B), pub is a public key identifying a cryptographic server, rn is a document module temporary private key, e refers to a bilinear pair function, SKB is a private key of a receiver terminal, un is a document module temporary public key, and n is a sequence number of a document module. Therefore, the document module key encryption key corresponding to the target encrypted document module can be obtained through calculation based on a preset bilinear pair function according to the document module temporary public key corresponding to the target encrypted document module and the private key of the receiver terminal.
S334, decrypting the encrypted document module key corresponding to the target encrypted document module based on the document module key encryption key corresponding to the target encrypted document module to obtain the document module key corresponding to the target encrypted document module.
In the implementation, after the document module key encryption key corresponding to the target encrypted document module is obtained, the document module key corresponding to the target encrypted document module is obtained by decrypting the document module key corresponding to the target encrypted document module through the document module key encryption key corresponding to the target encrypted document module.
S335, decrypting the target encrypted document module based on the document module key corresponding to the target encrypted document module to obtain the document module corresponding to the target encrypted document module.
In the implementation, after the document module key corresponding to the target encrypted document module is obtained, the target encrypted document module is decrypted through the document module key corresponding to the target encrypted document module to obtain the document module corresponding to the target encrypted document module.
According to the technical scheme, sensitive information in an electronic document is divided into document modules, and security categories and security levels of the document modules are set; the receiving side sets a security level and a security level private key for each security class. The receiving terminal directly or indirectly acquires the document with the security policy from the document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade; the receiving party terminal determines the encrypted document module with the reading authority of the receiving party as a target encrypted document module based on the confidentiality grade of the receiving party on the confidentiality grade and the confidentiality grade of the encrypted document module; the receiving party terminal decrypts the target encrypted document module based on the secret grade private key of the secret class of the receiving party, so that the document module corresponding to the target encrypted document module is obtained, each receiving party can only read the document module with the reading authority, and different secret requirements of different organizations in a scene of the inter-organization online collaboration of the electronic document are met.
Referring to fig. 5, fig. 5 is a schematic block diagram of an electronic document management apparatus 50 with a configurable security policy according to an embodiment of the present invention. Corresponding to the above electronic document management method of configurable security policies, the present invention also provides an electronic document management apparatus 50 of configurable security policies. The electronic document management apparatus 50 capable of configuring a security policy includes a unit for executing the electronic document management method capable of configuring a security policy as described above, and the electronic document management apparatus 50 capable of configuring a security policy may be configured in a device such as a desktop computer, a tablet computer, a laptop computer, an intelligent mobile terminal, or the like. Sensitive information in the electronic document is divided into document modules, the document modules are set with security classes and security grades, and the security grade and security grade private keys of the security classes of the receiving party are preset in the receiving party terminal. Specifically, the electronic document management apparatus 50 of configurable security policy includes:
an acquisition unit 51 for acquiring a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade;
A determining unit 52 for determining, as a target encrypted document module, an encrypted document module for which the receiver has a reading right based on a security level of the receiver to a security class and the security level of the encrypted document module;
and a decryption unit 53, configured to decrypt the target encrypted document module based on the security level private key of the security class of the receiver, to obtain a document module corresponding to the target encrypted document module.
In one embodiment, the document with security policy further includes a receiver temporary public key, an encrypted document module temporary public key, and an encrypted document module key;
the document encryption module is obtained by encrypting the document module through a preset document module key;
the encrypted document module key is obtained by encrypting the document module key through a preset document module key encryption key;
the temporary public key of the encrypted document module is obtained by encrypting a temporary public key of the document module preset by the document module by a grade key corresponding to the confidentiality grade of the document module;
the document module key encryption key is obtained by calculating a public key of the receiver terminal, a public key of the identification password server and a document module temporary private key corresponding to the document module temporary public key based on a preset bilinear pair function;
The grade key corresponding to the security grade of the document module is obtained by calculating a public key of the security class of the document module, a system public key of the security grade of the document module and a temporary private key of the receiver corresponding to the temporary public key of the receiver based on a preset bilinear pair function.
In one embodiment, the decrypting the target encrypted document module based on the security level private key of the security class by the receiver to obtain the document module corresponding to the target encrypted document module includes:
