CN102710633B - Cloud security management system of security electronic documents and method - Google Patents

Cloud security management system of security electronic documents and method Download PDF

Info

Publication number
CN102710633B
CN102710633B CN201210171117.7A CN201210171117A CN102710633B CN 102710633 B CN102710633 B CN 102710633B CN 201210171117 A CN201210171117 A CN 201210171117A CN 102710633 B CN102710633 B CN 102710633B
Authority
CN
China
Prior art keywords
file
recipient
distribute
cloud security
concerning security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210171117.7A
Other languages
Chinese (zh)
Other versions
CN102710633A (en
Inventor
张建军
高建福
姜真喜
姚立锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DALIAN JIAMU INFORMATION SAFETY SOFTWARE TECHNOLOGY Co Ltd
Original Assignee
DALIAN JIAMU INFORMATION SAFETY SOFTWARE TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DALIAN JIAMU INFORMATION SAFETY SOFTWARE TECHNOLOGY Co Ltd filed Critical DALIAN JIAMU INFORMATION SAFETY SOFTWARE TECHNOLOGY Co Ltd
Priority to CN201210171117.7A priority Critical patent/CN102710633B/en
Publication of CN102710633A publication Critical patent/CN102710633A/en
Application granted granted Critical
Publication of CN102710633B publication Critical patent/CN102710633B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention discloses a cloud security management system and a method applying the system. The system is based on a PKI (Public Key Infrastructure) encryption system and is provided with a transmitting end, a receiving end and a could security service end, wherein the transmitting end is used for helping a sender to send security documents, the receiving end helps a user to receive, read and operate the security documents, and the cloud security service end is used for controlling and managing all documents in the system. According to the system and the method, the whole life cycles of the sent electronic documents are subjected to dynamic management, and various safety strategies are provided as follows: dynamic limits of authority control, operation statistics, out-of-limit recovery, moving track support, a cloud security-based work environment for sending the electronic documents containing sensitive information is constructed, and the applicable range is wide. According to the method, the operation habit of the user cannot be changed, and the cost performance is high.

