CN101132272A - System supporting downloading and using of distributed encrypted document - Google Patents
System supporting downloading and using of distributed encrypted document Download PDFInfo
- Publication number
- CN101132272A CN101132272A CNA2006101125480A CN200610112548A CN101132272A CN 101132272 A CN101132272 A CN 101132272A CN A2006101125480 A CNA2006101125480 A CN A2006101125480A CN 200610112548 A CN200610112548 A CN 200610112548A CN 101132272 A CN101132272 A CN 101132272A
- Authority
- CN
- China
- Prior art keywords
- file
- unit
- encrypt
- container
- download
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
This invention discloses a system for supporting download and use of distributive ciphered files including: at least one file distribution unit, at least one catalog serving unit and at least one using unit, which solves safety distribution of P2P files and guarantees long and stable downloading speed of files by the downloading character of P2P files.
Description
Technical field
The present invention relates to the computer network security technology field, relate in particular to a kind of system that supports that simultaneously distributed encrypted document is downloaded and used.
Background technology
For a long time, the Internet of people's custom is to be the center with the server, and people send request to server, then the information of browser server response.And peer-to-peer network (P2P) is customer-centric, and all users are the partners of equality.Ten thousand li the user of being separated by can share file, catalogue and even DISK to Image on the hard disk by P2P.Everyone has shared them and has thought The Most Valuable Thing, and this will make the value of internet information be greatly improved.Simultaneously, the mode that directly exchanges between the P2P user, make people for open, the ideal of the Internet comes true freely.P2P has changed the game rule of the Internet, has also changed our life.The P2P technology can allow all users share various resources on the computer, for example CPU, printer etc.
In fact, from technical standpoint, P2P is not a kind of brand-new technology, and it is distributed computing technology application on the internet; And on the other hand, P2P also is the recurrence of original the Internet.Before the early 1990s, world wide web (www) was as a kind of global function billboard and commodity exchange, the Internet user directly asked for file to the other side.In the network life in its tangible our modern times, also fail to leave fully the mode that directly exchanges between this user and the user constantly.In local area network (LAN), the network neighbor that we often use is exactly the communication mode of a kind of typical P2P.
Compare with traditional distributed system, the P2P technology has incomparable advantage.Simultaneously, the P2P technology has broad application prospects.The last various P2P application software of Internt emerge in an endless stream, and number of users sharply increases.In March, 2004 from
Http:// www.slyck.com/Data show that user's usage quantity of a large amount of P2P softwares distributes from hundreds of thousands, millions of to up to ten million and rapid increase, and bring enormous impact for the Internet bandwidth.The P2P computing technique just constantly is applied to fields such as military field, commercial field, government information, communication.
Different according to concrete application, can be divided into following these types to P2P:
The P2P network that provides file and other content to share, for example
Napster,
Gnutella, eDonkey, emule, BitTorrent etc.;
Excavate P2P equity computing capability and storage and share ability, for example
Http:// setiathome.ssl.berkeley.edu/, Avaki, Popular Power etc.;
Based on the associated treatment and service shared platform of P2P mode, for example
JXTA, Magi, Groove .NET My Service etc.;
Instant messaging exchanges, and comprises ICQ, OICQ, Yahoo Messenger etc.;
The P2P communication and the information sharing of safety, for example
Skype, Crowds, Onion Routing etc.
Though P2P has obtained huge application, still there are some critical problems perplexing the application of P2P.
At first, the P2P The Application of Technology faces safety problem.A lot of P2P uses about file-sharing, existing P 2P system for content all is by expressly propagating, keeping a kind of very fragile trusting relationship between the node, lack authentication and licensing scheme, and because the characteristics of P2P network, Virus and malicious code can spread rapidly by P2P, and its influence and propagation velocity will be far longer than existing communication mode.
Secondly, the P2P The Application of Technology faces the difficult management problem.The marrow of P2P network is the way to manage of its Utopia's formula, and this mode has been given the user more freedom, but this also has been absorbed in anarchical predicament.Can imagine that the P2P network that lacks management will become virus, Pornograph and black hotbed.Many P2P company plans to carry out ecommerce by the P2P network, but checking of paying problem, flow rate calculation, commodity value or the like all is the difficulty that is difficult to overcome for the moment.
