CN101808095A - Encryption copy organization method under distributed storage environment - Google Patents
Encryption copy organization method under distributed storage environment Download PDFInfo
- Publication number
- CN101808095A CN101808095A CN 201010128240 CN201010128240A CN101808095A CN 101808095 A CN101808095 A CN 101808095A CN 201010128240 CN201010128240 CN 201010128240 CN 201010128240 A CN201010128240 A CN 201010128240A CN 101808095 A CN101808095 A CN 101808095A
- Authority
- CN
- China
- Prior art keywords
- data
- read
- client
- file
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an encryption copy organization method under a distributed storage environment. In the method, the management unit data block of system data is divided into a plurality of data segments with the same size; the system carries out management by taking the block as the unit; and a client side encrypts the data by taking the data segment as the unit so as to provide finer granularity control to the data block. Because the data block is encrypted by segments, the ciphertext data segments have no dependence and can be encrypted and decrypted in parallel so as to avoid the phenomenon that read-write of small data amount brings great cost for carrying out encryption and decryption on the whole data block; for read of a large data amount, read requests are grouped, and different grouping requests are sent in parallel to each storage node maintaining a requested file data block copy; and each grouping is read in parallel to improve the efficiency of reading data. The invention realizes that the encryption technology and the copy technology are applied in the distributed storage environment. The provided encryption copy organization method greatly improves the efficiency of reading and writing data.
Description
Technical field
The invention belongs to computer distribution type storage security field, be specifically related to the method for organizing of encryption copy under a kind of distributed memory system environment.This method is by being distributed to a plurality of memory nodes with user data with the form of piecemeal, the data of each piece are encrypted by segmentation, simultaneously in order to improve the availability of system, the piece of each encryption is safeguarded a plurality of copies in a plurality of memory nodes, thereby guarantee the high security and the high availability of user data, all data organization information are responsible for maintenance by independent meta data server.
Background technology
Encryption technology is commonly used to guarantee the confidentiality of user data; user's private data is encrypted by certain cryptographic algorithm; the user only need protect the safety of encryption key just can guarantee that private data is not revealed; even malicious attacker has obtained the ciphertext of data, also can't learn its original contents.
Encryption technology is used very general under the unit storage environment, security product based on application-level is arranged, security product based on file system level, data product based on the disk block level, the disk product that also has direct integrated encryption function, but the application of encryption technology in distributed storage environment also do not have ripe implementation method.
In recent years, some researchs about the distributed memory system fail safe are arranged, but mainly concentrate on authentication, the access control aspect in case the assailant has broken through this outpost of the tax office, just can obtain all user data.Distributed memory system uses data block to organize the user file data usually, and data block is meant the set of the file data of certain-length, and usually in order to reduce the interaction times of client and server, the length of data block is generally bigger.Some distributed memory systems are that unit is encrypted data with the data block, when the data of user's request belong to this data block, this data block just need monoblock by encryption and decryption, and a lot of patterns of encrypting are unfavorable for parallel computation, so the encryption and decryption expense is very big, and when malicious attacker was damaged certain data block, the data of whole file were also along with destroyed, this mode is unfavorable for the expansion of system, and the availability of file data is very low.
The copy technology refers to safeguard in the position that a plurality of geographical position of distributed memory system disperse the copy fully of a certain data, thereby when a certain piece of data is destroyed, system still can get access to correct data from other copy of data, thereby improve the availability of system, the solution malicious user destroys a certain partial data and just causes whole file data irrecoverable.
Some researchers combine encryption technology with the copy technology, data block to system file is encrypted, and ciphered data is backuped to the backup server of near line or off-line, this method has improved safety of data and availability, but when some data of system are destroyed, backed up data can not come into operation immediately, need move from backup server, thereby cause system can not guarantee application service timely.
Summary of the invention
In order to remedy the deficiency of Information Security protection in the existing distributed memory system; the present invention proposes the method for organizing of encryption copy in a kind of distributed memory system; this method can avoid the read-write of small data quantity just whole data to be carried out the great expense incurred that encryption and decryption is brought, and also can improve the efficient of the read request of big data quantity simultaneously.