Description

A kind of cloud security management system of concerning security matters e-file and method
Technical field
The present invention relates to field of information security technology, particularly relate to a kind of cloud security management method of concerning security matters e-file.
Background technology
At division of labor in society refinement day by day, economic interaction day by day closely, information technology is maked rapid progress, various network is fast-developing and today of merging; information and data present the trend of explosive growth; the how intellectual property of available protecting oneself; reduction factor, according to leaking the risk caused, is the baptism faced by each user has to.In order to solve the safety problem of sensitive information, a kind of effective method is exactly that keyholed back plate is carried out in the direct carrier to information and source, and namely conducting interviews to the data of terminal controls and encryption.
E-file due to concerning security matters has and is easy to copy, is easy to transmission, and keyholed back plate with sovereign right is the problem being difficult to solve always.Above-mentioned e-file is once be propagated, then sovereign just loses the right controlled it completely, cannot implement the operations such as withdrawal or destruction, objectively cause the unordered propagation of concerning security matters e-file as traditional media e-file.
The mode mainly taked at present has following four kinds:
The first is traditional method, and namely transmit leg is by management means, and concerning security matters e-file distributes after agreeing to by leader.All kinds of corrupt practices creep in practical operation for this method, and such as: as the sovereign of concerning security matters e-file, whether None-identified is all legal person with all personnel differentiated in spread scope.
The second is that transmit leg utilizes some instruments such as office software, compressed software to arrange access code, and access code is informed recipient.This method only solves secrecy transmission problem, and password needs to keep firmly in mind.There is the problem same with the first, for concerning security matters e-file, whether all personnel in None-identified, differentiation spread scope is all legal person simultaneously.
The third is that concerning security matters e-file is encrypted to ciphertext form and distributes by transmit leg, and the special-purpose software that recipient provides by transmit leg is opened.The problem that same existence is identical with aforesaid way, concerning security matters e-file, whether all personnel in None-identified, differentiation spread scope is all legal person.
4th kind is that concerning security matters e-file is encrypted to ciphertext form by transmit leg, and increases corresponding rights management and life cycle management.
Management system leakage-preventing with the data of operational environment close association is adopted at present for rights management, this kind of mode exist validated user must in specific environment side the problem such as spendable limitation;
Management system leakage-preventing with the data of operational environment close association is adopted equally for life cycle management, there is validated user and spendable limitation and life cycle parameter must exist with encrypted test mode with e-file in specific environment side in this kind of mode, those are specially paid close attention to mechanism's (such as: do the professional institution cracked) of this concerning security matters e-file, crack the cost problem of just time cost; Moreover once crack, same exist the problem identical with aforesaid way, and concerning security matters e-file, whether all personnel in uncontrollable spread scope is all legal person.Therefore, the safety how solving concerning security matters e-file distributes problem, and the method solved is simple, workable, applicability is wide, and as long as validated user can be realized at current tense and all can use flexibly, and accomplish that concerning security matters e-file source is controlled, become information age one thorny problem urgently to be resolved hurrily.
Summary of the invention
The present invention is directed to the proposition of above problem, and the cloud security management system of a kind of concerning security matters e-file of development, system is based on PKI public key encryption system, have: assist transmit leg to send the transmitting terminal of confidential document, recipient is received, read and the receiving terminal of operation confidential document, and the cloud security service end of all files in control-management system;
Described transmitting terminal has:
Recipient's Registering modules: the recipient's data needing to distribute concerning security matters e-file recipient for registering;
Distribute request module: send the license request distributing concerning security matters e-file to described cloud security service end; Meanwhile, for distributed one or more file arranges different Preservation tactics, described Preservation tactics at least comprises: limit recipient read distribute time of file and number of times, the authority of recipient reclaims; And record distributes the overall process of request;
Distribute making module: the encryption key k generating the side's of distributing concerning security matters e-file α, in conjunction with from the examination & verification of cloud security service end by after the k that issues β, generate current encryption key k γ, by examination & approval by concerning security matters e-file k γencryption, generates the ciphertext e-file that can distribute;
Described cloud security service end comprises:
Sovereignty control module: the authority controlling transmit leg, controls concerning security matters e-file to the application of cloud security service end with to the path that recipient sends and subscriber information management;
Authorization handler module: be responsible for described concerning security matters e-file and distribute authority controlling and managing in process: distribute the authority authenticating work that the mandate of concerning security matters e-file license request and sender and recipient have respectively;
Method is according to trace module: the daily record to be checked generating the activity of record whole system;
Described receiving terminal comprises:
Distribute receiver module: receive and identify by described distribute make module making ciphertext e-file and by described distribute request module arrange Preservation tactics, control recipient to the reading access times of e-file and time.