according to the secret grade private key of the receiver to each secret category and the temporary public key of the receiver, calculating to obtain the grade key of the receiver to each secret category based on a preset bilinear pair function;
decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module based on the grade key of the confidentiality class of the target encrypted document module by the receiver to obtain the temporary public key of the document module corresponding to the target encrypted document module;
according to the temporary public key of the document module corresponding to the target encrypted document module and the private key of the receiver terminal, calculating a document module key encryption key corresponding to the target encrypted document module based on a preset bilinear pair function;
Decrypting the encrypted document module key corresponding to the target encrypted document module based on the document module key encryption key corresponding to the target encrypted document module to obtain the document module key corresponding to the target encrypted document module;
and decrypting the target encrypted document module based on the document module key corresponding to the target encrypted document module to obtain the document module corresponding to the target encrypted document module.
In an embodiment, each security class is provided with a plurality of security levels from high to low, and the security level private key of the security level of the low level is generated based on the security level private key of the security level of the previous level; decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module based on the class key of the confidentiality class of the target encrypted document module by the receiver to obtain the temporary public key of the document module corresponding to the target encrypted document module, including:
if the confidentiality grade of the confidentiality class of the target encrypted document module by the receiver is equal to the confidentiality grade of the target encrypted document module, decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the grade key of the confidentiality class of the target encrypted document module by the receiver, and obtaining the temporary public key of the document module corresponding to the target encrypted document module;
If the security level of the security class of the receiver to the target encrypted document module is greater than the security level of the target encrypted document module, generating a security level private key of the security level of the target encrypted document module based on the security level private key of the security class of the receiver to the target encrypted document module; according to the security level private key of the security level of the target encrypted document module and the temporary public key of the receiver, calculating a level key of the security level of the target encrypted document module based on a preset bilinear pair function; and decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the grade key of the security grade of the target encrypted document module to obtain the temporary public key of the document module corresponding to the target encrypted document module.
In one embodiment, the determining, based on the security level of the receiving party to the security class and the security level of the encrypted document module, that the receiving party has the reading authority as the target encrypted document module includes:
judging whether the confidentiality grade of the confidentiality class of the encrypted document module by the receiver is more than or equal to the confidentiality grade of the encrypted document module;
And if the confidentiality grade of the confidentiality class of the receiving party on the encrypted document module is greater than or equal to the confidentiality grade of the encrypted document module, judging that the encrypted document module is the target encrypted document module.
Referring to fig. 6, fig. 6 is a schematic block diagram of an electronic document management apparatus 50 with a configurable security policy according to an embodiment of the invention. Corresponding to the above electronic document management method of configurable security policies, the present invention also provides an electronic document management apparatus 50 of configurable security policies. The electronic document management apparatus 50 capable of configuring a security policy includes a unit for executing the electronic document management method capable of configuring a security policy as described above, and the electronic document management apparatus 50 capable of configuring a security policy may be configured in a device such as a desktop computer, a tablet computer, a laptop computer, an intelligent mobile terminal, or the like. Sensitive information in an electronic document is divided into document modules, and the document modules are provided with security categories and security levels. Specifically, the electronic document management apparatus 50 of configurable security policy includes:
a first generation unit 54 for generating a document module key of the document module;
a first encrypting unit 55 for encrypting the document module by the document module key to obtain an encrypted document module;
A second generating unit 56, configured to generate a document module temporary private key of the document module for the receiver terminal, and generate a document module temporary public key corresponding to the document module temporary private key;
a first calculation unit 57, configured to calculate, based on a preset bilinear pairing function, a document module key encryption key for the receiver terminal according to the public key of the receiver terminal, the public key of the identification password server, and the document module temporary private key;
a second encrypting unit 58 for encrypting the document module key by the document module key encryption key to obtain an encrypted document module key;
a third generating unit 59 for generating a final document based on the encrypted document module, the document module temporary public key, and the encrypted document module key, and transmitting the final document to a document management server.