Except above-mentioned shortcoming, the P2P network still is a kind of relatively more fragile network.In the P2P network, server no longer is the center of network, but is still coordinating the work of whole network, and the paralysis of server will cause the paralysis of whole network.Not hard to imagine, a P2P network that has numerous users will become hacker's target of attack, and this will greatly threaten the safety of P2P network.
Summary of the invention
(1) technical problem that will solve
Deficiency at above-mentioned prior art existence, main purpose of the present invention is to provide a kind of system that supports that simultaneously distributed encrypted document is downloaded and used, to solve the secure distribution problem of P2P file, stop the disabled user to the intercepting and capturing of file, alter and bootlegging is propagated.
(2) technical scheme
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of system that supports that simultaneously distributed encrypted document is downloaded and used, this system comprises:
At least one file distribution unit, be used to encrypt the original plaintext file of issue, for adding a file header, the encrypting plaintext file constitutes the encrypt file container for file use unit download, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes;
At least one directory service unit is used to safeguard the directory information that uses the encrypt file container of unit download for file, and the query requests of response file use unit, according to the download of file use unit, upgrades corresponding directory information;
At least one file uses the unit, be used for downloading the directory information of encrypt file container from file distribution unit download encrypt file container according to the desire that is obtained from the directory service unit, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file.
Described file distribution unit comprises:
File server is used to preserve the original plaintext file, and the original plaintext file is offered encryption server;
Encryption server, be used to encrypt the original plaintext file that is received from file server and generate the encrypting plaintext file, for adding a file header, the encrypting plaintext file that generates constitutes the encrypt file container, the encrypt file container that constitutes is offered the encrypt file publisher server, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes;
The encrypt file publisher server is used to preserve the encrypt file container that uses the unit to download for file, uses the request of unit to use the unit that the fragment that constitutes the encrypt file container is provided to file according to being received from file;
Key server is used to preserve the decruption key corresponding with the encrypt file container, uses the request of unit to use the unit that the decruption key corresponding with the encrypt file container is provided to file according to being received from file.
Described encrypt file publisher server is further used for monitoring in real time the distribution situation of encrypt file container directory information in the directory service unit, whether decision increases the copy number that uses the encrypt file container of unit download for file, under the situation that can't satisfy file use unit downloading request, increase the copy number of encrypt file container.
Described file server, encryption server, encrypt file publisher server and key server are positioned on the same node, perhaps are dispersed on the different nodes.
Described directory service unit is a LIST SERVER;
Described LIST SERVER uses the information of unit to safeguard to file, after receiving that file uses the request of unit, record or check that file uses the directory information of unit, the request of using the unit according to the parameter that is provided with and file is downloaded the file that the file of same encrypt file container uses the information of unit to return to the request of transmission with subparticipation and is used the unit; After file uses the unit to receive the information that LIST SERVER returns, obtain the information that other file uses the unit, use unit information according to other file that obtains, set up with other file and use being connected between the unit, use unit file in download segment from other file.
Described file uses the unit to comprise:
Client, the directory information that is used for downloading the encrypt file container according to the desire that is obtained from the directory service unit from the file distribution unit or alternative document use the unit to download the encrypt file container, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file;
Controller is used to judge that the file reading order of reception is file upload command or local file service routine, if the file upload command is then returned the encrypt file container; If the local file service routine, enabling decryption of encrypted document container then, the original plaintext file that deciphering is obtained returns.
Described client is further used for providing corresponding directory information according to the situation of downloading the encrypt file container to the directory service unit, and finish the fragment of some encrypt file containers in download after, the encrypt file container fragment of downloading is offered alternative document use the unit to download.
