Summary of the invention
Main purpose of the present invention provides a kind of data safety processing method, device and terminal, is intended to solve the potential safety hazard that data exist in transmission, storage and procedure for displaying.
The invention discloses a kind of data safety processing method, may further comprise the steps:
Encryption obtains enciphered data to data, transmits described enciphered data;
When described enciphered data need to be stored, store described enciphered data to privately owned memory block or common storage area, and be uploaded to the cloud storage;
After the encrypted message checking of user's input is passed through, show the described enciphered data of storage.
Preferably, described data are encrypted obtains enciphered data, and the step of transmitting described enciphered data specifically comprises:
Data are encrypted, obtain comprising the described enciphered data of uniform resource position mark URL address format of local links, message header, enciphered data transmitting terminal, enciphered data receiving terminal and the encrypt data of IOS system-specific;
Transmitting terminal sends described enciphered data to described receiving terminal;
Described receiving terminal receives described enciphered data, and identifies described enciphered data and corresponding manner of decryption by described message header, perhaps dynamically deciphers by described URL address; For IOS user, by local links or HTTP link deciphering.
Preferably, the described enciphered data of described storage comprises:
Described transmitting terminal and/or described receiving terminal are stored to described enciphered data described privately owned memory block or the common storage area of this locality according to the storage mode of user selection in the mode of ciphertext;
The described enciphered data that described cloud storing received is uploaded, and storage.
Preferably, after described encrypted message checking in user's input is passed through, show that the step of the described enciphered data of storage specifically comprises:
After the setting up password checking of user's input is passed through, show described enciphered data and the clear data of described privately owned memory block and common storage area with the form of plaintext or described ciphertext;
If the user is provided with concealment cipher, then after the described concealment cipher checking of user's input is passed through, only show described enciphered data and the clear data of described common storage area with the form of described plaintext or ciphertext.
Preferably, described form with described plaintext or ciphertext shows that described enciphered data comprises:
When described enciphered data shows with the form of described plaintext, prompting user input Crypted password or automatically use default password encryption after, the form that can change to described ciphertext shows;
When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that can change to described plaintext shows.
The present invention also discloses a kind of data safe processing device, comprising:
Data transmission module obtains enciphered data for data are encrypted, and transmits described enciphered data;
Data memory module is used for when described enciphered data need to be stored, and stores described enciphered data to privately owned memory block or common storage area, and is uploaded to the cloud storage;
Data disaply moudle is used for showing the described enciphered data of storage after the encrypted message checking of user's input is passed through.
Preferably, described data transmission module specifically comprises:
DEU data encryption unit is used for data are encrypted, and obtains comprising the described enciphered data of URL address format of local links, message header, enciphered data transmitting terminal, enciphered data receiving terminal and the encrypt data of IOS system-specific;
Transmitting terminal is used for sending described enciphered data to described receiving terminal;
Described receiving terminal is used for receiving described enciphered data, and identifies described enciphered data and corresponding manner of decryption by described message header, perhaps dynamically deciphers by described URL address, for IOS user, by local links or HTTP link deciphering.
Preferably, described data memory module specifically comprises:
Local memory cell is used for the storage mode according to user selection, described enciphered data is stored to described privately owned memory block or the common storage area of this locality in the mode of ciphertext;
The cloud memory cell is used for receiving the described enciphered data of uploading, and storage.
Preferably, described data disaply moudle specifically comprises:
The first display unit is used for showing described enciphered data and the clear data of described privately owned memory block and common storage area with the form of plaintext or described ciphertext after the setting up password checking of user's input is passed through;
The second display unit is used for when the user is provided with concealment cipher, after the described concealment cipher checking of user's input is passed through, only shows described enciphered data and the clear data of described common storage area with the form of described plaintext or ciphertext.
Preferably, described data disaply moudle also comprises:
The formal transformation unit is used for:
When described enciphered data shows with the form of described plaintext, prompting user input Crypted password or automatically use default password encryption after, the form that can change to described ciphertext shows;
When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that can change to described plaintext shows.
The present invention also discloses a kind of terminal, comprises described data safe processing device.
