CN105357009B - A kind of transmission recovery system of confidential data - Google Patents
A kind of transmission recovery system of confidential data Download PDFInfo
- Publication number
- CN105357009B CN105357009B CN201510633220.2A CN201510633220A CN105357009B CN 105357009 B CN105357009 B CN 105357009B CN 201510633220 A CN201510633220 A CN 201510633220A CN 105357009 B CN105357009 B CN 105357009B
- Authority
- CN
- China
- Prior art keywords
- data
- transmission
- instruction
- module
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Abstract
A kind of transmission recovery system of confidential data, including Authority Verification module, data read module, Data Verification module, data transmission module, recycling destruction module, transmission display module, data memory module, data receiving terminal module.The present invention is verified the format and content of transmission data by Data Verification module, establishes by data transmission module and receive the data connection of terminal, destroy the data destroying that module carries out data receiving terminal by recycling, solves the problems such as existing software view in the art is to the unauthorized use of data, data misinformation, concealed leaking data, correctness, the safety of data transmission are improved, there is preferable application and popularization value.
Description
Technical field
The present invention relates to a kind of confidential datas to transmit destruction technology, the transmission recovery system of especially a kind of confidential data.
Background technology
With the development of mobile Internet and popularizing for mobile terminal, office, study, scientific research based on mobile terminal etc. are answered
With also more and more.Mobile terminal eliminates spatiotemporal limitation with its excellent portability and scalability, makes people
Can working and learning anywhere or anytime, also seem increasingly important for the data transmission of data terminal, especially sensitive data
Transmission, but existing sensitive data transmission technology there is the unauthorized terminal of hardware view use, software view it is non-
It licenses, the problems such as carrying out network transmission, data transmission fault of exceeding one's powers.
Invention content
Present invention solves the technical problem that being:A kind of being transmitted back to for confidential data is overcome the deficiencies of the prior art and provide
Receipts system solves existing software view in the art and asks the unauthorized use of data, data misinformation, concealed leaking data etc.
Topic, improves correctness, the safety of data transmission, has preferable application and popularization value.
Technical solution of the invention is:A kind of transmission recovery system of confidential data, including Authority Verification module, number
Module, transmission display module, data memory module are destroyed according to read module, Data Verification module, data transmission module, recycling,
Data receiving terminal module, wherein
Authority Verification module from the external user name for obtaining transmission data and password and is verified, if the verification passes,
Permission is then generated by instruction, permission is sent by instruction, current user name to data read module, if verification does not pass through,
Then record current user name, bad password, the verification time and send to transmission display module show;The transmission data includes relating to
Ciphertext data, confidential data verification and confidential data recycle the time limit;
Data read module receives permission by instruction, current user name, current user name is obtained from data memory module
Corresponding permissions data list receives the external transmission data title sent and judges, if transmission data title is used currently
In the corresponding permissions data list of name in an account book, then reads corresponding transmission data from data memory module and send to data verification mould
Block, if transmission data title generates transmission data title and do not exist not in the corresponding permissions data list of current user name
Instruction in the corresponding permissions data list of current user name, and give to transmission display module and show;
Data Verification module, including format verification unit, content verification unit;Format verification unit receives transmission data
Row format of going forward side by side is verified, if transmission data is setting format, transmission data is sent to content verification unit, if transmission number
According to not being setting format, then generates format verification and do not sent to transmission display module by instruction;Content verification unit reads transmission
The time limit is recycled in confidential data verification and confidential data in data, then calculates the verification and simultaneously of confidential data in transmission data
It is compared, if the two is consistent, transmission data is sent to data transmission module, the recycling time limit is sent to recycling and destroys mould
Block generates content verification and is not sent to transmission display module by instruction if the two is inconsistent;The format verification is obstructed
It includes user name, transmission data title to cross instruction;The content verification does not include user name, transmission data name by instruction
Claim;The payoff period is limited to the time for allowing data receiving terminal to use transmission data;
Data transmission module receives transmission data, generates transmission instruction to data receiving terminal, if data receiving terminal
It generates and confirms reception instruction, then transmission data is sent to data receiving terminal, and generated after being sent completely and be sent completely finger
Order is sent to module is destroyed in recycling, transmission display module continues to generate if data receiving terminal does not generate confirmation and receives instruction
Transmission instruction generates setting number until transmitting instruction, then generates transmission data transmission failure command, and send to transmission and show
Module;
Recycling destroy module, receive recycling the time limit, be sent completely instruction, receive be sent completely instruct after start to count
When, when timing time is consistent with the recycling time limit, generates to destroy to instruct and send to data receiving terminal and monitor, if in setting
Instruction is completed in the interior destruction for receiving data receiving terminal transmission, then will destroy to complete to instruct and send to transmission display module, if
Instruction is completed in the destruction that not received data reception terminal is sent in setting time, then generates not destroy to complete to instruct and send to transmission
Display module;The destruction completes instruction and includes user name, transmission data title, destroys time, data receiving terminal code name;
