CN101159556B - Group key server based key management method in sharing encryption file system - Google Patents
Group key server based key management method in sharing encryption file system Download PDFInfo
- Publication number
- CN101159556B CN101159556B CN2007101770687A CN200710177068A CN101159556B CN 101159556 B CN101159556 B CN 101159556B CN 2007101770687 A CN2007101770687 A CN 2007101770687A CN 200710177068 A CN200710177068 A CN 200710177068A CN 101159556 B CN101159556 B CN 101159556B
- Authority
- CN
- China
- Prior art keywords
- key
- file
- server
- user
- group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000007726 management method Methods 0.000 title claims abstract description 137
- 238000000034 method Methods 0.000 claims abstract description 33
- 230000008569 process Effects 0.000 claims abstract description 23
- 230000006854 communication Effects 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 claims abstract description 19
- 230000004044 response Effects 0.000 claims description 16
- 230000006870 function Effects 0.000 claims description 9
- 238000004364 calculation method Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 5
- 230000008859 change Effects 0.000 claims description 4
- 239000000284 extract Substances 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 claims description 2
- 230000015572 biosynthetic process Effects 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 6
- 239000000470 constituent Substances 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000012423 maintenance Methods 0.000 description 2
- 230000009897 systematic effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 239000008358 core component Substances 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a key server-based key management method in an encrypting file system and belongs to the filed of storage safety. The invention is characterized in that a group key server processes each key management request in the system and performs strict check for user identification and access authority; a user terminal sends a key operation request to the group key server; the organized key information, based on extended access control list, comprises a file key, a user ID and an access authority; the group key server protects the confidentiality and integrity thereof by using the privacy key itself; the user terminal realizes the key cache function and reduces the frequency of communication with the group key server; the system can cancel the key by using the delay encryption technique, postpone the time of file re-encryption until the file content is updated, and minimize the influence of key cancel operation on the system performance.
Description
Technical field
Belong to the storage security field based on the key management method in the shared encrypted file system of group key server, relate in particular to key management technology field wherein.
Background technology
Shared encrypted file system is the method that realizes network storage safety at file system layer, and it provides safety end to end, and promptly file data is stored on the file server after encrypting, and all operations that relate to file encryption-decryption are all finished in client in the system.What store on the file server is encrypt data, can prevent the leakage of information because of system is invaded or keeper's unauthorized operation causes.Simultaneously, server end does not participate in the heavy encryption and decryption operation of amount of calculation, and its operating load can not be affected.The subject matter that shared encrypted file system is faced is key management, comprise key establishment, access, distribute and cancel.Traditional key management method has two kinds: a kind of is to realize in client, by the user be responsible for safeguarding with dissemination system in all keys.This method has increased burden for users, and is unpractical in having the storage system of heap file.A kind of improved method is that the file that will have identical access rights carries out grouping management, is the related key of each file group, and this method has reduced the number of keys that the user need safeguard, but has increased the complexity of cipher key revocation.Another kind of key management method is to realize that at the file server end have the user of file access authority for each, the public key encryption file key that the file owner uses this user leaves the result on the server in as file metadata.The user who only has corresponding private key just can restore the file key, thus the access file data.The quantity of the key metadata that this method need be stored increases rapidly along with the increase of number of users, and because to have adopted public key encryption algorithm, user to obtain computing cost that the file key pays more than what to adopt symmetric key algorithm big.Also lack control in traditional key management method, make this become the hidden danger that threatens system safety cipher key operation.
The present invention proposes a kind of key management method, solved the problems referred to above effectively based on the group key server.
Summary of the invention
The object of the present invention is to provide a kind of in sharing encrypted file system the method for managing keys, all operations that relate to key management in the system are separated, give independent group key server process, the latter realizes centralized control to cipher key operation by authenticating user identification and access authoritychecking.The organizational form that focuses on key information of the present invention, the design of group key server and the realization of each cipher key operation.
The invention is characterized in that it is to realize, contains in this system in the shared encrypted file system that is made of following equipment:
The front end main frame, the client of encrypted file system is shared in operation, provide the file access interface to the user, the key management client modules on the main frame sends cipher key operation and authenticating user identification request to following group key server, and the encryption and decryption module is responsible for the encryption and decryption file data;
The group key server is carried out the various cipher key management operation that the key management client is sent, and the user is implemented strict authentication and file access scope check;
Meta data server is file metadata, comprise that key provides the rear end storage, and the forward end main frame provides the metadata service;
Data server, the file data behind the storage encryption.
The said equipment connects by Ethernet, uses ICP/IP protocol to communicate.
Describedly contain following steps successively based on the key management method in the shared encrypted file system of group key server:
Step 1: make up software module
The key management client modules provides a cover cipher key operation interface for application layer and file system layer, will become concrete operation requests from the key management command conversion on upper strata, sends to the group key server by the bottom-layer network communication interface and carries out; It has safeguarded user authentication information, proves user identity to the group key server when carrying out cipher key operation; The encryption and decryption module is a kernel module between file system client and bottom block device drive, and is responsible for the encryption and decryption file data.
The running software of group key server is made up of one group of kernel program in the linux system, comprising:
Administrator interface is the interface of keeper's executive system administration order.Mainly comprise establishment, cancel user and group, change user right, configuring network interface etc.
Host interface, be responsible for the front end main frame on the key management client communication.The various key management requests that the key management client is sent send to host interface by network, and the latter therefrom extracts user identity and key information, give described authentication module and key management module respectively and handle.The result that the group key server is carried out cipher key operation also returns to the key management client via host interface.
Authentication module is responsible for authenticated user identity before the process key operation.The group key server adopts kerberos authentication mechanism, by authentication module to user's granted access permission ticket, and the session key of maintenance and telex network.Access ticket is the voucher that the user asks the group key server service, and session key is used to protect the safety of transmission of messages between user and the group key server.