Encryption copy organization method under a kind of distributed storage environment provided by the invention is characterized in that, this method comprises the process (A1)~(A7) of organizing copy in the write request:
(A1) meta data server is received the write request of client, the original position O of include file name, write request and write request length L;
(A2) make that M is a higher value in the length of (O+L) and original document, check that whether the existing memory space of original document is more than or equal to M, if, existing memory space is used to store data to be written, otherwise, meta data server reads keeper's configuration information or Uses Defaults, and determines duplicate of the document number R, divides block size B, fragment size S and encryption algorithm type; Meta data server is according to the memory node total load, the memory node of choosing R load minimum is as new memory space, existing memory space is used to store the preceding part of data to be written, and new memory space is used to store the remaining data of the data that write, and amounts to R memory node;
The relevant data that write request is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client in the mode of safety;
(A3) client calculates the piece O/B at write request original position place, calculates write request original position P1 and end position P2 in data block;
(A4) whether judge original position P1 and end position P2 at section boundary, if, change step (A5) over to, otherwise original position P1 or end position P2 then read the original information of this section in the centre of certain section, and deciphering, step (A5) entered;
(A5) data to be written in this piece are carried out segmentation and encrypt, and be written to R memory node;
(A6) if for the first time carry out this step, and write request end position and original position then calculate original position P1 and the end position P2 of write request in second piece not in same, forwards step (A4) then to; Otherwise, forward step (A7) to;
(A7) client sends write request to meta data server and finishes feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
Read formed encryption copy in the said process:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, check that whether O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise enters step (B3);
(B3) check whether O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client in the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block;
(B5) section that at first needs read of client is divided into R group, and the hop count that each group comprises is tried one's best equal; Client safeguards that the memory node of this piece copy sends request simultaneously, the parallel data that read R group to R then;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, and promptly obtain the real data that will read;
(B7) if for the first time carry out this step, and read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, forwards step (B5) then to; Otherwise, forward step (B8) to;
(B8) client sends read request to meta data server and finishes or ask off-limits feedback information.
The inventive method proposes a kind of new encryption copy organization method, management unit's data block of system data is divided into a plurality of equal and opposite in direction data segments, system still is that unit manages with the piece, client is that unit is encrypted data with the section, so just can provide more fine-grained control, and avoid read-write in a small amount just whole data block to be carried out the great expense incurred that encryption and decryption is brought data block; To big read request, read request can be divided into groups, with different grouping requests parallel send to each memory node of safeguarding the demand file data block copy, parallelly read each grouping, thereby improve the efficient of read data greatly.
Description of drawings
Fig. 1 is a memory node managerial structure schematic diagram;
Fig. 2 is the file metadata structural representation;
Fig. 3 organizes schematic diagram for encryption copy;
Fig. 4 is the generative process schematic diagram of encryption copy;
Fig. 5 is the leaching process schematic diagram of encryption copy;
Fig. 6 is a client write request process chart;
Fig. 7 is a client read request process chart.
Embodiment
In large-scale storage systems, data volume is normally huge, and lot of data is come organization and management by metadata, and metadata is to describe the information of other data, the i.e. data of data.
Applied environment of the present invention is a typical distribution formula storage system environment, it is by client, meta data server, three parts of memory node are formed, and wherein meta data server mainly is responsible for the file metamessage management of memory node, subscriber information management, the file block information management, system safety information, the management of copy information, memory node load balancing management etc.; Memory node is as the storage repository of data, the real data of file in the storage system; Client is responsible for the user a transparent storage system access interface is provided, and thinks that the user provides system service.
The present invention is further detailed explanation below in conjunction with accompanying drawing and example.
Meta data server is at the request of client, loading condition by memory node distributes new memory node to give client, memory node is by sending load information to allow meta data server can in time know its loading condition to meta data server dynamically, meta data server is according to memory node message sense of the ascending maintenance of load, as shown in Figure 1, the memory node information spinner will comprise following field: memory node IP address, memory node management data block number, the memory node total load, CPC load and weights, memory load and weights, information such as offered load and weights, cpu load wherein, memory load, the shared weight default setting of offered load is: the offered load weight is 0.3, the memory load weight is 0.4, the cpu load weight is 0.3, can carry out dynamic-configuration according to system requirements by the system manager, be about to weighted value and write corresponding configuration file, require three weighted values all in 0~1 scope, and three's summation is 1, and memory node reads configuration file and obtains these values when calculating total load.