The instruction of not destroying includes user name, transmission data title, data receiving terminal code name;
Data receiving terminal module receives transmission instruction, transmission data, destroys instruction;After receiving transmission instruction, generate
Confirm and receives instruction to data transmission module and receive transmission data;After receiving destruction instruction, transmission data is destroyed, generates pin
It ruins completion instruction to recycling and destroys module;
Display module is transmitted, the user name of present data transmission, bad password, verification time, transmission data title are received
Do not instructed in the corresponding permissions data list of current user name, format verification not by instruction, content verification not by instruction,
Transmission data sends failure command, is sent completely instruction, destroys and completes instruction or do not destroy instruction and show;
Data memory module stores user name, password, permissions data list, the permission that there is permission to carry out data transmission
Data;The permissions data list includes the data name that active user can read and transmit.
The setting format includes using installation file, word, txt, pdf, excel, Visio.
Described sets number as 3
The advantages of the present invention over the prior art are that:
(1) present invention controls service, solution by format content verification, the access of data transmission module of Data Verification module
It has determined the problem of showing the unauthorized use of data receiving terminal in the art, has improved the correctness before data transmission with safety
Property, avoid the problem of data are misinformated;
(2) present invention, by carrying out permission judgement to transmission data, solves the prior art before confidential data transmission
Middle confidential data improves the safety of data transmission by the problem of transmitting of exceeding one's powers when attacking;
(3) present invention destroys module by recycling and is detected to the destruction of confidential data, overcomes in the prior art because of data
The loss of reception terminal may cause the safety problem of the leakage and loss of concealed data, improve the specification of confidential data management
Property and safety.
Description of the drawings
Fig. 1 is that system structure diagram is recycled in a kind of transmission of confidential data of the present invention;
Fig. 2 is that system principle flow chart is recycled in a kind of transmission of confidential data of the present invention.
Specific implementation mode
The present invention proposes a kind of transmission recovery system of confidential data, and the lattice of transmission data are verified by Data Verification module
Formula and content are established by data transmission module and are received the data connection of terminal, connect by recycling destruction module progress data
The data destroying for receiving terminal solves existing software view in the art to the unauthorized use of data, data misinformation, concealed data
The problems such as leakage, improves correctness, the safety of data transmission, has preferable application and popularization value.
The present invention is described in detail below in conjunction with the accompanying drawings.Present system as shown in Figure 1 include Authority Verification module,
Data read module, Data Verification module, data transmission module, recycling destroy module, transmission display module, data and store mould
Block, data receiving terminal module.
Authority Verification module from the external user name for obtaining transmission data and password and is verified, if the verification passes,
Permission is then generated by instruction, permission is sent by instruction, current user name to data read module, if verification does not pass through,
Then record current user name, bad password, the verification time and send to transmission display module show;Transmission data includes concerning security matters number
The time limit is recycled according to the verification of, confidential data and confidential data;
Data read module receives permission by instruction, current user name, current user name is obtained from data memory module
Corresponding permissions data list receives the external transmission data title sent and judges, if transmission data title is used currently
In the corresponding permissions data list of name in an account book, then reads corresponding transmission data from reading data memory module and send to data verification
Module, if transmission data title generates transmission data title not in the corresponding permissions data list of current user name
It is instructed in the corresponding permissions data list of current user name, and send to transmission display module and show;
Data Verification module, including format verification unit, content verification unit;Format verification unit receives transmission data
Row format of going forward side by side is verified, if transmission data is setting format, transmission data is sent to content verification unit, if transmission number
According to not being setting format, then generates format verification and do not sent to transmission display module by instruction;Content verification unit reads transmission
In data confidential data verification and confidential data recycle the time limit, then calculate transmission data verification and and compared, such as
Both fruits are consistent, then send transmission data to data transmission module, and the recycling time limit is sent to recycling and destroys module, if the two is not
Unanimously, then content verification is generated not send to transmission display module by instruction;The format verification does not include using by instruction
Name in an account book, transmission data title;The content verification does not include user name, transmission data title by instruction;The recycling
Time limit is the time for allowing data receiving terminal to use transmission data;
Data transmission module receives transmission data, generates transmission instruction to data receiving terminal, by accessing control service
Data link and session are established with data receiving terminal, if data receiving terminal, which generates, confirms reception instruction, number will be transmitted
According to being sent to data receiving terminal, and generates after being sent completely to be sent completely instruction and send to recycling and destroy module, transmission display
Module continues to generate transmission instruction until transmission instruction is generated and set if data receiving terminal does not generate confirmation and receives instruction
Determine number, then generate transmission data and send failure command, and send to transmission display module;The access control service is number
According to a service built-in in terminal kernel is received, it is mainly used for realizing the control of network area certification and network link break-make.
