CN103795715A - Privacy protection method, privacy recovery method and privacy protection system - Google Patents
Privacy protection method, privacy recovery method and privacy protection system Download PDFInfo
- Publication number
- CN103795715A CN103795715A CN201410028274.1A CN201410028274A CN103795715A CN 103795715 A CN103795715 A CN 103795715A CN 201410028274 A CN201410028274 A CN 201410028274A CN 103795715 A CN103795715 A CN 103795715A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- privacy information
- phonetic entry
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention provides a client privacy protection method. The client privacy protection method includes the steps of 1, prompting a user to log in, receiving voice input of a user, and performing pattern recognition on the voice input to obtain first recognition result data; 2, receiving voice input of the user and performing pattern recognition on the voice input to obtain second recognition result data; 3, promoting the user to confirm and receive voice input of the user, performing pattern recognition on the voice input to obtain third recognition result data, judging whether the third recognition result data are confirmed meaning expression or not, and if yes, performing encryption on retrieved result data to obtain one or more encryption files; 4, promoting the user to confirm whether the encryption files need to be uploaded or not, receiving voice input of the user, performing pattern recognition on the voice input to obtain fourth recognition result data, judging whether the fourth recognition result data are confirmed meaning expression or not, and if yes, uploading the encryption files to a cloud server. The invention further provides a cloud end privacy protection method, a privacy recovery method and a privacy protection system.
Description
Technical field
The present invention relates to secret protection technical field, relate in particular to a kind of method for secret protection, restoration methods and intimacy protection system.
Background technology
Since First smart mobile phone comes out, userspersonal information is more and more left mobile terminal in, but the same with notebook, also there is loss risk in smart mobile phone, the same with common desktop computer, smart mobile phone also can face viral invasion and attack, and causes user privacy information to reveal.
In prior art, or ciphering process is loaded down with trivial details, or privacy information is not protected, and not yet forms the method for protecting privacy and the system that are simple and easy to use.
Summary of the invention
The technical problem to be solved in the present invention is, for the deficiencies in the prior art, to provide a kind of method for secret protection, restoration methods and intimacy protection system.
According to one aspect of the invention, a kind of client method for secret protection is provided, comprise: step 1, prompting user login, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the first recognition result data, the numerical portion and the terminal computing equipment password that extract wherein compare, if identical, log in successfully; Step 2, reception user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the second recognition result data, judge whether it is the declaration of will of backup privacy information, and if so, retrieval local data base and file obtain meeting the result for retrieval data of privacy information type; Step 3, prompting user confirm and receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 3rd recognition result data, judge whether it is the declaration of will of confirming, if, result for retrieval data are encrypted, obtain one or more encrypt files; Step 4, prompting user determine whether to upload encrypt file, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 4th recognition result data, judge whether it is the declaration of will of confirming, if so, encrypt file is uploaded to Cloud Server.
Optionally, described privacy information type is the privacy information type that user selects, and step 2 comprises: receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 5th recognition result data, judge whether it is the declaration of will of backup privacy information, if so, eject the options interface of privacy information type; Receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 6th recognition result data, the content of itself and privacy information list of types is compared, user-selected privacy information type is carried out to record; According to the privacy information type of record, retrieval local data base and file, obtain result for retrieval data.
Optionally, described privacy information type is the privacy information type of acquiescence.
Optionally, described cipher processing method is the cipher processing method that user selects, and step 3 comprises: prompting user inputs cryptographic algorithm, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 7th recognition result data, the content of itself and cryptographic algorithm list is compared, user-selected cryptographic algorithm title is carried out to record; According to cryptographic algorithm, prompting user inputs key, receives user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain key; Prompting user confirms, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 8th recognition result data, judge whether it is the declaration of will of confirming, if, according to cryptographic algorithm and the key of user's input, result for retrieval data are encrypted, obtain one or more encrypt files.
Optionally, described cipher processing method is the cipher processing method of acquiescence.
Optionally; described client method for secret protection also comprises: step 5, upload after; prompting user selects whether to delete the local backup of the privacy information of having uploaded; receive user's phonetic entry; phonetic entry is carried out to pattern recognition and obtain the 9th recognition result data; judge that whether it is the declaration of will of deleting, and if so, deletes the local backup of the privacy information of having uploaded.
Optionally, recognition result data are ASCII character or UNICODE coding.
Optionally, in step 4, the transmission method that encrypt file is uploaded Cloud Server by client is encrypted transmission method, and wherein, client is transmitting terminal, and Cloud Server is receiving terminal; This encrypted transmission method comprises: first of transmitting terminal drives layer to carry out protocol type inspection to sent packet, determine the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are encrypted according to protocol type; Transmitting terminal by encrypt after Packet Generation to receiving terminal; First of receiving terminal drives layer to carry out protocol type inspection to the packet receiving, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are decrypted, if Decryption failures, packet discard; Drive layer to verify the packet after successful decryption with second of receiving terminal, if authentication failed, packet discard; Wherein: described the first driving layer is IM layer, described the second driving layer is protocol layer; Or described the first driving layer is Miniport layer, described the second driving layer is protocol layer; Or it is all protocol layer that described the first driving layer and second drives layer.
According to a further aspect of the present invention, provide a kind of high in the clouds method for secret protection, comprising: step 1, receive ID value, encryption algorithm type from the computing equipment of the encrypt file of client, client, and the data that receive of preservation; Step 2, according to the content of encrypt file, generate privacy information mark, with encrypt file corresponding preservation one by one; Step 3, Cloud Server send to user by above-mentioned privacy information mark in the mode of note, as recovering one of voucher of privacy information.
Another aspect according to the present invention, a kind of privacy restoration methods is provided, comprise: step 1, Cloud Server receive the request of client, utilize the privacy information mark in this request to search the data set that Cloud Server is preserved, if find relative recording, decipherment algorithm corresponding to encryption algorithm type in the record that utilization obtains carrys out the privacy file of decrypted user; With step 2, Cloud Server by the file transfer after deciphering to client.