Key management module is responsible for carrying out various cipher key operation, is the core that the group key server is realized key management.It adopts file extent Access Control List (ACL) constituent act key information.Described tabulation comprises file key and user capture list items two parts.Each list items has write down its ID and access rights corresponding to a user of file.The privacy key that key management module is used the group key server guaranteeing its confidentiality, and uses hmac algorithm that the file extent Access Control List (ACL) is calculated message authentication code to guarantee its integrality to the file secret key encryption.When carrying out cipher key operation, key management module uses the information in the list items that the user is carried out scope check, prevents unauthorized operation.
Network communication module, the end main frame carries out tcp/ip communication in front of being used for.
Step 2: start the group key server, load and initialization key administrative client module and encryption and decryption module, create user and group
To overall identification of system registry, and create a privacy key and an authenticate key behind the group key startup of server, be respectively applied for key management and authentication.The system manager creates user and group, and the group key server carries out SHA-1 to user cipher and calculates, with the result as user's privacy key and be kept at this locality, in order in verification process, using.Key management client modules and encryption and decryption module all are kernel modules, can dynamically be loaded into the client kernel spacing.The communication interface of configuring cipher key administrative client, foundation is connected with the group key server, and its overall identification is kept in the local file.
Step 3: the user signs in to system, and the group key server is to user's granted access permission ticket and session key, and its step is as follows:
Step 3.1: the user sends logging request by the key management client to the group key server;
Step 3.2: the group key server uses the Kerberos function to generate an access ticket and session key as the user, the two is encapsulated in returns to the key management client in the response message, and this response message is used user's secret key encryption;
Step 3.3: key management Client-Prompt user inputs password, uses SHA-1 to calculate user's privacy key, and the response message that deciphering is received is kept at access ticket and session key in the local file.
Step 4: when application layer or file system layer sent the key management request, system realized cipher key operation as follows:
Step 4.1: the key management client obtains the file extent Access Control List (ACL) from meta data server;
Step 4.2: the key management client uses access ticket to initiate the two-way authentication request to the group key server, and the content of message request is used described session key;
Step 4.3: the group key server comes the authenticated user identity by checking access ticket, returns oneself authentication information to the key management client, and this information is used session key equally;
Step 4.4: the key management client is used session key decrypt, the identity of authentication group key server.After authentication, the key management client sends the cipher key operation request to the group key server, has comprised user ID in the request, concrete operational order and file extent Access Control List (ACL);
Step 4.5: the group key server uses the message authentication code of privacy key and hmac algorithm calculation document extended access list to verify its integrality, uses the Access Column list item of respective user to check its access rights, carries out corresponding cipher key operation:
Step 4.5.1: for the key request to create, the group key server generates new encryption key and affirmation-signature key and uses its secret key encryption, the ID and the access rights of user and place group thereof are added in the extended access list, at last whole file extent Access Control List (ACL) is carried out message authentication code and calculate;
Step 4.5.2: for key distribution and cipher key revocation request, the group key server adds or deletes the list items of relative users in the file extent Access Control List (ACL), and recomputates message authentication code;
Step 4.5.3: obtain (obtain deciphering after file key) request for key, the group key server uses its privacy key to the file secret key decryption;
Step 4.5.4: the group key server is to the execution result of key management client " return " key" operation, creates, distributes and cancel operation for key, and what return is newly-generated file extent Access Control List (ACL); For the file cipher key acquisition request, return be the deciphering after the file key;
Step 4.6: the key management client is saved in the file extent Access Control List (ACL) of returning on the meta data server, and the file cipher key cache after the deciphering is used for the encryption and decryption module in this locality.
Step 5: after certain file was implemented cipher key revocation, other users of file will encrypt this document again when the transaction file content, and its step is as follows:
Step 5.1: the key management client obtains the file extent Access Control List (ACL) from meta data server, sends the key request to create to the group key server;
Step 5.2: the group key server set by step 4.5 described authenticating documents extended access lists integrality and check user right after, create new file key, and recomputate the value of message authentication code, amended tabulation is returned to the key management client;
Step 5.3: the encryption and decryption module on the front end main frame is used new file key encrypt file again, and by the key management client described tabulation is kept on the meta data server;
Step 5.4: the group key server sends the key invalidation request to other users of file, notifies the key of user's this document to be changed;
Step 5.5: other users' key management client abandons the key that is buffered in local this document, returns response to the group key server.
The present invention tests in the department of computer science, Tsinghua university high-performance.The result shows, significantly reduced the shared memory space of key metadata based on the key management method in the shared encrypted file system of group key server, the user only need pay the file key encryption and decryption file after less computing cost can obtain deciphering, the group key server can be implemented concentrated control, the fail safe that has effectively improved system to cipher key operation.
Description of drawings
Fig. 1. based on the hardware structure diagram of the shared encrypted file system of group key server.
Fig. 2. based on the software architecture diagram of the shared encrypted file system of group key server.
Fig. 3. the data structure diagram of file extent Access Control List (ACL).
Fig. 4. the encryption and decryption process schematic diagram of counter mode.
Fig. 5. cipher key operation process schematic diagram.
Fig. 6. cipher key revocation process schematic diagram.
Fig. 7. program flow chart of the present invention.
Embodiment
Shared encrypted file system based on the group key server mainly is made up of front end main frame, group key server, meta data server and data server.Its hardware configuration as shown in Figure 1.
The file system client that moves on the front end main frame provides various file service to the user.The group key server is responsible for cipher key management operation all in the executive system, and implements strict authenticating user identification and file access control, guarantees the legitimacy of cipher key operation.Metadata of all files in the meta data server maintenance system comprises the file key, and provides various metadata services for the front end main frame.File data storing after the encryption is on data server.Each part of system uses Ethernet to connect, and communicates by TCP/IP.
Based on the software configuration of the shared encrypted file system of group key server as shown in Figure 2.File system client on the front end main frame is handled the various file access requests that application layer is sent, the metadata operation that wherein relates to and the data manipulation communication interface by bottom is mail to meta data server respectively and data server is carried out, tissue by file system client, leave file on the data server in just as local file, can be user capture easily.