Described data safe processing device comprises:
Data transmission module obtains enciphered data for data are encrypted, and transmits described enciphered data;
Data memory module is used for when described enciphered data need to be stored, and stores described enciphered data to privately owned memory block or common storage area, and is uploaded to the cloud storage;
Data disaply moudle is used for showing the described enciphered data of storage after the encrypted message checking of user's input is passed through.
Preferably, described data transmission module specifically comprises:
DEU data encryption unit is used for data are encrypted, and obtains comprising the described enciphered data of URL address format of local links, message header, enciphered data transmitting terminal, enciphered data receiving terminal and the encrypt data of IOS system-specific;
Transmitting terminal is used for sending described enciphered data to described receiving terminal;
Described receiving terminal is used for receiving described enciphered data, and identifies described enciphered data and corresponding manner of decryption by described message header, perhaps dynamically deciphers by described URL address; For IOS user, by local links or HTTP link deciphering.
Preferably, described data memory module specifically comprises:
Local memory cell is used for the storage mode according to user selection, described enciphered data is stored to described privately owned memory block or the common storage area of this locality in the mode of ciphertext;
The cloud memory cell is used for receiving the described enciphered data of uploading, and storage.
Preferably, described data disaply moudle specifically comprises:
The first display unit is used for showing described enciphered data and the clear data of described privately owned memory block and common storage area with the form of plaintext or described ciphertext after the setting up password checking of user's input is passed through;
The second display unit is used for when the user is provided with concealment cipher, after the described concealment cipher checking of user's input is passed through, only shows described enciphered data and the clear data of described common storage area with the form of described plaintext or ciphertext.
Preferably, described data disaply moudle also comprises:
The formal transformation unit is used for:
When described enciphered data shows with the form of described plaintext, prompting user input Crypted password or automatically use default password encryption after, the form that can change to described ciphertext shows;
When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that can change to described plaintext shows.
The present invention obtains enciphered data by data are encrypted, transmitting encrypted data, when enciphered data need to be stored, stored encrypted data is to privately owned memory block or common storage area, and be uploaded to cloud storage, after the encrypted message checking of user's input is passed through, the method that shows the enciphered data of storage, have in transmission, storage and show that three aspects guarantee user profile, the beneficial effect of the data securities such as mail, strengthened the interoperability of terminal, and the user is uploaded to the cloud storage after can encrypting the significant data of terminal, also can after deciphering, return to arbitrary terminal to the data in the cloud storage, even replacing terminal, data still can safety transfer, further increase fail safe and the convenience of data storing, promoted user's experience.
Embodiment
Further specify technical scheme of the present invention below in conjunction with Figure of description and specific embodiment.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
With reference to Fig. 1, Fig. 1 is data safety processing method application scenarios one embodiment system architecture schematic diagram of the present invention; As shown in Figure 1, the various terminals such as portable terminal, fixed terminal are by GPRS(General Packet Radio Service, GPRS), HSPA(High Speed Packet Access, the high-speed packet access), WCDMA(Wideband Code Division Multiple Access, WCDMA mobile communication system) or WiFi(Wireless Fidelity, WLAN (wireless local area network)) form and the internet communication such as, and carry out the processing of the data such as exchanges data, data storage by the Internet and cloud processing center.Among Fig. 1, based on http(Hyper Text Transport Protocol, HTML (Hypertext Markup Language)) any browser of mode comprises the browser in the terminals such as being widely used in computer (comprising desktop computer, flat board, notebook), mobile phone, such as the IE(Internet Explorer in the computer, browser) browser, Android(Android cell phone system) UC(Unified Communications in the mobile phone, Unified Communication) Safari(apple browser in the browser, iPhone mobile phone) etc.The server cluster that the cloud processing center refers to.Note or MMS system refer to note or the multimedia message network of operator.