Recipient's Registering modules of described transmitting terminal, registers a global unique identification code for each recipient in registration process.
Described transmitting terminal also has examination & approval and distributes module, and sends the request of distributing and file according to the concerning security matters e-file of setting in advance to the application of cloud security service end with to the path that recipient sends, if transmitting terminal is in off-line state, then starts off-line and sends application strategy.
Described cloud security service end also has: method, according to trace module, is responsible for the retrospective daily record of setting up record whole system.
A cloud security management method for concerning security matters e-file, has following steps:
S100. transmit leg will need the concerning security matters e-file of transmission to be set to the ciphertext e-file of system-specific; The safety operation policy information of the identity information of intended recipinent and concerning security matters e-file is uploaded to cloud security service end together with involved cipher telegram subfile, audits for cloud security service end;
S200. cloud security service end distributes audit policy according to what work out in advance, audits the relevant information uploaded by transmit leg; Examination & verification, by rear, generate and preserves encryption key k β, by this encryption key k βtransmit leg is passed to by information with examination & approval;
S300. transmitting terminal receives the examination & verification of cloud security service end by instruction, generates encryption key k α, together with the k transmitted by cloud security service end β, generate the encryption key k of current file γ, and with the current concerning security matters e-file that will distribute of its encryption, obtain ciphertext e-file.In described ciphertext e-file, at least implant the safety operation policy information of caller information, recipient's information and current concerning security matters e-file, safety operation policy information and encryption key k will be attached with αciphertext e-file, send recipient to;
S400. the authentication information of described recipient is uploaded to cloud security service end by receiving terminal, after authentication, installs reception environment, download the encryption key k that current confidential document is corresponding simultaneously according to the environment mounting strategy of transmit leg setting β;
S500. receiving terminal combining encryption key k αand k βgenerating solution decryption key k γ, decipher the ciphertext e-file that receives, and by the plaintext confidential document after deciphering in reception environment in dedicating recipient to.
After described step S500, also have:
S600. recipient read use e-file process in, receiving terminal according to described safety operation strategy keyholed back plate recipient to the operation behavior of confidential document.
In described step S100, the sender-selected recipient needing to distribute file when request distributes, setting distributes control option, and this control option at least comprises: whether file is ciphertext, if ciphertext, then the safety operation strategy setting this cryptograph files is also needed to be that time controling or number of times control.
Described step S300 comprises the steps:
S301. sender extract examination & verification request when sending setting distribute control option, judge whether e-file current to be distributed is that ciphertext sends;
If S302A. e-file is for expressly sending:, this e-file is decrypted into not containing the clear text file of any additional parameter by transmit leg completely;
If S302B. e-file is that ciphertext sends:, application encipher key k γconcerning security matters e-file is expressly encrypted, described option parameter is recorded in described e-file head simultaneously;
S303. be current confidential document setting global unique identification, this sign is recorded in current file head.
Described step S600 has following steps:
S601. recipient opens the reception environment that receiving terminal is installed, receiving terminal extracts the global unique identification code of confidential document, applying this identification code is that use record is independently read in current confidential document setting, judges whether recipient has authority in reading use procedure;
S602A. the safety operation strategy of current confidential document is for read use in due order: recipient opens described concerning security matters e-file each time, reads the access times+1 used in record, when closing of a file, will read the access times writing in files used in record; Open this file later at every turn, the system of receiving terminal all comparison can read record in the access times and e-file using and record in record, get maximum in described two records and the limited number of times of current file is made comparisons, if be greater than limited number of times, then refuse decryption oprerations;
S602B. the safety operation strategy of current confidential document is for read use on time: timing opening from concerning security matters e-file first time, at set intervals the time consumed is carried out write-back; When opening file afterwards, whether the time that automatic decision has consumed exceedes the restricted time of setting at every turn; If be greater than restricted time, then refuse decryption oprerations.
This system and method carries out dynamic management to the Life cycle distributing e-file, there is provided multiple security strategy: the support that dynamic rights keyholed back plate, operation statistics, out-of-limit recovery, circulation are followed the tracks of, construct one and distribute the operational environment comprising sensitive information e-file based on cloud security, applied widely.This method does not change user operation habits, and cost performance is high.
Accompanying drawing explanation
In order to the technical scheme of clearer explanation embodiments of the invention or prior art, introduce doing one to the accompanying drawing used required in embodiment or description of the prior art simply below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is that the present invention is for constructing the process chart of the privately owned cloud security service of enterprises and institutions;