Described encrypt file container comprises:
File identifier is used to show specific file format;
Version number is used to show the version of encrypt file container;
Item number is used to show follow-up number to encrypt file Container Description information;
Entry name is used to show the title of project;
Type is used to show the type of item value;
Be worth, be used to show the value of project;
The content of encrypting is used to show the file content of original plaintext file after encrypted;
Identifying code is used to show the identifying code of encrypt file container.
Described file distribution unit, directory service unit or file use the unit to be the arbitrary node in the network.
(3) beneficial effect
From technique scheme as can be seen, the present invention has following beneficial effect:
1, utilizes the present invention, by on the P2P network, carrying out the distribution of encrypted file, make the node that only has corresponding decruption key just can obtain original document expressly, stoped the disabled user to the intercepting and capturing of file, alter and attack such as bootlegging, even the disabled user has intercepted and captured the file of issue, owing to can't obtain decruption key, also can't alter and operation such as bootlegging the file publishing of intercepting and capturing, solved the secure distribution problem of P2P file effectively.
2, the present invention has made full use of the characteristics that the P2P file is downloaded, and it is many more to download node, and the speed of download is fast more.The file distribution unit is the issue situation of file fragment in the real-time monitoring P 2 P network also, if the issue of file fragment is reduced to certain threshold value, then provide more document copying number by the file distribution unit, so just effectively guaranteed the speed that file is downloaded, file downloading speed steady in a long-term is provided.
3, the present invention uses the client of unit to increase a controller at file, controller judges that the read operation to file is from the file upload command or the utility command of local file, if the file upload command is then directly returned the file content of encryption, if the utility command of local file then will be returned file content expressly behind the file decryption.Reduced the memory requirement to client like this, only needed to preserve a copy of file, otherwise just needed to preserve two copies: one is after encrypting, and one is expressly.
Description of drawings
Fig. 1 is the structured flowchart of supporting distributed encrypted document download and using system simultaneously provided by the invention;
Fig. 2 is the schematic diagram of supporting distributed encrypted document download and using system simultaneously provided by the invention;
Fig. 3 is a P2P encrypt file distribution protocol overall structure schematic diagram;
Fig. 4 is the schematic diagram of encrypt file container provided by the invention;
Fig. 5 is the project definition schematic diagram in the encrypt file container provided by the invention;
Fig. 6 is a client terminal structure schematic diagram provided by the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in more detail.
As shown in Figure 1, Fig. 1 is the structured flowchart of supporting distributed encrypted document download and using system simultaneously provided by the invention, and this system comprises that at least one file distribution unit, at least one directory service unit and at least one file use the unit.It is a plurality of arbitrarily that described file distribution unit, directory service unit or file use the unit to have, and in the P2P of reality network, arbitrary node can use the unit as file distribution unit, directory service unit or file.
Wherein, the file distribution unit is used to encrypt the original plaintext file of issue, for adding a file header, the encrypting plaintext file constitutes the encrypt file container for file use unit download, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes.
The file distribution unit further comprises file server, encryption server, encrypt file publisher server and key server.File server, encryption server, encrypt file publisher server and key server are positioned on the same node, perhaps are dispersed on the different nodes effect of the file distribution of having joined together unit.
File server is used to preserve the original plaintext file, and the original plaintext file is offered encryption server.
Encryption server is used to encrypt the original plaintext file that is received from file server and generates the encrypting plaintext file, for adding a file header, the encrypting plaintext file that generates constitutes the encrypt file container, the encrypt file container that constitutes is offered the encrypt file publisher server, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes.
The encrypt file publisher server is used to preserve the encrypt file container that uses the unit to download for file, uses the request of unit to use the unit that the fragment that constitutes the encrypt file container is provided to file according to being received from file.
The encrypt file publisher server also is used for monitoring in real time the distribution situation of directory service unit encrypt file container directory information, whether decision increases the copy number that uses the encrypt file container of unit download for file, under the situation that can't satisfy file use unit downloading request, increase the copy number of encrypt file container.
Key server is used to preserve the decruption key corresponding with the encrypt file container, uses the request of unit to use the unit that the decruption key corresponding with the encrypt file container is provided to file according to being received from file.