The encryption and decryption module is the nucleus module that carries out the plain/cipher text data transaction in the system between file system client and bottom block device Drive Layer.The encryption and decryption module adopts the aes algorithm encryption and decryption file of the counter mode of 128 keys.When file system client execute file write operation, data are intercepted and captured by the encryption and decryption module before being addressed to the driving of bottom block device, the latter uses the secret key encryption file, and encrypt data is mail to the bottom block device, by the network service layer data is saved in the remote data server again; When reading file, the file data after the block device driving on the front end main frame obtains to encrypt from data server by network through the encryption and decryption module decrypts, returns to file system client with clear data.
Key management client and group key server are the core components of managing keys in the system.Share establishment, access that the cipher key management operation that relates in the encrypted file system comprises key, distribute and cancel, these operations usually with various file access operational contact together.As: system need create and the storage file key when creating file; When reading and writing of files, need obtain the file key; When a plurality of shared among users file, need distribute or cancel the file key.The key management client is accepted the key management request that application layer and file system client are sent, and converts concrete command operation to and sends on the group key server and carry out, and key information is kept on the meta data server.In addition, the key management client has also been safeguarded user's ID authentication information, when cipher key operation and the group key server carry out two-way authentication.
The group key server is the executor of cipher key management operation in the system, also is the implementer of authenticating user identification and file access control, and it has also safeguarded all users and the group information in the system simultaneously.Except the network service assembly of necessity, the group key server mainly is made up of 4 modules: administrator interface, host interface, authentication module and key management module.
Administrator interface is the interface of keeper's executive system administration order.Mainly comprise establishment, cancel user and group, change user right, configuring network interface etc.
Host interface, be responsible for the front end main frame on the key management client communication.The various key management requests that the key management client is sent send to host interface by network, and the latter therefrom extracts user identity and key information, give described authentication module and key management module respectively and handle.The result that the group key server is carried out cipher key operation also returns to the key management client via host interface.
Authentication module is responsible for authenticated user identity when process key is operated.The group key server adopts kerberos authentication mechanism, is user's granted access permission ticket by authentication module, and safeguards the session key between group key server and user.Wherein, access ticket is the voucher that the user asks the group key server service, and session key is used to protect the safety of transmission of messages between user and the group key server.
Key management module is responsible for carrying out various cipher key operation, is the core that the group key server is realized key management.It adopts file extent Access Control List (ACL) constituent act key information, and the confidentiality of the privacy key protected file key of use group key server and the integrality of whole Access Control List (ACL).Key management module is also carried out scope check to the user before carrying out cipher key operation, prevent unauthorized operation.
As mentioned above, system adopts the file extent Access Control List (ACL) to realize key management, and its data structure as shown in Figure 3.The file extent Access Control List (ACL) produces when the group key server is created key information, with the beginning of file key, and a plurality of Access Column list items of heel, each list items has write down its ID and access rights corresponding to a file user.The group key server is two kinds of keys of document creation: encryption key and affirmation-signature key.Encryption key is 128 symmetric keys, is produced by the system random number generating function, is used for the encryption and decryption file data, and the Confidentiality protection of file content is provided; Affirmation-signature key is a pair of public affairs-private key, is produced by RSA Algorithm, is used for the hashed value of file content is confirmed and signed, and the integrity protection of file content is provided.The starting point of using affirmation-signature key is to distinguish the reader and the person of writing of file, and fine-grained file access control is provided.The group key server is only authorized signature key to the file person of writing, and latter's hashed value to file content after having write file is signed.The reader does not have signature key, and this walks around that access control mechanisms on the data server writes file by force and situation about not being detected with regard to having been avoided the user.
System has adopted the aes algorithm encryption and decryption file data of counter mode.Its process signal as shown in Figure 4.Expressly (ciphertext) splitted into the data block of fixed size, and its size is determined by cryptographic algorithm.Expressly (ciphertext) piece is corresponding to a vector value for each, and this value can add that data block number obtains by an initial vector value.Counter mode uses cryptographic algorithm to encrypt this vector value, makes the step-by-step XOR with plaintext (ciphertext) piece, obtains corresponding ciphertext (expressly) piece.The benefit of usage counter pattern encryption and decryption file is, identical plaintext is not necessarily corresponding to identical ciphertext, and do not have dependence between the data block, can carry out the encryption and decryption operation each other independently, helps the random read-write of data block.System is used for the counter mode encryption and decryption for initial count value of each file association, and this value is generated when creating key information by the group key server with the file key.
List items in the file extent Access Control List (ACL) has write down the user ID and the access rights (reading and writing, execution etc.) of this document.Each list items is one 32 a value, the ID of its low 24 bit representation users or group, and most-significant byte is represented access rights.The user is when creating file, and the group key server is created the file key, the ID of recording user and place group thereof in list items, and set separately access rights according to the mask value of system.The file extent Access Control List (ACL) has been simplified cipher key operation, for example when the file owner wish and other users or the group shared file, or when wishing to cancel the file access authority of certain user or group, the group key server is as long as add or the list items of deletion relative users.
The file extent Access Control List (ACL) is stored on meta data server as the extended attribute of file.The security risk that faces with file data is the same, and the file extent Access Control List (ACL) also can be stolen or distort by the malicious user on the network, therefore needs the confidentiality and integrity protection equally.The group key server uses the privacy key of oneself that the file key is done symmetrical the encryption, and uses hmac algorithm that message authentication code is carried out in whole tabulation and calculate, and end value is attached to tabulation at last.The privacy key of group key server generates when starting.The user need send to the file extent Access Control List (ACL) group key server when reading and writing of files, the file key after the deciphering is authorized in request; And the group key server is all wanted earlier the file extent Access Control List (ACL) to be carried out message authentication code and is calculated to verify its integrality before carrying out any cipher key operation.
