The content of the invention
The problem of present invention exists for above-mentioned encryption technology, it is proposed that total solution, using safe and secret degree
High dynamic code(That is dynamic authorization code of the invention)Convenience application of the technology in mobile terminal and cloud storage field.This hair
The bright encryption method based on mobile terminal data file, it is three patents of invention based on me formerly, one is, the individual person
The root service system of part certification, the patent No.:2011102160995, the second is, the side of dynamic authorization code is established in identity-based certification
Method, the patent No.:2014103040797, the third is, establish the unified dynamic authorization code system of business entity's account, the patent No.:
2014103039893, the specific computerized information field application on this three patent of invention technical foundation.
The encryption method based on mobile terminal data file of the present invention, for dynamic code encryption technology in mobile terminal pair
The application of file data encryption, has done brand-new Technology design, and its innovative technique realized value includes:First, establish unified
Dynamic authorization code applications client, facilitate user independently, it is easy to the data file on one's own initiative to complete dynamic authorization code
Encrypting and decrypting application;2nd, dynamic authorization code is realized to the mobile terminal Auto-matching that is encrypted in of data file, facilitates user one
Key encipherment protection data file security;3rd, by authorizing acquisition for mobile terminal dynamic authorization code, dynamic authorization code key has been prevented
The possibility being stolen;4th, dynamic authorization code is obtained by the certification of legal capacity Verification System, ensure that the method for dynamic authorization code
It is qualitative, improve the ability that dynamic authorization code technology participates in higher cryptographic security environmental applications;5th, add whole to application memory
Hold the authorization identifying requirement of special parameter, ensure that steal information can not cracking;6th, realized by multi-enciphering technology,
Improve the multiple protective dynamics of information;7th, application skill of the dynamic authorization code in information storage terminal of complete set is established
Art specification, facilitate user to spread to multi-field safety applications, provide the user greater security, more necks of more convenient practicality
Domain is applicable safe encryption authorization technology.
Whole dynamic authorization code application technology patent, includes entire series application technology Patent exploitation, everybody can join
According to other Patents of the series of the present inventor, it is explained herein.
The encryption method based on mobile terminal data file of the present invention, it is in dynamic authorization code client, increase encryption
Management module, encryption handling of the dynamic authorization code to mobile terminal storing card data file is realized, realize dynamic authorization code to moving
Dynamic terminal uploads the encryption handling of high in the clouds data file.
Relative to the other-end under the same dynamic authorization code account of user, including PC terminals, server terminal and movement
Terminal, the mobile terminal described in the present invention is reading end based on dynamic authorization code and encryption handling module is in same movement
In terminal, its encryption handling module binding configuration is in dynamic authorization code reading client.Because this application feature will be sent out
Life, it is therefore necessary to carry out the planning and designing of tighter dynamic authorization code encryption technology, is given herein with each user
With explanation.
Encryption handling of the present invention to mobile terminal storage card private data file, comprise the following steps:
S1, start dynamic authorization code client, click on dynamic authorization code encryption management module;
S2, selection need the file menu encrypted, or further the individual data file for needing to encrypt is pointed in selection;
S3, acknowledgement key completion encryption is clicked on, generate encryption folder or generation data file encryption;
The data file encryption is migrated or backed up the encryption case storage for moving to setting by S4;Here to encrypting case
It is same to use dynamic authorization code encryption, it is necessary to read the decryption of dynamic authorization code or be set as that acquiescence is read when opening encryption case
Dynamic authorization code is decrypted.
S5, when need decrypt read data file encryption when, click on data file encryption, or open encryption storage box click on
The data file encryption;
S6, background system are compared by the way that to mobile terminal related authentication parameter, dialog box is decrypted by rear ejection;
S7, dynamic authorization code client is opened, read dynamic authorization code, submit to decryption dialog box;Or automatic activation is moved
State authorization code client, acquiescence read dynamic authorization code and submit to decryption dialog box;
S8, background system compare dynamic authorization code, the successful decryption if after comparing successfully.
The encryption handling that high in the clouds private data file is uploaded to mobile terminal, comprises the following steps:
S9, selection is clicked on by data file submission high in the clouds storage, ejection encryption pop-up;
S10, when selection to encrypt when, then click on confirm start dynamic authorization code encryption;
Encryption folder or generation data file encryption are generated after the completion of S11, encryption;
S12, encrypted data file is uploaded to the storage of high in the clouds storage server;
S13, when need to decrypt read cloud storage data file encryption when, click on the backup encryption data in mobile terminal
File;Or the data file encryption is first downloaded to mobile terminal, then click on the data file encryption;
S14, background system are compared by the way that to mobile terminal relevant parameter certification, dialog box is decrypted by rear ejection;
S15, dynamic authorization code client is opened, read dynamic authorization code, submit to decryption dialog box;Or automatic activation is moved
State authorization code client, acquiescence read dynamic authorization code and submit to decryption dialog box;
S16, after dynamic authorization code account identity authorization system certification is first passed through, background system restart comparison dynamic awards
Weighted code, the data file successful decryption if after comparing successfully.