Optionally, step 2 also comprises: the file encryption after deciphering is transferred to client by Cloud Server; Client is decrypted the file through encrypted transmission, obtains the private data of backup, and according to data type, private data is returned in the corresponding module of terminal computing equipment.
Optionally, Cloud Server is transmitting terminal, client is receiving terminal, described encrypted transmission method comprises: first of transmitting terminal drives layer to carry out protocol type inspection to sent packet, determine the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are encrypted according to protocol type; Transmitting terminal by encrypt after Packet Generation to receiving terminal; First of receiving terminal drives layer to carry out protocol type inspection to the packet receiving, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are decrypted, if Decryption failures, packet discard; Drive layer to verify the packet after successful decryption with second of receiving terminal, if authentication failed, packet discard; Wherein: described the first driving layer is IM layer, described the second driving layer is protocol layer; Or described the first driving layer is Miniport layer, described the second driving layer is protocol layer; Or it is all protocol layer that described the first driving layer and second drives layer.
Another aspect according to the present invention, provides a kind of intimacy protection system, comprising: secret protection server be arranged in terminal computing equipment, set up by wired or wireless network the secret protection client that data are connected with secret protection server; Wherein, secret protection server is suitable for receiving encrypt file, the computing equipment ID value of client, the encryption algorithm type from secret protection client, preserves the data that receive; Secret protection server is also suitable for the content according to encrypt file, generates privacy information mark, with encrypt file corresponding preservation one by one; Secret protection server is also suitable for above-mentioned privacy information mark to send to client, as recovering one of voucher of privacy information.
Optionally, secret protection client further comprises: display unit, voice-input unit, be suitable for carrying out alternately with user; Voice recognition unit, is connected with voice-input unit, identifies for the phonetic entry to user, obtains recognition result data; Transmission unit, is suitable for being connected with secret protection server by network; Control unit, be connected with display unit, voice recognition unit and transmission unit respectively, the login process that is suitable for controlling display unit and voice recognition unit completing user is mutual, backup privacy information process interface, be also suitable for controlling display unit, voice recognition unit and transmission unit completing user upload privacy information process interface, to delete local privacy information backup procedure mutual.
Transmission encryption method comprises: first of transmitting terminal drives layer to carry out protocol type inspection to sent packet, determine the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are encrypted according to protocol type; Transmitting terminal by encrypt after Packet Generation to receiving terminal; First of receiving terminal drives layer to carry out protocol type inspection to the packet receiving, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are decrypted, if Decryption failures, packet discard; Second of receiving terminal drives layer to verify the packet after successful decryption, if authentication failed, packet discard.
Optionally, the first driving layer is IM layer, and described the second driving layer is protocol layer; Or described the first driving layer is Miniport layer, described the second driving layer is protocol layer; Or it is all protocol layer that described the first driving layer and second drives layer.If described protocol type is udp protocol, first of transmitting terminal drive floor in the UDP stem of packet, source port, target port, data length field and/or real data district be encrypted.If described protocol type is ICMP agreement, first of transmitting terminal drives layer to be encrypted type field, code field and/or data field in the ICMP stem of packet.
Compared with prior art, the invention has the advantages that:
1, embodiment disclosed by the invention utilizes voice control to complete privacy information protection process, can give full play to the feature of the computing equipments such as smart mobile phone, is user-friendly to.
2,, while uploading the private data after user encryption, in network packet, unique ID of the hardware of the current mobile phone of uploading privacy can be uploaded together.This ID can deposit the database of server end in, as the one mark of recognin machine tool.So the method providing in the embodiment of the present invention can complete the identification of composite aircraft.
Accompanying drawing explanation
Fig. 1 is the structure diagram of the intimacy protection system that provides according to one embodiment of the invention;
Fig. 2 is the client method for secret protection flow chart providing according to one embodiment of the invention;
Fig. 3 is the high in the clouds method for secret protection flow chart providing according to one embodiment of the invention;
Fig. 4 is the privacy restoration methods flow chart providing according to one embodiment of the invention;
Fig. 5 is computer network, the computer system hierarchical structure contrast schematic diagram providing according to one embodiment of the invention;
Fig. 6 is the data envelope process of assembling schematic diagram providing according to one embodiment of the invention;
Fig. 7 is the UDP stem structural representation providing according to one embodiment of the invention;
Fig. 8-9th, the intimacy protection system structural representation providing according to a further embodiment of the invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with accompanying drawing, the present invention is described in more detail.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
term definition
(1) computing equipment (Computing Device): refer to the equipment that can carry out data processing and calculating including desktop computer (PC), server, smart mobile phone, notebook computer, panel computer (Pad) etc.
(2) packet: bag (Packet) is the data unit in ICP/IP protocol communications, generally also claims " packet "; Wherein, comprise stem and data portion (being data field), stem is the data for data portion is encapsulated according to each host-host protocol, and data portion refers generally to user data.
(3) Cloud Server: being the important component part of cloud computing service, is the service platform that integrated service ability is provided towards all kinds of Internet users.
Each clustered node of Cloud Server platform is deployed in the key data center of the Internet, and the Internet infrastructure services such as calculating, storage, online backup, trustship, bandwidth can be independently provided.
(4) server (or background service program): refer to the service moving on Cloud Server, be mainly used in providing various services to terminal computing equipment.
method for secret protection
According to one embodiment of the invention, a kind of intimacy protection system is provided, as shown in Figure 1, this system comprises:
Cloud Server 11, is suitable for preserving user's encryption private data;
One or more terminal computing equipments, comprising: smart mobile phone 12, notebook 13 and desktop computer (PC) 14, and these terminal computing equipments are set up data by wired or wireless network with Cloud Server 11 and are connected;
Wherein, terminal computing equipment deploy secret protection client, coordinates the private data of completing user upload, download and protect with Cloud Server 11.