Based on the described application scenarios of Fig. 1, with reference to Fig. 2, Fig. 2 is data safety processing method one embodiment schematic flow sheet of the present invention; As shown in Figure 2, data safety processing method of the present invention comprises:
Step S01, data are encrypted obtain enciphered data, transmit described enciphered data;
After user's input or the data such as edit file, mail, the data that needs are encrypted are encrypted processing, can adopt AES(Advanced Encryption Standard, Advanced Encryption Standard) algorithm is encrypted data, and the data after the transmission encryption.With reference to Fig. 3, Fig. 3 is data encryption one embodiment configuration diagram in the data safety processing method of the present invention; As shown in Figure 3, in a preferred embodiment, after the data communication device that the edit cell of information or mail will need to encrypt is crossed ciphering unit and encrypted, be stored to privately owned memory cell in the mode of ciphertext, with expressly or the form of ciphertext be stored to common memory element; And the data to be sent that will edit transfer to the transmitting element of information or mail with the form of plaintext or ciphertext; Send to corresponding receiving element by transmitting element.
The safe transmission of data comprises that transmitting terminal is encrypted and receiving terminal deciphering two parts.The data such as information and mail were encrypted before transmission, after receiving terminal is received ciphertext, only had deciphering just can see original text; And any path between transmitting terminal and receiving terminal, enciphered data all are that the form with ciphertext presents.
Step S02, when described enciphered data need to be stored, store described enciphered data to privately owned memory block or common storage area, and be uploaded to the cloud storage;
The storage of described enciphered data comprises Sender side Storage, receiving terminal storage and cloud storage.Particularly, with reference to Fig. 4, Fig. 4 is that data are stored an embodiment configuration diagram in the data safety processing method of the present invention; As shown in Figure 4, when the data such as transmitting terminal transmission information or mail, judge whether to need to encrypt storage; In a preferred embodiment, whether needing to encrypt storage and determined by contact person's attribute, such as VIP(Very Important Person, honored guest) related datas such as all information of contact person or mail all need to encrypt storage; The data of needs being encrypted storage are stored in local privately owned memory block or common storage area.Similarly, receive the related datas such as information or mail at receiving terminal after, judge whether related data needs to encrypt storage, if store again privately owned memory block or common storage area into after then related data being encrypted processing.For the cloud storage, only need be stored the data upload that needs after encrypting to upload and get final product to the cloud processing center.
The foregoing description process, be applicable to be equipped with the terminal of data safety processing method related software of the present invention, for the terminal that related software is not installed, the user can login enciphered data by browser and send network address, after the user inputs correct username and password and checking and passes through, enter the transmission page, can edit or send enciphered message or mail.Contain URL(Uniform Resource Locator when receiving, uniform resource locator) during the associated encryption data such as the cipher-text information of address or mail, the user can be by clicking URL request deciphering, after the user inputs correct user name and transmission password, checking is passed through, the user can see the related data after the deciphering, and can select above-mentioned data are stored.During checking, one of user recipient by name whether authentication of users is inputted determines by transmitting terminal if need not the authentication of users name, then whether authentication password is a certain recipient's password, if then by checking.
Step S03, after the encrypted message checking of user input is passed through, show the described enciphered data of storage.
When the user opened related software corresponding to data safety processing method, if the user is provided with the software startup password, then prompting user input setting up password after the setting up password checking is passed through, showed the memory contents of all privately owned memory blocks and common storage area.With reference to Fig. 5, Fig. 5 is that data show an embodiment configuration diagram in the data safety processing method of the present invention; As shown in Figure 5, the user can change arbitrary information or mail is ciphertext or expressly shows, alternately change capable of circulation between ciphertext shows and expressly shows, be the user can with take the data change of ciphertext form storage for the storage of plaintext form, or the data change that will store take the plaintext form is as storing with the ciphertext form.But the data of some particular community can not be replaced by stored in clear with ciphertext, related data such as the VIP contact person, even its ciphertext is replaced by expressly existence, then only this single is revised effectively, can not change the form of this ciphertext of memory block, and when accessing next time, these data still show with the form of ciphertext.
The present invention obtains enciphered data by data are encrypted, transmitting encrypted data, when enciphered data need to be stored, stored encrypted data is to privately owned memory block or common storage area, and be uploaded to cloud storage, after the encrypted message checking of user's input is passed through, the method that shows the enciphered data of storage, have the beneficial effect that guarantees the data securities such as user profile, mail aspect three transmitting, store and showing, strengthened the interoperability of terminal.