When the data block that each client need please be looked for novelty is carried out write operation, meta data server selects a plurality of memory nodes of begin chain in the memory node message sense to get final product, along with the continuous operation of system, the load meeting of memory node dynamically updates, and can effectively realize system load balancing by this method.
After the write request of client was finished, meta data server can generate as shown in Figure 2 file metadata information to the file of being write.File metadata information comprises following field: filename, filename MD5 value, file base attribute, block count, branch block size, fragment size, encryption algorithm type, encryption key, duplicate of the document number and copy position chain.Wherein partial information can be configured by the system manager, as a minute block size, default setting is 8MB, this value should be set in the 8-64MB scope according to different application demands, to guarantee for any read-write requests, request relates to two data blocks at most, thereby simplifies the read-write on client side processing of request; Fragment size, default value is set to 4KB, should be arranged in the 1-16KB scope; Encryption algorithm type, acquiescence is used aes algorithm, and configurable cryptographic algorithm comprises DES, AES, BlowFish algorithm; The duplicate of the document number, acquiescence is safeguarded 3 copies, the copy number should be arranged in the 1-5 scope; These values write respective profiles by the keeper before system start-up, read from configuration file when meta data server needs.Other information comprises filename, filename MD5 value, and the file base attribute, block count, copy position chain etc. then is to generate under user's write request, and the dynamic change along with the change of file.When client was sent read request, meta data server then provided the relevant information of demand file according to this structure, thereby satisfied the request of client.
The present invention carries out the segmentation tissue to the encryption copy of system, and improving one's methods of proposing to read and write under this tissue situation.Encryption copy finally the organizational form in memory node as shown in Figure 3, the data of each file are divided into a plurality of data blocks according to the size of data block of configuration, data block is the unit of metadata management.For each data block, it is divided into a plurality of data segments, the unit of Duan Zuowei data encryption, client is encrypted respectively each data segment, make the data between each section not have correlation, be the encryption and decryption that the data of each section can walk abreast, help parallel processing like this, thereby improve the efficient of system.This mode is compared the encryption of conventional needle to the monoblock data, only needs the relevant information of additional records segmentation, can be to the very big burden of meta data server increase.
The generation of encryption copy is decided by the write request of client, and the generative process of encryption copy is done detailed explanation during below at the client written document.The generation of encryption copy and organizing mainly may further comprise the steps during written document:
(A1) meta data server is received the write request of client, include file name, the original position O of write request (original position is 0 during new files), write request length L.
(A2) make that T is a higher value in (O+L) and the file original length, inspection treats that whether the existing memory space of written document is more than or equal to T, if, existing memory space is used to store data to be written, otherwise, be that this document distributes new memory space, existing memory space is used to store the preceding part of data to be written, new memory space is used to store the remaining data of the data that write;
Need seek new memory node when distributing new memory space, meta data server is chosen the memory node of R load minimum and is stored R copy according to the memory node total load, and wherein R representation file copy number is a field of file metadata information.
Meta data server is according to keeper's configuration information, and the relevant data that write request is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client in the mode of safety.
(A3) client calculates the piece O/B at write request original position place, calculates write request original position P1 and end position P2 in data block, and P1 equals the remainder of O divided by B, and P2 equals (P1+L) remainder divided by B.
(A4) P1, P2 are the starting and ending position of write request in piece, at first need to calculate P1, whether P2 can by use section big or small S remove position P1, P2 at section boundary, if aliquot then should illustrate the position just at section boundary, promptly the section at this place, position covers fully; Otherwise this position is in the centre of certain section, and promptly this section quilt partly covers.Because data are the encrypted test mode storage of unit with the section, so for the section that is partly covered, whole section is not to be covered by new enciphered data fully, so before the data of upgrading these sections, need read the original information of this section, and deciphering, revise partial data then, encrypt again again.P1/S, P2/S are the segment number at the starting and ending position place of write request in piece.