Referring to fig. 7, fig. 7 is a schematic block diagram of an electronic document management apparatus 50 with a configurable security policy according to an embodiment of the present invention. Corresponding to the above electronic document management method of configurable security policies, the present invention also provides an electronic document management apparatus 50 of configurable security policies. The electronic document management apparatus 50 capable of configuring a security policy includes a unit for executing the electronic document management method capable of configuring a security policy as described above, and the electronic document management apparatus 50 capable of configuring a security policy may be configured in a device such as a desktop computer, a tablet computer, a laptop computer, an intelligent mobile terminal, or the like. Sensitive information in an electronic document is divided into document modules, and the document modules are provided with security categories and security levels. Specifically, the electronic document management apparatus 50 of configurable security policy includes:
A receiving unit 510, configured to receive a final document sent by a sender terminal, where the final document includes an encrypted document module, a document module temporary public key, and an encrypted document module key;
a fourth generating unit 511, configured to generate a receiver temporary private key, and obtain a receiver temporary public key corresponding to the receiver temporary private key;
a second calculation unit 512, configured to calculate, based on a preset bilinear pairing function, a class key of the security class of the document module according to a preset public key of the security class of the document module, a preset system public key of the security class of the document module, and the temporary private key of the receiver;
a third encryption unit 513, configured to encrypt a temporary public key of a document module corresponding to the document module based on a level key of a security level of the document module, to obtain an encrypted temporary public key of the document module corresponding to the document module;
a fifth generating unit 514 is configured to generate a document with security policy based on the encrypted document module, the encrypted document module temporary public key, and the encrypted document module key.
It should be noted that, as will be clearly understood by those skilled in the art, the specific implementation process of the electronic document management apparatus 50 and each unit capable of configuring the security policy may refer to the corresponding description in the foregoing method embodiment, and for convenience and brevity of description, the description is omitted here.
The above-described security policy-configurable electronic document management apparatus 50 may be implemented in the form of a computer program which is executable on a computer device as shown in fig. 8.
Referring to fig. 8, fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be a terminal or a server, where the terminal may be an electronic device with a communication function, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a personal digital assistant, and a wearable device. The server may be an independent server or a server cluster formed by a plurality of servers.
The computer device 500 includes a processor 502, a memory, and a network interface 505, connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer program 5032, when executed, may cause the processor 502 to perform a method of electronic document management with configurable security policies.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the execution of a computer program 5032 in the non-volatile storage medium 503, which computer program 5032, when executed by the processor 502, causes the processor 502 to perform a method of electronic document management with configurable security policies.
The network interface 505 is used for network communication with other devices. It will be appreciated by those skilled in the art that the foregoing structures, which are merely block diagrams of portions of structures related to the present application, are not limiting of the computer device 500 to which the present application may be applied, and that a particular computer device 500 may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
Wherein the processor 502 is configured to execute a computer program 5032 stored in a memory for implementing the steps of an electronic document management method of a configurable security policy in any of the method embodiments described above.
It should be appreciated that in embodiments of the present application, the processor 502 may be a central processing unit (Central Processing Unit, CPU), the processor 502 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSPs), application specific integrated circuits (Application Specific Integrated Circuit, ASICs), field programmable gate arrays (Field-Programmable Gate Array, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. Wherein the general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Those skilled in the art will appreciate that all or part of the flow in a method embodying the above described embodiments may be accomplished by computer programs instructing the relevant hardware. The computer program may be stored in a storage medium that is a computer readable storage medium. The computer program is executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer readable storage medium. The storage medium stores a computer program. The computer program, when executed by a processor, causes the processor to perform the steps of a security policy configurable electronic document management method in any of the method embodiments described above.
The storage medium is a physical, non-transitory storage medium, and may be, for example, a U-disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk. The computer readable storage medium may be nonvolatile or may be volatile.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided by the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be combined, divided and deleted according to actual needs. In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The integrated unit may be stored in a storage medium if implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention is essentially or part of what contributes to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a terminal, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and for those portions of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (10)