With reference to Fig. 6, Fig. 6 is that encryption obtains enciphered data and transmitting encrypted data one embodiment schematic flow sheet to data in the data safety processing method of the present invention; Present embodiment only is further described step S01, and other related steps of data safety processing method of the present invention please refer to the specific descriptions of related embodiment, do not repeat them here.
As shown in Figure 6, in the data safety processing method of the present invention, step S01, data are encrypted obtain enciphered data, the step of transmitting described enciphered data specifically comprises:
Step S11, data are encrypted, obtain comprising the described enciphered data of URL address format of local links, message header, enciphered data transmitting terminal, enciphered data receiving terminal and the encrypt data of IOS system-specific;
In a preferred embodiment, when the data that needs are encrypted are encrypted, encrypted content can be assembled into the form of URL, comprise the encrypt datas such as the information of the recipient of local links, message header, enciphered data transmitting terminal, ciphertext of IOS system-specific and ciphertext or mail.The local links of IOS system-specific is a kind of method of calling of data safe processing software in the IOS system, similar HTTP(Hyper Text Transfer Protocol, HTML (Hypertext Markup Language)) link, but need not networking.Always used by system's note of iPhone such as: Encrypted short message and to receive, click this this link after, notebook data safe handling software is called and gets access to all data such as comprising message header, ciphertext.For example:
" aaaaa: nectapp: //bbbbb:http: //www.emessager.com.cn/secure.jsp msghead=ccccc﹠amp; Recipients=ddddd﹠amp; Sender=fffff﹠amp; Content=eeeee ", wherein " aaaaa: " is one section Chinese or English literal, sending side terminal automaticallyes switch Chinese and English according to system language; “ n " be the line feed symbol; " ectapp " is the URL name of registration in safety software I OS version (apple products such as iPhone, iPAD) is used; " bbbbb: " is one section Chinese or English literal, and sending side terminal automaticallyes switch Chinese and English according to system language;
Http:// www.emessager.com.cn/secure.jspIt is the server network address; " msghead=ccccc " is message header, comprises encryption indicator, compression sign, cryptographic algorithm, the content such as authentication of users name during the web deciphering whether; " recipients=ddddd " is one or more recipients of information or mail; " sender=fffff " is sender's phone number or addresses of items of mail; " content=eeeee " is the encrypt datas such as cipher-text information or mail, and the parameter of HTTP can occur in any order and " ddddd ", " fffff " and " eeeee " are the forms of ciphertext.
Step S12, transmitting terminal send described enciphered data to described receiving terminal;
Step S13, described receiving terminal receive described enciphered data, and identify described enciphered data and corresponding manner of decryption by described message header, perhaps dynamically decipher by described URL address, for IOS user, by local links or HTTP link deciphering.
When transmitting terminal sends enciphered data to receiving terminal, after receiving terminal is received above-mentioned enciphered data, attempt using the password default deciphering, if Decryption failures is then inputted the transmission password to decipher by the user; The terminal of data safe processing related software is installed when receiving enciphered data, identifies the ciphertext of this enciphered data and the mode of deciphering by message header; Do not have the terminal of installation data safe handling related software when receiving enciphered data, dynamically decipher by the URL address; For apple products such as IOS(such as iPhone, iPAD) user, be decrypted by this locality connection or HTTP link.Such as: " you receive Encrypted short message, and IOS user please put this deciphering: ectapp: // networking deciphering please be clicked following link: http://www.emessager.com.cn/secure.jsp msghead=ccccc﹠amp; Recipients=ddddd﹠amp; Content=eeeee ".Click the chained address of appearance as the user after, notebook data safe handling software is called and gets access to all data such as comprising message header, ciphertext, finishes the deciphering to enciphered data.After the user inputs correct username and password, the browser display plaintext, whether the user can select plaintext to be stored.
Present embodiment is by encrypting the method that obtains enciphered data and transmit described enciphered data to data, has more a beneficial effect that improves data transmission security progressively, and whether tube terminal does not install identical software, all can realize transfer of data, has increased the interoperability of terminal.
