CN105721393A - Data security encryption method and data security encryption device - Google Patents
Data security encryption method and data security encryption device Download PDFInfo
- Publication number
- CN105721393A CN105721393A CN201410722942.0A CN201410722942A CN105721393A CN 105721393 A CN105721393 A CN 105721393A CN 201410722942 A CN201410722942 A CN 201410722942A CN 105721393 A CN105721393 A CN 105721393A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- target
- version
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The invention provides a data security encryption method and a data security encryption device. The method comprises the following steps: acquiring target data of which the key is to be replaced in response to a currently-triggered key replacement request, wherein the key replacement request is used for requesting to replace the current encryption key of the target data with a target encryption key; using the current encryption key to decrypt the target data to get original data; and using the target encryption key to encrypt the original data. According to the embodiments, the security of user data is improved, and privacy data of users is protected from malicious leakage to the maximum.
Description
Technical field
The application relates to internet data processing technology field, the method encrypted safely particularly to data and device.
Background technology
Development along with the Internet, increasing user carries out mutual, the product trading of information etc. on the internet at line service, also therefore, the personal information that user registers on the internet or preserves is more and more important, for instance a series of privacy information such as login name and login password, ship-to, contact person and contact method that oneself is arranged on some website.These privacy informations are once leakage is likely to result in very big loss for a user.
In prior art, some websites or platform, when the private data of storage user, are then stored in data base after all being encrypted according to certain cipher mode by the private data of user.
Summary of the invention
But inventor finds in research process, after prior art stores in data base after by data encryption, if the data of encryption are maliciously got, even if so hacker does not crack within a period of time, as long as taking time enough to be decrypted, finally adding what ciphertext data still can be successfully decrypted, therefore this cipher mode to data of prior art exists for potential safety hazard, also therefore, there is the risk maliciously revealed in the private data of user.
For above-mentioned technical problem, the application provides a kind of method that data are encrypted safely, there is the problem of potential safety hazard in order to solve the private data of user in prior art as far as possible, protects the private data of user maliciously not revealed to the full extent.
Present invention also provides the device that a kind of data are encrypted safely, in order to ensure said method realization in practice and application.
In order to solve the problems referred to above, this application discloses a kind of method that data are encrypted safely, including:
In response to the current replacing key request triggered, obtain the target data of key to be replaced;Wherein, described replacing key request is for asking the current encryption key of target data is replaced by target encryption key;
Use described current encryption key that described target data is decrypted, to obtain initial data;
Described target encryption key is adopted to be encrypted described initial data.
Disclosed herein as well is the method that another kind of data are encrypted safely, including:
In response to the current replacing key request triggered, obtain the current crypto version represented by described replacing key request and target encryption version;
In response to the business operation request that user triggers, perform the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version;
After treating that described business operation is finished, the data that the business of described user is related to by the target encryption key using described target encryption version corresponding are encrypted.
This application discloses a kind of method obtaining data, including:
In response to the data acquisition request that user triggers, described data acquisition request is sent to server;
Receiving the described target data that server returns, this target data is: described server is according to the ciphertext of described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
This application discloses the device that a kind of data are encrypted safely, including:
Obtain target data module, in response to the current replacing key request triggered, obtaining the target data of key to be replaced;Wherein, described replacing key request is for asking the current encryption key of target data is replaced by target encryption key;
Deciphering module, is used for using described current encryption key that described target data is decrypted, to obtain initial data;
First encrypting module, for adopting described target encryption key to be encrypted described initial data.
Disclosed herein as well is the device that another kind of data are encrypted safely, including:
Obtain encryption version module, in response to the current replacing key request triggered, obtaining the current crypto version represented by described replacing key request and target encryption version;
Perform business module, for the business operation request triggered in response to user, perform the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version;
Second encrypting module, after being used for treating that described business operation is finished, the data that the business of described user is related to by the target encryption key using described target encryption version corresponding are encrypted.
Disclosed herein as well is a kind of device obtaining data, this device includes:
Sending module, for the data acquisition request triggered in response to user, sends described data acquisition request to server;
Receiver module, for receiving the described target data that server returns, this target data is: described server is according to the ciphertext of described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
Compared with prior art, the application includes advantages below:
In the embodiment of the present application, can pass through the change adding ciphertext data and being encrypted key, so that the data of encrypting storing can change encryption key flexibly, because the encryption key of data is flexible transformation, therefore, even if having hacker to take considerable time cracked original key, also it is cannot successfully obtain the data adopting new Crypted password to be encrypted storage.Compared with prior art, the embodiment of the present application significantly improves the safety of data storage, and the private data protecting user to the full extent is not compromised.
Certainly, the arbitrary product implementing the application it is not absolutely required to reach all the above advantage simultaneously.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme in the embodiment of the present application, below the accompanying drawing used required during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the application, for those of ordinary skill in the art, under the premise not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the flow chart of the embodiment of the method 1 that the data of the application are encrypted safely;
Fig. 2 is the flow chart of the embodiment of the method 2 that the data of the application are encrypted safely;
Fig. 3 is the structured flowchart of the device embodiment 1 that the data of the application are encrypted safely;
Fig. 4 is the structured flowchart of the device embodiment 2 that the data of the application are encrypted safely;
Fig. 5 is the flow chart of the embodiment of the method for the acquisition data of the application;
Fig. 6 is the flow chart of the device embodiment of the acquisition data of the application.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is clearly and completely described, it is clear that described embodiment is only some embodiments of the present application, rather than whole embodiments.Based on the embodiment in the application, the every other embodiment that those of ordinary skill in the art obtain under not making creative work premise, broadly fall into the scope of the application protection.
The application can be used in numerous general or special purpose calculation element environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multi-processor device, the distributed computing environment including any of the above device or equipment etc..
The application can described in the general context of computer executable instructions, for instance program module.Usually, program module includes performing particular task or realizing the routine of particular abstract data type, program, object, assembly, data structure etc..The application can also be put into practice in a distributed computing environment, in these distributed computing environment, the remote processing devices connected by communication network perform task.In a distributed computing environment, program module may be located in the local and remote computer-readable storage medium including storage device.
With reference to Fig. 1, it is shown that the flow chart of the embodiment of the method that a kind of data of the application are encrypted safely, the present embodiment may comprise steps of:
Step 101: in response to the current replacing key request triggered, obtain the target data of key to be replaced;Wherein, described replacing key request is for asking the current crypto version of target data is replaced by target encryption version.
In the present embodiment, can be triggered, by system manager, the data that system is preserved and carry out the replacing key request of key replacing, it is of course also possible to arranged an intervalometer by system manager, just trigger every the set time (such as one month etc.) and change key request.Certainly, in the embodiment of the present application, how to trigger replacing key request and do not affect the realization of the present embodiment, as long as this replacing key request includes current crypto version and the target encryption version of data.Trigger replacing key request for system manager, this replacing key request includes current crypto version and the target encryption version information of data.Such as, change the target data that current crypto version is " 1 " into target encryption version " 2 " to be encrypted.
Therefore, in actual applications, it is necessary to for one encrypted version one's own department or unit of the many designs of data that system preserves, it is used for representing which encryption version is corresponding data have employed and be encrypted.Such as, in third party transaction system, the ship-to of buyer's user input systems is: Xihu District, the Hangzhou, Zhejiang province city HUANGLONG epoch, so this ship-to is deposited in data base and assumes to use Advanced Encryption Standard (AES, AdvancedEncryptionStandard) encryption, corresponding encryption key is: dkusjjws.So shown in reference table 1, for the data of this ship-to, having the field of " encryption version " in systems corresponding thereto, field value is the encryption version of 1 expression ship-to is 1.
Table 1
And for the mass data in system, in addition it is also necessary to key management allocation list as shown in table 2 is set, safeguards the relation between encryption version and encryption key.
Table 2
| Key | Value |
| encryptionVersion | 1 |
| encryptionKey.1 | dkusjjws |
| encryptionKey.2 | Abcdddtt |
In table 2, the field value of keyword " encryptionVersion " represents the encryption version of current system, the field value of keyword " encryptionKey.1 " represents the encryption key corresponding to encryption version of current system, if changing key, the field value that then keyword " encryptionVersion " is corresponding is just replaced by 2, representing that target encryption version is 2, the field value of keyword " encryptionKey.2 " is then the encryption key corresponding to target encryption version of current system.
Based on above-mentioned table 1 and table 2, step 101 may comprise steps of when concrete execution:
Step A1: obtain current crypto version and target encryption version from the current replacing key request triggered.
First, from the current replacing key request triggered, current crypto version and target encryption version information are got.Such as, current crypto version is 1, and target encryption version is 2.
Step A2: according to the corresponding relation between the encryption version and the data that prestore, obtain the target data that encryption version is current crypto version.
According to such as the relevant information of aforementioned table 1, get those data that all of encryption version is 1 as target data.
It is then returned to Fig. 1, enters step 102: described target data is decrypted by the current encryption key using described current crypto version corresponding, to obtain initial data.
In the present embodiment, initial data is the ciphertext adopting symmetric encipherment algorithm to obtain, and therefore, can be decrypted.Concrete, step 102 may include that in the specific implementation
Step B1: according to the corresponding relation of the encryption version prestored and encryption key, obtain the current encryption key that current crypto version is corresponding.
After finding the target data that all encryption versions are 1, for instance aforesaid table 2 can inquire what data encryption key of use when encryption that encryption version is 1 is, for instance in table 2, it is possible to getting the current encryption key that encryption version is 1 is.
Step B2: use described current encryption key that described target data is decrypted, to obtain unencrypted initial data.
Such as, " dkusjjws " double secret key target data is used to be decrypted, it is possible to obtain unencrypted initial data.
Subsequently enter step 103: adopt the target encryption key that described target encryption version is corresponding to be encrypted described initial data.
The target encryption key " Abcdddtt " that initial data adopts encryption version 2 correspondence again is encrypted, and is used the data after " Abcdddtt " encryption.
Optionally, in various embodiments, can also include after step 103:
Step 104: the initial data after adopting target encryption keys is stored.
Finally can the data after adopting " Abcdddtt " encryption being stored to the data base of system, meanwhile, the current crypto version updating target data in Table 1 is 2.
Visible, in the embodiment of the present application, can pass through the change adding ciphertext data and being encrypted key, so that the data of encrypting storing can change encryption key flexibly, because the encryption key of data is flexible transformation, therefore, even if having hacker to take considerable time cracked original key, also it is cannot successfully obtain the data adopting new Crypted password to be encrypted storage.Compared with prior art, the embodiment of the present application significantly improves the safety of data storage, and the private data protecting user to the full extent is not compromised.
With reference to Fig. 2, it is shown that the flow chart of the embodiment of the method 2 that a kind of data of the application are encrypted safely, the present embodiment may comprise steps of:
Step 200: in response to the current replacing key request triggered, obtain the current crypto version represented by described replacing key request and target encryption version.
In actual applications, also have class data to have employed rivest, shamir, adelman to be encrypted, so its preservation form in the data base of system is exactly ciphertext, and what the encryption key that system cannot obtain corresponding ciphertext is, so cannot the data of this class be decrypted.For this situation, if currently triggering replacing key request, this replacing key request including current crypto version and target encryption version equally, first from replacing key request, getting current crypto version and target encryption version.Wherein, trigger the mode changing key request and be referred to the introduction of embodiment 1, do not repeat them here.
Step 201: the business operation request triggered in response to user, performs the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version.
It is understood that because data cannot be deciphered, even if so currently triggering replacing key request, also cannot immediately be encrypted for target data.Therefore, in this case, it is possible to wait that user triggers the request of corresponding business operation, for instance, the register that user triggers, or payment operation etc..After treating user's trigger business operation requests, register business or payment operation business that user trigger are first carried out.The process of execution business is same as the prior art, does not repeat them here.
In example 2, in shape such as embodiment 1, the relation of encrypted cipher text and encryption version recorded by table 1, it is also possible to set user information field, and which encryption version is the data to represent active user have employed is encrypted, and represents what the ciphertext after encryption is.
Step 202: after treating that described business operation is finished, uses the data that the current business of described user is related to by described target encryption key to be encrypted.
After treating that the business that user triggers is finished, the initial data sent when logging according to user, for instance user login name and login password information, use the target encryption key corresponding to target encryption version that all data of this user are encrypted.Wherein, still the encryption key corresponding to the encryption version that user is current can be inquired according to the record of table 2 in embodiment 1.
It should be noted that the present embodiment is adapted to the situation that the data involved by certain business of certain user are encrypted.
Optionally, after step 202, it is also possible to including:
Step 203: the data that the business of the user after employing target encryption keys relates to are stored.
Optionally, after the data involved by the business to user are encrypted, the data adopting new encryption key to be encrypted again being stored to data base, the encryption version of the data involved by business simultaneously changing this user in table 2 is target encryption version.
The change adding ciphertext data of user, there is no any perception for a user, user is when triggering relevant business operation, the password of system of users has done cryptographic operation again, it is that this secondary key is encrypted or stores unsuccessfully, without the user operation that impact is current, so can ensure that the availability of system.
In the present embodiment, can pass through the change adding ciphertext data and being encrypted key, so that the data of encrypting storing can change encryption key flexibly, because the encryption key of data is flexible transformation, therefore, even if having hacker to take considerable time cracked original key, also it is cannot successfully obtain the data adopting new Crypted password to be encrypted storage.Compared with prior art, the embodiment of the present application significantly improves the safety of data storage, and the private data protecting user to the full extent is not compromised.
With reference to Fig. 3, it is shown that the flow chart of a kind of embodiment of the method obtaining data of the application, the present embodiment may comprise steps of:
Step 301: the data acquisition request triggered in response to user, sends described data acquisition request to server.
The method of the present embodiment can apply to client, and when user triggers the request obtaining data from server on the client, this data acquisition request includes user profile, for instance user name etc. can be identified for that the information of oneself identity;And, the identification information of request data, for instance, ask all sequence informations under certain user name.So server is after receiving data acquisition request, just from data base, search corresponding data according to identification information, and verify whether this user has permission these data of acquisition according to user profile, if had, corresponding ciphertext is decrypted by the encryption key then adopting correspondence, thus obtaining target data.In the data base of server, storage oil user profile, corresponding relation between data ciphertext and encryption key.
Step 302: receiving the described target data that server returns, this target data is: described server is according to the ciphertext of described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
Client receives target data after the deciphering that server returns again, and this target data is: described server is according to ciphertext corresponding to described data acquisition request inquiry, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
In the present embodiment, server for the data in data base can regularly or according to user's request change encryption key, it is possible not only to the data in the safer data base preserving server, could be used that what family had no perception gets comparatively safe data by client, promote the experience of user.
For aforesaid embodiment of the method, in order to be briefly described, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, embodiment described in this description belongs to preferred embodiment, necessary to involved action and module not necessarily the application.
Corresponding with the method that the embodiment of the method that a kind of data of above-mentioned the application are encrypted safely provides, referring to Fig. 4, present invention also provides the device embodiment 1 that a kind of data are encrypted safely, in the present embodiment, this device may include that
Obtain target data module 401, in response to the current replacing key request triggered, obtaining the target data of key to be replaced;Wherein, described replacing key request is for asking the current encryption key of target data is replaced by target encryption key.
Wherein, described acquisition target data module 401 specifically may include that
Obtain encryption version submodule, for obtaining current crypto version and target encryption version from the current replacing key request triggered;With, obtain target data submodule, for according to the corresponding relation between the encryption version and the data that prestore, obtaining the target data that encryption version is current crypto version.
Deciphering module 402, is used for using described current encryption key that described target data is decrypted, to obtain initial data.
Wherein, described deciphering module 402 specifically may include that
Obtain encryption key submodule, for the corresponding relation according to the encryption version prestored and encryption key, obtain the current encryption key that current crypto version is corresponding;With, decipher submodule, be used for using described current encryption key that described target data is decrypted, to obtain unencrypted initial data.
First encrypting module 403, for adopting described target encryption key to be encrypted described initial data.
First memory module 404, for storing the initial data after employing target encryption keys.
In the present embodiment, can pass through the change adding ciphertext data and being encrypted key, so that the data of encrypting storing can change encryption key flexibly, because the encryption key of data is flexible transformation, therefore, even if having hacker to take considerable time cracked original key, also it is cannot successfully obtain the data adopting new Crypted password to be encrypted storage.Compared with prior art, the embodiment of the present application significantly improves the safety of data storage, and the private data protecting user to the full extent is not compromised.
Corresponding with the method that the embodiment of the method that a kind of data of above-mentioned the application are encrypted safely provides, referring to Fig. 5, present invention also provides the device embodiment 2 that a kind of data are encrypted safely, in the present embodiment, this device may include that
Obtain encryption version module 501, in response to the current replacing key request triggered, obtaining the current crypto version represented by described replacing key request and target encryption version.
Perform business module 502, for the business operation request triggered in response to user, perform the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version.
Second encrypting module 503, after being used for treating that described business operation is finished, uses the data that the business of described user is related to by described target encryption key to be encrypted.
Second memory module 504, for storing the data that the business of the user after employing target encryption keys relates to.
In the present embodiment, can pass through the change adding ciphertext data and being encrypted key, so that the data of encrypting storing can change encryption key flexibly, because the encryption key of data is flexible transformation, therefore, even if having hacker to take considerable time cracked original key, also it is cannot successfully obtain the data adopting new Crypted password to be encrypted storage.Compared with prior art, the embodiment of the present application significantly improves the safety of data storage, and the private data protecting user to the full extent is not compromised.
Corresponding with the method that the embodiment of the method for a kind of acquisition of above-mentioned the application provides, referring to Fig. 6, present invention also provides a kind of device embodiment obtaining data, in the present embodiment, this device may include that
Sending module 601, for the data acquisition request triggered in response to user, sends described data acquisition request to server.
Receiver module 602, for receiving the described target data that server returns, this target data is: described server is according to the ciphertext of described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
In the present embodiment, server for the data in data base can regularly or according to user's request change encryption key, it is possible not only to the data in the safer data base preserving server, could be used that what family had no perception gets comparatively safe data by client, promote the experience of user.
It should be noted that each embodiment in this specification all adopts the mode gone forward one by one to describe, what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar part mutually referring to.For device class embodiment, due to itself and embodiment of the method basic simlarity, so what describe is fairly simple, relevant part illustrates referring to the part of embodiment of the method.
Finally, it can further be stated that, in this article, the relational terms of such as first and second or the like is used merely to separate an entity or operation with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " includes ", " comprising " or its any other variant are intended to comprising of nonexcludability, so that include the process of a series of key element, method, article or equipment not only include those key elements, but also include other key elements being not expressly set out, or also include the key element intrinsic for this process, method, article or equipment.When there is no more restriction, statement " including ... " key element limited, it is not excluded that there is also other identical element in including the process of described key element, method, article or equipment.
Method and the device above data provided herein encrypted safely are described in detail, principle and the embodiment of the application are set forth by specific case used herein, and the explanation of above example is only intended to help and understands the present processes and core concept thereof;Simultaneously for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this specification content should not be construed as the restriction to the application.
Claims (14)
1. the method that data are encrypted safely, it is characterised in that the method includes:
In response to the current replacing key request triggered, obtain the target data of key to be replaced;Wherein, described replacing key request is for asking the current encryption key of target data is replaced by target encryption key;
Use described current encryption key that described target data is decrypted, to obtain initial data;
Described target encryption key is adopted to be encrypted described initial data.
2. method according to claim 1, it is characterised in that also include:
Initial data after adopting target encryption keys is stored.
3. method according to claim 1, it is characterised in that the described replacing key request in response to current triggering, obtains the target data of key to be replaced, including:
Current crypto version and target encryption version is obtained from the current replacing key request triggered;
According to the corresponding relation between the encryption version and the data that prestore, obtain the target data that encryption version is current crypto version.
4. method according to claim 1, it is characterised in that described target data is decrypted by the described current encryption key of described use, to obtain initial data, including:
According to the corresponding relation of the encryption version prestored and encryption key, obtain the current encryption key that current crypto version is corresponding;
Use described current encryption key that described target data is decrypted, to obtain unencrypted initial data.
5. the method that data are encrypted safely, it is characterised in that in response to the current replacing key request triggered, obtaining the current crypto version represented by described replacing key request and target encryption version, the method includes:
In response to the business operation request that user triggers, perform the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version;
After treating that described business operation is finished, the data that the business of described user is related to by the target encryption key using described target encryption version corresponding are encrypted.
6. method according to claim 5, it is characterised in that also include:
Data involved by the business of the user after employing target encryption keys are stored.
7. the method obtaining data, it is characterised in that the method is applied to client, including:
In response to the data acquisition request that user triggers, described data acquisition request is sent to server;
Receiving the described target data that server returns, this target data is the server ciphertext according to described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
8. the device that data are encrypted safely, it is characterised in that including:
Obtain target data module, in response to the current replacing key request triggered, obtaining the target data of key to be replaced;Wherein, described replacing key request is for asking the current encryption key of target data is replaced by target encryption key;
Deciphering module, is used for using described current encryption key that described target data is decrypted, to obtain initial data;
First encrypting module, for adopting described target encryption key to be encrypted described initial data.
9. device according to claim 8, it is characterised in that also include:
First memory module, for storing the initial data after employing target encryption keys.
10. device according to claim 8, it is characterised in that described acquisition target data module includes:
Obtain encryption version submodule, for obtaining current crypto version and target encryption version from the current replacing key request triggered;
Obtain target data submodule, for according to the corresponding relation between the encryption version and the data that prestore, obtaining the target data that encryption version is current crypto version.
11. device according to claim 8, it is characterised in that described deciphering module includes:
Obtain encryption key submodule, for the corresponding relation according to the encryption version prestored and encryption key, obtain the current encryption key that current crypto version is corresponding;
Deciphering submodule, is used for using described current encryption key that described target data is decrypted, to obtain unencrypted initial data.
12. the device that data are encrypted safely, it is characterised in that including:
Obtain encryption version module, in response to the current replacing key request triggered, obtaining the current crypto version represented by described replacing key request and target encryption version;
Perform business module, for the business operation request triggered in response to user, perform the business operation of described user request;Wherein, the encryption version of the data of described user is described current crypto version;
Second encrypting module, after being used for treating that described business operation is finished, the data that the business of described user is related to by the target encryption key using described target encryption version corresponding are encrypted.
13. device according to claim 12, it is characterised in that also include:
Second memory module, for storing the data that the business of the user after employing target encryption keys relates to.
14. the device obtaining data, it is characterised in that this device includes:
Sending module, for the data acquisition request triggered in response to user, sends described data acquisition request to server;
Receiver module, for receiving the described target data that server returns, this target data is: described server is according to the ciphertext of described data acquisition request inquiry correspondence, and uses the encryption key of correspondence that described ciphertext is decrypted the data obtained.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722942.0A CN105721393A (en) | 2014-12-02 | 2014-12-02 | Data security encryption method and data security encryption device |
| PCT/CN2015/095587 WO2016086787A1 (en) | 2014-12-02 | 2015-11-26 | Data security encryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410722942.0A CN105721393A (en) | 2014-12-02 | 2014-12-02 | Data security encryption method and data security encryption device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105721393A true CN105721393A (en) | 2016-06-29 |
Family
ID=56090996
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410722942.0A Pending CN105721393A (en) | 2014-12-02 | 2014-12-02 | Data security encryption method and data security encryption device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105721393A (en) |
| WO (1) | WO2016086787A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107918739A (en) * | 2017-12-29 | 2018-04-17 | 咪咕文化科技有限公司 | A kind of guard method of data, device and storage medium |
| CN108234112A (en) * | 2016-12-14 | 2018-06-29 | 中国移动通信集团安徽有限公司 | Data encryption and decryption method and system |
| CN111666558A (en) * | 2020-04-30 | 2020-09-15 | 平安科技(深圳)有限公司 | Key alternation method, key alternation device, computer equipment and storage medium |
| CN113162763A (en) * | 2021-04-20 | 2021-07-23 | 平安消费金融有限公司 | Data encryption and storage method and device, electronic equipment and storage medium |
| WO2021239059A1 (en) * | 2020-05-28 | 2021-12-02 | 平安科技(深圳)有限公司 | Key rotation method, device, electronic apparatus, and medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1818920A (en) * | 2005-02-07 | 2006-08-16 | 微软公司 | Systems and methods for managing multiple keys for file encryption and decryption |
| CN101183419A (en) * | 2007-12-07 | 2008-05-21 | 武汉达梦数据库有限公司 | Data-base storage ciphering method based on conversation |
| US20080148072A1 (en) * | 2006-09-29 | 2008-06-19 | Fujitsu Limited | Code conversion apparatus, code conversion method, and computer product |
| CN102236766A (en) * | 2011-05-10 | 2011-11-09 | 桂林电子科技大学 | Security data item level database encryption system |
| CN103259651A (en) * | 2013-05-30 | 2013-08-21 | 成都欣知科技有限公司 | Encryption and decryption method and system of terminal data |
| CN103560892A (en) * | 2013-11-21 | 2014-02-05 | 深圳中兴网信科技有限公司 | Secret key generation method and secret key generation device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056171A (en) * | 2006-06-20 | 2007-10-17 | 华为技术有限公司 | An encryption communication method and device |
| CN101488969A (en) * | 2008-01-15 | 2009-07-22 | 中国移动通信集团公司 | Method, apparatus and system for replacing consumer sub-cipher key |
| JP4799626B2 (en) * | 2009-02-04 | 2011-10-26 | ソニーオプティアーク株式会社 | Information processing apparatus, information processing method, and program |
-
2014
- 2014-12-02 CN CN201410722942.0A patent/CN105721393A/en active Pending
-
2015
- 2015-11-26 WO PCT/CN2015/095587 patent/WO2016086787A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1818920A (en) * | 2005-02-07 | 2006-08-16 | 微软公司 | Systems and methods for managing multiple keys for file encryption and decryption |
| US20080148072A1 (en) * | 2006-09-29 | 2008-06-19 | Fujitsu Limited | Code conversion apparatus, code conversion method, and computer product |
| CN101183419A (en) * | 2007-12-07 | 2008-05-21 | 武汉达梦数据库有限公司 | Data-base storage ciphering method based on conversation |
| CN102236766A (en) * | 2011-05-10 | 2011-11-09 | 桂林电子科技大学 | Security data item level database encryption system |
| CN103259651A (en) * | 2013-05-30 | 2013-08-21 | 成都欣知科技有限公司 | Encryption and decryption method and system of terminal data |
| CN103560892A (en) * | 2013-11-21 | 2014-02-05 | 深圳中兴网信科技有限公司 | Secret key generation method and secret key generation device |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234112A (en) * | 2016-12-14 | 2018-06-29 | 中国移动通信集团安徽有限公司 | Data encryption and decryption method and system |
| CN107918739A (en) * | 2017-12-29 | 2018-04-17 | 咪咕文化科技有限公司 | A kind of guard method of data, device and storage medium |
| CN107918739B (en) * | 2017-12-29 | 2020-05-12 | 咪咕文化科技有限公司 | Data protection method and device and storage medium |
| CN111666558A (en) * | 2020-04-30 | 2020-09-15 | 平安科技(深圳)有限公司 | Key alternation method, key alternation device, computer equipment and storage medium |
| WO2021239059A1 (en) * | 2020-05-28 | 2021-12-02 | 平安科技(深圳)有限公司 | Key rotation method, device, electronic apparatus, and medium |
| CN113162763A (en) * | 2021-04-20 | 2021-07-23 | 平安消费金融有限公司 | Data encryption and storage method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016086787A1 (en) | 2016-06-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3380979B1 (en) | Systems and methods for detecting sensitive information leakage while preserving privacy | |
| US20190130115A1 (en) | Privacy firewall | |
| AU2016220152B2 (en) | Cloud encryption key broker apparatuses, methods and systems | |
| US20220343017A1 (en) | Provision of risk information associated with compromised accounts | |
| US20180144148A1 (en) | Encryption and decryption system and method | |
| CN103259651B (en) | A kind of method and system to terminal data encryption and decryption | |
| US20140172830A1 (en) | Secure search processing system and secure search processing method | |
| US20150082022A1 (en) | Devices and techniques for controlling disclosure of sensitive information | |
| CN105721393A (en) | Data security encryption method and data security encryption device | |
| US8867743B1 (en) | Encryption of large amounts of data using secure encryption methods | |
| CN110022207B (en) | Method, apparatus, device and computer readable medium for key management and data processing | |
| WO2018183344A2 (en) | Management of sensitive information access and use | |
| US20190012467A1 (en) | Improved storage system | |
| WO2018043466A1 (en) | Data extraction system, data extraction method, registration device, and program | |
| Krawiecka et al. | Protecting password databases using trusted hardware | |
| CN102427461B (en) | Method and system for realizing Web service application security | |
| JP6965885B2 (en) | Information processing equipment, information processing methods, and programs | |
| Katre et al. | Trusted third party for data security in cloud environment | |
| CN113312650B (en) | Transaction log privacy protection method and device | |
| Madni et al. | Security Model for Securing Data on Cloud | |
| CN117675204A (en) | Password management method and related equipment | |
| WELDU | DEVELOPING AN ENHANCED VERSION OF EXISTING FRAMEWORK FOR USER AUTHENTICATION AND DATA SECURITY IN CLOUD COMPUTING ENVIRONMENT | |
| WO2021028831A1 (en) | Real time decryption system and method for its use | |
| Nguyen-Vu et al. | Privacy enhancement for data outsourcing | |
| JP2015136047A (en) | Information processing device, information processing terminal, information processing system, and information processing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160629 |