1. An electronic document management method capable of configuring security policies is characterized in that an electronic document management system comprises an identification password server, a document management server and a receiver terminal, sensitive information in an electronic document is divided into document modules, the document modules are provided with security categories and security levels, the receiver terminal is preset with security levels and security level private keys of the receiver for each security category, and the method is applied to the receiver terminal and comprises the following steps:
Acquiring a document with a security policy from a document management server; the document with the security policy comprises an encrypted document module; the encrypted document module is obtained by encrypting the document module, and the encrypted document module and the document module have the same confidentiality class and confidentiality grade;
determining an encrypted document module with reading authority of the receiver as a target encrypted document module based on the confidentiality grade of the receiver to the confidentiality category and the confidentiality grade of the encrypted document module;
and decrypting the target encrypted document module based on the secret level private key of the secret class of the receiver to obtain the document module corresponding to the target encrypted document module.
2. The method of claim 1, wherein the security policy-bearing document further comprises a receiver temporary public key, an encrypted document module temporary public key, and an encrypted document module key;
the document encryption module is obtained by encrypting the document module through a preset document module key;
the encrypted document module key is obtained by encrypting the document module key through a preset document module key encryption key;
the temporary public key of the encrypted document module is obtained by encrypting a temporary public key of the document module preset by the document module by a grade key corresponding to the confidentiality grade of the document module;
The document module key encryption key is obtained by calculating a public key of the receiver terminal, a public key of the identification password server and a document module temporary private key corresponding to the document module temporary public key based on a preset bilinear pair function;
the grade key corresponding to the security grade of the document module is obtained by calculating a public key of the security class of the document module, a system public key of the security grade of the document module and a temporary private key of the receiver corresponding to the temporary public key of the receiver based on a preset bilinear pair function.
3. The method according to claim 2, wherein decrypting the target encrypted document module based on the security level private key of the security class by the receiver to obtain the document module corresponding to the target encrypted document module includes:
according to the secret grade private key of the receiver to each secret category and the temporary public key of the receiver, calculating to obtain the grade key of the receiver to each secret category based on a preset bilinear pair function;
decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module based on the grade key of the confidentiality class of the target encrypted document module by the receiver to obtain the temporary public key of the document module corresponding to the target encrypted document module;
According to the temporary public key of the document module corresponding to the target encrypted document module and the private key of the receiver terminal, calculating a document module key encryption key corresponding to the target encrypted document module based on a preset bilinear pair function;
decrypting the encrypted document module key corresponding to the target encrypted document module based on the document module key encryption key corresponding to the target encrypted document module to obtain the document module key corresponding to the target encrypted document module;
and decrypting the target encrypted document module based on the document module key corresponding to the target encrypted document module to obtain the document module corresponding to the target encrypted document module.
4. A method according to claim 3, wherein each security class is provided with a plurality of security levels from high to low, and the security level private key of the security level of the low level is generated based on the security level private key of the security level of the previous level; decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module based on the class key of the confidentiality class of the target encrypted document module by the receiver to obtain the temporary public key of the document module corresponding to the target encrypted document module, including:
If the confidentiality grade of the confidentiality class of the target encrypted document module by the receiver is equal to the confidentiality grade of the target encrypted document module, decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the grade key of the confidentiality class of the target encrypted document module by the receiver, and obtaining the temporary public key of the document module corresponding to the target encrypted document module;
if the security level of the security class of the receiver to the target encrypted document module is greater than the security level of the target encrypted document module, generating a security level private key of the security level of the target encrypted document module based on the security level private key of the security class of the receiver to the target encrypted document module; according to the security level private key of the security level of the target encrypted document module and the temporary public key of the receiver, calculating a level key of the security level of the target encrypted document module based on a preset bilinear pair function; and decrypting the temporary public key of the encrypted document module corresponding to the target encrypted document module according to the grade key of the security grade of the target encrypted document module to obtain the temporary public key of the document module corresponding to the target encrypted document module.
5. The method according to claim 1, wherein the determining, as the target encrypted document module, the encrypted document module for which the receiver has the reading authority based on the security level of the receiver to the security class and the security level of the encrypted document module, includes:
judging whether the confidentiality grade of the confidentiality class of the encrypted document module by the receiver is more than or equal to the confidentiality grade of the encrypted document module;
and if the confidentiality grade of the confidentiality class of the receiving party on the encrypted document module is greater than or equal to the confidentiality grade of the encrypted document module, judging that the encrypted document module is the target encrypted document module.
6. An electronic document management method with configurable security policy, wherein an electronic document management system includes a sender terminal, an identification password server, a document management server, and a receiver terminal for performing the method of any one of claims 1 to 5, sensitive information in an electronic document being divided into document modules, the method being applied to the sender terminal, the method comprising:
generating a document module key of the document module;
encrypting the document module through the document module key to obtain an encrypted document module;
Generating a document module temporary private key of the document module aiming at the receiver terminal, and generating a document module temporary public key corresponding to the document module temporary private key;
according to the public key of the receiver terminal, the public key of the identification password server and the temporary private key of the document module, calculating a document module key encryption key aiming at the receiver terminal based on a preset bilinear pair function;
encrypting the document module key by the document module key encryption key to obtain an encrypted document module key;
and generating a final document based on the encrypted document module, the document module temporary public key and the encrypted document module key, and transmitting the final document to a document management server.
7. An electronic document management method with configurable security policy, wherein an electronic document management system includes a sender terminal for performing the method of claim 6, an identification password server, a document management server, and a receiver terminal for performing the method of any one of claims 1 to 5, sensitive information in an electronic document is divided into document modules, the document modules are set with security categories and security levels, and the method is applied to the document management server, the method comprising:
Receiving a final document sent by a sender terminal, wherein the final document comprises an encrypted document module, a temporary public key of the document module and a secret key of the encrypted document module;
generating a receiver temporary private key and acquiring a receiver temporary public key corresponding to the receiver temporary private key;
according to a preset public key of the confidentiality class of the document module, a preset system public key of the confidentiality class of the document module and the temporary private key of the receiver, calculating a class key of the confidentiality class of the document module based on a preset bilinear pair function;
encrypting a temporary public key of the document module corresponding to the document module based on a hierarchical key of the security level of the document module to obtain an encrypted temporary public key of the document module corresponding to the document module;
and generating a document with a security policy based on the encrypted document module, the encrypted document module temporary public key and the encrypted document module key.
8. An electronic document management apparatus configurable security policy, comprising means for performing the method of any of claims 1-7.
9. A computer device, characterized in that it comprises a memory on which a computer program is stored and a processor which, when executing the computer program, implements the method according to any of claims 1-7.
10. A computer readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method according to any of claims 1-7.
CN202310364498.9A 2023-04-07 2023-04-07 Electronic document management method, device, equipment and medium capable of configuring security policy Active CN116089986B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310364498.9A CN116089986B (en) 2023-04-07 2023-04-07 Electronic document management method, device, equipment and medium capable of configuring security policy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310364498.9A CN116089986B (en) 2023-04-07 2023-04-07 Electronic document management method, device, equipment and medium capable of configuring security policy