The directory service unit is used to safeguard the directory information that uses the encrypt file container of unit download for file, and the query requests of response file use unit, according to the download of file use unit, upgrades corresponding directory information.
Described directory service unit is a LIST SERVER.LIST SERVER uses the information of unit to safeguard to file, after receiving that file uses the request of unit, record or check that file uses the directory information of unit, the request of using the unit according to the parameter that is provided with and file is downloaded the file that the file of same encrypt file container uses the information of unit to return to the request of transmission with subparticipation and is used the unit; After file uses the unit to receive the information that LIST SERVER returns, obtain the information that other file uses the unit, use unit information according to other file that obtains, set up with other file and use being connected between the unit, use unit file in download segment from other file.
File use directory information that the unit is used for downloading the encrypt file container according to the desire that is obtained from the directory service unit from the file distribution unit or alternative document use the unit to download the encrypt file container, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file.
File uses the unit further to comprise client and controller.The directory information that client is used for downloading the encrypt file container according to the desire that is obtained from the directory service unit from the file distribution unit or alternative document use and download the encrypt file container, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file.
Client is further used for providing corresponding directory information according to the situation of downloading the encrypt file container to the directory service unit, and finish the fragment of some encrypt file containers in download after, the encrypt file container fragment of downloading is offered alternative document use the unit to download.
Controller is used to judge that the file reading order of reception is file upload command or local file service routine, if the file upload command is then returned the encrypt file container; If the local file service routine, enabling decryption of encrypted document container then, the original plaintext file that deciphering is obtained returns.Only need preserve the copy of an encrypted form of file like this in client.
Based on the described structured flowchart of supporting distributed encrypted document download and using system simultaneously provided by the invention of Fig. 1, for distributed encrypted document download and the using system supported simultaneously provided by the invention more clearly is described, Fig. 2 shows the schematic diagram of supporting distributed encrypted document download and using system simultaneously provided by the invention.
Traditional FTP downloading mode uses ICP/IP protocol, all is earlier file to be put on the server, and then is sent to by server on every user's the machine.If therefore the number of users of synchronization download is too many, certainly will have influence on all users' speed of download, if the certain user has used the multithreading download, that is just more serious to influence of bandwidth, and therefore nearly all Download Server all has number of users and the restriction of aspect such as high speed of download.Because above-mentioned,, also be difficult to reach the highest speed of download that operator makes a promise usually even you use is broadband networks.
During download, client is at first visited LIST SERVER, obtains directory information.LIST SERVER is responded download person's request, and other download persons of download person are provided the IP of (comprising the publisher).Download person connects other download persons again, and according to directory information, both inform the piece that the other side oneself has had respectively, exchange the data that the other side does not have then.For example the encrypt file publisher server has been divided into N part with a file, there are first, second, third, four users of fourth to download simultaneously, can't download all parts of this file so fully from server, downloaded the part of finishing but from other users' machine, download selectively according to actual conditions.For example first has been downloaded part 1, second has been downloaded part 2, third will from the machine of first, download part 1 so, from the machine of second, download part 2, certain first, second, three users of fourth also download corresponding part at the same time from third machine, this has just alleviated the load of encrypt file publisher server greatly, also accelerated third speed of download simultaneously, that is to say both file in download on other user's computer of every computer of participating in download, simultaneously self also provide download to other users, therefore the number of users that participates in download is many more, and speed of download is also high more.
In the P2P network, encrypt file publisher server, LIST SERVER and client can be a plurality of arbitrarily, and promptly arbitrary node can be that the encrypt file publisher server is to other node file publishings; LIST SERVER provides directory service; The client downloads file uses file.
The schematic diagram of distributed encrypted document download and using system is provided when providing based on the invention described above, and the use flow process of system is as follows:
1. file distribution person:
Collect the file that needs issue;
Generate a random number, as the encryption key of file, with original document with encryption keys after, add file header.Constitute a document container.
At this document container, generate directory information, directory information is submitted to LIST SERVER, and provide P2P download message source for this encrypt file of client downloads.
