CN101808095B - Encryption copy organization method under distributed storage environment - Google Patents
Encryption copy organization method under distributed storage environment Download PDFInfo
- Publication number
- CN101808095B CN101808095B CN2010101282401A CN201010128240A CN101808095B CN 101808095 B CN101808095 B CN 101808095B CN 2010101282401 A CN2010101282401 A CN 2010101282401A CN 201010128240 A CN201010128240 A CN 201010128240A CN 101808095 B CN101808095 B CN 101808095B
- Authority
- CN
- China
- Prior art keywords
- data
- request
- read
- client
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an encryption copy organization method under a distributed storage environment. In the method, the management unit data block of system data is divided into a plurality of data segments with the same size; the system carries out management by taking the block as the unit; and a client side encrypts the data by taking the data segment as the unit so as to provide finer granularity control to the data block. Because the data block is encrypted by segments, the ciphertext data segments have no dependence and can be encrypted and decrypted in parallel so as to avoid the phenomenon that read-write of small data amount brings great cost for carrying out encryption and decryption on the whole data block; for read of a large data amount, read requests are grouped, and different grouping requests are sent in parallel to each storage node maintaining a requested file data block copy; and each grouping is read in parallel to improve the efficiency of reading data. The invention realizes that the encryption technology and the copy technology are applied in the distributed storage environment. The provided encryption copy organization method greatly improves the efficiency of reading and writing data.
Description
Technical field
The invention belongs to computer distribution type storage security field, be specifically related to the method for organizing of encryption copy under a kind of distributed memory system environment.This method is through being distributed to a plurality of memory nodes with user data with the form of piecemeal; The data of each piece are encrypted by segmentation; Simultaneously in order to improve the availability of system; The piece of each encryption is safeguarded a plurality of copies in a plurality of memory nodes, thereby guarantees the high security and the high availability of user data, and all data organization information are responsible for maintenance by independent meta data server.
Background technology
Encryption technology is commonly used to guarantee the confidentiality of user data; User's private data is encrypted through certain AES; The user only need protect the safety of encryption key just can guarantee that private data is not revealed; Even malicious attacker has obtained the ciphertext of data, also can't learn its original contents.
Encryption technology is used very general under the unit storage environment; Security product based on application-level is arranged; Security product based on file system level; Based on the data product of disk block level, also have the disk product of direct integrated encryption function, but the application of encryption technology in distributed storage environment also there is not ripe implementation method.
In recent years, some researchs about the distributed memory system fail safe are arranged, but mainly concentrate on authentication, the access control aspect in case the assailant has broken through this outpost of the tax office, just can obtain all user data.Distributed memory system uses data block to organize the user file data usually, and data block is meant the set of the file data of certain-length, and usually in order to reduce the interaction times of client and server, the length of data block is generally bigger.Some distributed memory systems are that unit is encrypted data with the data block, when the data of user request belong to this data block, this data block just need monoblock by encryption and decryption; And a lot of patterns of encrypting are unfavorable for parallel computation; So the encryption and decryption expense is very big, and when malicious attacker was damaged certain data block, the data of whole file were also along with being destroyed; This mode is unfavorable for the expansion of system, and the availability of file data is very low.
The copy technology refers to safeguard in the position that a plurality of geographical position of distributed memory system disperse the copy fully of a certain data; Thereby when a certain piece of data is damaged; System still can get access to proper data from other copy of data; Thereby improve the availability of system, the solution malicious user destroys a certain partial data and just causes whole file data irrecoverable.
Some researchers combine encryption technology with the copy technology; Data block to system file is encrypted, and ciphered data is backuped to the backup server of near line or off-line, and this method has improved safety of data and availability; But when some data of system are destroyed; Backed up data can not come into operation immediately, need move from backup server, thereby cause system can not guarantee application service timely.
Summary of the invention
In order to remedy the deficiency of Information Security protection in the existing distributed memory system; The present invention proposes the method for organizing of encryption copy in a kind of distributed memory system; This method can avoid the read-write of small data quantity just whole data to be carried out the great expense incurred that encryption and decryption is brought, and also can improve the efficient of the read request of big data quantity simultaneously.
Encryption copy organization method under a kind of distributed storage environment provided by the invention is characterized in that, this method comprises the process (A1)~(A7) of organizing copy in the request of writing:
(A1) meta data server is received the request of writing of client, the include file name, writes the original position O of request and writes the request length L;
(A2) make that M is the higher value in the length of (O+L) and original document; Whether the existing memory space of inspection original document is more than or equal to M; If, existing memory space is used to store data to be written, otherwise; Meta data server reads keeper's configuration information or Uses Defaults, and confirms duplicate of the document number R, divides block size B, fragment size S and encryption algorithm type; Meta data server is according to the memory node total load; Choose the minimum memory node of R load as new memory space; Existing memory space is used to store the preceding part of data to be written, and new memory space is used to store the remaining data of the data that write, and amounts to R memory node;
The relevant data that the request of writing is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client with the mode of safety;
(A3) client calculates the piece O/B that writes request original position place, calculates the request of writing original position P1 and end position P2 in data block;
(A4) whether judge original position P1 and end position P2 at section boundary, if, change step (A5) over to, otherwise original position P1 or end position P2 then read the original information of this section in the centre of certain section, and deciphering, step (A5) got into;
(A5) data to be written in this piece are carried out segmentation and encrypt, and be written to R memory node;
(A6) if implement this step for the first time, and write and ask end position and original position not in same, then calculate original position P1 and the end position P2 of the request of writing in second piece, forward step (A4) then to; Otherwise, forward step (A7) to;
(A7) client is sent the request write to meta data server and is accomplished feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
Read formed encryption copy in the said process:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, whether inspection O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise gets into step (B3);
(B3) whether inspection O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client with the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block;
(B5) client at first is divided into R group with the section that needs read, and the hop count that each group comprises equates as far as possible; Client safeguards that the memory node of this piece copy sends request simultaneously, the parallel data that read R group to R then;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, promptly obtain the real data that will read;
(B7) if for the first time implement this step, and read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, forwards step (B5) then to; Otherwise, forward step (B8) to;
(B8) client is sent read request to meta data server and is accomplished or ask off-limits feedback information.
The inventive method proposes a kind of new encryption copy organization method; Management unit's data block of system data is divided into a plurality of equal and opposite in direction data segments; System still is that unit manages with the piece; Client is that unit is encrypted data with the section, so just can more fine-grained control be provided to data block, and has avoided read-write in a small amount just whole data block to be carried out the great expense incurred that encryption and decryption is brought; To big read request, can read request be divided into groups, with the different packets request parallel send to each memory node of safeguarding the demand file data block copy, parallelly read each and divide into groups, thereby improve the efficient of read data greatly.
Description of drawings
Fig. 1 is a memory node managerial structure sketch map;
Fig. 2 is the file metadata structural representation;
Fig. 3 organizes sketch map for encryption copy;
Fig. 4 is the generative process sketch map of encryption copy;
Fig. 5 is the leaching process sketch map of encryption copy;
Fig. 6 writes request processing flow figure for client;
Fig. 7 is a client read request process chart.
Embodiment
In large-scale storage systems, data volume is normally huge, and lot of data is come organization and management through metadata, and metadata is to describe the information of other data, the i.e. data of data.
Applied environment of the present invention is the typical distributed storage system environment, and it is by client, meta data server; Three parts of memory node are formed, and wherein meta data server mainly is responsible for the file metamessage management of memory node, subscriber information management; The file block information management; System safety information, the management of copy information, memory node load balancing management etc.; Memory node is as the storage repository of data, the real data of storage system file; Client is responsible for the user a transparent storage system access interface is provided, and thinks that the user provides system service.
Below in conjunction with accompanying drawing and instance the present invention is done further detailed explanation.
Meta data server is to the request of client, distributes new memory node to give client by the loading condition of memory node, and memory node is through send load information to let meta data server can in time know its loading condition to meta data server dynamically; Meta data server is according to memory node message sense of the ascending maintenance of load, and as shown in Figure 1, the memory node information spinner will comprise following field: memory node IP address; Memory node management data block number, memory node total load, CPC load and weights; Memory load and weights, information such as offered load and weights, wherein cpu load; Memory load, the shared weight default setting of offered load is: the offered load weight is 0.3, the memory load weight is 0.4; The cpu load weight is 0.3; Can carry out dynamic-configuration according to system requirements by the system manager, be about to weighted value and write corresponding configuration file, require three weighted values all in 0~1 scope; And three's summation is 1, and memory node reads configuration file and obtains these values when calculating total load.
When the data block that each client need please be looked for novelty is carried out write operation; Meta data server selects a plurality of memory nodes of begin chain in the memory node message sense to get final product; Along with the continuous operation of system, the load meeting of memory node dynamically updates, and can effectively realize system load balancing through this method.
After the request of writing of client was accomplished, meta data server can generate file metadata information as shown in Figure 2 to the file of being write.File metadata information comprises following field: filename, filename MD5 value, file base attribute, block count, branch block size, fragment size, encryption algorithm type, encryption key, duplicate of the document number and copy position chain.Wherein partial information can be configured by the system manager; Like a minute block size; Default setting is 8MB, and this value should be set in the 8-64MB scope according to different application requirements, to guarantee for any read-write requests; Request relates to two data blocks at most, thereby simplifies the read-write on client side processing of request; Fragment size, default value is set to 4KB, should be arranged in the 1-16KB scope; Encryption algorithm type, acquiescence is used aes algorithm, and configurable AES comprises DES, AES, BlowFish algorithm; The duplicate of the document number, acquiescence is safeguarded 3 copies, the copy number should be arranged in the 1-5 scope; These values write respective profiles by the keeper before system start-up, when meta data server needs, read from configuration file.Other information comprises filename, filename MD5 value, and the file base attribute, block count, copy position chain etc. then are to generate writing under the request of user, and the dynamic change along with the change of file.When client was sent read request, meta data server then provided the relevant information of demand file according to this structure, thereby satisfied the request of client.
The present invention carries out the segmentation tissue to the encryption copy of system, and improving one's methods of proposing under this tissue situation, to read and write.The encryption copy finally organizational form in memory node is as shown in Figure 3, and the data of each file are divided into a plurality of data blocks according to the size of the data block of configuration, and data block is the unit of metadata management.For each data block; It is divided into a plurality of data segments, and section is as the unit of data encryption, and client is encrypted respectively each data segment; Make the data between each section not have correlation; Be the encryption and decryption that the data of each section can walk abreast, help parallel processing like this, thereby improve the efficient of system.This mode is compared the encryption of conventional needle to the monoblock data, only needs the relevant information of additional records segmentation, can be to the very big burden of meta data server increase.
The generation of encryption copy is decided by the request of writing of client, and the generative process of encryption copy is done detailed explanation during below to the client written document.The generation of encryption copy and organizing mainly may further comprise the steps during written document:
(A1) meta data server is received the request of writing of client, and the include file name is write the original position O (original position is 0 during new files) of request, writes the request length L.
(A2) make that T is the higher value in (O+L) and the file original length; Inspection treats that whether the existing memory space of written document is more than or equal to T, if existing memory space is used to store data to be written; Otherwise; Be that this document distributes new memory space, existing memory space is used to store the preceding part of data to be written, new memory space is used to store the remaining data of the data that write;
Need seek new memory node when distributing new memory space, meta data server is chosen the minimum memory node of R load and is stored R copy according to the memory node total load, and wherein R representation file copy number is a field of file metadata information.
Meta data server is according to keeper's configuration information, and the relevant data that the request of writing is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client with the mode of safety.
(A3) client calculates the piece O/B that writes request original position place, calculates the request of writing original position P1 and end position P2 in data block, and P1 equals the remainder of O divided by B, and P2 equals (P1+L) remainder divided by B.
(A4) P1, P2 write the starting and ending position of request in piece, at first need calculate P1; Whether P2 can through use section big or small S remove position P1, P2 at section boundary; If aliquot then should be explained the position just at section boundary, promptly the section at this place, position covers fully; Otherwise this position is in the centre of certain section, and promptly this section covered by part.Because data are the encrypted test mode storage of unit with the section, so for the section that is covered by part, whole section is not to be covered by new enciphered data fully; So before the data of upgrading these sections, need read the original information of this section, and deciphering; Revise partial data then, encrypt again again.P1/S, P2/S are the segment number of writing the starting and ending position place of request in piece.
As shown in Figure 4, P1 is in the centre of section S1, and P2 then upgrades the data (for the data that surpass original file size scope, data originally are considered to the sequence of 0 composition) between P1 and the P2 in the centre of section S3, need read S1 earlier, the data of two sections of S3.P1 is divided into S1-1 and two parts of S1-2 with section S1, and P2 is divided into S3-1 with S3, two parts of S3-2.Client need distribute the buffering area of 3 section sizes to store new data, and the data of buffering area comprise the S1-1 partial data successively, the data that request writes, S3-2 partial data.
(A5) client is carried out segmentation to buffering area and is encrypted, and a plurality of ciphertext sections after will encrypting are written to a corresponding R memory node, thereby produces R copy of this partial data; As P1 and P2 during, then need not read original data all at section boundary; Work as P1, P2 has a position in the centre of certain section, then need read the data of this section.Promptly write request and need read the data of two sections at most, compare tradition improving a lot on the whole mode efficient of encrypting.
(A6) if implement this step for the first time; And write request end position and original position not in same, then calculate original position P1 and the end position P2 of the request of writing in second piece, P1 equals 0; P2 equals (O+L) remainder divided by B, forwards (A4) then to; Otherwise, forward (A7) to.
(A7) content of the request of writing of client has been write each memory node; The data of each piece are also according to the encryption copy organization formula storage that proposes among the present invention in the memory node; Client is sent the request write to meta data server and is accomplished feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
The read request of client is extracted the data in the encryption copy; There are a plurality of copies in the factor certificate, and is that segmentation is encrypted, and then can read request be divided into a plurality of groups; The group number equals the duplicate of the document number; Each group comprises the section that number equates as far as possible, and what client was parallel reads each group to a plurality of memory nodes, thereby improves the efficient of read request.The processing of client read request mainly may further comprise the steps:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, whether inspection O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise gets into step (B3);
(B3) whether inspection O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client with the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block, and P3 equals the remainder of O divided by B, and P4 equals (P3+L) remainder divided by B;
(B5) as shown in Figure 5, P3, P4 are original position and the end position of read request in piece, and client need read P3, all sections T1 that P4 crossed over, T2, T3.Client at first is divided into R group with the section that needs read, and the hop count that each group comprises equates as far as possible.Client safeguards that the memory node of this piece copy sends request simultaneously, the parallel data that read R group, thereby the efficient that raising is read to R then;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, promptly obtain the real data that will read.
(B7) if implement this step for the first time; And read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, P3 equals 0; P4 equals (O+L) remainder divided by B, forwards (B5) then to; Otherwise, forward (B7) to;
(B8) client is sent read request to meta data server and is accomplished or ask off-limits feedback information.
The present invention not only is confined to above-mentioned embodiment; Persons skilled in the art are according to embodiment and the disclosed content of accompanying drawing; Can adopt other multiple embodiment embodiment of the present invention, therefore, every employing project organization of the present invention and thinking; Do some simple designs that change or change, all fall into the scope of the present invention's protection.
Claims (2)
1. the encryption copy organization method under the distributed storage environment is characterized in that:
(A1) meta data server is received the request of writing of client, the include file name, writes the original position O of request and writes the request length L;
(A2) make that T is the higher value in the length of (O+L) and original document; Whether the existing memory space of inspection original document is more than or equal to T; If, existing memory space is used to store data to be written, otherwise; A preceding part that existing memory space is used to store data to be written; New memory space is used to store the remaining data of the data that write, and meta data server reads keeper's configuration information or Uses Defaults, and confirms duplicate of the document number R, divides block size B, fragment size S and encryption algorithm type; Meta data server is chosen the minimum memory node of R load as new memory space according to the memory node total load;
The relevant data that the request of writing is needed comprise piecemeal size B, fragment size S, and encryption algorithm type returns to client with the mode of safety;
(A3) client calculates the piece O/B that writes request original position place, calculates the request of writing original position P1 and end position P2 in data block; P1 equals the remainder of O divided by B, and P2 equals (P1+L) remainder divided by B;
(A4) whether judge original position P1 and end position P2 at section boundary, if, change step (A5) over to, otherwise original position P1 or end position P2 read the original information of this section in the centre of certain section, and deciphering, step (A5) got into;
(A5) data to be written in this piece are carried out segmentation and encrypt, and be written to R memory node;
(A6) if implement this step for the first time, and write and ask end position and original position not in same, then calculate original position P1 and the end position P2 of the request of writing in second piece, forward step (A4) then to; Otherwise, forward step (A7) to; P1 equals 0, and P2 equals (O+L) remainder divided by B;
(A7) client is sent the request write to meta data server and is accomplished feedback information, and meta data server is filled file metadata information according to system configuration information and file request information.
2. encryption copy organization method according to claim 1 is characterized in that: read formed encryption copy according to following process:
(B1) meta data server receives the read request of client, include file name, read request original position O, read request length L;
(B2) make W be the file size that continues, whether inspection O surpasses the size of file that continues, if surpass, then changes step (B8) over to, otherwise gets into step (B3);
(B3) whether inspection O+L surpasses the size of the file that continues, if, make L=W-O, the position that the end position of read request is revised as the file that continues, otherwise, with the end position of O+L as read request;
Meta data server is according to the metadata information of the file that continues, and the relevant data that read request is needed comprise the file base attribute, divide block size B, fragment size S, and encryption algorithm type returns to client with the mode of safety;
(B4) client calculates the piece O/B at original position place, calculates read request original position P3 and end position P4 in data block; P3 equals the remainder of O divided by B, and P4 equals (P3+L) remainder divided by B;
(B5) client at first is divided into R group with the section that needs read, and the hop count that each group comprises equates as far as possible; Client is sent request simultaneously to R memory node then, the parallel data that read R group;
(B6) after client is obtained all data that need section, the data of these sections are deciphered respectively, and with P3, the data outside the P4 scope abandon, promptly obtain the real data that will read;
(B7) if for the first time implement this step, and read request end position and original position then calculate original position P3 and the end position P4 of read request in second piece not in a piece, forwards step (B5) then to; Otherwise, forward step (B8) to; P3 equals 0, and P4 equals (O+L) remainder divided by B;
(B8) client is sent read request to meta data server and is accomplished or ask off-limits feedback information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101282401A CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101282401A CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101808095A CN101808095A (en) | 2010-08-18 |
| CN101808095B true CN101808095B (en) | 2012-08-15 |
Family
ID=42609715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101282401A Active CN101808095B (en) | 2010-03-22 | 2010-03-22 | Encryption copy organization method under distributed storage environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101808095B (en) |
Families Citing this family (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104144186B (en) * | 2013-05-10 | 2017-12-01 | 中国电信股份有限公司 | Data uploading method and system based on Web browser in cloud computing environment |
| US9237014B2 (en) | 2013-05-28 | 2016-01-12 | Hong Kong Applied Science & Technology Research Institute Company, Limited | Partial CipherText updates using variable-length segments delineated by pattern matching and encrypted by fixed-length blocks |
| CN103731505A (en) * | 2014-01-17 | 2014-04-16 | 中国联合网络通信集团有限公司 | Data distributed storage method and system |
| CN105471930B (en) * | 2014-07-28 | 2019-03-26 | 浙江大华技术股份有限公司 | A kind of method, system and equipment reading distributed data |
| CN104200177A (en) * | 2014-09-12 | 2014-12-10 | 罗满清 | Mobile medical sensitive data encryption method |
| CN104166823A (en) * | 2014-09-12 | 2014-11-26 | 罗满清 | Intelligent medical data safety guarantee system |
| CN104571957B (en) * | 2014-12-29 | 2018-03-27 | 成都极驰科技有限公司 | A kind of method for reading data and assembling device |
| CN104836817A (en) | 2015-06-04 | 2015-08-12 | 于志 | Architecture and method for ensuring network information safety |
| CN106257858A (en) * | 2015-06-19 | 2016-12-28 | 中兴通讯股份有限公司 | The data ciphering method of a kind of remote storage device, Apparatus and system |
| CN105205369A (en) * | 2015-08-20 | 2015-12-30 | 青岛三链锁业有限公司 | Palm vein image data processing method |
| CN105205411A (en) * | 2015-09-21 | 2015-12-30 | 北京元心科技有限公司 | Method and system for randomly storing symmetrical encryption file |
| CN105653469B (en) * | 2015-12-30 | 2018-11-02 | 深圳Tcl数字技术有限公司 | Method for writing data and device |
| CN105791274B (en) * | 2016-02-24 | 2018-12-04 | 四川长虹电器股份有限公司 | A kind of distributed cryptographic storage and method for authenticating based on local area network |
| CN106788982A (en) * | 2017-02-22 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of sectional encryption transmission method and device |
| CN107659401B (en) * | 2017-10-09 | 2019-08-30 | 华中科技大学 | A kind of secure data duplicate removal encryption method of similitude perception |
| CN107729495A (en) * | 2017-10-18 | 2018-02-23 | 郑州云海信息技术有限公司 | A kind of file metadata browsing method and device |
| CN108664223B (en) * | 2018-05-18 | 2021-07-02 | 百度在线网络技术(北京)有限公司 | Distributed storage method and device, computer equipment and storage medium |
| CN109597811A (en) * | 2018-11-26 | 2019-04-09 | 湖南节点新火信息安全有限公司 | A kind of distributed security data basd link block storage method |
| CN111427860B (en) * | 2019-01-09 | 2023-05-02 | 阿里巴巴集团控股有限公司 | Distributed storage system and data processing method thereof |
| CN112199338A (en) * | 2019-07-08 | 2021-01-08 | 华为技术有限公司 | File reading and writing method and device |
| CN110427156B (en) * | 2019-07-16 | 2020-09-08 | 华中科技大学 | Partition-based MBR (Membrane biological reactor) parallel reading method |
| CN110633580A (en) * | 2019-09-20 | 2019-12-31 | 徐州医科大学附属医院 | Secure distributed storage method oriented to XML data |
| CN111078153B (en) * | 2019-12-20 | 2023-08-01 | 同方知网数字出版技术股份有限公司 | Distributed storage method based on file |
| CN111277655A (en) * | 2020-01-21 | 2020-06-12 | 山东公链信息科技有限公司 | Distributed storage system based on intelligent loudspeaker box |
| US11157416B2 (en) | 2020-02-27 | 2021-10-26 | Micron Technology, Inc. | Firmware loading for a memory controller |
| CN111651521B (en) * | 2020-05-27 | 2023-10-17 | 山大地纬软件股份有限公司 | Electronic contract block chain structure, electronic contract signing device and method |
| CN113220237B (en) * | 2021-05-17 | 2024-08-20 | 北京青云科技股份有限公司 | Distributed storage method, device, equipment and storage medium |
| CN117473538B (en) * | 2023-12-27 | 2024-03-12 | 成都智慧锦城大数据有限公司 | Method and system for improving service data storage security |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1341240A (en) * | 1999-12-20 | 2002-03-20 | 大日本印刷株式会社 | Distributed data archive device and system |
| CN1960372A (en) * | 2006-11-09 | 2007-05-09 | 华中科技大学 | Encrypting read / write method in use for NAS storage system |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007133791A2 (en) * | 2006-05-15 | 2007-11-22 | Richard Kane | Data partitioning and distributing system |
-
2010
- 2010-03-22 CN CN2010101282401A patent/CN101808095B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1341240A (en) * | 1999-12-20 | 2002-03-20 | 大日本印刷株式会社 | Distributed data archive device and system |
| CN1960372A (en) * | 2006-11-09 | 2007-05-09 | 华中科技大学 | Encrypting read / write method in use for NAS storage system |
| CN101594227A (en) * | 2008-05-30 | 2009-12-02 | 华为技术有限公司 | The method of data encryption and deciphering, device and communication system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101808095A (en) | 2010-08-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101808095B (en) | Encryption copy organization method under distributed storage environment | |
| CN113961535A (en) | Data trusted storage sharing system and method based on block chain | |
| CN110213354A (en) | Cloud storage data confidentiality guard method | |
| Kollu | Blockchain techniques for secure storage of data in cloud environment | |
| CN102761521A (en) | Cloud security storage and sharing service platform | |
| Song et al. | A cloud secure storage mechanism based on data dispersion and encryption | |
| CN104331346A (en) | Data protection method | |
| Shetty et al. | Data security in Hadoop distributed file system | |
| CN109995505A (en) | A kind of mist calculates data safety machining system and method, cloud storage platform under environment | |
| CN107124271A (en) | A kind of data encryption, decryption method and equipment | |
| CN105516117A (en) | Cloud computing-based electric power data secure storage method | |
| CN105117635A (en) | Local data security protection system and method | |
| US20200052901A1 (en) | Secure audit scheme in a distributed data storage system | |
| CN101122938A (en) | Data file safe treatment method and system | |
| CN108964911A (en) | A kind of stream media service system based on block chain and quantum flow data block technology | |
| CN113094733A (en) | Block chain data privacy protection method and system | |
| Tse et al. | Emerging issues in cloud storage security: encryption, key management, data redundancy, trust mechanism | |
| KR101428649B1 (en) | Encryption system for mass private information based on map reduce and operating method for the same | |
| Nag et al. | Secure data outsourcing in the cloud using multi-secret sharing scheme (MSSS) | |
| Han et al. | A decentralized document management system using blockchain and secret sharing | |
| WO2014192957A1 (en) | Information dispersal system and information dispersal storage system | |
| Shu et al. | Secure storage system and key technologies | |
| Xu et al. | Achieving secure dynamic searchable symmetric encryption for data sharing services via blockchain | |
| Kadu et al. | A Hybrid Cloud Approach for Secure Authorized Deduplication | |
| Tian et al. | A trusted control model of cloud storage |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170822 Address after: Qixia District of Nanjing City, Jiangsu province 210000 Yao Jia Lu No. 7 city scenery Beiyuan 16 room 1203 Patentee after: NANJING SUPERSTACK INFORMATION TECHNOLOGY LTD. Address before: 430074 Hubei Province, Wuhan city Hongshan District Luoyu Road No. 1037 Patentee before: Huazhong University of Science and Technology |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210720 Address after: 335000 no.67-1, Zhichuang street, high tech Industrial Development Zone, Yingtan City, Jiangxi Province Patentee after: Jiangxi diejia Information Technology Co.,Ltd. Address before: Room 1203, building 16, shangchengjingjing Beiyuan, No.7 Yaojia Road, Qixia District, Nanjing City, Jiangsu Province, 210000 Patentee before: NANJING SUPERSTACK INFORMATION TECHNOLOGY Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221116 Address after: No. 32-3, Zhichuang 1st Street, Juneng Road, Yingtan Hi tech Industrial Development Zone, Jiangxi Province, 335000 Patentee after: Jiangxi Shalan Information Technology Co.,Ltd. Address before: 335000 no.67-1, Zhichuang street, high tech Industrial Development Zone, Yingtan City, Jiangxi Province Patentee before: Jiangxi diejia Information Technology Co.,Ltd. |