Traditional shared encrypted file system adopts cipher key list constituent act key information, and its structure and extended access list are similar, but each list items in the cipher key list has also comprised the file key that uses client public key to encrypt except that user ID.Following table has contrasted the key metadata quantity that these two kinds of set of cipher key organization methods need be stored.The read-write number of users of supposing file respectively accounts for half, and symmetric key accounts for 128, and public affairs-private key respectively accounts for 1024, and message authentication code accounts for 32.
| 10 users | 20 users | 50 users | |
| The file extent Access Control List (ACL) | 332 bytes | 372 bytes | 792 bytes |
| Cipher key list | 1132 bytes | 1972 bytes | 4492 bytes |
Obviously, compare with cipher key list, the file extent Access Control List (ACL) has significantly reduced the stored number of key metadata, and owing to adopted symmetric encipherment algorithm protected file key, and its computing cost is than little many of public key algorithm.
Key management client and group key server communicate by Ethernet by communication interface separately.Communication is base unit with the session, and a complete session is made up of two parts:
1. request: the end by traffic model sends a request package, packet header+data (if there is) to an other end
2. reply: when an other end is asked, just carry out this request, and return the execution result of a packet header+data (if there is)
If communication failure is just thought in the change of not replying in official hour, no longer wait for, think this communication process failure.
The request type that relates to cipher key operation in the system mainly contains:
LOGIN signs in to the group key server
LOGOUT withdraws from from the group key server
The AUTHENTICATE authentication
CREATE_KEY creates the file key
GET_KEY obtains the file key after the deciphering
DISTRIBUTE_KEY gives certain user's distribution of document key
REVOKE_KEY cancels certain user's file key
INVALIDATE_KEY makes the file key of client-cache invalid
Generate a privacy key and an authenticate key behind the group key startup of server, be respectively applied for key management and authentication.The system manager creates user and group on the group key server, and by the user login password is set.The group key server is used for cipher key operation process authenticated user identity for each user safeguards a privacy key.This privacy key uses the SHA-1 algorithm computation to generate by the login password to the user, and is preserved by the group key server.In addition, to overall identification of system registry, the key management client identifies by this and discerns the group key server group key server when starting.
The user also will login the group key server when login system, at this moment key management client sends the LOGIN request to the group key server, as the part of verification process, the group key server is beamed back an access ticket to the key management client in response, be kept at this locality by the user.This bill is the key management client voucher of access group key server subsequently, and its content and login process will describe in detail in the back.For guarantee and the user between the safety of session, the group key server also generates a session key and is distributed to the user, subsequently and all message of transmitting between this user all with this session key to guarantee transmission safety.
The cipher key operation process as shown in Figure 5.The key management client at first obtains the file extent Access Control List (ACL) from meta data server.Before sending concrete cipher key operation request, the key management client is initiated a mutual authentication process earlier.The key management client sends the AUTHENTICATE request to the group key server, has comprised access ticket and subscriber identity information in the request.The group key server is verified the user by checking access ticket, and comprises the identity information confession key management client certificate of oneself in response.After two-way authentication finishes, the key management client sends cipher key operation request (GET_KEY, REVOKE_KEY etc.) to the group key server, the group key server is carried out corresponding operating, the key information of necessity is included in returns to the key management client in the response.
When the user carried out cipher key operation, the key management client sent request to the close server of group, has comprised user ID in the request package, concrete operations order (GET_KEY, REVOKE_KEY etc.) and file extent Access Control List (ACL).The key management client is used the safety of session key request package with the protection transmission of messages.After the group key server receives request package, using privacy key that the file extent Access Control List (ACL) is carried out message authentication code calculates to verify its integrality, and the user is made access authoritychecking according to the list items content, carry out corresponding cipher key operation according to different command request then.Ask for CREATE_KEY, the group key server generates new file key and uses its secret key encryption, the ID and the access rights of user and place group thereof are added in the file extent Access Control List (ACL), use privacy key and hmac algorithm that message authentication code is carried out in whole tabulation at last and calculate; For DISTRIBUTE_KEY and REVOKE_KEY request, the group key server adds or deletes the list items of relative users in the file extent Access Control List (ACL), and calculates new message authentication code; For the GET_KEY request, the group key server uses privacy key to the file secret key decryption.For CREATE_KEY, DISTRIBUTE_KEY and REVOKE_KEY request, what the group key server returned to the key management client is newly-generated file extent Access Control List (ACL); For GET_KEY request, what return is file key after the deciphering.The response message that returns uses session key equally.
The user at first needs to send GET_KEY by the key management client and asks to the group key server when reading and writing of files, obtains the file key after the deciphering.When file system client carries out read-write operation continually, and a large amount of network service will greatly influence systematic function between the group key server communication.System has adopted the cipher key cache method to avoid this situation.File system client is carrying out the first time during read-write operation, with the file cipher key cache of returning, will directly use file key in the buffer memory to the read-write operation of identical file later on, need not and the group key server communication again.
For the cipher key revocation operation, it is not enough only changing the file extent Access Control List (ACL), also needs encrypt file content again.System has adopted the delay encryption technology, when postponing till next time write operation again the opportunity of encrypt file and take place.Whole cipher key revocation operating process as shown in Figure 6.Saved the mutual authentication process of key management client and group key server among the figure.At first key management client sends the REVOKE_KEY request to the group key server, after the latter makes necessary scope check, in the deleted file extended access list corresponding to the list items that is undone cipher key user, recomputate the message authentication code value of described tabulation, return response to the key management client.When the write operation that takes place next time this document, the key management client sends the CREATE_KEY request to the group key server, and original file extent Access Control List (ACL) is sent in the past.The group key server generates new file key, replaces original file key in the tabulation, and recomputates message authentication code, and new file extent Access Control List (ACL) is returned to the key management client.Encryption and decryption module on the front end main frame is used new key encrypt file again, and by on the described meta data server of tabulating of key management client storage.Since other users of file may be at its client-cache old file key, so the group key server sends the INVALIDATE_KEY request according to the front end main frame of the user ID information in the file extent Access Control List (ACL) to these user places, the key of notice key management client this document is changed.The latter abandons the old key in the buffer memory, returns response to the group key server.