As shown in Figure 4, P1 is in the centre of section S1, and P2 then upgrades the data (for the data that surpass original file size scope, data originally are considered to 0 sequence of forming) between P1 and the P2 in the centre of section S3, need read S1 earlier, the data of two sections of S3.P1 is divided into S1-1 and two parts of S1-2 with section S1, and P2 is divided into S3-1 with S3, two parts of S3-2.Client need distribute the buffering area of 3 section sizes to store new data, and the data of buffering area comprise the S1-1 partial data successively, the data that request writes, S3-2 partial data.
(A5) client is carried out segmentation to buffering area and is encrypted, and a plurality of ciphertext sections after will encrypting are written to a corresponding R memory node, thereby produces R copy of this partial data; As P1 and P2 during, then do not need to read original data all at section boundary; Work as P1, P2 has a position in the centre of certain section, then needs to read the data of this section.Be the data that write request need read two sections at most, compare tradition improving a lot on the whole mode efficient of encrypting.
(A6) if carry out this step for the first time, and write request end position and original position then calculate original position P1 and the end position P2 of write request in second piece not in same, P1 equals 0, P2 equals (O+L) remainder divided by B, forwards (A4) then to; Otherwise, forward (A7) to.
(A7) content of the write request of client has been write each memory node, the data of each piece are also according to the encryption copy organization formula storage that proposes among the present invention in the memory node, client sends write request to meta data server and finishes feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
The read request of client is extracted the data in the encryption copy, factor is according to there being a plurality of copies, and be that segmentation is encrypted, then read request can be divided into a plurality of groups, the group number equals the duplicate of the document number, each group comprises the section that number equates as far as possible, and what client was parallel reads each group to a plurality of memory nodes, thereby improves the efficient of read request.The processing of client read request mainly may further comprise the steps:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, check that whether O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise enters step (B3);
(B3) check whether O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client in the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block, and P3 equals the remainder of O divided by B, and P4 equals (P3+L) remainder divided by B;
(B5) as shown in Figure 5, P3, P4 are original position and the end position of read request in piece, and client need read P3, all sections T1 that P4 crossed over, T2, T3.The section that client at first reads needs is divided into R group, and the hop count that each group comprises equates as far as possible.Client safeguards that the memory node of this piece copy sends request simultaneously, the parallel data that read R group, thereby the efficient that raising is read to R then;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, and promptly obtain the real data that will read.
(B7) if carry out this step for the first time, and read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, P3 equals 0, P4 equals (O+L) remainder divided by B, forwards (B5) then to; Otherwise, forward (B7) to;
(B8) client sends read request to meta data server and finishes or ask off-limits feedback information.
The present invention not only is confined to above-mentioned embodiment; persons skilled in the art are according to embodiment and the disclosed content of accompanying drawing; can adopt other multiple embodiment to implement the present invention; therefore; every employing project organization of the present invention and thinking; do some simple designs that change or change, all fall into the scope of protection of the invention.
Claims (2)
1. the encryption copy organization method under the distributed storage environment is characterized in that: organize the process of copy to be in the write request of this method:
(A1) meta data server is received the write request of client, the original position O of include file name, write request and write request length L;
(A2) make that T is a higher value in the length of (O+L) and original document, check that whether the existing memory space of original document is more than or equal to T, if, existing memory space is used to store data to be written, otherwise, meta data server reads keeper's configuration information or Uses Defaults, and determines duplicate of the document number R, divides block size B, fragment size S and encryption algorithm type; Meta data server is according to the memory node total load, the memory node of choosing R load minimum is as new memory space, existing memory space is used to store the preceding part of data to be written, and new memory space is used to store the remaining data of the data that write, and amounts to R memory node;
The relevant data that write request is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client in the mode of safety;
(A3) client calculates the piece O/B at write request original position place, calculates write request original position P1 and end position P2 in data block;
(A4) whether judge original position P1 and end position P2 at section boundary, if, change step (A5) over to, otherwise original position P1 or end position P2 read the original information of this section in the centre of certain section, and deciphering, step (A5) entered;
(A5) data to be written in this piece are carried out segmentation and encrypt, and be written to R memory node;
(A6) if for the first time carry out this step, and write request end position and original position then calculate original position P1 and the end position P2 of write request in second piece not in same, forwards step (A4) then to; Otherwise, forward step (A7) to;
(A7) client sends write request to meta data server and finishes feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
2. encryption copy organization method according to claim 1 is characterized in that: read formed encryption copy according to following process:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, check that whether O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise enters step (B3);
(B3) check whether O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client in the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block;
(B5) section that at first needs read of client is divided into R group, and the hop count that each group comprises is tried one's best equal; Client safeguards that the memory node of this piece copy sends request simultaneously, the parallel data that read R group to R then;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, and promptly obtain the real data that will read;
(B7) if for the first time carry out this step, and read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, forwards step (B5) then to; Otherwise, forward step (B8) to;
(B8) client sends read request to meta data server and finishes or ask off-limits feedback information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101282401A CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101282401A CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101808095A true CN101808095A (en) | 2010-08-18 |
| CN101808095B CN101808095B (en) | 2012-08-15 |
Family
ID=42609715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101282401A Active CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101808095B (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103346998A (en) * | 2013-05-18 | 2013-10-09 | 北京凯锐立德科技有限公司 | File breaking encryption-based file security protection method |
| CN103731505A (en) * | 2014-01-17 | 2014-04-16 | 中国联合网络通信集团有限公司 | Data distributed storage method and system |
| CN104144186A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Data uploading method and system based on Web browser in cloud computing environment |
| CN104166823A (en) * | 2014-09-12 | 2014-11-26 | 罗满清 | Intelligent medical data safety guarantee system |
| CN104200177A (en) * | 2014-09-12 | 2014-12-10 | 罗满清 | Mobile medical sensitive data encryption method |
| CN104571957A (en) * | 2014-12-29 | 2015-04-29 | 成都致云科技有限公司 | Data reading method and assembling device |
| CN105205411A (en) * | 2015-09-21 | 2015-12-30 | 北京元心科技有限公司 | Method and system for randomly storing symmetrical encryption file |
| CN105205369A (en) * | 2015-08-20 | 2015-12-30 | 青岛三链锁业有限公司 | Palm vein image data processing method |
| US9237014B2 (en) | 2013-05-28 | 2016-01-12 | Hong Kong Applied Science & Technology Research Institute Company, Limited | Partial CipherText updates using variable-length segments delineated by pattern matching and encrypted by fixed-length blocks |
| CN105471930A (en) * | 2014-07-28 | 2016-04-06 | 浙江大华技术股份有限公司 | Method, system and equipment for reading distributed data |
| CN105653469A (en) * | 2015-12-30 | 2016-06-08 | 深圳Tcl数字技术有限公司 | Data writing method and device |
| WO2016101554A1 (en) * | 2015-06-04 | 2016-06-30 | 于志 | System architecture and method for ensuring network information security |
| CN105791274A (en) * | 2016-02-24 | 2016-07-20 | 四川长虹电器股份有限公司 | Distributed encrypted storage and authentication method based on local area network |
| CN103346998B (en) * | 2013-05-18 | 2016-11-30 | 连山管控(北京)信息技术有限公司 | A kind of document security guard method crushing encryption based on file |
| CN106257858A (en) * | 2015-06-19 | 2016-12-28 | 中兴通讯股份有限公司 | The data ciphering method of a kind of remote storage device, Apparatus and system |
| CN106788982A (en) * | 2017-02-22 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of sectional encryption transmission method and device |
| CN107659401A (en) * | 2017-10-09 | 2018-02-02 | 华中科技大学 | The secure data duplicate removal encryption method that a kind of similitude perceives |
| CN107729495A (en) * | 2017-10-18 | 2018-02-23 | 郑州云海信息技术有限公司 | A kind of file metadata browsing method and device |
| CN108664223A (en) * | 2018-05-18 | 2018-10-16 | 百度在线网络技术(北京)有限公司 | A kind of distributed storage method, device, computer equipment and storage medium |
| CN109597811A (en) * | 2018-11-26 | 2019-04-09 | 湖南节点新火信息安全有限公司 | A kind of distributed security data basd link block storage method |
| CN110427156A (en) * | 2019-07-16 | 2019-11-08 | 华中科技大学 | A kind of parallel reading method of the MBR based on fragment |
| CN110633580A (en) * | 2019-09-20 | 2019-12-31 | 徐州医科大学附属医院 | Secure distributed storage method oriented to XML data |
| CN111078153A (en) * | 2019-12-20 | 2020-04-28 | 同方知网(北京)技术有限公司 | Distributed storage method based on files |
| CN111277655A (en) * | 2020-01-21 | 2020-06-12 | 山东公链信息科技有限公司 | Distributed storage system based on intelligent loudspeaker box |
| CN111427860A (en) * | 2019-01-09 | 2020-07-17 | 阿里巴巴集团控股有限公司 | Distributed storage system and data processing method thereof |
| CN111651521A (en) * | 2020-05-27 | 2020-09-11 | 山大地纬软件股份有限公司 | Electronic contract block chain structure, electronic contract signing device and method |
| CN112199338A (en) * | 2019-07-08 | 2021-01-08 | 华为技术有限公司 | File reading and writing method and device |
| CN113220237A (en) * | 2021-05-17 | 2021-08-06 | 北京青云科技股份有限公司 | Distributed storage method, device, equipment and storage medium |
| CN113312069A (en) * | 2020-02-27 | 2021-08-27 | 美光科技公司 | Firmware loading for memory controller |
| CN117473538A (en) * | 2023-12-27 | 2024-01-30 | 成都智慧锦城大数据有限公司 | Method and system for improving service data storage security |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1341240A (en) * | 1999-12-20 | 2002-03-20 | 大日本印刷株式会社 | Distributed data archive device and system |
| CN1960372A (en) * | 2006-11-09 | 2007-05-09 | 华中科技大学 | Encrypting read / write method in use for NAS storage system |
| WO2007133791A2 (en) * | 2006-05-15 | 2007-11-22 | Richard Kane | Data partitioning and distributing system |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
-
2010
- 2010-03-22 CN CN2010101282401A patent/CN101808095B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1341240A (en) * | 1999-12-20 | 2002-03-20 | 大日本印刷株式会社 | Distributed data archive device and system |
| WO2007133791A2 (en) * | 2006-05-15 | 2007-11-22 | Richard Kane | Data partitioning and distributing system |
| CN1960372A (en) * | 2006-11-09 | 2007-05-09 | 华中科技大学 | Encrypting read / write method in use for NAS storage system |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
Cited By (42)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104144186A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Data uploading method and system based on Web browser in cloud computing environment |
| CN104144186B (en) * | 2013-05-10 | 2017-12-01 | 中国电信股份有限公司 | Data uploading method and system based on Web browser in cloud computing environment |
| CN103346998A (en) * | 2013-05-18 | 2013-10-09 | 北京凯锐立德科技有限公司 | File breaking encryption-based file security protection method |
| CN103346998B (en) * | 2013-05-18 | 2016-11-30 | 连山管控(北京)信息技术有限公司 | A kind of document security guard method crushing encryption based on file |
| US9237014B2 (en) | 2013-05-28 | 2016-01-12 | Hong Kong Applied Science & Technology Research Institute Company, Limited | Partial CipherText updates using variable-length segments delineated by pattern matching and encrypted by fixed-length blocks |
| CN103731505A (en) * | 2014-01-17 | 2014-04-16 | 中国联合网络通信集团有限公司 | Data distributed storage method and system |
| CN105471930B (en) * | 2014-07-28 | 2019-03-26 | 浙江大华技术股份有限公司 | A kind of method, system and equipment reading distributed data |
| CN105471930A (en) * | 2014-07-28 | 2016-04-06 | 浙江大华技术股份有限公司 | Method, system and equipment for reading distributed data |
| CN104200177A (en) * | 2014-09-12 | 2014-12-10 | 罗满清 | Mobile medical sensitive data encryption method |
| CN104166823A (en) * | 2014-09-12 | 2014-11-26 | 罗满清 | Intelligent medical data safety guarantee system |
| CN104571957A (en) * | 2014-12-29 | 2015-04-29 | 成都致云科技有限公司 | Data reading method and assembling device |
| WO2016101554A1 (en) * | 2015-06-04 | 2016-06-30 | 于志 | System architecture and method for ensuring network information security |
| US10050956B2 (en) | 2015-06-04 | 2018-08-14 | Zhi Yu | System architecture and method for guaranteeing network information security |
| CN106257858A (en) * | 2015-06-19 | 2016-12-28 | 中兴通讯股份有限公司 | The data ciphering method of a kind of remote storage device, Apparatus and system |
| CN105205369A (en) * | 2015-08-20 | 2015-12-30 | 青岛三链锁业有限公司 | Palm vein image data processing method |
| CN105205411A (en) * | 2015-09-21 | 2015-12-30 | 北京元心科技有限公司 | Method and system for randomly storing symmetrical encryption file |
| CN105653469A (en) * | 2015-12-30 | 2016-06-08 | 深圳Tcl数字技术有限公司 | Data writing method and device |
| CN105653469B (en) * | 2015-12-30 | 2018-11-02 | 深圳Tcl数字技术有限公司 | Method for writing data and device |
| CN105791274A (en) * | 2016-02-24 | 2016-07-20 | 四川长虹电器股份有限公司 | Distributed encrypted storage and authentication method based on local area network |
| CN105791274B (en) * | 2016-02-24 | 2018-12-04 | 四川长虹电器股份有限公司 | A kind of distributed cryptographic storage and method for authenticating based on local area network |
| CN106788982A (en) * | 2017-02-22 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of sectional encryption transmission method and device |
| CN107659401A (en) * | 2017-10-09 | 2018-02-02 | 华中科技大学 | The secure data duplicate removal encryption method that a kind of similitude perceives |
| CN107659401B (en) * | 2017-10-09 | 2019-08-30 | 华中科技大学 | A kind of secure data duplicate removal encryption method of similitude perception |
| CN107729495A (en) * | 2017-10-18 | 2018-02-23 | 郑州云海信息技术有限公司 | A kind of file metadata browsing method and device |
| CN108664223A (en) * | 2018-05-18 | 2018-10-16 | 百度在线网络技术(北京)有限公司 | A kind of distributed storage method, device, computer equipment and storage medium |
| CN108664223B (en) * | 2018-05-18 | 2021-07-02 | 百度在线网络技术(北京)有限公司 | Distributed storage method and device, computer equipment and storage medium |
| CN109597811A (en) * | 2018-11-26 | 2019-04-09 | 湖南节点新火信息安全有限公司 | A kind of distributed security data basd link block storage method |
| CN111427860A (en) * | 2019-01-09 | 2020-07-17 | 阿里巴巴集团控股有限公司 | Distributed storage system and data processing method thereof |
| CN111427860B (en) * | 2019-01-09 | 2023-05-02 | 阿里巴巴集团控股有限公司 | Distributed storage system and data processing method thereof |
| CN112199338A (en) * | 2019-07-08 | 2021-01-08 | 华为技术有限公司 | File reading and writing method and device |
| CN110427156B (en) * | 2019-07-16 | 2020-09-08 | 华中科技大学 | Partition-based MBR (Membrane biological reactor) parallel reading method |
| CN110427156A (en) * | 2019-07-16 | 2019-11-08 | 华中科技大学 | A kind of parallel reading method of the MBR based on fragment |
| CN110633580A (en) * | 2019-09-20 | 2019-12-31 | 徐州医科大学附属医院 | Secure distributed storage method oriented to XML data |
| CN111078153A (en) * | 2019-12-20 | 2020-04-28 | 同方知网(北京)技术有限公司 | Distributed storage method based on files |
| CN111277655A (en) * | 2020-01-21 | 2020-06-12 | 山东公链信息科技有限公司 | Distributed storage system based on intelligent loudspeaker box |
| CN113312069A (en) * | 2020-02-27 | 2021-08-27 | 美光科技公司 | Firmware loading for memory controller |