With reference to Fig. 7, Fig. 7 is the enciphered data one embodiment schematic flow sheet that shows storage in the data safety processing method of the present invention; Present embodiment only shows further safely data to be described, and other steps that data safety processing method of the present invention is related please refer to the specific descriptions of related embodiment, do not repeat them here.
As shown in Figure 7, in the data safety processing method of the present invention, the step of the enciphered data of step S03, demonstration storage specifically comprises:
Step S21, after the setting up password checking of user input is passed through, with expressly or the form of described ciphertext show described enciphered data and the clear data of described privately owned memory block and common storage area;
In the terminal that the data safe processing related software is installed, after the user opens related software, if the user is provided with setting up password, then prompting user is inputted setting up password, after the setting up password checking of user input is passed through, with expressly or the form of ciphertext show the privately owned memory block of storage and all enciphered datas and the clear data of common storage area; In the terminal that does not have installation data safe handling related software, the user clicks URL and is decrypted, and prompting user input username and password after the username and password checking is passed through, returns the plaintext of enciphered data by web.
Step S22, judge whether the user is provided with concealment cipher; If, execution in step S23 then; If not, then finish this flow process.
Step S23, prompting user input concealment cipher;
Step S24, after the described concealment cipher checking of user input is passed through, only show the described enciphered data of described common storage area with the form of described plaintext or ciphertext.
The user can arrange concealment cipher as required, and concealment cipher must be different with setting up password; After the user inputs concealment cipher, the content that only shows common storage area, in the content of privately owned memory block no matter be expressly or ciphertext can not show, and use other decryption softwares can not see the content of privately owned memory block, further increased the fail safe of the data such as information and mail.
In a preferred embodiment, alternately change capable of circulation between ciphertext shows and expressly shows, particularly, when described enciphered data shows with the form of described plaintext, after the password encryption that prompting user input Crypted password or automatic use are preset, the form that can change to described ciphertext shows; When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that can change to described plaintext shows; If described enciphered data is the preset attribute enciphered data, then described preset attribute enciphered data can only show with the form of described ciphertext, and the form that changes to described plaintext shows that only single is effective.Such as, such as VIP contact person's related data, even its ciphertext form expressly of being replaced by is shown, then only this single is revised effectively, can not change the form of this ciphertext of memory block, and when accessing next time, these data show with the form of ciphertext still.
For the enciphered data of cloud storage, after Cloud Server receives the downloading contents request, list the content that this user can download, after the user downloads enciphered data, need the correct clear crytpographic key of input, this enciphered data can correctly show; Otherwise even the user can download this enciphered data, checking is not passed through, and this enciphered data still can not show with form expressly, and the user still can not read.
This enforcement shows the method for the enciphered data of memory block by safety, has the beneficial effect that further increases Information Security, and after being uploaded to the cloud storage after the significant data encryption, also can after deciphering, return to arbitrary terminal to the data in the cloud storage, even replacing terminal, data still can safety transfer, has improved systematic function, has promoted user's experience.
With reference to Fig. 8, Fig. 8 is data safe processing device one example structure schematic diagram of the present invention; As shown in Figure 8, data safe processing device of the present invention specifically comprises:
Data transmission module 01 obtains enciphered data for data are encrypted, and transmits described enciphered data;
After user's input or the data such as edit file, mail, 01 pair of data that need to encrypt of data transmission module are encrypted processing, can adopt aes algorithm that data are encrypted, and the data after the transmission encryption.The transfer of data specific implementation process please refer to the specific descriptions of the described embodiment of Fig. 3, does not repeat them here.
Data transmission module 01 comprises that transmitting terminal is encrypted and receiving terminal deciphering two parts.The data such as information and mail were encrypted before transmission, after the receiving terminal of data transmission module 01 is received ciphertext, only had deciphering just can see original text; And any path between transmitting terminal and receiving terminal, enciphered data all are that the form with ciphertext presents.
Data memory module 02 is used for when described enciphered data need to be stored, and stores described enciphered data to privately owned memory block or common storage area, and is uploaded to the cloud storage;
The storage of 02 pair of enciphered data of data memory module comprises Sender side Storage, receiving terminal storage and cloud storage.Concrete storing process please refer to the specific descriptions of the described embodiment of Fig. 4, does not repeat them here.