In order to guarantee the safety of whole system, the group key server needs to determine the real user identity of key management client before carrying out cipher key operation, simultaneously, the key management client also to confirm oneself be with real group key server communication.System has adopted kerberos authentication mechanism that this assurance is provided, and whole authentication process is divided into two stages.When the phase I occurred in the user and signs in to system, its process was as follows:
1, the user signs in to the group key server.The key management client sends the LOGIN request to the group key server, comprises user ID in the request package, the overall identification of group key server and a timestamp;
2, the group key server uses the Kerberos function to generate a session key and an access ticket as the user.Comprise session key in this bill, user ID, the overall identification of group key server, the life span of bill and a timestamp, and use the authenticate key of group key server to encrypt.Comprised session key in the response message of group key server, access ticket and a timestamp return to the key management client after this message use user's the secret key encryption;
3, key management Client-Prompt user imports login password, uses the SHA-1 algorithm computation to generate privacy key to this password, decrypts session key and access ticket, and the two is kept in the local file, abandons privacy key.
When the second stage of verification process occurred in key management client-requested cipher key operation, its process was as follows:
4, key management client sends the AUTHENTICATE request to the group key server, initiates two-way authentication.Comprise access ticket in the request package, the overall identification of user authentication information and group key server.User authentication information has comprised user ID and a timestamp, uses session key;
5, the group key server uses authenticate key deciphering access ticket, obtains the session key with this user, and the latter can be used for the decrypted user authentication information.User ID in group key server comparison access ticket and the user authentication information is come the identity of authenticated user.If by authentication, the group key server has comprised the timestamp in the user authentication information to key management client echo reply message in the message, use session key;
6, key management client can be determined the authenticity of group key server identity by the timestamp in the user authentication information in timestamp in the comparison response message and the step 5.
After by two-way authentication, key management client and group key server begin normal cipher key operation session, and the message that transmits in the communication process is all used session key.In the term of validity of access ticket, the key management client only need be carried out the verification process of second stage when the request cipher key operation; Otherwise if access ticket lost efficacy, the key management client need repeat the phase I process, to the new access ticket of group key server application.
Have following features based on the key management method in the shared encrypted file system of group key server:
(1) the group key server is responsible for the various cipher key management operation in the executive system, and the user implemented strict authentication and file access scope check, all relate to the operation of key all carries out under the monitoring of group key server, has improved Security of the system;
(2) with file extent ACL constituent act key information, reduced the stored number of key metadata, saved memory space; The file extent ACL adopts symmetric key algorithm protected file key, and its computing cost is more much smaller than public key algorithm;
(3) key management client has realized the cipher key cache function, can directly utilize the key-pair file that is buffered in this locality to carry out repeatedly read-write operation, has reduced the number of communications with the group key server;
(4) adopt the delay encryption technology to realize the cipher key revocation operation, when postponing till that write operation takes place the opportunity of re-encrypted file, reduced to greatest extent the impact of re-encrypted operation to systematic function next time.
Claims (4)
1. based on the key management method in the shared encrypted file system of group key server, it is characterized in that this method realizes according to the following steps in sharing encrypted file system:
Step (1). initialization: make up one and connect, use ICP/IP protocol communication by Ethernet, the shared encrypted file system of forming jointly by front end main frame, group key server, meta data server, data server, wherein:
The front end main frame is provided with and shares encrypted file system client, key management client, encryption and decryption module and communication interface, wherein:
Share the encrypted file system client, for the user provides the file access interface, handle the various file access requests that application layer is sent, the metadata operation that wherein relates to and the data manipulation communication interface by bottom is mail to meta data server and data server execution respectively;
The key management client is sent the cipher key operation request and the authenticating user identification request of self-application layer and file system layer to the group key server, and has safeguarded when cipher key operation and the group key server carries out the subscriber identity information that two-way authentication is used;
The encryption and decryption module, between file system client and bottom block device, use Advanced Encryption Standardalgorithm AES encryption and decryption data, conversion plain/cipher text: when the execute file write operation, use the secret key encryption file, mail to the bottom block device after forming ciphertext, through communication interface data are saved in data server again; When the execute file read operation, the encrypt data that obtains from data server is decrypted formation expressly, return to file system client;
The group key server, be provided with administrator interface module, host interface module, authentication module and key management module, to carry out various cipher key management operation and the authenticating user identification request that the key management client is sent on the front end main frame, carry out authenticating user identification and file access scope check, safeguarding all users and group information simultaneously, wherein:
The administrator interface module is the interface of keeper's executive system administration order, carries out following operation: create, cancel user and group, change user right and configuring network interface;
Host interface module, be responsible for the front end main frame on the key management client between communicate by letter, carry out following operation: receive the various key management requests that this key management client is sent from network, therefrom extract user identity and key information, give described authentication module and key management module respectively and handle; The result who the group key server is carried out cipher key operation returns to this key management client;
Authentication module, adopt existing kerberos authentication mechanism, ask the voucher of group key server service to user's granted access permission ticket as the user, also safeguard the session key with telex network simultaneously, with the safety of transmission of messages between protection user and the group key server;
Key management module, adopt the file extent Access Control List (ACL) to realize key management, described tabulation produces when the group key server is created key information, start with the file key, the a plurality of Access Column list items of heel, each list items is corresponding to a user of file, the access rights that write down user ID and set with mask value, wherein, described file key has two kinds: encryption key and affirmation-signature key, encryption key are 128 symmetric keys, are produced by the system random number generating function, be used for providing the Confidentiality protection of file content at the Advanced Encryption Standardalgorithm AES of counter mode encryption and decryption file data; Affirmation-signature key is a pair of public affairs-private key, is produced by public key encryption algorithm RSA, is used for the hashed value of file content is confirmed and signed, and the integrity protection of file content is provided; All readers of file and the person of writing are awarded the affirmation key, and only have the file person of writing to be awarded signature key, avoid the user to walk around access control mechanisms on the data server and write file by force and be not detected; Described tabulation is left on the meta data server as the extended attribute of file.