| US11714757B2 (en) | 2020-02-27 | 2023-08-01 | Micron Technology, Inc. | Firmware loading for a memory controller |
| CN111651521A (en) * | 2020-05-27 | 2020-09-11 | 山大地纬软件股份有限公司 | Electronic contract block chain structure, electronic contract signing device and method |
| CN111651521B (en) * | 2020-05-27 | 2023-10-17 | 山大地纬软件股份有限公司 | Electronic contract block chain structure, electronic contract signing device and method |
| CN113220237A (en) * | 2021-05-17 | 2021-08-06 | 北京青云科技股份有限公司 | Distributed storage method, device, equipment and storage medium |
| CN117473538A (en) * | 2023-12-27 | 2024-01-30 | 成都智慧锦城大数据有限公司 | Method and system for improving service data storage security |
| CN117473538B (en) * | 2023-12-27 | 2024-03-12 | 成都智慧锦城大数据有限公司 | Method and system for improving service data storage security |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101808095B (en) | 2012-08-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101808095B (en) | Encryption copy organization method under distributed storage environment | |
| EP3673620B1 (en) | Shared blockchain data storage | |
| CN110784463B (en) | File storage and access method based on block chain | |
| CN100386707C (en) | Generating key hierarchy for use in isolated execution environment | |
| CN113961535A (en) | Data trusted storage sharing system and method based on block chain | |
| CN110213354A (en) | Cloud storage data confidentiality guard method | |
| Kollu | Blockchain techniques for secure storage of data in cloud environment | |
| CN102546764A (en) | Safe access method of cloud storage system | |
| CN107124271A (en) | A kind of data encryption, decryption method and equipment | |
| CN105117635A (en) | Local data security protection system and method | |
| KR20210055632A (en) | Prioritizing the storage of shared blockchain data | |
| CN101122938A (en) | Data file safe treatment method and system | |
| CN105120003A (en) | Method for realizing data backup in cloud environment | |
| CN102262721A (en) | Data encryption conversion for independent agents | |
| CN108964911A (en) | A kind of stream media service system based on block chain and quantum flow data block technology | |
| Tse et al. | Emerging issues in cloud storage security: encryption, key management, data redundancy, trust mechanism | |
| KR101428649B1 (en) | Encryption system for mass private information based on map reduce and operating method for the same | |
| CN104283868A (en) | Encryption method for internet of things and cloud computing secure storage distributed file system | |
| Shu et al. | Secure storage system and key technologies | |
| JP2014235425A (en) | Information distribution system and information distribution storage system | |
| Tian et al. | A trusted control model of cloud storage | |
| Xu et al. | Achieving secure dynamic searchable symmetric encryption for data sharing services via blockchain | |
| Sha et al. | Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory Architectures | |
| Itani et al. | Efficient healthcare integrity assurance in the cloud with incremental cryptography and trusted computing | |
| Lenin et al. | A secured storage scheme for cloud environment using ECC-IRNS based deduplication approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170822 Address after: Qixia District of Nanjing City, Jiangsu province 210000 Yao Jia Lu No. 7 city scenery Beiyuan 16 room 1203 Patentee after: NANJING SUPERSTACK INFORMATION TECHNOLOGY LTD. Address before: 430074 Hubei Province, Wuhan city Hongshan District Luoyu Road No. 1037 Patentee before: Huazhong University of Science and Technology |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210720 Address after: 335000 no.67-1, Zhichuang street, high tech Industrial Development Zone, Yingtan City, Jiangxi Province Patentee after: Jiangxi diejia Information Technology Co.,Ltd. Address before: Room 1203, building 16, shangchengjingjing Beiyuan, No.7 Yaojia Road, Qixia District, Nanjing City, Jiangsu Province, 210000 Patentee before: NANJING SUPERSTACK INFORMATION TECHNOLOGY Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221116 Address after: No. 32-3, Zhichuang 1st Street, Juneng Road, Yingtan Hi tech Industrial Development Zone, Jiangxi Province, 335000 Patentee after: Jiangxi Shalan Information Technology Co.,Ltd. Address before: 335000 no.67-1, Zhichuang street, high tech Industrial Development Zone, Yingtan City, Jiangxi Province Patentee before: Jiangxi diejia Information Technology Co.,Ltd. |