CN105450750A - Secure interaction method for intelligent terminal - Google Patents
Secure interaction method for intelligent terminal Download PDFInfo
- Publication number
- CN105450750A CN105450750A CN201510866587.9A CN201510866587A CN105450750A CN 105450750 A CN105450750 A CN 105450750A CN 201510866587 A CN201510866587 A CN 201510866587A CN 105450750 A CN105450750 A CN 105450750A
- Authority
- CN
- China
- Prior art keywords
- file
- user
- mobile client
- namenode
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a secure interaction method for an intelligent terminal. The method comprises the steps of building a data storage management system based on a distributed file system; receiving a user login request; and after successful login, setting a sharing management policy for a file uploaded by a user. According to the secure interaction method for the intelligent terminal, the risk that private user information is stolen and tampered is prevented through file access control, and cloud storage environment-based information security is improved.
Description
Technical field
The present invention relates to network security, particularly a kind of intelligent terminal safety interacting method.
Background technology
Cloud computing resources, concerning user, can be regarded infinitely extendible as, obtain as required at any time, and pay certain expense on time.While cloud computing fast development, famous enterprise is all proposed respective representational cloud computing service, but all data files are not also all deposited in high in the clouds by them.This is the misgivings to cloud computing environment safety.Therefore the application service promoting cloud computing must design and Implement out a set of safe and reliable cloud computing security strategy.Under cloud computing environment, from the angle of user, mode personal information data all being relied on high in the clouds to take care of may increase the threat from malice keeper.The internal members of these malice can when distorting the data message of user without any when risk.User, when using and manage cloud computing service, carrying out mutual with cloud computing service, be all the software interface or API that are provided by cloud computing service provider, and cloud computing service can not ensure the fail safe of these API provided.
Summary of the invention
For solving the problem existing for above-mentioned prior art, the present invention proposes a kind of intelligent terminal safety interacting method, comprising:
Build data storage management system based on distributed file system, receive user's logging request, the file uploaded user after logining successfully arranges Sharing Management strategy.
Preferably, described Sharing Management comprises shares particular data file with all system users, allows non-file owners to share and downloads, and only allows file owners to have erase right; Use before logging in system by user it can the registration of information input relevant information completing user of unique identification user identity, in background authentication user identity; The ID of file is obtained, as the file information table of indexed search database by the selection of user; The file information table with database realize mutual after, obtain the relevant information of the shared state of this file, the owner and encryption; When the shared state attribute of file information table is " 1 ", oneself shares to represent file, when for time " 0 ", the shared state attribute of file information table represents that file is forbidden sharing; When user downloads or check the file that other people share, list all shared files with the form of listed files, and with the time inverted order arrangement upgraded;
The authorization information that user inputs passes to background server in the mode of session, and user first sends to master server namenode to the operation requests of data file, to obtain the metadata information of associated documents; When after namenode return data file meta-information, mobile client realizes the read-write operation of file data alternately according to metamessage and corresponding data node; And when mobile client and back end interactive communication, re-start the authenticating user identification of visitor, namely back end is to the authentication of mobile client, and whether checking mobile client has completed authentication and successfully obtained the metamessage of data file with master server namenode; Above-mentioned authenticating user identification specifically comprises following process: using the unique identification of user as PKI, and master server namenode generates encryption parameter, for each legal user generates the private key of its correspondence and returns; By arranging the useful life of key, control its life cycle, when user accesses the file in personal data storage management system, first mobile client sends the request of file reading to namenode, namenode judges the legitimacy of user according to the metadata information of user; When user is by after authentication, namenode can return different parameters respectively to user and back end, and user also receives the metadata information of associated documents simultaneously; Then, mobile client sends the operation of reading and writing of files to the back end of correspondence according to the address information of file; Back end does further authentication to visitor, after mobile client is by the authentication of back end, just can obtain access rights and the storage address information of file, subsequently, operating between mobile client and back end of reading and writing of files is directly carried out;
The read-write operation of execute file in systems in which after user's Successful login data storage management system, mobile client first sends file operation requests to master server namenode, includes the COS of encryption parameter and request in request; Namenode after analysis request, the meta data block of locating file, and generate random number; Then these metadata informations are all returned to mobile client, simultaneously also can to the authentication of the corresponding parameter of back end transmission of correspondence in order to next step; Detailed process is as follows: namenode uses the encryption parameter of user, with PKI, above-mentioned random number encryption is become the first ciphertext; Namenode sends the encryption parameter of mobile client end subscriber, PKI and random number to back end corresponding in metadata information mapping table by escape way, and described first ciphertext and metadata information are returned to mobile client; Mobile client receives the metadata information that namenode is passed back, uses system PKI and private key for user to be decrypted the first ciphertext, obtains first expressly; Mobile client utilizes private key for user and system PKI and hash function to be expressly encrypted first, obtains the second ciphertext; Mobile client analytical element data message, the back end to correspondence sends access request, wherein comprises the second ciphertext; Back end receives the accessing request information of mobile client, resolve and attempt being decrypted its ciphertext, the encryption parameter using namenode to provide and PKI, second plaintext will be obtained after successful decryption, judge whether second plaintext equals described random number, whether checking current visitor belong to validated user, and obtain its file metadata information by the checking request of namenode; When after the access authentication that back end completes mobile client, authorize the authority that mobile client reads and writes data file; After one-time identity authentication terminates, random parameter is wherein dropped, and produces new parameter at upper verification process once.
The present invention compared to existing technology, has the following advantages:
The present invention proposes a kind of intelligent terminal safety interacting method, avoid private information to be stolen by file access control and distort risk, improve the Information Security under cloud storage environment.
Accompanying drawing explanation
Fig. 1 is the flow chart of the intelligent terminal safety interacting method according to the embodiment of the present invention.
Embodiment
Detailed description to one or more embodiment of the present invention is hereafter provided together with the accompanying drawing of the diagram principle of the invention.Describe the present invention in conjunction with such embodiment, but the invention is not restricted to any embodiment.Scope of the present invention is only defined by the claims, and the present invention contain many substitute, amendment and equivalent.Set forth many details in the following description to provide thorough understanding of the present invention.These details are provided for exemplary purposes, and also can realize the present invention according to claims without some in these details or all details.
An aspect of of the present present invention provides a kind of intelligent terminal safety interacting method.Fig. 1 is the intelligent terminal safety interacting method flow chart according to the embodiment of the present invention.
The present invention is based on Hadoop distributed file system and build data storage management system, utilize the authenticating user identification under cloud computing environment and access control, the cryptographic storage of data, the protection of file and privacy authority to control cloud computing security strategy.
Data storage management system comprises main control module, memory module and mobile client.Main control module is the management control center of data storage management system, be made up of the namenode in file system, be responsible for the process various application service requests of mobile client, the legitimate verification of user the state of each back end of real-time monitoring data storage management system and to operations such as the load balancing of data node data and the process of daily record.The cluster that memory module is made up of back end, has the storage capacity of magnanimity.According to the control command of namenode and the request of user, provide substantial accessing operation to data access, mobile client is generally made up of intelligent intelligent terminal, is the abbreviation of application program on terminal equipment.
Data storage management system of the present invention is that sing on web browser conducts interviews, and by the configuration at Web interface to functions of modules, customizes the module that this system needs, comprises user management, file management, folder management.Domestic consumer is then operated personal document by Web browser, comprises uploading, download, delete and sharing of file, file newly-built, delete with revise etc.Consider from the angle of safety, can Choice encryption upload file.The metadata information of file will be stored in the distributed structure/architecture of data storage management system, and its large I is by setting parameter, and user does not need the detail understanding bottom layer realization.
It is mutual that mobile client end portion is in charge of between user.Its application service request is sent to the master server of control centre by user by mobile client, after receiving metadata information, burst is carried out to data file, take copying of streamline duct type according to the redundancy strategy of file system data block, data are stored on corresponding back end.During user's download file, equally based on the metadata map information of master server feedback, the data block being scattered in different pieces of information node in system is merged into complete file.Back end cluster, in order to store user file data block, meets the access facility of user to file.By the periodic mechanism sending heartbeat detection to namenode, ensure that primary server joint is to the monitoring of back end and maintenance.
Data storage management system of the present invention, combines access control policy and user to the operational requirements of file, file, is managed, folder function manages and file function manages and sharing functionality manages four functional modules and forms by user function.
New user register account number in systems in which, the registration process of native system uses can the identify label of unique identification user identity; Folder management module relates to file access control policy, is included in that data storage management system is newly-built, amendment and the function of Delete Folder, by different classes of resource or archive under different files; Consider attribute safety control strategy, file management comprises the uploading of file, downloads and delete function, and completing of all operations is all be based upon on powerful file operation interface that file system provides.Adopt the strategy of mobile client parallel transmission.File system can also be made automatically to complete the function of copy redundancy by arranging copy parameter.Sharing Management comprises shares a certain data file with all data storage management system users, and this file is visible online to all users, and non-file owners can share and download.File owners is only had just to have erase right.