Fig. 2 is that the present invention is for constructing the process chart of personal user's public cloud security service;
Fig. 3 is that the present invention is for constructing the process chart of enterprises and institutions' mixed cloud security service;
Fig. 4 is the approval process figure of a case study on implementation of the present invention;
Fig. 5 is the process chart of receiving terminal of the present invention;
Fig. 6 is method flow diagram of the present invention;
Fig. 7 is construction module figure of the present invention.
Embodiment
For making the object of embodiments of the invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, clear complete description is carried out to the technical scheme in the embodiment of the present invention:
As shown in the figure, a kind of cloud security management method and the system realizing this method of concerning security matters e-file, described system is based on PKI public key encryption system, have: assist transmit leg to send the transmitting terminal of confidential document, recipient is received, reads and the cloud security service end of all files in the operation receiving terminal of confidential document and control-management system.
When file sender has the purpose distributing concerning security matters e-file, sender is first needed to select the recipient distributed, the recipient personnel that can be in-company employee also can be beyond company.Then the control option and safety operation strategy that distribute is set.E-file to be distributed is plaintext or ciphertext transmission; If ciphertext transmission, then also needing setting to distribute e-file is by temporal mode or number of times Schema control.If need to select initial time and end time by time controling.
If it is that number of times controls then to need to set the number of times allowing operation e-file that band distributes e-file.Further, system also support simultaneously time+number of times integrated mode control, namely limit the number of times allowing at the appointed time to open.These options can enter system for approver's reference.Simultaneously for the file that ciphertext transmits, generate the encryption key seed k of e-file α.Utilize the request module that distributes of described transmitting terminal that above-mentioned information is sent to cloud security service device end.
Described cloud security service end, comprises publicly-owned cloud server terminal and privately owned cloud server terminal.Common, enterprise customer sets up the privately owned cloud security service end with audit function, is provided with privately owned cloud security service device, may needs for registered enterprise inside the recipient distributing concerning security matters e-file at privately owned cloud security service end internal frame.If distributing of confidential document relates to publicly-owned cloud and privately owned cloud, distributing in approval process, privately owned cloud security service end can carry out distributing registration to publicly-owned cloud security service end, and public cloud security service end feedback replenishment strategy information is to the privately owned cloud security service end of enterprise.Publicly-owned cloud and privately owned cloud security service end combine, and can meet the requirement that the long-range confidential document of wide area transmits fully.
Consider, the number of the registration recipient of cloud security service end may be very huge, in order to the recipient information in the cloud security service end that unified identification is publicly-owned and privately owned, cloud security service end is that the recipient of each registration sets a globally unique identity feature code, in order to distinguish recipient.When concrete operations, by the associative operation personnel of described transmitting terminal, the unified identity information collecting recipient is saved in cloud security service end, in order to realize above-mentioned functions, preferably, is provided with the recipient's Registering modules completing aforesaid operations specially at transmitting terminal.
Cloud security service end also has: control module with sovereign right and authorization handler module.Sovereignty control module is used for the control of authority of the transmit leg being responsible for user with sovereign right and confidential document, specify transaction models, namely transmit leg application documents distribute the tactical management of authority flow process: such as this safety operation strategy comprises: the concerning security matters e-file of setting is in advance to the application of cloud security service end and the path to recipient's transmission, i.e. approval route, if transmitting terminal is in off-line state, then start off-line and send application strategy etc., the functions such as recipient information's management of include file transmit leg and file reception side.
Authorization module, when the sovereignty side i.e. transmit leg of confidential document, when sending application information to cloud security service end, be responsible for described concerning security matters e-file and distribute authority controlling and managing in process, mandate, authenticating work: the request that distributes of each file all can circulate according to the approval route of setting in advance automatically in cloud security service end.When the request of distributing arrives cloud security service end-apparatus, cloud security service end can automatic-prompting approver have new request to need examination & approval.The content of the e-file of the option that approver sets when can see request and submission examination & approval.If current approver's accreditation distributes request, just select " passing through "; Otherwise select " refusal ", and reason for rejection is described.When all approvers all examine by after, this authorization module generates for the encryption key k of current confidential document to be sent β, by the information passed through together with encryption key k βbe back to file sender together, sender utilizes transmitting terminal to start preparation and distributes e-file.
Transmitting terminal receive examination & approval by information after, transmit leg namely start described distribute make module help under make distribute e-file: first need the option set when extracting request from privately owned cloud security service end, i.e. the safety operation strategy of file to be distributed:
If set e-file as expressly distributing, then this e-file is deciphered completely.In e-file except the original contents of self without any additional parameter.