The encryption method based on mobile terminal data file of the present invention, the encrypting and decrypting management to data file,
It is directly to be configured control in dynamic authorization code client.
The dynamic authorization code client, refer to the dynamic authorization code that far end system generation is read on mobile terminal is authorized
The client of value;The dynamic authorization code, refer to after authenticating user identification system carries out authorization identifying, in setting time week
Dynamic password password value is generated in time value at random, reads this dynamic password password value generated at random, it becomes possible to is realized to text
The decryption management of number of packages evidence.
Further, dynamic authorization code client, be by apply obtain dynamic authorization code account after, or application obtain
After VIP level account, in the client of mobile terminal mandate installation.
Further, after mobile terminal installation dynamic authorization code client, then authorize acquisition or automatically obtain
Configuration is realized to the file on mobile terminal to the encryption handling module of mobile terminal data file in dynamic authorization code client
The dynamic authorization code encryption decryption management of data and the file data for passing through mobile terminal upload cloud storage service device.
The encryption method based on mobile terminal data file of the present invention, the encryption to mobile terminal data file,
Be by dynamic authorization code client, starting encryption handling module, select the data file on mobile terminal click on confirm plus
After close, key locks, or multi-enciphering are challenged to the single dynamic authorization code response of Generating Data File on mobile terminal automatically
Key locks are challenged in response, and for user according to different safety class and using needs, selection sets different encryption modes to realize pair
The graded encryption protection of data file.
Key locks, including dynamic authorization code response challenge key are challenged in the multi-enciphering response, encrypt dynamic authorization
Code accounts information challenge key, mobile terminal only string of code parameter response challenge key, mobile terminal hardware configuration parameter response
Challenge key.
Further, cipher key locker is challenged in the single dynamic authorization code response of Generating Data File on mobile terminal
It is fixed, it is other-end of the license under same dynamic authorization code account, is can be achieved with by the decryption of dynamic authorization code to the data
The shared reading of file, then during to its encrypting and decrypting, it need not just start background system and compare by mobile terminal
Related authentication parameter.
Key locks are challenged in the encryption method based on mobile terminal data file of the present invention, the multi-enciphering response,
Or it is also different including the importance according to data file, or to encrypted data file, then carry out packet file
And/or the encryption of storage dish, key locks mode is challenged by this multi-enciphering response, data file or cloud deposited to improve
Store up the safeguard protection of data file.
The encryption method based on mobile terminal data file of the present invention, the background system are compared by mobile terminal
Relevant parameter certification, refer to that background system is read out to the only string of code parameter of the mobile terminal and/or configuration hardware parameter
Comparison is authenticated, and mobile terminal belonging to guarantee is the dynamic authorization code encryption account authorization mobile terminal.
The encryption method based on mobile terminal data file of the present invention, the automatic activation dynamic authorization code client,
Acquiescence reads dynamic authorization code, is formerly to be set by the function of encryption handling module to realize, its techniqueflow includes:
S17, encryption handling module submit reading dynamic authorization code request instruction to give dynamic authorization code client;
S18, dynamic authorization code client are activated after obtaining request instruction, and instant dynamic authorization code value is generated in client;
After S19, encryption handling module are by first function setting crawl dynamic authorization code value, corresponding dynamic is submitted to automatically
In authorization code response challenge secret key decryption frame;
After S20, response challenge secret key decryption frame obtain dynamic authorization code value, encryption handling module activation ACK button, from
The dynamic dynamic authorization code value that will obtain submits background system completion certification to compare;
S21, background system compare the acquiescence decryption for successfully, being automatically performed dynamic authorization code.
The encryption method based on mobile terminal data file of the present invention, when mobile terminal is in suspension state, Wu Fayu
When authentication mandate and the reading of dynamic authorization code are completed in dynamic authorization code backstage, or it is set as automatic complete encrypted state, or
It is set as automatic complete decrypted state, or is set as Partial encryption state.
It is described to be set as Partial encryption state, it is to be set according to formerly classification, the important private data file of user is carried out
After first step dynamic authorization code encryption, then carry out multi-enciphering or key encryption, when mobile terminal is in suspension state, setting
Other multiple later stages encryptions or after a key encryption function automatically terminates, its by first step dynamic authorization code encryption data text
Part is also in encrypted state.
The encryption method based on mobile terminal data file of the present invention, the encryption of the key encryption function, refer to full
The convenience of sufficient customer mobile terminal information security needs, and is set according to first function, passes through one to mobile terminal data file
Key encryption function is come the encipherment protection completed.
The one key encryption function, refers to formerly set by function or user selects setting, the storage to mobile terminal
Card or vital document clip module boot up automatic dynamic mandate code encryption.
Further, after starting key encryption function encryption, the encrypted data of the mobile terminal are read in mobile terminal
File must all obtain the decryption and authorization of dynamic authorization code.
Further, encrypted data file is read outside the mobile terminal, it is necessary to obtain the solution of dynamic authorization code
Close mandate.