Handshake Protocol communication is controlled by access between access control service versus server.;
Recycling destroy module, receive recycling the time limit, be sent completely instruction, receive be sent completely instruct after start to count
When, when timing time is consistent with the recycling time limit, generates to destroy to instruct and send to data receiving terminal module and monitor, if setting
Instruction is completed in the destruction that interior reception data receiving terminal is sent of fixing time, then instruction is completed in destruction and send to transmission display module,
If in setting time not received data receive terminal send destruction complete instruction, generate do not destroy completion instruction send to
Transmit display module;The destruction completes instruction and includes user name, transmission data title, destroys time, data receiving terminal
Code name;The instruction of not destroying includes user name, transmission data title, data receiving terminal code name;
Data receiving terminal module receives transmission instruction, destroys instruction;After receiving transmission instruction, if link communication
There is no problem, then generates confirmation and receive instruction to data transmission module;After receiving destruction instruction, data receiving terminal is on sale throughout certainly
It ruins, and generates destruction and complete to instruct extremely recycling to destroy module;
Display module is transmitted, the user name of present data transmission, bad password, verification time, transmission data title are received
Do not instructed in the corresponding permissions data list of current user name, format verification not by instruction, content verification not by instruction,
Transmission data sends failure command, is sent completely instruction, destroys and completes instruction or do not destroy instruction and show;
Data memory module stores user name, password, permissions data list, the permission that there is permission to carry out data transmission
Data;The permissions data list includes the data name that active user can read and transmit;
The workflow of present system includes the following steps as shown in Figure 2:
(1) it from the external user name for obtaining transmission data and password and verifies;
(2) be verified, then generate permission by instruction, verification do not pass through, then record current user name, bad password,
Verification time and show exit;
(3) instruction is passed through according to generation permission and obtains the corresponding permissions data list of current user name;
(4) it receives the external transmission data title sent and judges whether permissions data list corresponding in current user name
It is interior;Transmission data title is then generated not in list do not instruct and show in the corresponding permissions data list of current user name move back
Go out;
(5) corresponding transmission data is read;
(6) to transmission data go forward side by side row format verification, if transmission data be setting format, generate format verification not
It is exited by instructing and showing;
(7) to transmission data carry out content verification, if read and calculate transmission data in verification and both it is inconsistent,
Content verification is then generated not exit by instructing and showing;
(8) it generates transmission instruction and is established the link with data receiving terminal by accessing control service, send payoff period
Limit,;
(9) judge whether to receive confirmation and receive instruction, if not generating confirmation receives instruction, return (8) step after
Continuous to generate transmission instruction up to transmission instruction generates setting number, then generation transmission data sends failure command and shows and moves back
Go out;
(10) start transmission data and generate after being sent completely to be sent completely instruction;
(11) judge whether timing time and recycling time limit are consistent, it is inconsistent then to continue (11) step;
(12) it generates to destroy to instruct and is sent to data receiving terminal;
(13) judge whether data receiving terminal destruction is completed, if not received data receives terminal hair in setting time
The destruction sent is completed to instruct and show to exit;
(14) it generates to destroy and completes instruction, terminate.
The content that description in the present invention is not described in detail belongs to the known technology of those skilled in the art.