According to one embodiment of the invention, for the intimacy protection system in Fig. 1, provide a kind of secret protection process, describe as an example of mobile phone 12 example, this process comprises:
1, start mobile phone private protection client;
The sound identification module prompting input control password of 2, secret protection client;
3, user speech is said " password is 123456, determines ", and sound identification module receives and judges that whether password is correct:
If judge Password Input mistake, refusal logs in;
If judge that Password Input is correct, login successfully;
4, after mobile phone private protection client terminal start-up, user gives the sound identification module of secret protection client by phonetic entry " backup privacy information ", eject the options interface of privacy information type, for example comprise: SMS, photo, the IM information (information of for example micro-letter, the information of QQ, the information of MSN, the information of Skype etc.), the type such as file, can also comprise user-defined file or data type, user wishes the privacy information type of selecting by phonetic entry;
5, user gives the sound identification module of secret protection client by phonetic entry " OK " or " good ", enters to encrypt to control interface;
6, encrypting in control interface, for example, showing: selecting the key of cryptographic algorithm, encryption, definite, cancel button;
7, user by phonetic entry cryptographic algorithm title and key information the sound identification module to secret protection client;
For example, user says " selecting des encryption algorithm " by voice, has just selected the des encryption algorithm in cryptographic algorithm; For example, user says " key is abcdef " by voice,, in key guide look, inputs abcdef; For example, user says " good " or " determining " by voice, just clicks and determines; For example, user says " cancellation " by voice, just abandons cryptographic operation, leaves to encrypt and controls in interface;
8,, after user determines, the selection of the encrypting module of secret protection client based on user and according to the type of privacy information (being private data), processes private data to generate multiple encrypt files;
9, user need upload the sound identification module of privacy information instruction to secret protection client by phonetic entry, and user's privacy information is uploaded Cloud Server by the transport module of secret protection client;
10, Cloud Server (for example, the server software of Cloud Server end), according to file content, generates unique privacy information mark, with file corresponding depositing one by one; For example: the file smb.1 by name after encryption, its sha1 value is 240BAC109C3ECD6BC4210AC0759FC781E0C63B47, uses this sha1 value, as unique privacy information mark;
It should be noted that, the encrypt file that client had been encrypted uploads to Cloud Server, and what Cloud Server read is the content after encrypting, rather than real content;
For example generate the method for privacy information mark: use SHA1 algorithm, together with the unique hardware ID of the mobile phone of the content of file and collection, calculate one 128 or longer hash value, as the unique identification of privacy file;
11, Cloud Server identifies above-mentioned privacy information, sends to user in the mode of note, as recovering one of voucher of privacy information.
12, after secret protection client upload; whether prompting user deletes the local backup of the privacy information of having uploaded, and for example, according to the user's who receives phonetic entry operation; user says " deletion ", and secret protection client is deleted the local backup of the privacy information of having uploaded.
Wherein, privacy information mark, as a mark of unique identification encrypt file, when user need be in the time that Cloud Server end be inquired about relevant encrypt file, is used this privacy information mark as recovering one of voucher of privacy information
According to one embodiment of the invention, if sound identification module judges user and inputs continuous three mistakes, in regular hour section, (can customize) refusal login, and the information of login failure is uploaded to Cloud Server, Cloud Server pushes the note of an error reporting to user mobile phone, user can be to Cloud Server sending controling instruction, request Cloud Server completes the operation (note of error reporting of oneself wanting, summary info can only be provided, mobile phone terminal can send relevant request instruction, give server end, inquire about relevant details).
For example; server (being background service program) provides the function of a dump; user thinks that the program of server end sends note order: #ZCBH (phonetic of dump protection)-1, command server end carries out dump protection to file 1.
Based on said process, according to one embodiment of the invention, provide a kind of client method for secret protection.As shown in Figure 2, this method for secret protection S10 comprises:
S11, prompting user login, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character (or the Unicode of Chinese character coding), the numerical portion and the computing equipment password that extract wherein compare, if identical, log in successfully, if different, log in failure;
It will be understood by those skilled in the art that above-mentioned speech pattern recognition can complete or download the speech recognition program based on MATLAB exploitation of increasing income on the net based on MATLAB interface;
S12, reception user's phonetic entry, carries out pattern recognition to phonetic entry and obtains ASCII character, and whether identification ASCII character is the declaration of will of backup privacy information, if so, ejects the options interface of privacy information type;
S13, reception user's phonetic entry, carries out pattern recognition to phonetic entry and obtains ASCII character, and the content of ASCII character and privacy information list of types is compared, and user-selected privacy information type is carried out to record; Wherein, in privacy information list of types, include but not limited to SMS, photo, IM information, file;
S14, according to the privacy information type of record, retrieval local data base and file, obtain result for retrieval data;
S15, prompting user input cryptographic algorithm, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, and the content of ASCII character and cryptographic algorithm list is compared, and user-selected cryptographic algorithm title is carried out to record;
S16, according to cryptographic algorithm, prompting user inputs key, receives user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, be i.e. key;
S17, prompting user confirm, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, whether identification ASCII character is the declaration of will of confirming, if, according to cryptographic algorithm and the key of user's input, result for retrieval data are encrypted, obtain one or more encrypt files;
S18, prompting user determine whether to upload encrypt file, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, and whether identification ASCII character is the declaration of will of confirming, if so, encrypt file is uploaded to Cloud Server.
According to a further embodiment of the invention, step S13 and S14 can, with the type of process of acquiescence, omit S13 and S14, and step S12 comprises simultaneously:
Receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, whether identification ASCII character is the declaration of will of backup privacy information, if, according to the privacy information type of acquiescence, retrieval local data base and file, obtain result for retrieval data.
According to a further embodiment of the invention, step S15 and S16 can, with the cryptographic algorithm processing of acquiescence, omit S15 and S16, and step S17 comprises simultaneously:
Prompting user confirms, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, whether identification ASCII character is the declaration of will of confirming, if, according to cryptographic algorithm and the key of acquiescence, result for retrieval data are encrypted, obtain one or more encrypt files.
According to a further embodiment of the invention, after step S18, method for secret protection S10 also comprises:
S19, upload after, prompting user selects whether to delete the local backup of the privacy information of having uploaded, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain ASCII character, whether identification ASCII character is the declaration of will of deleting, if so, delete the local backup of the privacy information of having uploaded.