Data memory module 02 judges whether to need to encrypt storage when the data such as transmitting terminal transmission information or mail; In a preferred embodiment, whether needing to encrypt storage and determined by contact person's attribute, such as VIP(Very Important Person, honored guest) related datas such as all information of contact person or mail all need to encrypt storage.
With reference to Fig. 9, Fig. 9 is data memory module one example structure schematic diagram in the data safe processing device of the present invention; As shown in Figure 9, described data memory module 02 specifically comprises:
Local memory cell 021 is used for the storage mode according to user selection, described enciphered data is stored to described privately owned memory block or the common storage area of this locality in the mode of ciphertext;
Cloud memory cell 022 is used for receiving the described enciphered data of uploading, and storage.
The data that local memory cell 021 will need to encrypt storage are stored in local privately owned memory block or common storage area.Similarly, receive the related datas such as information or mail at receiving terminal after, data memory module 02 judges whether related data needs to encrypt storage, if then local memory cell 021 stores privately owned memory block or common storage area into after related data is encrypted processing again.For the cloud storage, 022 need of cloud memory cell are stored the data upload that needs after encrypting to upload and are got final product to the cloud processing center.
The foregoing description process, be applicable to be equipped with the terminal of data safety processing method related software of the present invention, for the terminal that related software is not installed, the user can login enciphered data by browser and send network address, after the user inputs correct username and password and checking and passes through, enter the transmission page, data memory module 02 can send enciphered message or mail.When receiving the associated encryption data such as the cipher-text information that contains the URL address or mail, the user can be by clicking URL request deciphering, after the user inputs correct user name and transmission password, checking is passed through, the user can see the related data after the deciphering, and can select above-mentioned data are stored.During checking, whether the user name whether authentication of users is inputted is that one of recipient determines by transmitting terminal if need not the authentication of users name, then whether authentication password is a certain recipient's password, if then by checking.
Data disaply moudle 03 is used for showing the described enciphered data of storage after the encrypted message checking of user's input is passed through.
When the user opens related software corresponding to data safety processing method, if the user is provided with the software startup password, then data disaply moudle 03 prompting user is inputted setting up password, after the setting up password checking was passed through, data disaply moudle 03 showed the memory contents of all privately owned memory blocks and common storage area.Concrete storing process please refer to the specific descriptions of the described embodiment of Fig. 5, does not repeat them here.
The user can change arbitrary information or mail is ciphertext or expressly shows, alternately change capable of circulation between ciphertext shows and expressly shows, be the user can with take the data change of ciphertext form storage for the storage of plaintext form, or the data change that will store take the plaintext form is as storing with the ciphertext form.But the data of some particular community can not be replaced by stored in clear with ciphertext, related data such as the VIP contact person, even its ciphertext is replaced by expressly existence, then only this single is revised effectively, can not change the form of this ciphertext of memory block, and when accessing next time, these data still show with the form of ciphertext.
The present invention obtains enciphered data by data are encrypted, transmitting encrypted data, when enciphered data need to be stored, stored encrypted data is to privately owned memory block or common storage area, and be uploaded to cloud storage, after the encrypted message checking of user's input is passed through, the enciphered data that shows storage, have the beneficial effect that guarantees the data securities such as user profile, mail aspect three transmitting, store and showing, strengthened the interoperability of terminal.
With reference to Figure 10, Figure 10 is data transmission module one example structure schematic diagram in the data safe processing device of the present invention; Present embodiment only is further described data transmission module 01, and other related modules of data safe processing device of the present invention please refer to the specific descriptions of related embodiment, do not repeat them here.