Publications (2)

Publication Number Publication Date
CN116089986A true CN116089986A (en) 2023-05-09
CN116089986B CN116089986B (en) 2023-08-25

Family

ID=86199490

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310364498.9A Active CN116089986B (en) 2023-04-07 2023-04-07 Electronic document management method, device, equipment and medium capable of configuring security policy

Country Status (1)

Country Link
CN (1) CN116089986B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117591487A (en) * 2024-01-19 2024-02-23 杭州云淅技术有限公司 Financial document sharing method and related device

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6061448A (en) * 1997-04-01 2000-05-09 Tumbleweed Communications Corp. Method and system for dynamic server document encryption
US6185681B1 (en) * 1998-05-07 2001-02-06 Stephen Zizzi Method of transparent encryption and decryption for an electronic document management system
JP2008160485A (en) * 2006-12-22 2008-07-10 Kitakyushu Foundation For The Advancement Of Industry Science & Technology Document management system, document managing method, document management server, work terminal, and program
US20080263363A1 (en) * 2007-01-22 2008-10-23 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption
CN103220295A (en) * 2013-04-26 2013-07-24 福建伊时代信息科技股份有限公司 Document encryption and decryption method, device and system
CN107222483A (en) * 2017-06-07 2017-09-29 中山大学 A kind of method of the electronic document network memory management of many access levels
CN107846421A (en) * 2017-12-20 2018-03-27 北京明朝万达科技股份有限公司 A kind of document management method and device
CN109284426A (en) * 2018-08-23 2019-01-29 杭州创梦汇科技有限公司 It is a kind of most according to document classification system based on Permission Levels
CN111079163A (en) * 2019-12-16 2020-04-28 国网山东省电力公司威海市文登区供电公司 Encryption and decryption information system
CN111259435A (en) * 2020-01-09 2020-06-09 平安科技(深圳)有限公司 Contract encryption and decryption method and device and computer readable storage medium
CN112688989A (en) * 2020-12-08 2021-04-20 北京北信源软件股份有限公司 Document transmission method and system
KR102328057B1 (en) * 2020-10-13 2021-11-17 주식회사 한글과컴퓨터 Document security service server that supports encryption of document files based on terminal information and operating method thereof