Or further, the data file encryption of the mobile terminal is extracted in any modification, it is necessary to obtains dynamic authorization code
Decryption and authorization.
The encryption method based on mobile terminal data file of the present invention, when stealing data file from cloud storage account
Afterwards, mobile terminal is read because departing to authorize, dynamic authorization code key can not be obtained, or can not further reply other multinomial shiftings
Move terminal parameter authentication challenge key and can not read.
Or the self-destruction of unauthorized reading file data can be further arranged to, the unauthorized reading self-destruction, refer to
When unauthorized terminal reads data file encryption, file data will be set according to first, or warning prompt starts self-destruction program, or
Directly initiate self-destruction program.
The encryption method based on mobile terminal data file of the present invention, permit a dynamic authorization code encryption account, it is right
Other multiple storage terminals realize encryption handling, are by storing terminal loads dynamic authorization code pipe each respectively after mandate
Manage client;Or the dynamic authorization code management client of each storage terminal loads in same account carries out mutual list
Empowerment management.
Embodiment
The specific embodiment of the present invention is illustrated below in conjunction with accompanying drawing.It should be appreciated that embodiment described herein
It is merely to illustrate and explain the present invention, is not intended to limit the present invention.
The present embodiment includes following two parts:
First, dynamic authorization code comprises the following steps to the encryption handling of mobile terminal storing card data file:
S1, start dynamic authorization code client 102, click on dynamic authorization code encryption management module 101.
S2, selection need the file menu 104 encrypted, or further the individual data file for needing to encrypt is pointed in selection
104。
S3, acknowledgement key completion encryption is clicked on, generate encryption folder 104 or generation data file encryption 104.
The data file encryption 104 is migrated or backed up the encryption case for moving to and being set on mobile terminal 103 by S4
Storage 105.
S5, when need decrypt read data file encryption 104 when, click on data file encryption 104, or open encryption storage
Case 105 clicks on the data file encryption 104.
S6, background system 107 are compared by the way that to the related authentication parameter of mobile terminal 103, dialog box is decrypted by rear ejection;
If it by certification can not prompt that decryption can not be started.
S7, dynamic authorization code client 102 is opened, read dynamic authorization code, submit to decryption dialog box;Or automatic activation
Dynamic authorization code client 102, acquiescence read dynamic authorization code and submit to decryption dialog box.
S8, the comparison dynamic authorization code of background system 107, the successful decryption if after comparing successfully, further, or by dynamic
After the certification of state authorization code account identity authorization system 108, background system 107, which is restarted, compares dynamic authorization code, such as compares successfully
Then successful decryption afterwards.
2nd, the encryption handling of cloud storage end data file is uploaded to mobile terminal, is comprised the following steps:
Data file 104 is submitted high in the clouds to store 106 by S9, click selection, and dynamic authorization code encryption management module 101 is automatic
Activation starts ejection encryption pop-up.
S10, when selection to encrypt when, then click on confirm start dynamic authorization code encryption.
Encryption folder 104 or generation data file encryption 104 are generated after the completion of S11, encryption.
S12, encrypted data file 104 is uploaded into high in the clouds storage server 106 stored.
S13, when need decrypt read 106 data file encryption 104 of cloud storage when, clicked in mobile terminal 103 described standby
Part data file encryption 104;Or first download the data file encryption 104 and arrive mobile terminal 103, then click on the encryption data
File 104.
S14, background system 107 are compared by the related authentication parameter of mobile terminal 103, passing through rear ejection decryption dialogue
Frame;If it by certification can not prompt that decryption can not be started.
S15, dynamic authorization code client 102 is opened, read dynamic authorization code, submit to decryption dialog box;It is or automatic sharp
Mobile Forms authorization code client 102, acquiescence read dynamic authorization code and submit to decryption dialog box.
S16, by the certification of dynamic authorization code account identity authorization system 108 after, background system 107 restart comparison dynamic
Authorization code, the successful decryption if after comparing successfully.
In summary, the encryption method of the invention based on mobile terminal data file, its innovative technique valency realized
Value includes:First, unified dynamic authorization code applications client is established, facilitates user independently, on one's own initiative to the data file
Simplicity completes the decryption application of dynamic authorization code encryption;2nd, by dynamic authorization code to data file to be encrypted in mobile terminal automatic
Matching is realized, facilitates the key encipherment protection data file security of user one;3rd, by authorizing acquisition for mobile terminal dynamic authorization code,
The possibility that dynamic authorization code key is stolen is prevented;4th, dynamic authorization code is obtained by the certification of legal capacity Verification System,
The legal of dynamic authorization code is ensure that, improves the energy that dynamic authorization code technology participates in higher cryptographic security environmental applications
Power;5th, add to the requirement of the authorization identifying of application memory terminal special parameter, ensure that steal information can not cracking;6th,
Realized by multi-enciphering technology, improve the multiple protective dynamics of information;7th, the dynamic authorization code for establishing complete set exists
Information stores the application technology specification of terminal, facilitates user to spread to multi-field safety applications, provides the user more high safety
Property, the multi-field of more convenient practicality is applicable safe encryption authorization technology.