If setting e-file is that ciphertext distributes, then understanding is needed to be number of times Schema control, temporal mode control or integrated mode control, and the scope controlled.Due to the e-file that distributes as ciphertext inherently through encryption, so be processed into distribute e-file in need to change a kind of algorithm and be encrypted, namely carry out superencipher.Simultaneously all option parameter need intactly to be recorded in e-file head.Each e-file can when making to system application global unique identification, and this mark can be recorded in e-file head equally.
Transmit leg, according to the circulation process preset, carries out the transmission of file:
If transmit leg presets examination & approval by rear direct transmission, then system examination & approval are by rear, according to recipient's information that applicant submits to, e-file is directly sent to recipient, and notifies applicant.
If transmit leg preset examination & approval by after go back to applicant send, then after system audit passes through, e-file is circulated to applicant, sends to recipient by applicant again according to real needs.
Receiving terminal is after receiving file, to cloud security service end application identity verification, the global unique identification self had is saved in cloud security service end and verifies, after being verified, distributing environment and installs on the receive side: installation form is as follows from the download of cloud security service end:
Unrestricted installation: anyly take the tissue that distributes environment or individual and can install on any station terminal and distribute environment.
Password is installed: any organization or individual, under knowing that this distributes the prerequisite of environment cryptograph ical, installs this can to any station terminal and distribute environment.Need during installation to input this installation password distributing environment in order to carry out password authentification
Hardware binding is installed: first need the hardware information extracting this terminal from the terminal of recipient's designated mounting during installation, comprise hard disk serial number, mainboard number, network interface card number, No. CPU etc.These hardware informations obtain the installation authorization code (transporting issue by distributing environment supplier) of this terminal through shift operation.Recipient take binding hardware information distribute environment installation procedure time synchronously should take authorization code.Need user to input in installation process authorization code that this distributes environment, the hardware information with terminal is verified by this authorization code, if installed with completely the same just permission of the hardware information extracted.
Note: any global unique identification code installed the tissue that distributes environment or individual and all needed to input recipient, in order to distinguish different recipients.The identification information of recipient can be added when e-file makes, make to only have this recipient just can open this e-file.
Transmitting terminal management comprising from recipient information's registration, distributing application to applying for terminating and automatically make to distribute the whole process of e-file.
Transmitting terminal possesses following functions:
Distribute initialization: will the e-file distributing protection be needed to be set to ciphertext e-file, registration recipient data, work out and distribute flow process and strategy setting.
E-file distributes application: when having e-file to distribute demand, e-file distributes applicant and fills in request slip, and encloses the e-file needing to distribute.If distributed by cloud security service end secure e-mail, then need to fill in the addresses of items of mail distributing destination.
Until examination & approval e-file notice: after e-file distributes applicant's submit applications, system can determine whether to need examination & approval according to rule, and whom approver is.System can be sent to approver place Request Notices.Approver can determine whether by examining and submitting to according to electronic file content.
Examine electronic file list: generate approver all e-files of examining distribute examination & approval inventory.Can recall at any time and watch history.
Examination & approval completion notice: when distributing after e-file examined, system can be converted to this ciphertext e-file as requested and distribute ciphertext, and notifies that applicant has examined.
Embodiment 1
In the implementation case scene, the inner all design e-files of unit A are ciphertext e-file, need not do cryptographic operation again.
If directly sent, both made receiving terminal that reception environment has been installed, can not open.
The handling process of receiving terminal as shown in Figure 5.
In the implementation case scene, only allow to browse on designated terminal to distribute e-file.First time uses and distributes e-file, terminal " Zhang San " equipment need install reception environment.
Reception environment mounting strategy has two kinds.One is installed by password, and the level of confidentiality of this Installation Modes is higher, must input licencing key when mounted.After successful installation, just can browse correspondingly distributing e-file.Another kind installs according to terminal authentication coding mode (to use the software of this mounting means a lot of at present, as the AutoCAD network edition, Pro the large software such as e, UG, Ideas all have employed extract the mode that hardware information carries out authorization identifying), the level of confidentiality of this Installation Modes is the highest.When recipient installs, installation procedure extracts end message, and this terminal is done to put on record in transmit leg system.As long as select corresponding terminal when later e-file distributes, can reach and only have this station terminal to open correspondingly to distribute e-file.
In the implementation case scene, organize B by the second policy installation in terminal " Zhang San " equipment on, after successful installation, reception environment is reduced in pallet.
Other-end all cannot install reception environment with this installation procedure.