After data storage management system logging in system by user, use it can the registration of information input relevant information completing user of unique identification user identity.System or keeper can proofread its log-on message, the legitimacy of examination & verification user profile, then, user can after acquisition logon rights logon data storage management system first.As the entrance of whole system, data storage management system adopts certain authentication means, in the authenticity of background authentication user identity, to determine the login validity of user, thus ensures the fail safe of data storage management system and user file.
Mobile client interactive interface is that sing on web browser realizes.Data storage management system background server based on Hadoop distributed file system can be divided into according to functional characteristic the process of file: file process layer, logical layer and key-course.Wherein, required data abstraction when user's registration, login is packaged into Java middleware, to facilitate the operation of database by data analysis layer; Logical layer encapsulates method that is all and user interactions, process registration, login and examination & verification.Key-course obtains and analysis service request, and the interface defined in calling logic layer and corresponding logical process method, return to mobile client by result.In folder management service end, corresponding presents tree-shaped hierarchical structure, and namely user is to the operation of file or folder in individual interface, and real-time returns to service end.
In order to set up the access module of sing on web browser, the mode of usage data stream carries out read operation data message to the file in file system, checks that metadata mapping table is to confirm whether this file exists.If do not exist, then the metamessage of this file data blocks is written in mapping table, then completes uploading of data file according to file system data write operation process.Back end, according to the write request of mobile client, completes the write to subscriber data file, and after having operated, it will send to namenode and confirm successful message.
In the downloading process of file, user sends file download request, and namenode, according to the metadata information of file, obtains the back end map information table of file data corresponding data node and returns to client.Process is read, from back end download file by file system data.The deletion action of carrying out file is after namenode obtains the metadata information of file, according to metadata mapping table, judging authority, authorizing erase right for there being erase right user.For public shared file.
After user selects required file, select to upload.Files passe process is added with Encryption Options, selects wherein a kind of file to uploading to be encrypted as required.File simultaneously after encryption needs the operating process of deciphering equally when downloading.Utilize the interface that file system provides, encapsulate and realize upload operation.Obtain the fileinfo such as file path, filename from network data fluid space, complete the files passe process from this locality to file system with the form of data flow.Meanwhile, in a database, upgrade user file list, the fileinfo newly uploaded is added in affiliated folder file table.
For the file that those are encrypted when uploading, select corresponding decipherment algorithm selecting properly decipherment algorithm before downloading and after inputting password, user side can be successfully completed the down operation of file.
Database file table is upgraded in down operation, reception file ID and filename are as index, by the file table of database obtain file store path, the owner, whether encrypt, the data message such as cryptographic algorithm, when the authority that the accurate and user of all information downloads is effective, down operation could complete down operation with the form of document data flow.
When user needs to clear up file, transaction file list in a database, file information table.By obtaining the ID of selected file as index, in database file table, all information of search file, comprise file path, filename etc., and return.While delete file system back end file, more newer command can be sent to database, clear up non-existent file and index information.For the file of the communal space, only the documentary owner just has erase right, and the deletion action of nonowners can be subject to strict restriction.File after user shares is visible and download to all users.
The ID of file is obtained, as the file information table of indexed search database by the selection of user.The file information table with database realize mutual after, obtain the relevant information of the shared state of this file, the owner and encryption.When the shared state attribute of file information table is " 1 ", oneself shares to represent file, and " 0 " represents that file still belongs to individual and has and forbid sharing.When user downloads or check the file that other people share, list all shared files with the form of listed files, and with the time inverted order arrangement upgraded.
User is when logging in, and input validation information, passes to background server in the mode of session, and user, to the operation requests of data file, can first send to master server namenode, to obtain the metadata information of associated documents.When after namenode return data file meta-information, mobile client can realize the read-write operation of file data alternately according to metamessage and corresponding data node.When mobile client and back end interactive communication, re-start the authenticating user identification of visitor, namely back end is to the authentication of mobile client, and whether checking mobile client has completed authentication and successfully obtained the metamessage of data file with master server namenode; Above-mentioned authenticating user identification specifically comprises following process:
Using the unique identification of user as PKI, master server namenode generates encryption parameter, for each legal user generates the private key of its correspondence and returns.By arranging the useful life of key, control its life cycle, when user accesses the file in personal data storage management system, first mobile client sends the request of file reading to namenode, and namenode can judge the legitimacy of user according to the metadata information of user.When user is by after authentication, namenode can return different parameters respectively to user and back end, and user also can receive the metadata information of associated documents simultaneously.Then, mobile client sends the operation of reading and writing of files to the back end of correspondence according to the address information of file.Back end does further authentication to visitor, to prevent the personation of disabled user.After mobile client is by the authentication of back end, just can obtain access rights and the storage address information of file, subsequently, the operation of reading and writing of files just directly can be carried out between mobile client and back end.
The read-write operation of execute file in systems in which after validated user Successful login data storage management system.Mobile client first sends file operation requests to master server namenode, includes the COS of encryption parameter and request in request.Namenode after analysis request, the meta data block of locating file, and generate random number; Then these metadata informations are all returned to mobile client, simultaneously also can to the authentication of the corresponding parameter of back end transmission of correspondence in order to next step.Detailed process is as follows:
Namenode uses the encryption parameter of user, with PKI, above-mentioned random number encryption is become the first ciphertext; Namenode sends the encryption parameter of mobile client end subscriber, PKI and random number to back end corresponding in metadata information mapping table by escape way, and described first ciphertext and metadata information are returned to mobile client.Mobile client receives the metadata information that namenode is passed back, uses system PKI and private key for user to be decrypted the first ciphertext, obtains first expressly; Mobile client utilizes private key for user and system PKI and hash function to be expressly encrypted first, obtains the second ciphertext; Mobile client analytical element data message, the back end to correspondence sends access request, wherein comprises the second ciphertext; Back end receives the accessing request information of mobile client, resolve and attempt being decrypted its ciphertext, the encryption parameter using namenode to provide and PKI, second plaintext will be obtained after successful decryption, judge whether second plaintext equals described random number, can verify whether current visitor belongs to validated user, and obtain its file metadata information by the checking request of namenode.When after the access authentication that back end completes mobile client, authorize the authority that mobile client reads and writes data file.After one-time identity authentication terminates, random parameter is wherein dropped, and verification process next time will produce new parameter again.
For the difference of operation file authority, different shared state positions (0/l) is adopted to represent respectively, and among the relation mapping table being embodied in user and file.File index in user file list is derived from fact the mapping relations table of user and file.File information table is by data, services management, and inquire about when each user accesses, the access rights of file are judged in the shared state position that can provide according to it, and will belong to user and the file with operating right returns to mobile client interface.The fileinfo that all users of shared file list records share, and at the shared page by the time inverted order arrangement shared.
In file access control table, with the identify label of each validated user for major key, all files belonging to this user are all joined among this list, configuration file map listing.All Files in this table, all allow the operations such as the read-write of owning user, amendment and deletion, other any user does not access any authority of data in this file table.The file all operations that this user carries out also is only limitted to this file table, and for the file in other file table, user will no longer have any access rights, cannot carry out the operation of any reading and writing of files.In addition, a certain file is set and belongs to specific groups of users, all users in this group can be made all to have the access rights of this file.
Before mobile client is transmitted file, symmetric key is adopted to encrypt the file data of user in mobile client, after mobile client gets user password, the random number source of key is it can be used as to incorporate in cryptographic algorithm, after treating secret generating, more corresponding cryptographic algorithm is adopted to be encrypted data file.During deciphering, because the key of same generating random number is identical, therefore user only need input password in mobile client and just can obtain corresponding key, thus completes decryption work.By using hashing algorithm to carry out hash operations to user password, and this hashed value is stored in the database of server.Brief password also simplify the key management of user simultaneously.
The operating process concrete steps of data file encryption are as follows:
Mobile client obtains local data file block, its summary is calculated according to certain algorithm, hashing algorithm is used to carry out hash operations to summary, the cryptographic algorithm selected according to user and the password of input, the key object of mobile client instantiation cryptographic algorithm, and user password is imported into as parameter, by calling encryption function, the encryption of complete paired data blocks of files, obtains the block file after encrypting.Password is used equally the computing that hashing algorithm finds hash value it, and be transferred in the database of server and preserve.Mobile client after completing above encrypted work, by the hashed value of the data file block of encryption and document-work being uploaded in corresponding back end.File write operations terminates, and returns results.
The operating process concrete steps of data file deciphering are as follows:
Input account and password when user logs in, after mobile client obtains the checking solicited message of user, use hashing algorithm to carry out hash to password, from the database of server, search the hashed value of the corresponding password of this accounting number users, the hashed value of checking password.If be proved to be successful, then mobile client obtains the metadata information of file from master server namenode, realizes alternately, completing the read operation of data file with back end.Read the file behind this locality and first carry out decryption oprerations.The data file that mobile client receives comprises two parts, the blocks of files of summary hashed value and encryption.Corresponding decipherment algorithm is selected in encryption according to user, utilizes password as the random number source of key, obtains expressly blocks of files deciphering.Then, summary operation is asked for this plaintext and summary is verified.
In sum, the present invention proposes a kind of intelligent terminal safety interacting method, avoid private information to be stolen by file access control and distort risk, improve the Information Security under cloud storage environment.
Obviously, it should be appreciated by those skilled in the art, above-mentioned of the present invention each module or each step can realize with general computing system, they can concentrate on single computing system, or be distributed on network that multiple computing system forms, alternatively, they can realize with the executable program code of computing system, thus, they can be stored and be performed by computing system within the storage system.Like this, the present invention is not restricted to any specific hardware and software combination.
Should be understood that, above-mentioned embodiment of the present invention only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore, any amendment made when without departing from the spirit and scope of the present invention, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.In addition, claims of the present invention be intended to contain fall into claims scope and border or this scope and border equivalents in whole change and modification.
Claims (2)
1. an intelligent terminal safety interacting method, is characterized in that, comprising:
Build data storage management system based on distributed file system, receive user's logging request, the file uploaded user after logining successfully arranges Sharing Management strategy.
2. method according to claim 1, is characterized in that, described Sharing Management comprises shares particular data file with all system users, allows non-file owners to share and downloads, and only allows file owners to have erase right; Use before logging in system by user it can the registration of information input relevant information completing user of unique identification user identity, in background authentication user identity; The ID of file is obtained, as the file information table of indexed search database by the selection of user; The file information table with database realize mutual after, obtain the relevant information of the shared state of this file, the owner and encryption; When the shared state attribute of file information table is " 1 ", oneself shares to represent file, when for time " 0 ", the shared state attribute of file information table represents that file is forbidden sharing; When user downloads or check the file that other people share, list all shared files with the form of listed files, and with the time inverted order arrangement upgraded;
The authorization information that user inputs passes to background server in the mode of session, and user first sends to master server namenode to the operation requests of data file, to obtain the metadata information of associated documents; When after namenode return data file meta-information, mobile client realizes the read-write operation of file data alternately according to metamessage and corresponding data node; And when mobile client and back end interactive communication, re-start the authenticating user identification of visitor, namely back end is to the authentication of mobile client, and whether checking mobile client has completed authentication and successfully obtained the metamessage of data file with master server namenode; Above-mentioned authenticating user identification specifically comprises following process: using the unique identification of user as PKI, and master server namenode generates encryption parameter, for each legal user generates the private key of its correspondence and returns; By arranging the useful life of key, control its life cycle, when user accesses the file in personal data storage management system, first mobile client sends the request of file reading to namenode, namenode judges the legitimacy of user according to the metadata information of user; When user is by after authentication, namenode can return different parameters respectively to user and back end, and user also receives the metadata information of associated documents simultaneously; Then, mobile client sends the operation of reading and writing of files to the back end of correspondence according to the address information of file; Back end does further authentication to visitor, after mobile client is by the authentication of back end, just can obtain access rights and the storage address information of file, subsequently, operating between mobile client and back end of reading and writing of files is directly carried out;
The read-write operation of execute file in systems in which after user's Successful login data storage management system, mobile client first sends file operation requests to master server namenode, includes the COS of encryption parameter and request in request; Namenode after analysis request, the meta data block of locating file, and generate random number; Then these metadata informations are all returned to mobile client, simultaneously also can to the authentication of the corresponding parameter of back end transmission of correspondence in order to next step; Detailed process is as follows: namenode uses the encryption parameter of user, with PKI, above-mentioned random number encryption is become the first ciphertext; Namenode sends the encryption parameter of mobile client end subscriber, PKI and random number to back end corresponding in metadata information mapping table by escape way, and described first ciphertext and metadata information are returned to mobile client; Mobile client receives the metadata information that namenode is passed back, uses system PKI and private key for user to be decrypted the first ciphertext, obtains first expressly; Mobile client utilizes private key for user and system PKI and hash function to be expressly encrypted first, obtains the second ciphertext; Mobile client analytical element data message, the back end to correspondence sends access request, wherein comprises the second ciphertext; Back end receives the accessing request information of mobile client, resolve and attempt being decrypted its ciphertext, the encryption parameter using namenode to provide and PKI, second plaintext will be obtained after successful decryption, judge whether second plaintext equals described random number, whether checking current visitor belong to validated user, and obtain its file metadata information by the checking request of namenode; When after the access authentication that back end completes mobile client, authorize the authority that mobile client reads and writes data file; After one-time identity authentication terminates, random parameter is wherein dropped, and produces new parameter at upper verification process once.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510866587.9A CN105450750A (en) | 2015-12-01 | 2015-12-01 | Secure interaction method for intelligent terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510866587.9A CN105450750A (en) | 2015-12-01 | 2015-12-01 | Secure interaction method for intelligent terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105450750A true CN105450750A (en) | 2016-03-30 |
Family
ID=55560516
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510866587.9A Pending CN105450750A (en) | 2015-12-01 | 2015-12-01 | Secure interaction method for intelligent terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105450750A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106067119A (en) * | 2016-06-03 | 2016-11-02 | 成都镜杰科技有限责任公司 | Client relation management method based on privately owned cloud |
| CN106709367A (en) * | 2016-12-12 | 2017-05-24 | 上海斐讯数据通信技术有限公司 | Mobile terminal-oriented device and method for limiting sliding browsing of pictures |
| CN107770276A (en) * | 2017-10-26 | 2018-03-06 | 广州百兴网络科技有限公司 | It is a kind of to realize that user data manages the network system and method with renewal independently |
| CN109213955A (en) * | 2018-09-14 | 2019-01-15 | 腾讯科技(深圳)有限公司 | Data processing method and relevant device |
| CN109522731A (en) * | 2018-11-07 | 2019-03-26 | 温州杉果数据科技有限公司 | A kind of big data information security storage encryption system and its method |
| CN110086805A (en) * | 2019-04-25 | 2019-08-02 | 四川师范大学 | Based on the information secure transmission method under cross-domain distributed micro services framework |
| CN111581660A (en) * | 2019-02-18 | 2020-08-25 | 北京奇虎科技有限公司 | Method and apparatus for preventing trojan from destroying shared file, medium and electronic device |
| CN112528276A (en) * | 2020-11-23 | 2021-03-19 | 中国联合网络通信集团有限公司 | Block chain-based distributed storage tamper-proof method and system |
| CN113468618A (en) * | 2021-05-28 | 2021-10-01 | 邓丰赣 | Mobile hard disk multi-security-level interaction method and system |
| CN113486376A (en) * | 2021-07-20 | 2021-10-08 | 大连九锁网络有限公司 | Digital file sharing and content security protection method matched with mobile terminal authentication |
| CN113672973A (en) * | 2021-07-20 | 2021-11-19 | 深圳大学 | Database system of embedded equipment based on RISC-V architecture of trusted execution environment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102457561A (en) * | 2010-10-28 | 2012-05-16 | 无锡江南计算技术研究所 | Data access method and equipment adopting same |
| CN102546664A (en) * | 2012-02-27 | 2012-07-04 | 中国科学院计算技术研究所 | User and authority management method and system for distributed file system |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
| CN103281361A (en) * | 2013-05-06 | 2013-09-04 | 北京启创卓越有限公司 | Personal cloud cooperation system and data management method |
-
2015
- 2015-12-01 CN CN201510866587.9A patent/CN105450750A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102457561A (en) * | 2010-10-28 | 2012-05-16 | 无锡江南计算技术研究所 | Data access method and equipment adopting same |
| CN102546664A (en) * | 2012-02-27 | 2012-07-04 | 中国科学院计算技术研究所 | User and authority management method and system for distributed file system |
| CN102833346A (en) * | 2012-09-06 | 2012-12-19 | 上海海事大学 | Storage metadata based security protection system and method for cloud sensitive data |
| CN103281361A (en) * | 2013-05-06 | 2013-09-04 | 北京启创卓越有限公司 | Personal cloud cooperation system and data management method |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106067119A (en) * | 2016-06-03 | 2016-11-02 | 成都镜杰科技有限责任公司 | Client relation management method based on privately owned cloud |
| CN106709367A (en) * | 2016-12-12 | 2017-05-24 | 上海斐讯数据通信技术有限公司 | Mobile terminal-oriented device and method for limiting sliding browsing of pictures |
| CN107770276A (en) * | 2017-10-26 | 2018-03-06 | 广州百兴网络科技有限公司 | It is a kind of to realize that user data manages the network system and method with renewal independently |
| CN109213955A (en) * | 2018-09-14 | 2019-01-15 | 腾讯科技(深圳)有限公司 | Data processing method and relevant device |
| CN109522731A (en) * | 2018-11-07 | 2019-03-26 | 温州杉果数据科技有限公司 | A kind of big data information security storage encryption system and its method |
| CN111581660A (en) * | 2019-02-18 | 2020-08-25 | 北京奇虎科技有限公司 | Method and apparatus for preventing trojan from destroying shared file, medium and electronic device |
| CN110086805A (en) * | 2019-04-25 | 2019-08-02 | 四川师范大学 | Based on the information secure transmission method under cross-domain distributed micro services framework |
| CN110086805B (en) * | 2019-04-25 | 2021-10-26 | 四川师范大学 | Information security transmission method based on cross-domain distributed micro-service architecture |
| CN112528276A (en) * | 2020-11-23 | 2021-03-19 | 中国联合网络通信集团有限公司 | Block chain-based distributed storage tamper-proof method and system |
| CN112528276B (en) * | 2020-11-23 | 2023-06-09 | 中国联合网络通信集团有限公司 | Distributed storage tamper-proof method and system based on block chain |
| CN113468618A (en) * | 2021-05-28 | 2021-10-01 | 邓丰赣 | Mobile hard disk multi-security-level interaction method and system |
| CN113486376A (en) * | 2021-07-20 | 2021-10-08 | 大连九锁网络有限公司 | Digital file sharing and content security protection method matched with mobile terminal authentication |
| CN113672973A (en) * | 2021-07-20 | 2021-11-19 | 深圳大学 | Database system of embedded equipment based on RISC-V architecture of trusted execution environment |
| CN113486376B (en) * | 2021-07-20 | 2024-02-02 | 大连九锁网络有限公司 | Digital file sharing and content security protection method matched with mobile terminal authentication |
| CN113672973B (en) * | 2021-07-20 | 2024-04-16 | 深圳大学 | Database system of embedded device based on RISC-V architecture of trusted execution environment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105516110A (en) | Mobile equipment secure data transmission method | |
| JP7436568B2 (en) | Methods and systems realized by blockchain | |
| US11475137B2 (en) | Distributed data storage by means of authorisation token | |
| CN105450750A (en) | Secure interaction method for intelligent terminal | |
| CN110535833B (en) | Data sharing control method based on block chain | |
| CN109040012B (en) | Block chain-based data security protection and sharing method and system and application | |
| CN113742782B (en) | Block chain access authority control method based on privacy protection and block chain system | |
| US11082850B2 (en) | Blockchain based wireless access point password management | |
| US11675922B2 (en) | Secure storage of and access to files through a web application | |
| US9985969B1 (en) | Controlling use of computing-related resources by multiple independent parties | |
| CN112131316B (en) | Data processing method and device applied to block chain system | |
| CN105871914B (en) | CRM system access control method | |
| EP3844905A1 (en) | Privacy-preserving mobility as a service supported by blockchain | |
| CN114239046A (en) | Data sharing method | |
| CN113360458A (en) | Distributed file storage sharing system based on alliance chain | |
| CN109767530A (en) | Smart lock control method, apparatus and system based on block chain | |
| CN116980163A (en) | Data processing method, device, equipment and medium based on trusted execution environment | |
| Guo et al. | Using blockchain to control access to cloud data | |
| EP3817320B1 (en) | Blockchain-based system for issuing and validating certificates | |
| WO2011157708A1 (en) | Methods and systems for securely handling datasets in computer systems | |
| Chai et al. | BHE-AC: A blockchain-based high-efficiency access control framework for Internet of Things | |
| CN115510492A (en) | Electronic medical record management system and method based on intelligent contracts | |
| CN111767551A (en) | Browsing permission control method and system based on block chain | |
| AU2018256787A1 (en) | Systems and methods for distributed data mapping | |
| Lim et al. | AuthChain: a decentralized blockchain-based authentication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160330 |