Claims (3)
1. a kind of transmission recovery system of confidential data, it is characterised in that including Authority Verification module, data read module, data
Module, transmission display module, data memory module, data receiving terminal mould are destroyed in authentication module, data transmission module, recycling
Block, wherein
Authority Verification module from the external user name for obtaining transmission data and password and is verified, if the verification passes, is then produced
Raw permission is sent by instruction, current user name to data read module by instruction, by permission, if verification does not pass through, is remembered
Record current user name, bad password, the verification time and send to transmission display module show;The transmission data includes concerning security matters number
The time limit is recycled according to the verification of, confidential data and confidential data;
Data read module receives permission by instruction, current user name, obtains current user name from data memory module and correspond to
Permissions data list, receive the external transmission data title sent and simultaneously judge, if transmission data title is in current user name
In corresponding permissions data list, then reads corresponding transmission data from data memory module and send to Data Verification module, such as
Fruit transmission data title in the corresponding permissions data list of current user name, does not then generate transmission data title and is not used currently
Instruction in the corresponding permissions data list of name in an account book, and give to transmission display module and show;
Data Verification module, including format verification unit, content verification unit;Format verification unit receives transmission data and goes forward side by side
Row format is verified, if transmission data is setting format, transmission data is sent to content verification unit, if transmission data is not
To set format, then generates format verification and do not sent to transmission display module by instruction;Content verification unit reads transmission data
In confidential data verification and confidential data recycle the time limit, then calculate transmission data in confidential data verification and and carry out
Comparison, if the two is consistent, transmission data is sent to data transmission module, and the recycling time limit is sent to recycling and destroys module, such as
Both fruits are inconsistent, then generate content verification and do not sent to transmission display module by instruction;The format verification does not pass through finger
Order includes user name, transmission data title;The content verification does not include user name, transmission data title by instruction;Institute
The payoff period stated is limited to the time for allowing data receiving terminal to use transmission data;
Data transmission module receives transmission data, generates transmission instruction to data receiving terminal, if data receiving terminal generates
Confirm and receive instruction, then transmission data is sent to data receiving terminal, and generates after being sent completely and to be sent completely instruction and send
Module, transmission display module are destroyed to recycling, if data receiving terminal does not generate confirmation and receives instruction, continues to generate transmission
Then instruction generates transmission data and sends failure command, and send to transmission display module until transmission instruction generation setting number;
Recycling destroy module, receive recycling the time limit, be sent completely instruction, receive be sent completely instruct after start timing, when
When timing time is consistent with the recycling time limit, generates to destroy to instruct and send to data receiving terminal and monitor, if in setting time
It receives the destruction that data receiving terminal is sent and completes instruction, then instruction is completed into destruction and send to transmission display module, if setting
The destruction completion instruction that interior not received data reception terminal of fixing time is sent then is generated not destroy to complete to instruct and be sent to transmission display
Module;The destruction completes instruction and includes user name, transmission data title, destroys time, data receiving terminal code name;It is described
Do not destroy completion instruction include user name, transmission data title, data receiving terminal code name;
Data receiving terminal module receives transmission instruction, transmission data, destroys instruction;After receiving transmission instruction, confirmation is generated
Instruction is received to data transmission module and receives transmission data;After receiving destruction instruction, transmission data is destroyed, generation has been destroyed
Module is destroyed at instruction to recycling;
Display module is transmitted, receives the user name of present data transmission, bad password, verification time, transmission data title does not exist
Instruction in the corresponding permissions data list of current user name, for format verification not by instruction, content verification does not pass through instruction, transmission
Data send failure command, are sent completely instruction, destroy and complete instruction or do not destroy completion to instruct and show;
Data memory module stores user name, password, permissions data list, the permissions data that there is permission to carry out data transmission;
The permissions data list includes the data name that active user can read and transmit.
2. a kind of transmission recovery system of confidential data according to claim 1, it is characterised in that:The setting format
Including application installation file, word, txt, pdf, excel, Visio.
3. a kind of transmission recovery system of confidential data according to claim 1, it is characterised in that:The setting number
It is 3 times.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510633220.2A CN105357009B (en) | 2015-09-29 | 2015-09-29 | A kind of transmission recovery system of confidential data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510633220.2A CN105357009B (en) | 2015-09-29 | 2015-09-29 | A kind of transmission recovery system of confidential data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105357009A CN105357009A (en) | 2016-02-24 |
CN105357009B true CN105357009B (en) | 2018-07-24 |
Family
ID=55332888
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510633220.2A Active CN105357009B (en) | 2015-09-29 | 2015-09-29 | A kind of transmission recovery system of confidential data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105357009B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109325597B (en) * | 2018-08-16 | 2023-04-07 | 朱小军 | Bionic data cell body |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101815128A (en) * | 2010-04-22 | 2010-08-25 | 中兴通讯股份有限公司 | Method and device for destroying terminal data |
CN102710633A (en) * | 2012-05-29 | 2012-10-03 | 大连佳姆信息安全软件技术有限公司 | Cloud security management system of security electronic documents and method |
CN103399751A (en) * | 2013-08-08 | 2013-11-20 | 百度在线网络技术(北京)有限公司 | Method, system and terminal for file sharing |
CN104796290A (en) * | 2015-04-24 | 2015-07-22 | 广东电网有限责任公司信息中心 | Data security control method and data security control platform |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2450538A (en) * | 2007-06-28 | 2008-12-31 | Symbian Software Ltd | Copying computer files when manipulation is requested |
-
2015
- 2015-09-29 CN CN201510633220.2A patent/CN105357009B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101815128A (en) * | 2010-04-22 | 2010-08-25 | 中兴通讯股份有限公司 | Method and device for destroying terminal data |
CN102710633A (en) * | 2012-05-29 | 2012-10-03 | 大连佳姆信息安全软件技术有限公司 | Cloud security management system of security electronic documents and method |
CN103399751A (en) * | 2013-08-08 | 2013-11-20 | 百度在线网络技术(北京)有限公司 | Method, system and terminal for file sharing |
CN104796290A (en) * | 2015-04-24 | 2015-07-22 | 广东电网有限责任公司信息中心 | Data security control method and data security control platform |
Also Published As
Publication number | Publication date |
---|---|
CN105357009A (en) | 2016-02-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101272237B (en) | Method and system for automatically generating and filling login information | |
CN103701611B (en) | Method for accessing and uploading data in data storage system | |
CN107359998B (en) | A kind of foundation and operating method of portable intelligent password management system | |
CN104519050B (en) | Login method and login system | |
CN105915502A (en) | Method and system for facilitating network joining | |
CN103825871A (en) | Authentication system and emission terminal, reception terminal and authority authentication method thereof | |
CN105376322A (en) | Remote massive data monitoring system and method for children's network behaviours | |
CN101764819A (en) | methods and systems for detecting man-in-the-browser attacks | |
CN104967597A (en) | Third-party application message authentication method and system based on secure channel | |
CN104320389A (en) | Fusion identify protection system and fusion identify protection method based on cloud computing | |
CN106599632B (en) | Cipher-code input method and device | |
CN104202299A (en) | System and method of identity authentication based on Bluetooth | |
CN106572427A (en) | Establishment method and device for establishing short-range communication | |
CN105357009B (en) | A kind of transmission recovery system of confidential data | |
CN109684802A (en) | A kind of method and system providing a user artificial intelligence platform | |
WO2015032255A1 (en) | Intelligent key device, mobile terminal and dynamic password output method and system | |
CN103684796A (en) | SMI (subscriber identity module) card and personal identity authentication method | |
CN105792167A (en) | Method, device and apparatus for initializing trusted execution environment | |
CN108616543A (en) | A kind of short haul connection based on Quick Response Code, transmission method, apparatus | |
CN104052602A (en) | Prevention of password leakage with single sign on in conjunction with command line interfaces | |
CN104732134B (en) | Information safety devices and its authentication method with software protection function | |
CN104796266A (en) | Authentication method, device and system | |
KR20130078842A (en) | Recording medium, server for 2-factor authentication use of image code and one time password | |
CN103200155A (en) | System and method of right control based on limiting area | |
CN102393886B (en) | Safety control method of mobile terminal, device and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 100081 Shenzhou building, South Avenue, Haidian District, Beijing, 402, Zhongguancun Applicant after: Leinas Technology (Beijing) Limited by Share Ltd Address before: 100081 Shenzhou building, South Avenue, Haidian District, Beijing, 402, Zhongguancun Applicant before: China Spacesat Co., Ltd. |
|
COR | Change of bibliographic data | ||
GR01 | Patent grant | ||
GR01 | Patent grant |