Based on said process, according to one embodiment of the invention, provide a kind of high in the clouds method for secret protection.As shown in Figure 3, S20 comprises:
S21, receive ID value from the computing equipment of the encrypt file of client, client (value that can unique sign client computing device, for example International Mobile Equipment Identity code/IMEI code), encryption algorithm type, and preserve the data that receive;
S22, according to the content of encrypt file, generate corresponding unique identification---privacy information mark, with encrypt file corresponding preservation one by one;
S23, Cloud Server identify above-mentioned privacy information, send to user in the mode of note, as recovering one of voucher of privacy information.
According to one embodiment of the invention, provide a kind of privacy restoration methods.As shown in Figure 4, privacy restoration methods S30 comprises:
S31, Cloud Server receive the request (comprising privacy information mark) of client, Cloud Server utilizes the privacy information mark in this request to search the data set of its preservation, if find relative recording, decipherment algorithm corresponding to encryption algorithm type in the record that utilization obtains carrys out the privacy file of decrypted user;
S32, Cloud Server transmit encrypting and transmitting to client to the file after deciphering;
S33, client are decrypted the file of encrypting through transmission, obtain the private data of backup, and according to data type, private data are returned in the corresponding module of computing equipment.
In order further to guarantee transmission security, in step S32, S18, be necessary to design new transmission encryption method, will introduce in detail below.
network of computing devices communications analysis
As shown in Figure 5, inventor finds after deliberation:
If computing equipment need to carry out network service, generally support TCP/IP five layer models, comprising:
The architecture of computing equipment itself generally comprises:
Application software layer 111 (being shown as application software in figure);
Operating system layer 112 (be shown as operating system in figure, it comprises hardware abstraction layer HAL, and HAL is positioned at the operating system bottom); And
Hardware device level 113 (be shown as hardware device in figure, it comprises network interface card, video card etc.).
For above-mentioned two kinds of hierarchical structures, usually, application software 111 is corresponding with application layer 101, and operating system 112 is corresponding with transport layer 102, network layer 103 and link layer 104, and hardware device 113 (network interface card) is corresponding with physical layer 105.
And, in operating system 112, comprise from bottom to top:
(1) Miniport drives 123, Miniport drives as Miniport Driver (or Miniport Driver), Miniport driver can complete the operation to network interface card by NDIS interface, open Miniport interface calls for upper layer drivers simultaneously, also can realize network interface card with Miniport driver and drive;
(2) IM drives 122, IM drives as intermediary layer driving (or intermediate layer driving), IM is between Miniport and protocol driver, and intermediate layer drives or intermediate driver has Miniport and two kinds of UDIs of agreement simultaneously;
(3) protocol-driven 121, protocol-driven or protocol driver are called encapsulation for other parts of operating system, and supply application call with the form of operating system API.
In addition, protocol-driven 121, IM driving 122 and Miniport drive 123 also can be called protocol-driven unit 121, IM driver element 122 and Miniport driver element 123.
In addition, protocol-driven 121, IM driving 122 and Miniport drive 123 also can be called protocol layer driving 121 (abbreviation protocol layers), IM layer driving 122 (being called for short IM layers) and Miniport layer driving 123 (being called for short Miniport layers).
For above-mentioned two kinds of hierarchical structures, usually, the corresponding protocol-driven 121 of network layer 103 and IM drive 122, and the corresponding Miniport of link layer 33 drives 123.
Based on three kinds of hierarchical structures in Fig. 5, for the transmitting procedure of a packet, be transmitted as example and describe with Windows operating system platform, UDP below.
The transmitting procedure of UDP comprises:
API → data distributing of application layer software → call WS2_32.DLL is driving (a kind of protocol-driven) → IM driving → Miniport driving → network interface card to UDP to SPI → data.
Concrete:
(1) application layer: obtain data to be sent and port number information, turn by the relevant API of WS2_32.dll and process, and after WS2_32.dll processing, give SPI (ISP's interface) to process;
(2) transport layer: SPI is disposed, transfers to TDI (transmission drives interface) to process, and TDI is suitable for TCP and UDP message bag to monitor;
(3) network layer: TDI is disposed, transfers to NDIS (network-driven interface specification) to process;
(4) link layer: NDIS is disposed, transfers to network interface card to send;
(5) physical layer: network interface card sends data.
Inventor also finds after deliberation:
Be transmitted as example with UDP, as shown in Figure 6, carrying out according to Networks Layered Model in the process of transfer of data, user data 201 is encapsulated step by step, and encapsulation process comprises:
(1), in transport layer 102, user data 201 is added UDP stem (institutional framework of header data will describe in detail below);
(2), in network layer 103, the packet that user data 201 and UDP stem 211 form is added IP stem 221;
(3), at link layer 104, the packet that user data 201, UDP stem 211 and IP stem 221 form is added Ethernet stem 231 and Ethernet afterbody 232, becomes ethernet frame.
In addition, for different agreements, the data of the stem of the packet of its encapsulation are different, table 1 has shown in TCP/IP five layer network models, the corresponding relation of each agreement and network layer, wherein, each agreement (and english abbreviation of title) is those skilled in the art's common practise, repeats no more.
And, the stem of packet is very little with respect to data portion, and take UDP as example, its stem as shown in Figure 7, comprise 8 bytes, wherein have 303 and 16 UDP verifications and 304 of 302,16 UDP length of 301,16 UDP destination slogans of 16 UDP source port numbers.After UDP stem, it is data portion 305.
Table 1
| Network layer | Procotol |
| Application layer | HTTP/Telnet/FTP/SMTP/SNMP |
| Transport layer | TCP/UDP |
| Network layer | IP/ICMP/IGMP |
| Link layer | ARP/RARP/SLIP/PPP/IEEE802.x |
For above-mentioned discovery, inventor proposes: transmit for packet networks, carry out the processing of equal length encryption and decryption for the stem of packet, can confirm the main body of communicating by letter, neither affect active computer network service processing procedure, also can not cause obvious impact to performance, can also improve greatly the fail safe of computer network communication.
For the agreement that above-mentioned table 1 is enumerated is carried out unified processing, according to one embodiment of the invention, it is as follows that inventor proposes basic secure communication process P10:
Wherein, the both sides that communicate are called to data sending terminal and data receiver;
P11, transmitting terminal carry out equal length encryption to the one or more fields in the stem of packet; Also can carry out the equal length encryption of identical or different method to data field simultaneously;
P12, transmitting terminal by the Packet Generation after encrypting to receiving terminal;
P13, receiving terminal receive after packet, and the one or more fields in the stem of packet are carried out to equal length deciphering;
P14, receiving terminal are verified the packet receiving, if authentication failed, by data packet discarding.
Like this, the problem (communicate by letter with udp protocol for TCP, rogue program is by hook SPI) described in background technology can solve.Concrete, suppose that receiving terminal has SPI hook to pretend to forward to packet, while transmission due to packet, can pass through NDIS layer downwards, process P10 can be encrypted packet radicals by which characters are arranged in traditional Chinese dictionaries and/or data field, like this, even if data have been forwarded to other non-object client, because non-object client is not disposed NDIS decryption method (being process P10), therefore, non-object client to data be encrypted.So just guarantee that in situation that packet maliciously forwarded, the content of data field is also safe, has realized anti-object of divulging a secret.
According to a further embodiment of the invention, if encryption and decryption processing is also carried out in data field, the situation of authentication failed in P14, is described below for example:
Suppose that original data field content is: 12345678, the parity values of raw data packets is assumed to be 0x12dc, and it is 87654321 that the content after encryption has been carried out in data field;
Receiving terminal is received after packet (data content is what to encrypt), be decrypted, reduce for 12345678 data field, in the time that packet continues to send to protocol-driven, protocol-driven can be carried out parity check to packet, if inconsistent, checking is just failed, and packet abandons immediately.
Thereby those skilled in the art will appreciate that the stem to packet and data portion are carried out encryption and decryption processing respectively, can realize multi-level protection.
Concrete, take UDP and ICMP data communication process as example, secure communication process is described as follows below:
uDP message transmitting procedure
1, transmitting terminal, for example, at the IM of NDIS layer, in UDP stem, source port, target port, data length field and/or real data district carry out equal length encryption;
2, transmitting terminal by encrypt after Packet Generation to receiving terminal;
3, receiving terminal receives after packet, for example, at the IM of NDIS layer, in UDP stem, source port, target port, data length field and/or real data district be decrypted, and for example protocol layer continues to send to upper strata;
4, receiving terminal, for example protocol layer, verifies the packet receiving, if authentication failed, by data packet discarding; So just realize UDP message bag has been transmitted to complete management and control.
iCMP data transmission procedure
1, transmitting terminal, for example, at the IM of NDIS layer, carry out equal length encryption to the type field in ICMP stem, code field and/or data field;
2, transmitting terminal by encrypt after Packet Generation to receiving terminal;
3, receiving terminal receives after packet, and for example, at the IM of NDIS layer, type field, code field and/or data field to ICMP stem are decrypted, and for example protocol layer continues to send to upper strata;
4, receiving terminal, for example protocol layer, verifies the packet receiving, if authentication failed, by data packet discarding; So just realize ICMP packet has been transmitted to complete management and control.
transmission encryption method
Based on above-mentioned secure communication process, according to one embodiment of the invention, provide a kind of safety communicating method, comprising:
The IM layer of S41, transmitting terminal carries out protocol type inspection to sent packet, determines the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are carried out equal length encryption according to protocol type; Wherein, data portion is encrypted and can realizes multilayer protection to packet;
S42, by encrypt after Packet Generation to receiving terminal;
The IM layer of S43, receiving terminal carries out protocol type inspection to the packet receiving, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are carried out equal length deciphering;
The protocol layer of S44, receiving terminal is verified the packet after deciphering, if authentication failed, packet discard.
According to one embodiment of the invention, the method for in step S16, packet being verified is parity check.
According to a further embodiment of the invention, provide a kind of safety communicating method, comprising:
S51, carry out protocol type inspection at the Miniport of transmitting terminal layer to sent packet, determine the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are carried out equal length encryption according to protocol type; Wherein, data portion is encrypted and can realizes multilayer protection to packet;
S52, by encrypt after Packet Generation to receiving terminal;
S53, at the Miniport of receiving terminal layer, the packet receiving is carried out to protocol type inspection, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are carried out equal length deciphering;
S54, packet after the protocol layer of receiving terminal is to deciphering are verified, if authentication failed, packet discard.
According to a further embodiment of the invention, above-mentioned steps S41 and S51 can carry out at the protocol layer of transmitting terminal, and correspondingly, above-mentioned steps S43 and S53 carry out at the protocol layer of receiving terminal.
It will be understood by those skilled in the art that protocol type inspection and packet authentication operation in said method also can complete in other levels of computer operating system or driving, as long as can realize object of the present invention.
It will be appreciated by those skilled in the art that, encryption method in said method is that equal length is encrypted, also can be the cryptographic algorithm of other types, for example, according to a further embodiment of the invention, can adopt non-isometric degree encrypting and decrypting algorithm to the encipher-decipher method of data portion, simultaneously the check field in the stem in Update Table bag.
Adopt above-mentioned transmission encryption method, advantage is: (1), by the encrypting and decrypting to each packet, has realized the real-time protection of each packet to sending; (2) be subject to after rogue program attack in communication main body, the information of protection communication main body is not divulged a secret; (3), for anonymous analyst, increased the difficulty of analyzing packet; (4) again the True Data district of packet is encrypted, can changing under the prerequisite of data package size, realized the multilayer protection to packet.