Step (2). described shared encrypted file system carries out key management according to the following steps:
Step (2.1). the system manager starts the group key server by the administrator interface module, loads and the initialization key administrative client, creates user and group and by the user login password is set; And to create a privacy key and an authenticate key to overall identification of system registry behind the group key startup of server, be respectively applied for key management and authentication; After the system manager creates user and group, group key server hash algorithm SHA-1 safe in utilization does hashed value to each user's login password and calculates, the gained result is kept at this locality as user's privacy key, in order in the authentication process, using; The system manager communicates to connect for setting up one between this key management client and the group key server by the administrator interface module, the overall identification of group key server is kept in the local file of key management client;
Step (2.2). the user signs in to shared encrypted file system according to the following steps, and the group key server is to user's granted access permission ticket and session key:
Step (2.2.1). the user sends logging request by described key management client to the group key server;
Step (2.2.2). group key server calls Kerberos function generates an access ticket and session key for the user, both is encapsulated in the response message of using user's secret key encryption returns to this key management client;
Step (2.2.3). described key management Client-Prompt user inputs password, and hash algorithm SHA-1 safe in utilization does the privacy key that hashed value calculates the user to this password, the response message that deciphering is received, obtain access ticket and session key, be kept in the local file by the user;
Step (2.3). when application layer or file system layer sent the key management request, shared encrypted file system was realized cipher key operation according to the following steps:
Step (2.3.1). the key management client of front end main frame obtains the file extent Access Control List (ACL) from meta data server;
Step (2.3.2). the key management client uses access ticket and subscriber identity information to initiate to use the two-way authentication request of session key to the group key server;
Step (2.3.3). the group key server after approval, returns the authentication information that uses session key by checking that access ticket comes the authenticated user identity information to the key management client;
Step (2.3.4). the authentication information that the key management client uses the session key deciphering to receive, the identity of authentication group key server, after the approval, send the cipher key operation request to the group key server, comprised user ID, concrete cipher key operation order and file extent Access Control List (ACL) in this request;
Step (2.3.5). the group key server use according to the following steps oneself privacy key and the message authentication code of the message authentication code calculation HMAC calculation document extended access list of hash to verify its integrality, use the Access Column list item of respective user in the described tabulation to check access rights, carry out corresponding cipher key operation:
Step (2.3.5.1). for the key request to create, the group key server random number generation function and the RSA Algorithm of calling system respectively generates encryption key and affirmation-signature key, and the secret key encryption of use oneself, again the ID of user and place group thereof and access rights are added in the file extent Access Control List (ACL), use the message authentication code calculation HMAC of privacy key and hash that whole extended access list is carried out message authentication code calculating at last, append end at table;
Step (2.3.5.2). for key distribution and cipher key revocation request, the group key server adds or deletes the Access Column list item of relative users in the file extent Access Control List (ACL), and recomputates message authentication code;
Step (2.3.5.3). for the file key request of obtaining after the deciphering, the group key server uses its privacy key to the file secret key decryption, the user the first time of carrying out file during read-write operation the file cipher key cache of returning with standby;
Step (2.3.5.4). the group key server is to the execution result of key management client " return " key" operation, creates, distributes and cancel operation for key, and what return is newly-generated file extent Access Control List (ACL); For the file cipher key acquisition request, return be the deciphering after the file key;
Step (2.3.6). the key management client is saved in the file extent Access Control List (ACL) of returning on the meta data server, and the file cipher key cache after the deciphering is used for the encryption and decryption module in this locality;
Step (2.4). after certain file was implemented cipher key revocation, other users of this document needed according to the following steps encrypt file again when the transaction file content:
Step (2.4.1). the key management client obtains the file extent Access Control List (ACL) from meta data server, sends the key request to create to the group key server;
Step (2.4.2). the message authentication code of the message authentication code calculation HMAC calculation document extended access list of group key server use privacy key and hash is to verify its integrality, the Access Column list item that re-uses respective user in the described tabulation is checked access rights, then, create the new file key that comprises encryption key and affirmation-signature key, and use its secret key encryption, recomputate the message authentication code of file extent Access Control List (ACL), amended tabulation is returned to the key management client;
Step (2.4.3). the encryption and decryption module on the front end main frame is used new file key encrypt file again, and by the key management client file extent Access Control List (ACL) is kept on the meta data server;
Step (2.4.4). other user keys of group key server notification file are modified, and it is invalid to make it be buffered in local original key;
Step (2.4.5). other users' of file key management client abandons and is buffered in local file key, returns response to the group key server.
2. according to claim 1 based on the key management method in the shared encrypted file system of group key server, it is characterized in that the type of the cipher key operation described in the step (2.3.5) has: sign in to the group key server, from the group key server withdraw from, authentication, establishment file key, obtain file key after the deciphering, give certain user's distribution of document key, cancel certain user the file key, make invalid totally eight kinds of the file key of key management client-cache.
3. according to claim 1 based on the key management method in the shared encrypted file system of group key server, it is characterized in that, described access ticket contains: the overall identification of session key, user ID, group key server, the life span of bill and a timestamp, contain in the response message of group key server: session key, access ticket and a timestamp.