In the implementation case scene, transmit leg distributes application process example as shown in Figure 3.Applicant fill in request slip and upload need distribute comprise sensitive information e-file, wherein: recipient's title selection unit second; Limit terminal and select terminal " Zhang San " equipment; Fill in 72 hours service time; Access times require not fill in; Secure e-mail address requires not fill in; Do not allow copy in operating right, do not allow screenshotss to be default setting without the need to operation, therefore only arrange and do not allow to print, allow amendment option.The sensitive information e-file that comprises uploaded is ciphertext e-file.
Request slip has filled in rear submission:
After applicant submits to and distributes application, system presses scene settings approval process automatically, determines that approver is direct director, then according to rule, Request Notices is sent to direct director place, applicant place.
Direct director determines whether by according to electronic file content and submits to.As passed through, by scene settings approval process, system determines that approver is leader with specific duties automatically, according to rule, Request Notices is sent to the leader with specific duties place of applicant department.If do not passed through, system notifies that applicant distributes application and is rejected and informs reason automatically.
Leader with specific duties determines whether by according to electronic file content and submits to.As passed through, system terminates by scene settings approval process determination flow process automatically, notifies that applicant distributes application and completes.If do not passed through, system notifies that applicant distributes application and is rejected automatically.
Distribute after application completes, system is automatically made into distributes e-file by examining the e-file passed through.Distributing e-file is ciphertext e-file, and implants issuer information and (comprise k α), recipient's information and e-file operation strategy.In the implementation case scene, distribute implanted unit first and unit second in e-file, do not allow copy simultaneously, do not allow screenshotss, do not allow to print, do not allow the information such as amendment e-file operation strategy to be also implanted to distribute in e-file.
In the implementation case scene, unit B receives and distributes e-file, now terminal " Zhang San " equipment on reception environment has been installed, reception environment contracting in pallet.If do not install reception environment, can not be opened this and distribute e-file.If the other-end of unit B there are also installed reception environment, no matter install by password, or install according to terminal authentication coding mode, all can not open this and distribute e-file.
Reception environment, when startup optimization, can connect cloud security service device, obtains the information such as reception environment rights of using, deferred information, online updating, key K EY, file policy configuration.In terminal " Zhang San " equipment on double-click distribute e-file.Now file reading head policy information carries out the transition process of policy resolution, coupling, use with the policy information obtained from high in the clouds.Reception environment obtains other half key k from cloud security service end β, reception environment utilizes k αand k βgenerating solution decryption key k γ, be decrypted e-file, then start Word application program and open e-file, if the distributing e-file and will open by corresponding application program of extended formatting, operating habit is constant; In the implementation case scene, owing to not allowing copy, e-file is copied on other-end and can not be opened; Owing to not allowing screenshotss, then screenshotss operation can not be carried out; Owing to not allowing to print, then cannot print; Owing to not allowing to revise e-file, then can not carry out preserving after amendment, save as, save as the operations such as webpage.
If distributing e-file authority is allow amendment, then amendment information can be saved in original e-file by person to distribute electronic document browse, and now e-file is still for distributing ciphertext state.
If distributing e-file authority is allow to print, then the person that distributes electronic document browse can print and distribute e-file, but printing can comprise company's watermark.
Have access times to limit if distribute e-file, then system will lose efficacy at number of times and point out users first 2 times.If exceeded the number of times of regulation when e-file is opened, then system prompt " exceeded number of times to limit, you can not continue to use this e-file "
In the implementation case scene, distributing e-file has limit service time, system will lose efficacy in the time and point out user in first 15 minutes, if exceed official hour when e-file is opened, system prompt " your authority exceedes official hour; you can not continue to use this e-file, and use as further in needs, please contact your transmit leg ".
First the present invention is encrypted data electronic file content by symmetrical or asymmetric arithmetic, and in e-file head, embedded in relevant policy information, as time, number of times, control of authority, the scope of authority etc.These policy informations have also been carried out encryption by symmetrical or asymmetric arithmetic.Generate electricity outside in the transmitting procedure of subfile, because e-file itself has been ciphertext state, so be not now very high to the security requirements of communication process, this reduces application threshold of the present invention.Recipient opens e-file by normal mode after receiving e-file, if now distribute browsing environment to run, then distribute environment and can take over associative operation to distributing e-file, and first decipher relevant policy information, perform corresponding control logic according to the policy information in e-file, then pass through k αand k βgenerating solution decryption key k γ, to electronic file content deciphering, guarantee normally to open encrypted electronic file; If now without distributing environment, then because this e-file is ciphertext, so just normal use cannot be opened.
The above; be only the present invention's preferably embodiment; but protection scope of the present invention is not limited thereto; anyly be familiar with those skilled in the art in the technical scope that the present invention discloses; be equal to according to technical scheme of the present invention and inventive concept thereof and replace or change, all should be encompassed within protection scope of the present invention.