Thereby, in step S32, can utilize above-mentioned transmission encryption method to carry out the transmission cryptographic operation between client and server.Meanwhile, in step S21 and step S31, also can utilize above-mentioned transmission encryption method to carry out the transmission cryptographic operation between client and server.
intimacy protection system
With above-mentioned method for secret protection correspondingly, according to one embodiment of the invention, provide a kind of intimacy protection system, as shown in Figure 8, this system comprises:
Wherein, secret protection server 81 is suitable for: receive encrypt file, the computing equipment ID value of client, encryption algorithm type from client, and preserve the data that receive; According to the content of encrypt file, generate corresponding unique identification---privacy information mark, with encrypt file corresponding preservation one by one; Above-mentioned privacy information mark is sent to client, as recovering one of voucher of privacy information.
Wherein, as shown in Figure 9, secret protection client 82 further comprises:
Wherein, login process comprises the content in above-mentioned steps S11 alternately, for example comprise: control unit 821 points out user to login by display unit 822, voice-input unit 823 receives user's phonetic entry, and voice recognition unit 824 carries out pattern recognition to phonetic entry and obtains ASCII character, and numerical portion and computing equipment password that control unit 821 extracts wherein compare, if identical, log in successfully, if different, log in failure.Wherein, backup privacy information process interface comprises the content in above-mentioned steps S12-S17; Upload privacy information process interface and comprise the content in above-mentioned steps S18; Delete local privacy information backup procedure and comprise alternately the content in above-mentioned steps S19; Here repeat no more.
According to a further embodiment of the invention, control unit 821 is also suitable for controlling the recovery privacy information process interface of display unit 822, voice recognition unit 824 and transmission unit 825 completing users, comprising:
Voice-input unit 823 receives user's phonetic entry, voice recognition unit 824 carries out pattern recognition to phonetic entry and obtains ASCII character, whether control unit 821 is identified ASCII character is the declaration of will that recovers privacy information, if so, control unit 821 is sent and recovers privacy information request or recover private data request to secret protection server 81 by transmission unit 825;
Now, secret protection server 81 is also suitable for: client-based request, utilizes the PKI of the cryptographic algorithm of preserving to carry out the privacy file of decrypted user; File after deciphering is transmitted to encrypting and transmitting to client.
Should be noted that and understand, in the situation that not departing from the desired the spirit and scope of the present invention of accompanying claim, can make various modifications and improvement to the present invention of foregoing detailed description.Therefore, the scope of claimed technical scheme is not subject to the restriction of given any specific exemplary teachings.
Claims (10)
1. a client method for secret protection, comprising:
Step 1, prompting user login, receive user's phonetic entry, phonetic entry carried out to pattern recognition and obtain the first recognition result data, and the numerical portion and the terminal computing equipment password that extract wherein compare, if identical, log in successfully;
Step 2, reception user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the second recognition result data, judge whether it is the declaration of will of backup privacy information, and if so, retrieval local data base and file obtain meeting the result for retrieval data of privacy information type;
Step 3, prompting user confirm and receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 3rd recognition result data, judge whether it is the declaration of will of confirming, if, result for retrieval data are encrypted, obtain one or more encrypt files;
Step 4, prompting user determine whether to upload encrypt file, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 4th recognition result data, judge whether it is the declaration of will of confirming, if so, encrypt file is uploaded to Cloud Server.
2. client method for secret protection according to claim 1, wherein, described privacy information type is the privacy information type that user selects, and step 2 comprises:
Receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 5th recognition result data, judge that whether it is the declaration of will of backup privacy information, if so, ejects the options interface of privacy information type;
Receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 6th recognition result data, the content of itself and privacy information list of types is compared, user-selected privacy information type is carried out to record;
According to the privacy information type of record, retrieval local data base and file, obtain result for retrieval data.
3. client method for secret protection according to claim 1, wherein, described cipher processing method is the cipher processing method that user selects, and step 3 comprises:
Prompting user inputs cryptographic algorithm, receives user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 7th recognition result data, and the content of itself and cryptographic algorithm list is compared, and user-selected cryptographic algorithm title is carried out to record;
According to cryptographic algorithm, prompting user inputs key, receives user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain key;
Prompting user confirms, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 8th recognition result data, judge whether it is the declaration of will of confirming, if, according to cryptographic algorithm and the key of user's input, result for retrieval data are encrypted, obtain one or more encrypt files.
4. client method for secret protection according to claim 1, also comprises:
Step 5, upload after, prompting user selects whether to delete the local backup of the privacy information of having uploaded, receive user's phonetic entry, phonetic entry is carried out to pattern recognition and obtain the 9th recognition result data, judge whether it is the declaration of will of deleting, if so, delete the local backup of the privacy information of having uploaded.
5. client method for secret protection according to claim 1, in step 4, the transmission method that encrypt file is uploaded Cloud Server by client is encrypted transmission method, and wherein, client is transmitting terminal, and Cloud Server is receiving terminal;
This encrypted transmission method comprises:
First of transmitting terminal drives layer to carry out protocol type inspection to sent packet, determines the protocol type of packet to be sent, and one or more fields of the stem to packet and/or the data portion of packet are encrypted according to protocol type;
Transmitting terminal by encrypt after Packet Generation to receiving terminal;
First of receiving terminal drives layer to carry out protocol type inspection to the packet receiving, determine the protocol type of the packet receiving, and according to protocol type, with transmitting terminal correspondingly, one or more fields of the stem to packet and/or the data portion of packet are decrypted, if Decryption failures, packet discard; With
Second of receiving terminal drives layer to verify the packet after successful decryption, if authentication failed, packet discard;
Wherein:
Described the first driving layer is IM layer, and described the second driving layer is protocol layer; Or
Described the first driving layer is Miniport layer, and described the second driving layer is protocol layer; Or
It is all protocol layer that described the first driving layer and second drives layer.
6. a high in the clouds method for secret protection, comprising:
Step 1, receive ID value, encryption algorithm type from the terminal computing equipment at the encrypt file of client, client place, and the data that receive of preservation;
Step 2, according to the content of encrypt file, generate privacy information mark, with encrypt file corresponding preservation one by one;
Step 3, Cloud Server send to user by above-mentioned privacy information mark in the mode of note, as recovering one of voucher of privacy information.