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6061448A (en) * 1997-04-01 2000-05-09 Tumbleweed Communications Corp. Method and system for dynamic server document encryption
US6185681B1 (en) * 1998-05-07 2001-02-06 Stephen Zizzi Method of transparent encryption and decryption for an electronic document management system
JP2008160485A (en) * 2006-12-22 2008-07-10 Kitakyushu Foundation For The Advancement Of Industry Science & Technology Document management system, document managing method, document management server, work terminal, and program
US20080263363A1 (en) * 2007-01-22 2008-10-23 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption
CN103220295A (en) * 2013-04-26 2013-07-24 福建伊时代信息科技股份有限公司 Document encryption and decryption method, device and system
CN107222483A (en) * 2017-06-07 2017-09-29 中山大学 A kind of method of the electronic document network memory management of many access levels
CN107846421A (en) * 2017-12-20 2018-03-27 北京明朝万达科技股份有限公司 A kind of document management method and device
CN109284426A (en) * 2018-08-23 2019-01-29 杭州创梦汇科技有限公司 It is a kind of most according to document classification system based on Permission Levels
CN111079163A (en) * 2019-12-16 2020-04-28 国网山东省电力公司威海市文登区供电公司 Encryption and decryption information system
CN111259435A (en) * 2020-01-09 2020-06-09 平安科技(深圳)有限公司 Contract encryption and decryption method and device and computer readable storage medium
KR102328057B1 (en) * 2020-10-13 2021-11-17 주식회사 한글과컴퓨터 Document security service server that supports encryption of document files based on terminal information and operating method thereof
CN112688989A (en) * 2020-12-08 2021-04-20 北京北信源软件股份有限公司 Document transmission method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117591487A (en) * 2024-01-19 2024-02-23 杭州云淅技术有限公司 Financial document sharing method and related device
CN117591487B (en) * 2024-01-19 2024-04-05 杭州云淅技术有限公司 Financial document sharing method and related device

Also Published As

Publication number Publication date
CN116089986B (en) 2023-08-25

Similar Documents

Publication Publication Date Title
Yu et al. A blockchain-based shamir’s threshold cryptography scheme for data protection in industrial internet of things settings
EP1676281B1 (en) Efficient management of cryptographic key generations
US20080031458A1 (en) System, methods, and apparatus for simplified encryption
KR20170057549A (en) Large simultaneous digital signature service system based on hash function and method thereof
US10680805B2 (en) Data encryption control using multiple controlling authorities
CN112822255B (en) Block chain-based mail processing method, mail sending end, receiving end and equipment
KR101615137B1 (en) Data access method based on attributed
CN116090028B (en) Electronic contract management method, device, equipment and medium capable of configuring security level
EP3036875A1 (en) A method and apparatus for privacy-enhanced evidence evaluation
CN116089986B (en) Electronic document management method, device, equipment and medium capable of configuring security policy
CN112632574A (en) Multi-mechanism data processing method and device based on alliance chain and related equipment
Chaeikar et al. Secure SMS transmission based on social network messages
EP3769463A1 (en) Decentralised communication system and method
US20240048367A1 (en) Distributed anonymized compliant encryption management system
CN113726772A (en) Method, device, equipment and storage medium for realizing on-line inquiry session
Sujatha Auditing of Storage Security on Encryption
Qiu et al. Hierarchical Access Control with Scalable Data Sharing in Cloud Storage
Kaaniche et al. Id-based user-centric data usage auditing scheme for distributed environments
Venkatesan et al. Analysis of key management protocols for social networks
Patel et al. The study of digital signature authentication process
Marsalek et al. SeDiCom: A Secure Distributed Privacy-Preserving Communication Platform
Ma et al. Comparing general paradigms on data secrecy protection for outsourced files in mobile cloud computing
US10892892B1 (en) Method and apparatus for end-to-end secure sharing of information with multiple recipients without maintaining a key directory
Zhang et al. Basic Techniques for Data Security
Merdassi et al. Location and Time Based Access Security Control Scheme for Mobile Cloud Computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Zhong Yimin

Inventor after: Guo Feng

Inventor after: Gu Fuyan

Inventor after: Zhang Jin

Inventor before: Zhong Yimin

Inventor before: Guo Feng

Inventor before: Gu Yanfu

Inventor before: Zhang Jin

GR01 Patent grant
GR01 Patent grant