As shown in figure 10, data transmission module 01 specifically comprises in the data safe processing device of the present invention:
DEU data encryption unit 011 is used for data are encrypted, and obtains comprising the described enciphered data of URL address format of local links, message header, enciphered data transmitting terminal, enciphered data receiving terminal and the encrypt data of IOS system-specific;
In a preferred embodiment, when the data that DEU data encryption unit 011 will need to encrypt are encrypted, encrypted content can be assembled into the form of URL, comprise the encrypt datas such as the information of the recipient of local links, message header, enciphered data transmitting terminal, ciphertext of IOS system-specific and ciphertext or mail.The local links of IOS system-specific is a kind of method of calling of notebook data safe handling software in the IOS system, similar HTTP link, but need not networking.For example:
" aaaaa: nectapp: //bbbbb:http: //www.emessager.com.cn/secure.jsp msghead=ccccc﹠amp; Recipients=ddddd﹠amp; Sender=fffff﹠amp; Content=eeeee ", wherein " aaaaa: " is one section Chinese or English literal, sending side terminal automaticallyes switch Chinese and English according to system language; “ n " be the line feed symbol; " ectapp " is the URL name of registration in safety software I OS version (apple products such as iPhone, iPAD) is used; " bbbbb: " is one section Chinese or English literal, and sending side terminal automaticallyes switch Chinese and English according to system language;
Http:// www.emessager.com.cn/secure.jspIt is the server network address; " msghead=ccccc " is message header, comprises encryption indicator, compression sign, cryptographic algorithm, the content such as authentication of users name during the web deciphering whether; " recipients=ddddd " is one or more recipients of information or mail; " sender=fffff " is sender's phone number or addresses of items of mail; " content=eeeee " is the encrypt datas such as cipher-text information or mail, and the parameter of HTTP can occur in any order and " ddddd ", " fffff " and " eeeee " are the forms of ciphertext.
Transmitting terminal 012 is used for sending described enciphered data to described receiving terminal;
Receiving terminal 013 is used for receiving described enciphered data, and identifies described enciphered data and corresponding manner of decryption by described message header, perhaps dynamically deciphers by described URL address; For IOS user, by local links or HTTP link deciphering.
When transmitting terminal 012 sends enciphered data to receiving terminal 013, after receiving terminal 013 is received above-mentioned enciphered data, attempt using the password default deciphering, if Decryption failures is then inputted the transmission password to decipher by the user; The receiving terminal 013 of terminal of data safe processing related software is installed when receiving enciphered data, identifies the ciphertext of this enciphered data and the mode of deciphering by message header; Do not have the receiving terminal 013 of terminal of installation data safe handling related software when receiving enciphered data, dynamically decipher by the URL address; For apple products such as IOS(such as iPhone, iPAD) user, receiving terminal 013 connects by this locality or the HTTP link is decrypted.Such as: " you receive Encrypted short message, and IOS user please put this deciphering: ectapp: // networking deciphering please be clicked following link: http://www.emessager.com.cn/secure.jsp msghead=ccccc﹠amp; Recipients=ddddd﹠amp; Content=eeeee ".Click the chained address of appearance as the user after, notebook data safe handling software is called, and receiving terminal 013 gets access to all data such as comprising message header, ciphertext, finishes the deciphering to enciphered data.After the user inputs correct username and password, the browser display plaintext, whether the user can select plaintext to be stored.
Present embodiment obtains enciphered data and transmits described enciphered data by data are encrypted, has more a beneficial effect that improves data transmission security progressively, and whether tube terminal does not install identical software, all can realize transfer of data, has increased the interoperability of terminal.
With reference to Figure 11, Figure 11 is data disaply moudle the first example structure schematic diagram in the data safe processing device of the present invention; Present embodiment only is further described data disaply moudle 03, and other related modules of data safe processing device of the present invention please refer to the specific descriptions of related embodiment, do not repeat them here.
As shown in figure 11, data disaply moudle 03 specifically comprises in the data safe processing device of the present invention:
The first display unit 031 is used for showing described enciphered data and the clear data of described privately owned memory block and common storage area with the form of plaintext or described ciphertext after the setting up password checking of user's input is passed through;
In the terminal that the data safe processing related software is installed, after the user opens related software, if the user is provided with setting up password, 031 prompting user input of the first display unit setting up password, after the setting up password checking of user's input was passed through, the first display unit 031 showed the privately owned memory block of storage and all enciphered datas and the clear data of common storage area with the form of plaintext or ciphertext; In the terminal that does not have installation data safe handling related software, the user clicks URL and is decrypted, and the first display unit 031 prompting user input username and password after the username and password checking is passed through, returns the plaintext of enciphered data by web.
The second display unit 032 is used for when the user is provided with concealment cipher, after the described concealment cipher checking of user's input is passed through, only shows the described enciphered data of described common storage area with the form of described plaintext or ciphertext.
The user can arrange concealment cipher as required, and concealment cipher must be different with setting up password; After the user inputs concealment cipher, the second display unit 032 only shows the content of common storage area, in the content of privately owned memory block no matter be expressly or ciphertext can not show, and use other decryption softwares can not see the content of privately owned memory block, further increased the fail safe of the data such as information and mail.
With reference to Figure 12, Figure 12 is data disaply moudle the second example structure schematic diagram in the data safe processing device of the present invention; As shown in figure 12, in the data safe processing device of the present invention, data disaply moudle 03 also comprises:
Formal transformation unit 033 is used for:
When described enciphered data shows with the form of described plaintext, prompting user input Crypted password or automatically use default password encryption after, the form that can change to described ciphertext shows;
When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that can change to described plaintext shows.
In a preferred embodiment, alternately change capable of circulation between ciphertext shows and expressly shows, particularly, when described enciphered data shows with the form of described plaintext, after the password encryption that formal transformation unit 033 prompting user input Crypted password or automatic use are preset, the form that can change to described ciphertext shows; When described enciphered data shows with the form of described ciphertext, the clear crytpographic key checking of user's input by the time, the form that formal transformation unit 033 can change to described plaintext shows; If described enciphered data is the preset attribute enciphered data, then described preset attribute enciphered data can only show with the form of described ciphertext, and the form that formal transformation unit 033 changes to described plaintext shows that only single is effective.Such as, such as VIP contact person's related data, even expressly form is replaced by with its ciphertext in formal transformation unit 033, then only this single is revised effectively, formal transformation unit 033 can not change the form of this ciphertext of memory block, and when accessing next time, these data still show with the form of ciphertext.
Enciphered data for the cloud storage, after Cloud Server received the downloading contents request, data disaply moudle 03 was listed the content that this user can download, after the user downloads enciphered data, need the correct clear crytpographic key of input, this enciphered data can correctly show; Otherwise even the user can download this enciphered data, data disaply moudle 03 checking is not passed through, and this enciphered data still can not show with form expressly, and the user still can not read.
This enforcement shows the enciphered data of memory block by safety, has the beneficial effect that further increases Information Security, and after being uploaded to the cloud storage after the significant data encryption, also can after deciphering, return to arbitrary terminal to the data in the cloud storage, even replacing terminal, data still can safety transfer, has improved systematic function, has promoted user's experience.
With reference to Figure 13, Figure 13 is terminal one example structure schematic diagram of the present invention.As shown in figure 13, terminal of the present invention comprises the described data safe processing device 100 of above-mentioned arbitrary embodiment.Described terminal comprises arbitrary terminals such as the portable terminal in the application scenarios, fixed terminal or other-end shown in 1.To the specific descriptions of described data safe processing device 100, please refer to the specific descriptions of above-mentioned related embodiment, do not repeat them here.
The present embodiment terminal obtains enciphered data by data are encrypted, transmitting encrypted data, when enciphered data need to be stored, stored encrypted data is to privately owned memory block or common storage area, and be uploaded to cloud storage, after the encrypted message checking of user's input is passed through, the method that shows the enciphered data of storage, have in transmission, storage and show that three aspects guarantee user profile, the beneficial effect of the data securities such as mail, strengthened the interoperability of terminal, and the user is uploaded to the cloud storage after can encrypting the significant data of terminal, also can after deciphering, return to arbitrary terminal to the data in the cloud storage, even replacing terminal, data still can safety transfer, further increase fail safe and the convenience of data storing, promoted user's experience.
The above only is the preferred embodiments of the present invention; be not so limit its claim; every equivalent structure or equivalent flow process conversion that utilizes specification of the present invention and accompanying drawing content to do; directly or indirectly be used in other relevant technical fields, all in like manner be included in the scope of patent protection of the present invention.