Claims (9)

1. the cloud security management system of a concerning security matters e-file, system, based on PKI public key encryption system, has: assist transmit leg to send the transmitting terminal of confidential document, recipient is received, read and the receiving terminal of operation confidential document, and the cloud security service end of all files in control-management system;
Described transmitting terminal has:
Recipient's Registering modules: the recipient's data needing to distribute concerning security matters e-file recipient for registering;
Distribute request module: send the license request distributing concerning security matters e-file to described cloud security service end; Meanwhile, for distributed one or more file arranges different Preservation tactics, described Preservation tactics at least comprises: limit recipient read distribute time of file and number of times, the authority of recipient reclaims; And record distributes the overall process of request;
Distribute making module: the encryption key k generating the side's of distributing concerning security matters e-file α, in conjunction with from the examination & verification of cloud security service end by after the k that issues β, generate current encryption key k γ, by examination & approval by concerning security matters e-file k γencryption, generates the ciphertext e-file that can distribute;
Described cloud security service end comprises:
Sovereignty control module: the authority controlling transmit leg, controls concerning security matters e-file to the application of cloud security service end with to the path that recipient sends and subscriber information management; Specify transaction models, namely transmit leg application documents distribute the tactical management of authority flow process: such as this safety operation strategy comprises: the concerning security matters e-file of setting is in advance to the application of cloud security service end and the path to recipient's transmission, i.e. approval route, if transmitting terminal is in off-line state, then start off-line and send application strategy, recipient information's management function of include file transmit leg and file reception side;
Authorization handler module: be responsible for described concerning security matters e-file and distribute authority controlling and managing in process: distribute the authority authenticating work that the mandate of concerning security matters e-file license request and sender and recipient have respectively;
Method is according to trace module: the daily record to be checked generating the activity of record whole system;
Described receiving terminal comprises:
Distribute receiver module: receive and identify by described distribute make module making ciphertext e-file and by described distribute request module arrange Preservation tactics, control recipient to the reading access times of e-file and time.
2. the cloud security management system of a kind of concerning security matters e-file according to claim 1, is further characterized in that: recipient's Registering modules of described transmitting terminal, in registration process, registers a global unique identification code for each recipient.
3. the cloud security management system of a kind of concerning security matters e-file according to claim 1, be further characterized in that: described transmitting terminal also has examination & approval and distributes module, and send the request of distributing and file according to the concerning security matters e-file of setting in advance to the application of cloud security service end with to the path that recipient sends, if transmitting terminal is in off-line state, then starts off-line and send application strategy.
4. the cloud security management system of a kind of concerning security matters e-file according to claim 1, is further characterized in that described cloud security service end also has: method, according to trace module, is responsible for the retrospective daily record of setting up record whole system.
5. a cloud security management method for concerning security matters e-file, is characterized in that having following steps:
S100. transmit leg will need the concerning security matters e-file of transmission to be set to the ciphertext e-file of system-specific; The safety operation policy information of the identity information of intended recipinent and concerning security matters e-file is uploaded to cloud security service end together with involved cipher telegram subfile, audits for cloud security service end;
S200. cloud security service end distributes audit policy according to what work out in advance, audits the relevant information uploaded by transmit leg; Examination & verification, by rear, generate and preserves encryption key k β, by this encryption key k βtransmit leg is passed to by information with examination & approval;
S300. transmitting terminal receives the examination & verification of cloud security service end by instruction, generates encryption key k α, together with the k transmitted by cloud security service end β, generate the encryption key k of current file γand encrypt the current concerning security matters e-file that will distribute with it, obtain ciphertext e-file, in described ciphertext e-file, at least implant the safety operation policy information of caller information, recipient's information and current concerning security matters e-file, safety operation policy information and encryption key k will be attached with αciphertext e-file, send recipient to;
S400. the authentication information of described recipient is uploaded to cloud security service end by receiving terminal, after authentication, installs reception environment, download the encryption key k that current confidential document is corresponding simultaneously according to the environment mounting strategy of transmit leg setting β;
S500. receiving terminal combining encryption key k αand k βgenerating solution decryption key k γ, decipher the ciphertext e-file that receives, and by the plaintext confidential document after deciphering in reception environment in dedicating recipient to.
6. the cloud security management method of a kind of concerning security matters e-file according to claim 5, is further characterized in that: after described step S500, also have:
S600. recipient read use e-file process in, receiving terminal according to described safety operation strategy keyholed back plate recipient to the operation behavior of confidential document.
7. the cloud security management method of a kind of concerning security matters e-file according to claim 5, be further characterized in that: in described step S100, the sender-selected recipient needing to distribute file when request distributes, setting distributes control option, this control option at least comprises: whether file is ciphertext, if ciphertext, then the safety operation strategy setting this cryptograph files is also needed to be that time controling or number of times control.
8. the cloud security management method of a kind of concerning security matters e-file according to claim 5, is further characterized in that described step S300 comprises the steps:
S301. sender extract examination & verification request when sending setting distribute control option, judge whether e-file current to be distributed is that ciphertext sends;
If S302A. e-file is for expressly sending:, this e-file is decrypted into not containing the clear text file of any additional parameter by transmit leg completely;
If S302B. e-file is that ciphertext sends:, application encipher key k γconcerning security matters e-file is expressly encrypted, described option parameter is recorded in described e-file head simultaneously;
S303. be current confidential document setting global unique identification, by this identification record in current file head.
9. the cloud security management method of a kind of concerning security matters e-file according to claim 6, is further characterized in that described step S600 has following steps:
S601. recipient opens the reception environment that receiving terminal is installed, receiving terminal extracts the global unique identification code of confidential document, applying this identification code is that use record is independently read in current confidential document setting, judges whether recipient has authority in reading use procedure;
S602A. the safety operation strategy of current confidential document is for read use in due order: recipient opens described concerning security matters e-file each time, reads the access times+1 used in record, when closing of a file, will read the access times writing in files used in record; Open this file later at every turn, the system of receiving terminal all comparison can read the number of times of the record in the access times and e-file using and record in record, get maximum in described two records and the limited number of times of current file is made comparisons, if be greater than limited number of times, then refuse decryption oprerations;
S602B. the safety operation strategy of current confidential document is for read use on time: timing opening from concerning security matters e-file first time, at set intervals the time consumed is carried out write-back; When opening file afterwards, whether the time that automatic decision has consumed exceedes the restricted time of setting at every turn; If be greater than restricted time, then refuse decryption oprerations.
CN201210171117.7A 2012-05-29 2012-05-29 Cloud security management system of security electronic documents and method Active CN102710633B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210171117.7A CN102710633B (en) 2012-05-29 2012-05-29 Cloud security management system of security electronic documents and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210171117.7A CN102710633B (en) 2012-05-29 2012-05-29 Cloud security management system of security electronic documents and method

Publications (2)

Publication Number Publication Date
CN102710633A CN102710633A (en) 2012-10-03
CN102710633B true CN102710633B (en) 2015-06-10

Family

ID=46903189

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210171117.7A Active CN102710633B (en) 2012-05-29 2012-05-29 Cloud security management system of security electronic documents and method

Country Status (1)

Country Link
CN (1) CN102710633B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104751068A (en) * 2013-12-26 2015-07-01 珠海金山办公软件有限公司 File protection method and device
CN103839011B (en) * 2014-03-11 2017-07-14 福建伊时代信息科技股份有限公司 The guard method of confidential document and device
CN104504079B (en) * 2014-12-24 2017-12-29 盐城工学院 A kind of picture and text file data outgoing method based on PDM
CN105072099B (en) * 2015-07-28 2016-04-06 福州市君则信息技术有限公司 One checks electronic graph-text approaches to IM and system
CN105357009B (en) * 2015-09-29 2018-07-24 莱诺斯科技(北京)股份有限公司 A kind of transmission recovery system of confidential data
CN107294930B (en) * 2016-04-05 2021-08-17 阿里巴巴集团控股有限公司 File propagation management method and device
CN105915547A (en) * 2016-06-15 2016-08-31 迅鳐成都科技有限公司 Method for realizing control and leakage prevention of data out of service system
CN106446710A (en) * 2016-09-29 2017-02-22 广州鹤互联网科技有限公司 Signed-document encrypting and safety browsing device and method thereof
CN107948123B (en) * 2016-10-12 2021-01-12 钉钉控股(开曼)有限公司 File transmission method and device
CN108063742B (en) * 2016-11-07 2021-06-29 北京京东尚科信息技术有限公司 Sensitive information providing and tracking method and device
CN106650321B (en) * 2016-11-28 2019-05-17 国网河南省电力公司三门峡市陕州供电公司 A kind of single cpu mode electronic document is credible management-control method and system
CN106973035A (en) * 2017-02-09 2017-07-21 成都九安科技有限公司 A kind of document outgoing control system
CN108121798A (en) * 2017-12-20 2018-06-05 杭州云屏科技有限公司 A kind of file monitor method, apparatus, equipment and storage medium
CN108234488A (en) * 2017-12-29 2018-06-29 北京长御科技有限公司 A kind of file tracking method and device
CN108400966B (en) * 2018-01-04 2020-08-07 中国地质大学(武汉) File access method and equipment based on aging control and storage equipment
CN109871426B (en) * 2018-12-18 2021-08-10 国网浙江桐乡市供电有限公司 Method for monitoring and identifying confidential data
CN110489994B (en) * 2019-07-11 2021-09-28 岭澳核电有限公司 File authority management method and device for nuclear power station and terminal equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110097A (en) * 2007-08-17 2008-01-23 南京新模式软件集成有限公司 Method for safely dispensing electronic document
CN101826964A (en) * 2010-04-02 2010-09-08 无锡华御信息技术有限公司 Outgoing document security management system supporting collaboration

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110097A (en) * 2007-08-17 2008-01-23 南京新模式软件集成有限公司 Method for safely dispensing electronic document
CN101826964A (en) * 2010-04-02 2010-09-08 无锡华御信息技术有限公司 Outgoing document security management system supporting collaboration

Also Published As

Publication number Publication date
CN102710633A (en) 2012-10-03

Similar Documents

Publication Publication Date Title
CN102710633B (en) Cloud security management system of security electronic documents and method
CN101729550B (en) Digital content safeguard system based on transparent encryption and decryption, and encryption and decryption method thereof
CN100576198C (en) The inter-entity message policies of rights management and enforcement
CN100446022C (en) Method for safely dispensing electronic document
RU2501081C2 (en) Multi-factor content protection
US8275709B2 (en) Digital rights management of content when content is a future live event
US20060072745A1 (en) Encryption system using device authentication keys
CN1822018B (en) Flexible licensing architecture in content rights management systems
US20050154923A1 (en) Single use secure token appliance
US20070061567A1 (en) Digital information protection system
KR20030036787A (en) System for establishing an audit trail to protect objects distributed over a network
CN105191207A (en) Federated key management
CN103530570A (en) Electronic document safety management system and method
US20110289322A1 (en) Protected use of identity identifier objects
CN101944168B (en) Electronic file authority control and management system
CN101010653A (en) Digital rights management user data transfer from one terminal to another
CN103413100A (en) File security protection system
WO2003079165A2 (en) Ensuring policy enforcement before allowing usage of private key
CN103310159A (en) Method and system for safely taking out electronic file with mobile intelligent terminal
US10523644B2 (en) System and method for secure digital sharing based on an inter-system exchange of a two-tier double encrypted digital information key
KR100652990B1 (en) Framework preventing unauthorized use of documents
CN100525176C (en) Preventing system for information leakage under cooperative work environment and its realizing method
CN101488171B (en) File authentication method based on separating electronic label
Al-Hamdani Cryptography based access control in healthcare web systems
Ford A public key infrastructure for us government unclassified but sensitive applications

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
GR01 Patent grant
C14 Grant of patent or utility model