The distribution situation of the file publishing under the encrypt file publisher server is monitored in the LIST SERVER simultaneously in real time determines whether increasing the copy number for file using system downloaded files.
2. LIST SERVER
A) be responsible for the directory information of safeguarding that all provide the encrypt file of download, and response user's query requests.
B), upgrade corresponding directory information according to the download of client
3. key server
The user capture key server obtains the encryption key of file.
4. client
At first visit LIST SERVER, after obtaining to desire the directory information of downloaded files, just can know the segment that this file is arranged on which node by directory information, then start the download of file being carried out the P2P mode, after downloading end, at first read file header information, acquisition obtains the URL of the server of decruption key.The access key server obtains decruption key then, and the enabling decryption of encrypted file obtains original clear text file.Client provides uploading of file can also in file in download other client.Client has a controller, judge that by controller the reading order to file is from file upload command or local file service routine, if then encrypt file is returned, if the local file service routine then will behind the file decryption be returned the plaintext of file from the reading order of file.Only need preserve the copy of an encrypted form of file like this in client.
The making of encrypt file container
1. generate random number as file encryption key, use the secret key encryption file.
2. deposit key and file ID in SQL database, for providing key later on to relevant file using system.
3. become the encrypt file container after the file of encrypting being added file header, as the information source of P2P download;
4. the content according to this encrypt file container generates corresponding directory information, sends to LIST SERVER.
P2P encrypt file distribution protocol
P2P encrypt file distribution protocol is discerned content by URL, and can be seamless carry out alternately with web.It is based on http protocol, and its advantage is: if the same file of the concurrent download of a plurality of download persons is arranged, so, each download person also is other download person's upload file simultaneously, like this, file source can support a large amount of users to download, and only brings the growth of suitable load.Because a large amount of loads is balanced in the whole system, so provide the load of the machine of source file to have only a small amount of growth.
P2P encrypt file distribution protocol overall structure as shown in Figure 3, Fig. 3 is a P2P encrypt file distribution protocol overall structure schematic diagram.
The each several part of system is formed
Directory information
Comprised the necessary information of file in download.
Seed
After the publisher has made encrypt file container and directory information, just can upload, be exactly as seed (file source), and other users just can be from file in download here.
Client
Client is communicated by letter with LIST SERVER, the function of LIST SERVER:
1, directory information is obtained the details of wanting downloaded files, and creates empty file on disk.
2, connect with LIST SERVER, and interaction message.
3, according to the information that obtains from LIST SERVER, connect, and download the file fragment that needs with other client
4, monitor certain port, wait for the connection of other client, and uploading of file fragment is provided.
Related protocol
Concerning client, it need handle two kinds of agreements:
1, with the agreement of the mutual directory information of LIST SERVER.
2, with the mutual peer protocol of other client.
LIST SERVER
LIST SERVER is necessary role during P2P downloads.Client is being downloaded beginning and is being downloaded in the process of carrying out, otherwise communicating with LIST SERVER of stopping, reporting the information of oneself, and obtains the information of other download client.This communication is undertaken by http protocol, and its process is such: client is sent out the GET request of a HTTP to LIST SERVER, and its information is placed in the parameter of GET.
LIST SERVER is safeguarded all download persons' information, after it receives a request, at first the other side's information is noted (if place on record, whether need upgrade) if so just checking, the information that then a part (being not all, according to the parameter that is provided with and download person's request) is participated in downloading the download person of same file (LIST SERVER can be safeguarded the download of a plurality of files simultaneously) returns to the other side.
Client just can be obtained other download person's information after the response of receiving LIST SERVER, it just can connect with other download person according to these information so, from they there file in download segments.
P2P encrypt file distribution protocol and existing P 2P file distributing agreement are compatible fully, can directly adopt existing P 2P file distributing agreement in the time of specific implementation, as the BT agreement.
The encrypt file container
The encrypt file container is with the original plaintext file encryption, adds the descriptive information that some are necessary at the original plaintext file of encrypting, i.e. file header, and packing forms then.
As shown in Figure 4, Fig. 4 is the schematic diagram of encrypt file container provided by the invention, and this encrypt file container comprises:
File identifier is used to show specific file format, can specify specific arbitrary string;
Version number is used to show the version of encrypt file container;
Item number is used to show follow-up number to encrypt file Container Description information;
Entry name is used to show the title of project;
Type is used to show the type of item value, for example is character string or integer etc.;
Be worth, be used to show the value of project;
The content of encrypting is used to show the file content of original plaintext file after encrypted;
Identifying code is used to show the identifying code of encrypt file container.
The present detailed programs of supporting of encrypt file container as shown in Figure 5, Fig. 5 is the project definition schematic diagram in the encrypt file container provided by the invention.
The structure of client when the P2P file is downloaded, directly writes the downloaded files segment hard disk (1) as shown in Figure 6.When client provides uploading of file fragment or local program to use this file, the order of reading file at first must send to a controller, and controller judges that at first this read command is to upload program (2) or from local file service routine (8) from file.If the read command of uploading program from file, then controller sends read command to encrypt file container (3), and the content of the file that reads is directly returned (4).If from the read command of local file service routine, then controller sends read command to encrypt file container (6), and the encrypt file content through reading returns to deciphering module (7), and encrypt file returns plaintext (8) after deciphering.
Above-described specific embodiment; purpose of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the above only is specific embodiments of the invention; be not limited to the present invention; within the spirit and principles in the present invention all, any modification of being made, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (9)
1. support distributed encrypted document download and the system that uses simultaneously for one kind, it is characterized in that this system comprises:
At least one file distribution unit, be used to encrypt the original plaintext file of issue, for adding a file header, the encrypting plaintext file constitutes the encrypt file container for file use unit download, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes;
At least one directory service unit is used to safeguard the directory information that uses the encrypt file container of unit download for file, and the query requests of response file use unit, according to the download of file use unit, upgrades corresponding directory information;
At least one file uses the unit, be used for downloading the directory information of encrypt file container from file distribution unit download encrypt file container according to the desire that is obtained from the directory service unit, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file.
2. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 1 is characterized in that described file distribution unit comprises:
File server is used to preserve the original plaintext file, and the original plaintext file is offered encryption server;
Encryption server, be used to encrypt the original plaintext file that is received from file server and generate the encrypting plaintext file, for adding a file header, the encrypting plaintext file that generates constitutes the encrypt file container, the encrypt file container that constitutes is offered the encrypt file publisher server, and, the directory information that generates is submitted to the directory service unit at the encrypt file container generation directory information that constitutes;
The encrypt file publisher server is used to preserve the encrypt file container that uses the unit to download for file, uses the request of unit to use the unit that the fragment that constitutes the encrypt file container is provided to file according to being received from file;
Key server is used to preserve the decruption key corresponding with the encrypt file container, uses the request of unit to use the unit that the decruption key corresponding with the encrypt file container is provided to file according to being received from file.
3. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 2, it is characterized in that, described encrypt file publisher server is further used for monitoring in real time the distribution situation of encrypt file container directory information in the directory service unit, whether decision increases the copy number that uses the encrypt file container of unit download for file, under the situation that can't satisfy file use unit downloading request, increase the copy number of encrypt file container.
4. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 2, it is characterized in that, described file server, encryption server, encrypt file publisher server and key server are positioned on the same node, perhaps are dispersed on the different nodes.
5. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 1 is characterized in that described directory service unit is a LIST SERVER;
Described LIST SERVER uses the information of unit to safeguard to file, after receiving that file uses the request of unit, record or check that file uses the directory information of unit, the request of using the unit according to the parameter that is provided with and file is downloaded the file that the file of same encrypt file container uses the information of unit to return to the request of transmission with subparticipation and is used the unit; After file uses the unit to receive the information that LIST SERVER returns, obtain the information that other file uses the unit, use unit information according to other file that obtains, set up with other file and use being connected between the unit, use unit file in download segment from other file.
6. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 1 is characterized in that, described file uses the unit to comprise:
Client, the directory information that is used for downloading the encrypt file container according to the desire that is obtained from the directory service unit from the file distribution unit or alternative document use the unit to download the encrypt file container, the file header of reading encrypted document container obtains the URL at decruption key place, and according to the decruption key place URL access file release unit acquisition decruption key that obtains, the encrypting plaintext file in the enabling decryption of encrypted document container obtains the original plaintext file;
Controller is used to judge that the file reading order of reception is file upload command or local file service routine, if the file upload command is then returned the encrypt file container; If the local file service routine, enabling decryption of encrypted document container then, the original plaintext file that deciphering is obtained returns.
7. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 6, it is characterized in that, described client is further used for providing corresponding directory information according to the situation of downloading the encrypt file container to the directory service unit, and finish the fragment of some encrypt file containers in download after, the encrypt file container fragment of downloading is offered alternative document use the unit to download.
8. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 1 is characterized in that described encrypt file container comprises:
File identifier is used to show specific file format;
Version number is used to show the version of encrypt file container;
Item number is used to show follow-up number to encrypt file Container Description information;
Entry name is used to show the title of project;
Type is used to show the type of item value;
Be worth, be used to show the value of project;
The content of encrypting is used to show the file content of original plaintext file after encrypted;
Identifying code is used to show the identifying code of encrypt file container.
9. the system that supports that simultaneously distributed encrypted document is downloaded and used according to claim 1 is characterized in that described file distribution unit, directory service unit or file use the unit to be the arbitrary node in the network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101125480A CN101132272B (en) | 2006-08-23 | 2006-08-23 | System supporting downloading and using of distributed encrypted document |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101125480A CN101132272B (en) | 2006-08-23 | 2006-08-23 | System supporting downloading and using of distributed encrypted document |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101132272A true CN101132272A (en) | 2008-02-27 |
| CN101132272B CN101132272B (en) | 2010-07-28 |
Family
ID=39129405
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006101125480A Active CN101132272B (en) | 2006-08-23 | 2006-08-23 | System supporting downloading and using of distributed encrypted document |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101132272B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011032393A1 (en) * | 2009-09-21 | 2011-03-24 | 中兴通讯股份有限公司 | System and method for implementing file sharing by utilizing peer to peer technology |
| CN101997896A (en) * | 2009-08-19 | 2011-03-30 | 中兴通讯股份有限公司 | Method and system for issuing document |
| CN101710380B (en) * | 2009-12-22 | 2012-04-25 | 中国软件与技术服务股份有限公司 | Electronic document safety protection method |
| CN102780702A (en) * | 2012-07-30 | 2012-11-14 | 北京市计算中心 | System and method for document security transmission |
| CN103516702A (en) * | 2012-06-29 | 2014-01-15 | 北京新媒传信科技有限公司 | Symmetrical encryption method and system and central server |
| CN105518679A (en) * | 2015-03-26 | 2016-04-20 | 北京旷视科技有限公司 | Image management method and image synchronization method |
| CN109886047A (en) * | 2019-03-21 | 2019-06-14 | 腾讯科技(深圳)有限公司 | File encryption treating method and apparatus |
| CN114221769A (en) * | 2021-11-12 | 2022-03-22 | 联奕科技股份有限公司 | Software authorization permission control method and device based on container |
| CN116232773A (en) * | 2023-05-09 | 2023-06-06 | 北京拓普丰联信息科技股份有限公司 | Information release method, device, equipment and medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020162109A1 (en) * | 2001-04-26 | 2002-10-31 | Koninklijke Philips Electronics N.V. | Distributed storage on a P2P network architecture |
| CN100459497C (en) * | 2004-06-18 | 2009-02-04 | 千橡世纪科技发展(北京)有限公司 | Method and method for realizing document accelerated download |
-
2006
- 2006-08-23 CN CN2006101125480A patent/CN101132272B/en active Active
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997896A (en) * | 2009-08-19 | 2011-03-30 | 中兴通讯股份有限公司 | Method and system for issuing document |
| CN101997896B (en) * | 2009-08-19 | 2013-06-05 | 中兴通讯股份有限公司 | Method and system for issuing document |
| WO2011032393A1 (en) * | 2009-09-21 | 2011-03-24 | 中兴通讯股份有限公司 | System and method for implementing file sharing by utilizing peer to peer technology |
| CN101710380B (en) * | 2009-12-22 | 2012-04-25 | 中国软件与技术服务股份有限公司 | Electronic document safety protection method |
| CN103516702B (en) * | 2012-06-29 | 2016-12-07 | 北京新媒传信科技有限公司 | A kind of symmetric encryption method and system and a kind of central server |
| CN103516702A (en) * | 2012-06-29 | 2014-01-15 | 北京新媒传信科技有限公司 | Symmetrical encryption method and system and central server |
| CN102780702A (en) * | 2012-07-30 | 2012-11-14 | 北京市计算中心 | System and method for document security transmission |
| CN105518679A (en) * | 2015-03-26 | 2016-04-20 | 北京旷视科技有限公司 | Image management method and image synchronization method |
| CN109886047A (en) * | 2019-03-21 | 2019-06-14 | 腾讯科技(深圳)有限公司 | File encryption treating method and apparatus |
| CN109886047B (en) * | 2019-03-21 | 2021-01-15 | 腾讯科技(深圳)有限公司 | File encryption processing method and device |
| CN114221769A (en) * | 2021-11-12 | 2022-03-22 | 联奕科技股份有限公司 | Software authorization permission control method and device based on container |
| CN114221769B (en) * | 2021-11-12 | 2023-06-02 | 联奕科技股份有限公司 | Method and device for controlling software authorization permission based on container |
| CN116232773A (en) * | 2023-05-09 | 2023-06-06 | 北京拓普丰联信息科技股份有限公司 | Information release method, device, equipment and medium |
| CN116232773B (en) * | 2023-05-09 | 2023-08-15 | 北京拓普丰联信息科技股份有限公司 | Information release method, device, equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101132272B (en) | 2010-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101132272B (en) | System supporting downloading and using of distributed encrypted document | |
| Lua et al. | A survey and comparison of peer-to-peer overlay network schemes | |
| Isdal et al. | Privacy-preserving p2p data sharing with oneswarm | |
| Androutsellis-Theotokis et al. | A survey of peer-to-peer content distribution technologies | |
| Roos | Identity management on the blockchain | |
| Sunaga et al. | Technical trends in P2P-based communications | |
| Santos et al. | Secure decentralized IoT infrastructure | |
| Lua et al. | ASurvey AND COMPARISON OF PEER-TO-PEER OVERLAY NETWORK SCHEMES | |
| Nallakannu et al. | PSO‐based optimal peer selection approach for highly secure and trusted P2P system | |
| Ravichandran et al. | A survey of data sharing and security issues in P2P networks | |
| Palomar et al. | Security in P2P networks: survey and research directions | |
| Raul et al. | Blockchain technology for decentralized data storage on P2P network | |
| Thakker et al. | Secure and optimal content-centric networking caching design | |
| Janiuk et al. | Secure distributed data structures for peer-to-peer-based social networks | |
| Confais et al. | Characterization of the IPFS Public Network from DHT Requests | |
| Steinebach | File-Sharing and the Darknet | |
| Heen et al. | Distributed and private group management | |
| Jayaraj et al. | Peer-to-Peer File Sharing Systems | |
| Cikryt | Beyond Music File Sharing: A Technical Introduction to P2P Networks | |
| Xu | Research of p2p technology and its application | |
| Tsybulnik et al. | Centralized security labels in decentralized P2P networks | |
| Ye et al. | A multicast based anonymous information sharing protocol for peer-to-peer systems | |
| Marceau et al. | A peer-to-peer architecture for secure data storage with query | |
| Daniel et al. | Exploring the design space of privacy-enhanced content discovery for bitswap | |
| Yang et al. | Interaction mechanism between blockchain and IPFS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |