CN103198261A - Method and system for protecting file content security - Google Patents
Method and system for protecting file content security Download PDFInfo
- Publication number
- CN103198261A CN103198261A CN2012100043686A CN201210004368A CN103198261A CN 103198261 A CN103198261 A CN 103198261A CN 2012100043686 A CN2012100043686 A CN 2012100043686A CN 201210004368 A CN201210004368 A CN 201210004368A CN 103198261 A CN103198261 A CN 103198261A
- Authority
- CN
- China
- Prior art keywords
- file
- encrypting
- download
- encryption
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a system for protecting file content security. The method comprises an uploading step of setting a file encryption type and an authorized user and uploading a file when needing to upload the file, an encrypting step of encrypting the uploaded file according to the encryption type, a storing step of storing a file upload address, the encryption type and authorized user information in a database configuration table, a judging step of judging if a user has the authority to download the encrypted file according to database configuration table information when needing to download the encrypted file, refusing the download operation if the user does not have the authority and permitting the download operation if the user has the authority, a downloading step of downloading the encrypted file to a user terminal, and a decrypting step of creating an independent memory region at the user terminal, decrypting the encrypted file according to the encryption type of the file in the database configuration table and storing the decrypted file in the independent memory region. According to the method, the file content is double protected through encryption and database access.
Description
Technical field
The present invention relates to a kind of method and system of protected file content safety in the document transmission process.
Background technology
Along with networks development, network and our daily life are more and more tightr, and we get used to by the network transfer files.Consideration based on information security; we do not wish that file usurped by others; general method commonly used is that file is encrypted; traditional encryption method comprises symmetric cryptography and rivest, shamir, adelman; but nearly all cipher system all can be broken at present; be easy to be decoded ciphertext by the third party by certain algorithm, this brings certain potential safety hazard just must for user's transfer files, therefore is necessary to provide a kind of safer file transfer protection system.
Summary of the invention
The invention provides a kind of method of protected file content safety, the method comprising the steps of: upload step: when the needs upload file, file encryption type and authorized user are set, and upload file; Encrypting step: upload file is encrypted according to described encryption type; Preserve step: on the file by reference, encryption type, authorization user information deposit in the database configuration table; Determining step: during file after needs download to be encrypted, judge file after whether the user has permission download this encryptions according to database configuration table information, then refuse download as if lack of competence, as if there being authority then to grant download; Download step: the file after will encrypting downloads to user side; Decryption step: set up the separate, stored district at user side, decipher file after this encryption to this separate, stored district according to the encryption type of file in the database configuration table.
The present invention also provides a kind of system of protected file content safety, and this system comprises: go up transmission module, be used for when the needs upload file, encryption type and the user right that can download this document are set, and upload file; Encrypting module is used for according to described encryption type upload file being encrypted; Preserve module, be used on the file by reference, encryption type, download user authority relevant information deposits the database configuration table in; Judge module is used for when the file that needs to download after encrypting, judges file after whether the user has permission download this encryption according to database configuration table information, then refuses download as if lack of competence, as if there being authority then to grant download; Download module, the file after being used for encrypting downloads to user side; Deciphering module is used for setting up the separate, stored district at user side, and the file of deciphering after this encryptions according to the encryption type of file in the database configuration table arrives this separate, stored district.
Native system and method realize file content is carried out duplicate protection by file content being encrypted handle with database access, have guaranteed that file is more safe in transmission course.
Description of drawings
Fig. 1 is the functional block diagram of preferred embodiment of the system of protected file content safety of the present invention.
Fig. 2 is the preferred embodiment process flow diagram of protected file content safety method of the present invention.
The main element symbol description
|
10 |
|
12 |
|
14 |
|
16 |
|
18 |
|
20 |
|
22 |
Following embodiment will further specify the present invention in conjunction with above-mentioned accompanying drawing.
Embodiment
As shown in Figure 1, be the functional block diagram of system's preferred embodiment of protected file content safety of the present invention.Native system is used for providing the service of document transmission process protected file content safety, and native system comprises transmission module 10, encrypting module 12, preserves module 14, judge module 16, download module 18, deciphering module 20.
The described transmission module 10 of going up is used for arranging encryption type and the user right that can download this document, and upload file, and encryption type herein can be symmetric cryptography or asymmetric encryption, also can be other encryption type.Symmetric cryptography refers to that same secret key can be as the encryption and decryption of information, use identical cryptographic algorithm during encrypting and decrypting, also claim secret key to encrypt, symmetric encipherment algorithm commonly used has AES(Advanced Encryption Standard, AES), DEA(Data Encryption Algorithm) etc. cryptographic algorithm.Rivest, shamir, adelman needs two secret keys: open secret key (public key) and privately owned secret key (private key).Open secret key and privately owned secret key are a pair of, if with open secret key data are encrypted, could decipher with corresponding privately owned secret key; If with privately owned secret key data are encrypted, to could decipher with corresponding open secret key so.Because what encryption and decryption were used is two different secret keys, so this algorithm is called rivest, shamir, adelman.
The encryption type that described encrypting module 12 is used for according to user's selection, the file that the user is uploaded is encrypted.
Described encrypting module 12 can also arrange the size that file parameters comes log file when encrypting, so that documents size during deciphering, judge whether file has to be changed.We define a parameter and come the original size is carried out byte conversion in encrypted process, when deciphering, also carry out byte conversion by the file size of this parameter after to deciphering, and whether the size of file is consistent before and after judging.
Described encrypting module 12 can also be used for after encryption file being redefined file type, in order to judge whether the file encrypted before being during deciphering.File after the encryption can remove the type of original, is defined as a new file type again, has so just hidden the original type.
Described preservation module 14 be used on the file by reference, encryption type, download user authority information deposit the database configuration table in, use when downloading file for the user.
Described judge module 16 judges according to database configuration table information whether the user has the permission download file, if lack of competence is then refused download, if there is authority then to grant download.
File after described download module 18 is used for encrypting downloads to user side.
Described deciphering module 20 is used for setting up the separate, stored district at user side, and decipher file after this encryption to this separate, stored district according to the encryption type of file in the database configuration table, encryption type can be symmetric cryptography, asymmetric encryption, also can be other encryption type, deciphering module 20 be selected corresponding decipherment algorithm deciphering.
Described deciphering module 20 can also by relatively encrypt the back file and download after need the file size of the file parameters record deciphered, judge whether file has to be changed.We define a parameter and come the original size is carried out byte conversion in encrypted process, when deciphering, also by this parameter the file size after deciphering is carried out byte conversion, whether preceding document and download after need the file size of deciphering consistent, if inconsistent then point out the user can't declassified document if judge encrypting.
The file type that needs declassified document after described deciphering module 20 can also contrast and encrypt after the file type of file redetermination and the download, judge whether it is the file of encrypting by application program before, file after the encryption can remove the type of original, again give one of definition new file type, so just hidden the original type, when we decipher this encrypt file, can judge that whether the file of needs deciphering after the download is the file after encrypting by our application program according to new file type, if not, the prompting user can't declassified document.
This system can also comprise a dedicated reader 22, and this reader is used for checking the file content after the deciphering, and can not carry out other operation, has checked deletion declassified document automatically.
As shown in Figure 2, be the preferred embodiment process flow diagram of protected file content safety method of the present invention.
Step S200: when the needs upload file, last transmission module 10 receives the encryption type of user's selection and the authorized user of file is set, and encryption type can be symmetric cryptography or asymmetric encryption, also can be other encryption type.Symmetric cryptography refers to that same secret key can be as the encryption and decryption of information, use identical cryptographic algorithm during encrypting and decrypting, also become secret key to encrypt, symmetric encipherment algorithm commonly used has AES(Advanced Encryption Standard, AES), DEA(Data Encryption Algorithm) etc. cryptographic algorithm.Rivest, shamir, adelman needs two secret keys: open secret key (public key) and privately owned secret key (private key).Open secret key and privately owned secret key are a pair of, if with open secret key data are encrypted, could decipher with corresponding privately owned secret key; If with privately owned secret key data are encrypted, to could decipher with corresponding open secret key so.Because what encryption and decryption were used is two different secret keys, so this algorithm is called rivest, shamir, adelman.Be provided for more than judging when the user downloads file whether the user has the manner of decryption of downloading authority and selecting correspondence according to encryption type.
Step S202: according to the encryption type that the user selects, the file that 12 couples of users of encrypting module upload is encrypted.
This encrypting step S202 can also comprise: encrypting module 12 arranges the size that file parameters comes log file when encrypting, so as during deciphering contrast encrypt the back file and download after need the size of declassified document, judge whether file has to be changed.Parameter of definition is come the original size is carried out byte conversion in encrypted process, when deciphering, also by this parameter the file size that needs to decipher after downloading is carried out byte conversion, and whether the size of file is consistent before and after judging.
This encrypting step S202 can also comprise: encrypting module 12 redefines file type to file after encryption, so that when deciphering judged the file that needs after downloading the file deciphered to encrypt before whether being.File after the encryption can remove the type of original, redefines into a new file type, has so just hidden the original type.
Step S204: file server address, encryption type, authorization user information that preservation module 14 is deposited this document deposit in the database configuration table.
Step S206: when downloading this document, judge according to database configuration table signal judgement module 16 whether the user has permission download this document, if lack of competence end operation flow process then as if there being authority then to grant download, enters step S208.
Step S208: download module 18 downloads to user side with this encrypt file.
Step S210: deciphering module 20 is set up the separate, stored district at user side, and encryption type deciphering this document of corresponding this document is to the separate, stored district that sets up.In this step, to file decryption, encryption type can be other encryption types such as symmetric cryptography, asymmetric encryption according to the encryption type of database configuration list file, and deciphering module is selected corresponding decipherment algorithm deciphering.
Described decryption step S210 can also comprise: deciphering module 20 is according to the file size of the file parameters record that arranges at step S202, relatively encrypt the back and download after need the file deciphered, judge whether file has to be changed.We define a parameter and come the original size is carried out byte conversion in encrypted process, when deciphering, also by this parameter the file size that needs to decipher after downloading is carried out byte conversion, judge whether need the file size of deciphering after the size of encrypting the back file and the download consistent, if inconsistent then point out the user can't declassified document.
Described decryption step S210 can also comprise: whether deciphering module 20 is consistent with the file type of the file of needs deciphering by the new file type that relatively redefines at step S202, judges whether the file of encrypting before being.File after the encryption can remove the type of original, redefine into a new file type, so just hidden the original type, when we decipher this encrypt file, whether the file type of the file that can decipher as required and the new file type that redefines the consistent file of judging after whether this file that need decipher is encrypted before being, if not, the prompting user can't declassified document.
Above-mentioned embodiment can also comprise step S212 after step S210: utilize the file after special-purpose reader is checked deciphering, this reader can only the viewing files content can not carry out other operation, has checked deletion declassified document automatically.
Above embodiment is only unrestricted in order to technical scheme of the present invention to be described, although with reference to preferred embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement technical scheme of the present invention, and not break away from the spirit and scope of technical solution of the present invention.
Claims (12)
1. the method for a protected file content safety, this method may further comprise the steps:
Upload step: when the needs upload file, file encryption type and authorized user are set, and upload file;
Encrypting step: upload file is encrypted according to described encryption type;
Preserve step: with on the file by reference, encryption type, authorization user information deposit in the database configuration table;
Determining step: during file after needs download to be encrypted, judge file after whether the user has permission download this encryptions according to database configuration table information, then refuse download as if lack of competence, as if there being authority then to grant download;
Download step: the file after will encrypting downloads to user side;
Decryption step: set up the separate, stored district at user side, decipher file after this encryption to this separate, stored district according to the encryption type of file in the database configuration table.
2. the method for protected file content safety as claimed in claim 1 is characterized in that, described encrypting step also comprises: the size that file parameters comes log file is set during encryption.
3. the method for protected file content safety according to claim 2; it is characterized in that; described decryption step also comprises: according to the file size of the file parameters record that arranges when encrypting; the size that needs declassified document after relatively encrypting the back file and downloading; judge whether file has and changed; if changed, the prompting user can't decipher.
4. the method for protected file content safety according to claim 1 and 2 is characterized in that, described encrypting step further comprises: redefine file type to encrypting the back file.
5. the method for protected file content safety according to claim 4; it is characterized in that; described decryption step further comprises: relatively whether the file type that redefines after encryption is consistent with the file type of the needs deciphering of download; whether the file of judging the needs deciphering of this download is the file of encrypting before; if not, the prompting user can't decipher.
6. the method for protected file content safety according to claim 1 is characterized in that, this method also comprises step after decryption step:
Utilize the file after special-purpose reader is checked deciphering, this reader can only the viewing files content, can not carry out other operation, has checked and has deleted declassified document automatically.
7. the system of a protected file content safety is characterized in that, this system comprises:
Last transmission module is used for when the needs upload file, and encryption type and the user right of downloading this document are set, and upload file;
Encrypting module is used for according to described encryption type upload file being encrypted;
Preserve module, be used on the file by reference, encryption type, download user authority relevant information deposits the database configuration table in;
Judge module is used for when the file that needs to download after encrypting, judges file after whether the user has permission download this encryption according to database configuration table information, then refuses download as if lack of competence, as if there being authority then to grant download;
Download module, the file after being used for encrypting downloads to user side;
Deciphering module is used for setting up the separate, stored district at user side, and the file of deciphering after this encryptions according to the encryption type of file in the database configuration table arrives this separate, stored district.
8. the system of protected file content safety according to claim 7 is characterized in that, described encrypting module arranges the size that file parameters comes log file when also being used for encrypting.
9. the system of protected file content safety according to claim 8; it is characterized in that; the file size of the file parameters record that described deciphering module arranges when also being used for according to encryption; relatively encrypt the back file and download after need the file size of deciphering; judge whether file has and changed; if changed, the prompting user can't decipher.
10. according to the system of claim 7 or 8 described protected file content safeties, it is characterized in that described encrypting module also is used for redefining file type to encrypting the back file.
11. the system of protected file content safety according to claim 10; it is characterized in that; after also being used for relatively encrypting file type that the back file redefines and downloading, described deciphering module needs the file type of deciphering; judge whether it is the file of encrypting before; if not, the prompting user can't decipher.
12. the system of protected file content safety according to claim 7 is characterized in that, this system also comprises a dedicated reader, and this reader can only the viewing files content and can not carry out other operation, has checked deletion declassified document automatically.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012100043686A CN103198261A (en) | 2012-01-09 | 2012-01-09 | Method and system for protecting file content security |
TW101101523A TW201329776A (en) | 2012-01-09 | 2012-01-16 | System and method for protection of file content security |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012100043686A CN103198261A (en) | 2012-01-09 | 2012-01-09 | Method and system for protecting file content security |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103198261A true CN103198261A (en) | 2013-07-10 |
Family
ID=48720808
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2012100043686A Pending CN103198261A (en) | 2012-01-09 | 2012-01-09 | Method and system for protecting file content security |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103198261A (en) |
TW (1) | TW201329776A (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105160271A (en) * | 2015-08-28 | 2015-12-16 | 英威康科技股份有限公司 | Restorable file protection device control method and restorable file protection method |
CN105915330A (en) * | 2016-06-24 | 2016-08-31 | 武汉斗鱼网络科技有限公司 | Security data sharing method and system |
CN106709852A (en) * | 2015-08-13 | 2017-05-24 | 新人类资讯科技股份有限公司 | Method for generating watermark file and electronic device |
CN107800714A (en) * | 2017-11-10 | 2018-03-13 | 中国民生银行股份有限公司 | A kind of file of client shows method and apparatus |
CN109299611A (en) * | 2018-08-27 | 2019-02-01 | 优视科技新加坡有限公司 | File encrypting method, device, equipment/terminal/server and computer readable storage medium |
CN109347828A (en) * | 2018-10-22 | 2019-02-15 | 北京达佳互联信息技术有限公司 | File Upload and Download method, apparatus, electronic equipment and storage medium |
CN113761546A (en) * | 2020-06-04 | 2021-12-07 | 中车株洲电力机车研究所有限公司 | Method and system for automatically downloading train communication data recording file |
CN114553532A (en) * | 2022-02-22 | 2022-05-27 | 深圳壹账通智能科技有限公司 | Data secure transmission method and device, electronic equipment and storage medium |
CN114785598A (en) * | 2022-04-22 | 2022-07-22 | 博智安全科技股份有限公司 | Encryption and decryption method, device, equipment and storage medium for player identity |
CN116127510A (en) * | 2023-01-10 | 2023-05-16 | 广州集联信息技术有限公司 | Encryption communication system of internet of things data |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI821824B (en) * | 2021-12-16 | 2023-11-11 | 上銀科技股份有限公司 | Method and system of automatically loading of parameters, and serving-end server and client-end server thereof |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060143180A1 (en) * | 2000-03-09 | 2006-06-29 | Pkware, Inc. | System and method for manipulating and managing computer archive files |
CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
CN102215214A (en) * | 2010-07-29 | 2011-10-12 | 上海华御信息技术有限公司 | Selective-transparent-encryption/decryption-based file protection method and system |
-
2012
- 2012-01-09 CN CN2012100043686A patent/CN103198261A/en active Pending
- 2012-01-16 TW TW101101523A patent/TW201329776A/en unknown
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060143180A1 (en) * | 2000-03-09 | 2006-06-29 | Pkware, Inc. | System and method for manipulating and managing computer archive files |
CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
CN102215214A (en) * | 2010-07-29 | 2011-10-12 | 上海华御信息技术有限公司 | Selective-transparent-encryption/decryption-based file protection method and system |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106709852A (en) * | 2015-08-13 | 2017-05-24 | 新人类资讯科技股份有限公司 | Method for generating watermark file and electronic device |
CN105160271A (en) * | 2015-08-28 | 2015-12-16 | 英威康科技股份有限公司 | Restorable file protection device control method and restorable file protection method |
CN105160271B (en) * | 2015-08-28 | 2017-11-10 | 英威康科技股份有限公司 | Reducible formula file protection device control method and reducible formula document protection method |
CN105915330A (en) * | 2016-06-24 | 2016-08-31 | 武汉斗鱼网络科技有限公司 | Security data sharing method and system |
CN107800714A (en) * | 2017-11-10 | 2018-03-13 | 中国民生银行股份有限公司 | A kind of file of client shows method and apparatus |
CN109299611A (en) * | 2018-08-27 | 2019-02-01 | 优视科技新加坡有限公司 | File encrypting method, device, equipment/terminal/server and computer readable storage medium |
CN109347828A (en) * | 2018-10-22 | 2019-02-15 | 北京达佳互联信息技术有限公司 | File Upload and Download method, apparatus, electronic equipment and storage medium |
CN109347828B (en) * | 2018-10-22 | 2019-11-26 | 北京达佳互联信息技术有限公司 | File Upload and Download method, apparatus, electronic equipment and storage medium |
CN113761546A (en) * | 2020-06-04 | 2021-12-07 | 中车株洲电力机车研究所有限公司 | Method and system for automatically downloading train communication data recording file |
CN113761546B (en) * | 2020-06-04 | 2024-05-14 | 中车株洲电力机车研究所有限公司 | Method and system for automatically downloading train communication data record file |
CN114553532A (en) * | 2022-02-22 | 2022-05-27 | 深圳壹账通智能科技有限公司 | Data secure transmission method and device, electronic equipment and storage medium |
CN114785598A (en) * | 2022-04-22 | 2022-07-22 | 博智安全科技股份有限公司 | Encryption and decryption method, device, equipment and storage medium for player identity |
CN116127510A (en) * | 2023-01-10 | 2023-05-16 | 广州集联信息技术有限公司 | Encryption communication system of internet of things data |
Also Published As
Publication number | Publication date |
---|---|
TW201329776A (en) | 2013-07-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103198261A (en) | Method and system for protecting file content security | |
CN1939028B (en) | Accessing protected data on network storage from multiple devices | |
CN101515319B (en) | Cipher key processing method, cipher key cryptography service system and cipher key consultation method | |
CN103067170B (en) | encrypting method based on EXT2 file system | |
CN103237040A (en) | Storage method, storage server and storage client | |
CN102781001A (en) | Method for encrypting built-in file of mobile terminal and mobile terminal | |
JP2009103774A (en) | Secret sharing system | |
CN100426718C (en) | A secure transmission method for media content | |
CN103684765B (en) | Method and device for ciphering and deciphering data in management system | |
CN102024123A (en) | Method and device for importing mirror image of virtual machine in cloud calculation | |
CN105306444B (en) | Burn-after-reading method based on cloud storage | |
CN104123506A (en) | Data access method and device and data encryption storage and access method and device | |
CN103891196A (en) | Secure data exchange method, and communication device and system implementing same | |
CN103177225B (en) | A kind of data managing method and system | |
CN103179514A (en) | Cell phone safe group-sending method and device for sensitive message | |
CN104601820A (en) | Mobile terminal information protection method based on TF password card | |
CN104270380A (en) | End-to-end encryption method and system based on mobile network and communication client side | |
CN101174941B (en) | Off-line digital copyright protection method and device for mobile terminal document | |
CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
CN103164661A (en) | Device and method used for managing data in terminal | |
CN111541652B (en) | System for improving security of secret information keeping and transmission | |
CN103577763A (en) | Mobile terminal device with data protection function and data protection method | |
CN108173906A (en) | Installation kit method for down loading, device, storage medium and electronic equipment | |
CN108494724A (en) | Cloud storage encryption system based on more authorized organization's encryption attribute algorithms and method | |
CN103634313B (en) | Address list processing method and device, as well as mobile terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130710 |