7. a privacy restoration methods, comprising:
Step 1, Cloud Server receive the request of client, utilize the privacy information mark in this request to search the data set that Cloud Server is preserved, if find relative recording, decipherment algorithm corresponding to encryption algorithm type in the record that utilization obtains carrys out the privacy file of decrypted user; With
Step 2, Cloud Server by the file transfer after deciphering to client.
8. privacy restoration methods according to claim 7, wherein, step 2 also comprises:
The file encryption after deciphering is transferred to client by Cloud Server;
Client is decrypted the file through encrypted transmission, obtains the private data of backup, and according to data type, private data is returned in the corresponding module of terminal computing equipment.
9. an intimacy protection system, comprising: secret protection server be arranged in terminal computing equipment, set up by wired or wireless network the secret protection client that data are connected with secret protection server;
Wherein, secret protection server is suitable for receiving encrypt file, the terminal computing equipment ID value at client place, the encryption algorithm type from secret protection client, preserves the data that receive;
Secret protection server is also suitable for the content according to encrypt file, generates privacy information mark, with encrypt file corresponding preservation one by one;
Secret protection server is also suitable for above-mentioned privacy information mark to send to client, as recovering one of voucher of privacy information.
10. intimacy protection system according to claim 9, wherein, secret protection client further comprises:
Display unit, voice-input unit, be suitable for carrying out alternately with user;
Voice recognition unit, is connected with voice-input unit, identifies for the phonetic entry to user, obtains recognition result data;
Transmission unit, is suitable for being connected with secret protection server by network;
Control unit, be connected with display unit, voice recognition unit and transmission unit respectively, the login process that is suitable for controlling display unit and voice recognition unit completing user is mutual, backup privacy information process interface, be also suitable for controlling display unit, voice recognition unit and transmission unit completing user upload privacy information process interface, to delete local privacy information backup procedure mutual.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410028274.1A CN103795715A (en) | 2014-01-20 | 2014-01-20 | Privacy protection method, privacy recovery method and privacy protection system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410028274.1A CN103795715A (en) | 2014-01-20 | 2014-01-20 | Privacy protection method, privacy recovery method and privacy protection system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103795715A true CN103795715A (en) | 2014-05-14 |
Family
ID=50671001
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410028274.1A Pending CN103795715A (en) | 2014-01-20 | 2014-01-20 | Privacy protection method, privacy recovery method and privacy protection system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103795715A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104079568A (en) * | 2014-06-27 | 2014-10-01 | 东湖软件产业股份有限公司 | Method and system for preventing file leakage based on cloud storage technology |
| CN104519127A (en) * | 2014-12-11 | 2015-04-15 | 天津大学 | Method for protecting personal information in mobile phone |
| CN105160261A (en) * | 2015-04-30 | 2015-12-16 | 北京车音网科技有限公司 | File encryption and decryption method and device |
| CN105244030A (en) * | 2015-09-24 | 2016-01-13 | 北京车音网科技有限公司 | File encryption method and electronic equipment |
| CN106156636A (en) * | 2015-03-24 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method and apparatus of private information management |
| CN106209761A (en) * | 2015-05-29 | 2016-12-07 | 松下电器(美国)知识产权公司 | Analog information search method, termination and analog information searching system |
| CN106375366A (en) * | 2016-05-31 | 2017-02-01 | 深圳市美贝壳科技有限公司 | File privacy protection system |
| CN106919849A (en) * | 2015-12-24 | 2017-07-04 | 北京三星通信技术研究有限公司 | Method for secret protection and device |
| CN106973072A (en) * | 2017-05-24 | 2017-07-21 | 深圳市乃斯网络科技有限公司 | Network link encryption method and system based on terminal |
| WO2017140154A1 (en) * | 2016-02-16 | 2017-08-24 | 上海斐讯数据通信技术有限公司 | Method and system for security information management based on intelligent platform |
| CN108705958A (en) * | 2017-04-10 | 2018-10-26 | 李尔公司 | The system and method for secret protection for seat bio-identification |
| CN111274607A (en) * | 2020-01-20 | 2020-06-12 | 福建奇点时空数字科技有限公司 | Mobile application data privacy protection method based on virtual machine |
| CN112866389A (en) * | 2021-01-21 | 2021-05-28 | 同方电子科技有限公司 | Slip protocol-based file transmission method and device in short-wave radio station communication |
| CN113360948A (en) * | 2021-06-30 | 2021-09-07 | 令牌云(上海)科技有限公司 | Method and device for protecting user secret data |
| CN115633108A (en) * | 2022-12-22 | 2023-01-20 | 富算科技(上海)有限公司 | Method, system, device and medium for detecting original data of private computing platform |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1411183A (en) * | 2001-09-29 | 2003-04-16 | 华为技术有限公司 | Method of expanding storage space for mobile terminal user |
| CN101557551A (en) * | 2009-05-11 | 2009-10-14 | 成都市华为赛门铁克科技有限公司 | Cloud service accessing method, device and communication system thereof for mobile terminal |
| US20100114833A1 (en) * | 2008-10-31 | 2010-05-06 | Netapp, Inc. | Remote office duplication |
| CN102130768A (en) * | 2010-12-20 | 2011-07-20 | 西安西电捷通无线网络通信股份有限公司 | Terminal equipment having capability of encrypting and decrypting link layer and data processing method thereof |
| CN102638565A (en) * | 2012-02-27 | 2012-08-15 | 无锡华赛信息技术有限公司 | Mobile phone cloud encryption backup and recovery method based on cloud architecture |
| CN103366743A (en) * | 2012-03-30 | 2013-10-23 | 北京千橡网景科技发展有限公司 | Voice-command operation method and device |
| CN103457733A (en) * | 2013-08-15 | 2013-12-18 | 中电长城网际系统应用有限公司 | Data sharing method and system under cloud computing environment |
-
2014
- 2014-01-20 CN CN201410028274.1A patent/CN103795715A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1411183A (en) * | 2001-09-29 | 2003-04-16 | 华为技术有限公司 | Method of expanding storage space for mobile terminal user |
| US20100114833A1 (en) * | 2008-10-31 | 2010-05-06 | Netapp, Inc. | Remote office duplication |
| CN101557551A (en) * | 2009-05-11 | 2009-10-14 | 成都市华为赛门铁克科技有限公司 | Cloud service accessing method, device and communication system thereof for mobile terminal |
| CN102130768A (en) * | 2010-12-20 | 2011-07-20 | 西安西电捷通无线网络通信股份有限公司 | Terminal equipment having capability of encrypting and decrypting link layer and data processing method thereof |
| CN102638565A (en) * | 2012-02-27 | 2012-08-15 | 无锡华赛信息技术有限公司 | Mobile phone cloud encryption backup and recovery method based on cloud architecture |
| CN103366743A (en) * | 2012-03-30 | 2013-10-23 | 北京千橡网景科技发展有限公司 | Voice-command operation method and device |
| CN103457733A (en) * | 2013-08-15 | 2013-12-18 | 中电长城网际系统应用有限公司 | Data sharing method and system under cloud computing environment |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104079568A (en) * | 2014-06-27 | 2014-10-01 | 东湖软件产业股份有限公司 | Method and system for preventing file leakage based on cloud storage technology |
| CN104519127A (en) * | 2014-12-11 | 2015-04-15 | 天津大学 | Method for protecting personal information in mobile phone |
| CN106156636A (en) * | 2015-03-24 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method and apparatus of private information management |
| CN105160261A (en) * | 2015-04-30 | 2015-12-16 | 北京车音网科技有限公司 | File encryption and decryption method and device |
| CN106209761A (en) * | 2015-05-29 | 2016-12-07 | 松下电器(美国)知识产权公司 | Analog information search method, termination and analog information searching system |
| CN105244030A (en) * | 2015-09-24 | 2016-01-13 | 北京车音网科技有限公司 | File encryption method and electronic equipment |
| CN106919849A (en) * | 2015-12-24 | 2017-07-04 | 北京三星通信技术研究有限公司 | Method for secret protection and device |
| WO2017140154A1 (en) * | 2016-02-16 | 2017-08-24 | 上海斐讯数据通信技术有限公司 | Method and system for security information management based on intelligent platform |
| CN106375366A (en) * | 2016-05-31 | 2017-02-01 | 深圳市美贝壳科技有限公司 | File privacy protection system |
| CN108705958B (en) * | 2017-04-10 | 2022-02-01 | 李尔公司 | System and method for privacy protection for seat biometric identification |
| CN108705958A (en) * | 2017-04-10 | 2018-10-26 | 李尔公司 | The system and method for secret protection for seat bio-identification |
| CN106973072A (en) * | 2017-05-24 | 2017-07-21 | 深圳市乃斯网络科技有限公司 | Network link encryption method and system based on terminal |
| CN111274607A (en) * | 2020-01-20 | 2020-06-12 | 福建奇点时空数字科技有限公司 | Mobile application data privacy protection method based on virtual machine |
| CN112866389A (en) * | 2021-01-21 | 2021-05-28 | 同方电子科技有限公司 | Slip protocol-based file transmission method and device in short-wave radio station communication |
| CN112866389B (en) * | 2021-01-21 | 2022-09-16 | 同方电子科技有限公司 | Slip protocol-based file transmission method and device in short-wave radio station communication |
| CN113360948A (en) * | 2021-06-30 | 2021-09-07 | 令牌云(上海)科技有限公司 | Method and device for protecting user secret data |
| CN115633108A (en) * | 2022-12-22 | 2023-01-20 | 富算科技(上海)有限公司 | Method, system, device and medium for detecting original data of private computing platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103795715A (en) | Privacy protection method, privacy recovery method and privacy protection system | |
| Garman et al. | Dancing on the lip of the volcano: Chosen ciphertext attacks on apple {iMessage} | |
| US7360087B2 (en) | Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers | |
| CN101406021B (en) | SIM based authentication | |
| US7421735B2 (en) | Proxy method and system for secure wireless administration of managed entities | |
| US9848320B2 (en) | Encrypted communications method and encrypted communications system | |
| JP3742772B2 (en) | Integrity check in communication systems | |
| US8886934B2 (en) | Authorizing physical access-links for secure network connections | |
| CN101558599B (en) | Client device, mail system, program, and recording medium | |
| CN111447276B (en) | Encryption continuous transmission method with key agreement function | |
| CN108702371A (en) | System, apparatus and method for generating the addresses dynamic IP V6 for being used for safety verification | |
| CN102349264A (en) | Offloading cryptographic protection processing | |
| CN102948185A (en) | Method for establishing a secure and authorized connection between a smart card and a device in a network | |
| CN110999223A (en) | Secure encrypted heartbeat protocol | |
| US7055170B1 (en) | Security mechanism and architecture for collaborative software systems using tuple space | |
| EP2377288B1 (en) | Method and apparatus for transmitting and receiving secure and non-secure data | |
| CN108259460A (en) | Apparatus control method and device | |
| CN107483426A (en) | Security device safe communication method, server and storage medium | |
| CN114584386B (en) | Global multistage encryption network communication method | |
| CN106878305A (en) | The method that endpoint registration is realized based on Session Initiation Protocol | |
| CN110417804B (en) | Bidirectional identity authentication encryption communication method and system suitable for single-chip microcomputer implementation | |
| CN109600745B (en) | Novel 5G cellular network channel safety system and safety implementation method | |
| CN105099849B (en) | A kind of method for building up and equipment in the tunnels IPsec | |
| Sepehrdad et al. | Tornado Attack on RC4 with Applications to WEP and WPA | |
| CN114614984A (en) | Time-sensitive network secure communication method based on state cryptographic algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Feng Lijuan Document name: Notification of Passing Preliminary Examination of the Application for Invention |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Feng Lijuan Document name: Notification of an Office Action |
|
| DD01 | Delivery of document by public notice | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140514 |
|
| WD01 | Invention patent application deemed withdrawn after publication |