4. according to claim 1 based on the key management method in the shared encrypted file system of group key server, it is characterized in that, the key management client contains to the two-way authentication request that the group key server sends in the step (2.3.2): the overall identification of access ticket, user authentication information and group key server, user authentication information contains: user ID and a timestamp.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101770687A CN101159556B (en) | 2007-11-09 | 2007-11-09 | Group key server based key management method in sharing encryption file system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101770687A CN101159556B (en) | 2007-11-09 | 2007-11-09 | Group key server based key management method in sharing encryption file system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101159556A CN101159556A (en) | 2008-04-09 |
| CN101159556B true CN101159556B (en) | 2011-01-26 |
Family
ID=39307490
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101770687A Expired - Fee Related CN101159556B (en) | 2007-11-09 | 2007-11-09 | Group key server based key management method in sharing encryption file system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101159556B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104010276A (en) * | 2013-02-27 | 2014-08-27 | 中兴通讯股份有限公司 | Group key hierarchical management method and system for broadband cluster system, and terminal |
| CN104636088A (en) * | 2015-02-17 | 2015-05-20 | 华为技术有限公司 | Method for writing data into data servers and storage system |
| US11863670B2 (en) | 2019-04-22 | 2024-01-02 | Cryptography Research, Inc. | Efficient side-channel-attack-resistant memory encryptor based on key update |
Families Citing this family (51)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8635196B2 (en) | 2008-01-04 | 2014-01-21 | Apple Inc. | Systems and methods for providing pre-populated media devices |
| CN101568107B (en) * | 2008-04-22 | 2014-04-16 | 日电(中国)有限公司 | Bill distribution device, fast authentication device, access point and method thereof |
| CN101282211B (en) * | 2008-05-09 | 2011-07-06 | 西安西电捷通无线网络通信股份有限公司 | Method for distributing key |
| CN101281627A (en) * | 2008-05-14 | 2008-10-08 | 深圳市永达电子有限公司 | Safety payment method and system based on electric contract operation |
| CN101616002B (en) * | 2008-06-23 | 2012-03-21 | 阿里巴巴集团控股有限公司 | User identity authentication method and device thereof |
| US8805846B2 (en) | 2008-09-30 | 2014-08-12 | Apple Inc. | Methods and systems for providing easy access to information and for sharing services |
| US8734872B2 (en) * | 2008-09-30 | 2014-05-27 | Apple Inc. | Access control to content published by a host |
| CN101562525B (en) * | 2009-04-30 | 2012-06-27 | 飞天诚信科技股份有限公司 | Method, device and system for signature |
| CN101605137B (en) * | 2009-07-10 | 2012-08-22 | 中国科学技术大学 | Safe distribution file system |
| CN102668497B (en) * | 2009-09-30 | 2015-03-04 | 法国电信公司 | Method and device allowing secure communication in a telecommunications protected against denial of service (Dos) and flooding attack |
| CN102110278A (en) * | 2009-12-25 | 2011-06-29 | 北京卡达克科技中心 | Automotive vehicle certificate printing and data uploading authorization control method and system |
| CN101917270B (en) * | 2010-08-03 | 2012-08-22 | 中国科学院软件研究所 | Weak authentication and key agreement method based on symmetrical password |
| CN102130947A (en) * | 2011-01-30 | 2011-07-20 | 深圳市赛远自动化系统有限公司 | Remote monitored maintenance method and system based on 3G and cloud computing technology |
| CN102546764B (en) * | 2011-12-20 | 2014-06-04 | 华中科技大学 | Safe access method of cloud storage system |
| CN103457915A (en) * | 2012-06-01 | 2013-12-18 | 李俊霖 | Military Internet of Things security protocol capable of being proved in formalized mode |
| CN102868526B (en) * | 2012-08-17 | 2015-06-10 | 上海华申智能卡应用系统有限公司 | Method and system for protecting smart card or universal serial bus (USB) key |
| CN102970299B (en) * | 2012-11-27 | 2015-06-03 | 西安电子科技大学 | File safe protection system and method thereof |
| CN103024041A (en) * | 2012-12-13 | 2013-04-03 | 曙光云计算技术有限公司 | Data sharing method in cloud computing system |
| CN103067170B (en) * | 2012-12-14 | 2015-04-15 | 深圳国微技术有限公司 | encrypting method based on EXT2 file system |
| CN104052721A (en) * | 2013-03-15 | 2014-09-17 | 南京理工大学常熟研究院有限公司 | Multi-internet integrated video security access system |
| AU2014253868B2 (en) * | 2013-04-18 | 2016-05-19 | RISOFTDEV, Inc. | System and methods for encrypting data |
| CN103561044B (en) * | 2013-11-20 | 2017-06-27 | 无锡儒安科技有限公司 | Data transmission method and data transmission system |
| CN104901935A (en) * | 2014-09-26 | 2015-09-09 | 易兴旺 | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) |
| CN104660583B (en) * | 2014-12-29 | 2018-05-29 | 国家电网公司 | A kind of cryptographic services method based on Web cryptographic services |
| CN104580208B (en) | 2015-01-04 | 2018-11-30 | 华为技术有限公司 | A kind of identity identifying method and device |
| US10185842B2 (en) * | 2015-03-18 | 2019-01-22 | Intel Corporation | Cache and data organization for memory protection |
| US10326768B2 (en) * | 2015-05-28 | 2019-06-18 | Google Llc | Access control for enterprise knowledge |
| CN104852925B (en) * | 2015-05-28 | 2018-08-28 | 江南大学 | Mobile intelligent terminal anti-data-leakage secure storage, backup method |
| US10122767B2 (en) * | 2015-05-29 | 2018-11-06 | Nagravision S.A. | Systems and methods for conducting secure VOIP multi-party calls |
| CN108292992A (en) | 2015-09-04 | 2018-07-17 | 慧与发展有限责任合伙企业 | Using key and derive parameter progress password generation |
| CN105516110B (en) * | 2015-12-01 | 2019-12-20 | 趣增信息科技(上海)有限公司 | Mobile device security data transmission method |
| CN105376261B (en) * | 2015-12-21 | 2020-01-14 | Tcl集团股份有限公司 | Encryption method and system for instant messaging message |
| CN105721149B (en) * | 2016-04-25 | 2019-02-26 | 北汽福田汽车股份有限公司 | A kind of car networking system session key generates and the method for car-mounted terminal and ECU binding |
| US10419402B2 (en) * | 2017-01-26 | 2019-09-17 | Microsoft Technology Licensing, Llc | Addressing a trusted execution environment using signing key |
| US12111944B2 (en) * | 2017-03-16 | 2024-10-08 | Jun Yu | Method and system for policy based real time data file access control |
| WO2019127467A1 (en) * | 2017-12-29 | 2019-07-04 | 华为技术有限公司 | Data access method and device |
| CN108471404B (en) * | 2018-02-28 | 2020-10-16 | 深圳市达仁基因科技有限公司 | File sharing method and device, computer equipment and storage medium |
| CN108289105A (en) * | 2018-03-01 | 2018-07-17 | 郑州云海信息技术有限公司 | Data encryption storage method, device, equipment, system and readable storage medium storing program for executing |
| CN109492384B (en) * | 2018-09-26 | 2021-07-20 | 成都卫士通信息产业股份有限公司 | Method for receiving entity access and accessing password device, password device and entity |
| US11088846B2 (en) * | 2019-03-28 | 2021-08-10 | Intel Corporation | Key rotating trees with split counters for efficient hardware replay protection |
| CN111143247B (en) * | 2019-12-31 | 2023-06-30 | 海光信息技术股份有限公司 | Storage device data integrity protection method, controller thereof and system on chip |
| CN112035853B (en) * | 2020-08-13 | 2024-07-05 | 南京育志光科技有限公司 | Storage data access control system based on enterprise cloud disk |
| CN112165381B (en) * | 2020-08-18 | 2023-12-05 | 远景智能国际私人投资有限公司 | Key management system and method |
| EP4260587A4 (en) * | 2020-12-31 | 2023-12-06 | Huawei Technologies Co., Ltd. | Key provisioning method and related products |
| CN113010863A (en) * | 2021-04-15 | 2021-06-22 | 深圳市鹰硕云科技有限公司 | Text lookup authority management method and system based on identity authentication |
| CN113422757B (en) * | 2021-06-04 | 2023-04-07 | 广西电网有限责任公司 | Document management system based on encryption application |
| CN113486376B (en) * | 2021-07-20 | 2024-02-02 | 大连九锁网络有限公司 | Digital file sharing and content security protection method matched with mobile terminal authentication |
| CN114006736B (en) * | 2021-10-22 | 2024-08-27 | 中易通科技股份有限公司 | Instant communication message protection system and method based on hardware password equipment |
| CN113821835B (en) * | 2021-11-24 | 2022-02-08 | 飞腾信息技术有限公司 | Key management method, key management device and computing equipment |
| CN116629804B (en) * | 2023-06-06 | 2024-01-09 | 河北华正信息工程有限公司 | Letters, interviews, supervision and tracking management system and management method |
| CN118368063B (en) * | 2024-06-19 | 2024-08-30 | 之江实验室 | Cluster implementation method and device for mass key management |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588839A (en) * | 2004-07-29 | 2005-03-02 | 北京航空航天大学 | Safety group broadcast management system and method |
| CN1601957A (en) * | 2003-09-22 | 2005-03-30 | 华为技术有限公司 | Method of distributing group secret keys |
-
2007
- 2007-11-09 CN CN2007101770687A patent/CN101159556B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1601957A (en) * | 2003-09-22 | 2005-03-30 | 华为技术有限公司 | Method of distributing group secret keys |
| CN1588839A (en) * | 2004-07-29 | 2005-03-02 | 北京航空航天大学 | Safety group broadcast management system and method |
Non-Patent Citations (1)
| Title |
|---|
| JP特开平10-260903A 1998.09.29 |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104010276A (en) * | 2013-02-27 | 2014-08-27 | 中兴通讯股份有限公司 | Group key hierarchical management method and system for broadband cluster system, and terminal |
| CN104010276B (en) * | 2013-02-27 | 2019-02-15 | 中兴通讯股份有限公司 | A kind of group key tiered management approach, system and the terminal of broadband cluster system |
| CN104636088A (en) * | 2015-02-17 | 2015-05-20 | 华为技术有限公司 | Method for writing data into data servers and storage system |
| US11863670B2 (en) | 2019-04-22 | 2024-01-02 | Cryptography Research, Inc. | Efficient side-channel-attack-resistant memory encryptor based on key update |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101159556A (en) | 2008-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101159556B (en) | Group key server based key management method in sharing encryption file system | |
| CN106330868B (en) | A kind of high speed network encryption storage key management system and method | |
| US6246771B1 (en) | Session key recovery system and method | |
| CN100464549C (en) | Method for realizing data safety storing business | |
| CN106888084B (en) | Quantum fort machine system and authentication method thereof | |
| US6073237A (en) | Tamper resistant method and apparatus | |
| EP3585023B1 (en) | Data protection method and system | |
| CN1689297B (en) | Method of preventing unauthorized distribution and use of electronic keys using a key seed | |
| CN109361668A (en) | A kind of data trusted transmission method | |
| He et al. | A social-network-based cryptocurrency wallet-management scheme | |
| CN101834853B (en) | Method and system for sharing anonymous resource | |
| JP2004509398A (en) | System for establishing an audit trail for the protection of objects distributed over a network | |
| CN104767731A (en) | Identity authentication protection method of Restful mobile transaction system | |
| CN110505055B (en) | External network access identity authentication method and system based on asymmetric key pool pair and key fob | |
| CN105426775A (en) | Method and system for protecting information security of smartphone | |
| CN110519046A (en) | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD | |
| US20130124860A1 (en) | Method for the Cryptographic Protection of an Application | |
| JPH07325785A (en) | Network user identifying method, ciphering communication method, application client and server | |
| CN104333545A (en) | Method for encrypting cloud storage file data | |
| CN110138548A (en) | Based on unsymmetrical key pond to and DH agreement quantum communications service station cryptographic key negotiation method and system | |
| CN112685786A (en) | Financial data encryption and decryption method, system, equipment and storage medium | |
| TWI476629B (en) | Data security and security systems and methods | |
| US11861597B1 (en) | Database encryption wallet | |
| CN110519222B (en) | External network access identity authentication method and system based on disposable asymmetric key pair and key fob | |
| CN110365472B (en) | Quantum communication service station digital signature method and system based on asymmetric key pool pair |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110126 Termination date: 20161109 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |