CN105791292B - A kind of method of Dynamic Geographical Information encryption - Google Patents

A kind of method of Dynamic Geographical Information encryption Download PDF

Info

Publication number
CN105791292B
CN105791292B CN201610120369.5A CN201610120369A CN105791292B CN 105791292 B CN105791292 B CN 105791292B CN 201610120369 A CN201610120369 A CN 201610120369A CN 105791292 B CN105791292 B CN 105791292B
Authority
CN
China
Prior art keywords
channel
server
client
information
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610120369.5A
Other languages
Chinese (zh)
Other versions
CN105791292A (en
Inventor
孙斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Communication Information System Co Ltd
Original Assignee
Inspur Tianyuan Communication Information System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Tianyuan Communication Information System Co Ltd filed Critical Inspur Tianyuan Communication Information System Co Ltd
Priority to CN201610120369.5A priority Critical patent/CN105791292B/en
Publication of CN105791292A publication Critical patent/CN105791292A/en
Application granted granted Critical
Publication of CN105791292B publication Critical patent/CN105791292B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a kind of method of Dynamic Geographical Information encryption, which is made of the life cycle of encrypted tunnel, information encrypting module and client end AP I three parts;The life cycle of encrypted tunnel is divided into four-stage: the channel stage is established in client application, server-side Qualify Phase, server-side establish the channel stage, server-side destroys the channel stage;Information encrypting module is Information Encryption Algorithm, is to convert true longitude and latitude to encryption longitude and latitude numerical value, feeds back to client;The server-side that client end AP I is used to encrypt with information interacts;Include: applying for that API, coordinate transformation API and channel update API in channel.The invention has the characteristics that: 1) make encryption data effective just for certain client period, can effective prevention data sharing with crack;2) data encryption process is of less demanding for the computing capability of computer;Even if 3) algorithmic formula leaks, the channel algorithm variable generated due to not knowing server-side can not still carry out retrospectively calculate.

Description

A kind of method of Dynamic Geographical Information encryption
Technical field
The present invention relates to electronic map and geographic information services technical field, specifically a kind of Dynamic Geographical Information adds Close method.
Background technique
With the progress of satellite positioning tech, remote sensing technology, geographic information system technology and network technology, based on electronically Figure and geographic information services are quickly grown, and while work, the life to people provide convenient, many are also occurred and are not allowed to neglect Depending on the problem of.Some entity and individual are intentional or unintentional, it is some it is sensitive, unsuitable disclosed in, be even related to national machine Close related geographic coordinate data information publishes interconnection web stream and passes.The appearance of these problems, seriously compromises country Interests threaten national information safety.For this purpose, there is practical and urgent demand in China for geography information encryption.
At present there are two types of the means of the geography information encryption of IT industry mainstream.One is carry out coordinate shift method, another kind It is to carry out projection transform method.
One, coordinate shift method
Coordinate shift method refers to the initial data of directly encryption coordinate, gives true coordinate certain nonlinear offset, has reached To the purpose of information privacy.Coordinate shift method algorithmically has very high requirement, should guarantee pel degree of deformation after coordinate encryption It keeps in the reasonable scope, and needs to provide irreversible coordinate Encryption Algorithm to system user, to facilitate user by business Data are perfectly labeled on map.The advantages of coordinate shift method is directly to have encrypted data source header, and safety is relatively high.
Currently, searching of releasing of the Baidu map coordinate system released of GCJ02 coordinate system and Baidu company, Sohu.com Inc. Dog map coordinates system has been all made of coordinate data offset arrangement and has carried out information encryption.
The mode that cracks of coordinate shift method is generally Brute Force method.Due to official provide coordinate Encryption Algorithm be can not Algorithm for inversion can only crack precision, each of exhaustive true coordinate value, meter according to expected by way of violence dictionary Calculate encryption dictionary.True coordinate value can be gone out by encryption coordinate value back mapping by dictionary.
Two, projection transform method
Map projection just refers to the point established on earth surface (or other celestial body surfaces or day spherical surface) and projection plane (i.e. Map plane) on point between one-to-one relationship method, that is, establish between mathematics conversion formula.It will be as one not The curved surface that can be flattened i.e. earth surface projection (irradiation) ensure that spatial information on region to the basic skills of a plane Connection with it is complete, this projection process will generate distortion of projection, and different projecting methods has heterogeneity and size Distortion of projection.According to different customized projective parameters, original latitude and longitude coordinates translate into projection coordinate, and (projection example is shown in Attached drawing 1).Projection transform method does not need change initial data and the problem of without the concern for pel degree of deformation, implements phase To simple.
The mode that cracks of projection transform method is generally algorithm and cracks, can by projective parameter once projective parameter leaks True coordinate data are calculated easily, therefore safety is poor.
Summary of the invention
Technical assignment of the invention is to provide a kind of method of Dynamic Geographical Information encryption.
Technical assignment of the invention realizes in the following manner, life cycle of the encryption method by encrypted tunnel, letter Encryption for information module and client end AP I three parts are constituted;
The life cycle of encrypted tunnel is divided into four-stage: client application establish the channel stage, server-side Qualify Phase, Server-side establishes the channel stage, server-side destroys the channel stage;
Information encrypting module is Information Encryption Algorithm, is to convert true longitude and latitude to encryption longitude and latitude numerical value, feeds back to Client;
The server-side that client end AP I is used to encrypt with information interacts;Include: applying for API, coordinate transformation API and lead in channel Road updates API.
The channel stage is established in the client application:
Client need to transmit following hardware information parameter: PC platform: operating system version number+CPU ID+ magnetic to server-side Disk sequence number+network interface card MAC;Mobile-terminal platform: operating system version number+CPU ID+IMEI+ network interface card MAC+ manufacturer sequence code;
Server-side Qualify Phase: server-side receives the Path Setup application of client, will go in channel table to inquire whether The equipment has had the channel of occupancy;If allowing it to establish channel without channel;
Server-side is established the channel stage: server-side generates 32 character strings as channel key at random, generates 1- at any time Algorithmic variable of 9999999999 natural number as the channel, and channel key, algorithmic variable, client hardware information are remembered It records in channel table;Later, unique mark of the server-side to client feedback channel key, as client request channel;
Server-side destroys the channel stage: exceeding schedule time when the client request time, server-side refuses client request And channel is destroyed in channel table.
The Information Encryption Algorithm is made of basic algorithm and channel algorithm variable two parts;
Information Encryption Algorithm is as follows:
If constant: α=6378245.0 projects the factor;The eccentricity of the earth of β=0.00669342162296594323;
If variable: θ=channel algorithm variable 1-9999999999;(e is natural logrithm);Y=is former Beginning latitude;The original longitude of x=;
The channel apply for API: for client to the tool-class API of server-side application encrypted tunnel;
Coordinate transformation API: original longitude and latitude is converted to for client the encryption longitude and latitude of certain encrypted tunnel;
Channel updates API: for notifying channel expired automatically, automatically updating the API of channel information.
Compared to the prior art a kind of method of Dynamic Geographical Information encryption of the invention, has the following characteristics that
1) the algorithm mechanism for using the encrypted tunnel with time-effectiveness, makes encryption data just for certain client period Effectively, can effective prevention data sharing with crack;
2) data encryption process is of less demanding for the computing capability of computer;
Even if 3) algorithmic formula leaks, the channel algorithm variable generated due to not knowing server-side can not still be carried out reversed It calculates.
Detailed description of the invention
Attached drawing 1 is a kind of encrypted tunnel life cycle schematic diagram of the method for Dynamic Geographical Information encryption;
Specific embodiment
Embodiment 1:
The encryption method is made of the life cycle of encrypted tunnel, information encrypting module and client end AP I three parts;
The life cycle of encrypted tunnel is divided into four-stage: client application establish the channel stage, server-side Qualify Phase, Server-side establishes the channel stage, server-side destroys the channel stage;
The channel stage is established in client application:
Client need to transmit following hardware information parameter: PC platform: operating system version number+CPU ID+ magnetic to server-side Disk sequence number+network interface card MAC;Mobile-terminal platform: operating system version number+CPU ID+IMEI+ network interface card MAC+ manufacturer sequence code;
Server-side Qualify Phase: server-side receives the Path Setup application of client, will go in channel table to inquire whether The equipment has had the channel of occupancy;If allowing it to establish channel without channel;
Server-side is established the channel stage: server-side generates 32 character strings as channel key at random, generates 1- at any time Algorithmic variable of 9999999999 natural number as the channel, and channel key, algorithmic variable, client hardware information are remembered It records in channel table;Later, unique mark of the server-side to client feedback channel key, as client request channel;
Server-side destroys the channel stage: exceeding schedule time when the client request time, server-side refuses client request And channel is destroyed in channel table.
Information encrypting module is Information Encryption Algorithm, is to convert true longitude and latitude to encryption longitude and latitude numerical value, feeds back to Client;
Information Encryption Algorithm is made of basic algorithm and channel algorithm variable two parts;
Information Encryption Algorithm is as follows:
If constant: α=6378245.0 projects the factor;The eccentricity of the earth of β=0.00669342162296594323;
If variable: θ=channel algorithm variable 1-9999999999;(e is natural logrithm);Y=is former Beginning latitude;The original longitude of x=;
The server-side that client end AP I is used to encrypt with information interacts;Include: applying for API, coordinate transformation API and lead in channel Road updates API.
Apply for API in channel: for client to the tool-class API of server-side application encrypted tunnel;
Coordinate transformation API: original longitude and latitude is converted to for client the encryption longitude and latitude of certain encrypted tunnel;
Channel updates API: for notifying channel expired automatically, automatically updating the API of channel information.
The technical personnel in the technical field can readily realize the present invention with the above specific embodiments,.But it answers Work as understanding, the present invention is not limited to above-mentioned several specific embodiments.On the basis of the disclosed embodiments, the technology The technical staff in field can arbitrarily combine different technical features, to realize different technical solutions.

Claims (1)

1. a kind of method of Dynamic Geographical Information encryption, which is characterized in that life cycle of the encryption method by encrypted tunnel, letter Encryption for information module and client end AP I three parts are constituted;
The life cycle of encrypted tunnel is divided into four-stage: channel stage, server-side Qualify Phase, service are established in client application The channel stage is established at end, server-side destroys the channel stage;
Information encrypting module is Information Encryption Algorithm, is to convert true longitude and latitude to encryption longitude and latitude numerical value, feeds back to client End;
The server-side that client end AP I is used to encrypt with information interacts;Include: applying for API, coordinate transformation API and channel more in channel New API;
The channel stage is established in the client application:
Client need to transmit following hardware information parameter: PC platform: operating system version number+CPU ID+ disk sequence to server-side Row number+network interface card MAC;Mobile-terminal platform: operating system version number+CPU ID+IMEI+ network interface card MAC+ manufacturer sequence code;
Server-side Qualify Phase: server-side receives the Path Setup application of client, will go in channel table to inquire whether this sets The standby channel for having had occupancy;If allowing it to establish channel without channel;
Server-side is established the channel stage: server-side generates 32 character strings as channel key at random, generates 1- at any time Algorithmic variable of 9999999999 natural number as the channel, and channel key, algorithmic variable, client hardware information are remembered It records in channel table;Later, unique mark of the server-side to client feedback channel key, as client request channel;
Server-side destroy the channel stage: exceed schedule time when the client request time, server-side refuse client request and Channel is destroyed in channel table;
The Information Encryption Algorithm is made of basic algorithm and channel algorithm variable two parts;
Information Encryption Algorithm is as follows:
If constant: α=6378245.0 projects the factor;The eccentricity of the earth of β=0.00669342162296594323;
If variable: θ=channel algorithm variable 1-9999999999;E is natural logrithm;The original latitude of y=; The original longitude of x=;
The original latitude of y=;The original longitude of x=;
The original latitude of y=;The original longitude of x=;
The channel apply for API: for client to the tool-class API of server-side application encrypted tunnel;
Coordinate transformation API: original longitude and latitude is converted to for client the encryption longitude and latitude of certain encrypted tunnel;
Channel updates API: for notifying channel expired automatically, automatically updating the API of channel information.
CN201610120369.5A 2016-03-03 2016-03-03 A kind of method of Dynamic Geographical Information encryption Active CN105791292B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610120369.5A CN105791292B (en) 2016-03-03 2016-03-03 A kind of method of Dynamic Geographical Information encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610120369.5A CN105791292B (en) 2016-03-03 2016-03-03 A kind of method of Dynamic Geographical Information encryption

Publications (2)

Publication Number Publication Date
CN105791292A CN105791292A (en) 2016-07-20
CN105791292B true CN105791292B (en) 2019-01-01

Family

ID=56387840

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610120369.5A Active CN105791292B (en) 2016-03-03 2016-03-03 A kind of method of Dynamic Geographical Information encryption

Country Status (1)

Country Link
CN (1) CN105791292B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10796006B2 (en) 2017-08-31 2020-10-06 Micro Focus Llc Geographical track data obfuscation
CN112611389A (en) * 2020-12-21 2021-04-06 北京世纪高通科技有限公司 Region identification method and device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101466144A (en) * 2009-01-15 2009-06-24 山东大学 Three-dimensional space-time combined encrypt communication apparatus based on GNSS and communication method thereof
CN103152339A (en) * 2013-02-27 2013-06-12 南京师范大学 Vector map data security transmission method based on digital envelope
CN103973438A (en) * 2014-03-25 2014-08-06 深圳天源迪科信息技术股份有限公司 Communication channel dynamic encryption method
CN104270709A (en) * 2014-09-23 2015-01-07 山东鲁能软件技术有限公司 Mobile device communication coordinate encrypting method based on GIS platform

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101466144A (en) * 2009-01-15 2009-06-24 山东大学 Three-dimensional space-time combined encrypt communication apparatus based on GNSS and communication method thereof
CN103152339A (en) * 2013-02-27 2013-06-12 南京师范大学 Vector map data security transmission method based on digital envelope
CN103973438A (en) * 2014-03-25 2014-08-06 深圳天源迪科信息技术股份有限公司 Communication channel dynamic encryption method
CN104270709A (en) * 2014-09-23 2015-01-07 山东鲁能软件技术有限公司 Mobile device communication coordinate encrypting method based on GIS platform

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
《基于Logistic映射的地理空间数据加密》;朱颖芳等;《计算机应用与软件》;20151231;第32卷(第12期);全文 *
《定位信息加密系统的研究与设计》;郭国辉等;《北京电子科技学院学报》;20141231;第22卷(第4期);第4页-第5页 *

Also Published As

Publication number Publication date
CN105791292A (en) 2016-07-20

Similar Documents

Publication Publication Date Title
AU2003261094A1 (en) Controlling geographic location information of devices operating in wireless communication systems
SE0101295D0 (en) A method and network for delivering streaming data
Gardner-Stephen et al. The serval mesh: A platform for resilient communications in disaster & crisis
ATE449496T1 (en) TRANSMISSION OF APPLICATION INFORMATION AND COMMANDS USING PRESENCE TECHNOLOGY
CN105791292B (en) A kind of method of Dynamic Geographical Information encryption
CN108632035A (en) A kind of Oblivious Transfer system and method with access control
AU2001263033A1 (en) Method and apparatus for proximity discovery of services
WO2005036304A3 (en) Mobility device server
PT1618705E (en) Sytem and method for measuring data network quality
CN102385591A (en) Global positioning encoding device and method
ATE343294T1 (en) METHOD AND DEVICES FOR PROVIDING NETWORK ACCESS
CN116896439A (en) Text and travel data privacy calculation method and system based on multi-key homomorphic encryption
Zhou et al. PPTA: A location privacy-preserving and flexible task assignment service for spatial crowdsourcing
WO2013181841A1 (en) Privacy protection for participatory sensing system
CN110542454A (en) Environmental quality detection system based on block chain and Internet of things application technology
CN106713245A (en) Safety transmission method for geographic data
CN106126706A (en) A kind of scope of resource control method of based role
Ahmadian et al. A security scheme for geographic information databases in location based systems
CN104954447A (en) Mobile intelligent device security service implementation method and system supporting attribute based encryption
CN107958163A (en) Real-time dynamic data secure storage management system based on cloud platform
CN106161366A (en) The method and system that a kind of SSL of minimizing takes up room
CN105681027A (en) HSM encrypted information synchronization method, device and system
CN105025007A (en) A secure communication mode based on a CPK and applied between handset applications and between the handset applications and servers
KR101836947B1 (en) Method of distributing key for multi-party in quantum communication, method of performing quantum communication using the same and quantum communication system performing the same
Wen et al. Blockchain-empowered contact tracing for COVID-19 using crypto-spatiotemporal information

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong

Applicant after: Tianyuan Communication Information System Co., Ltd.

Address before: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong

Applicant before: Langchao Communication Information System Co., Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: 250100 S06 tower, 1036, Chao Lu Road, hi tech Zone, Ji'nan, Shandong.

Patentee after: INSPUR COMMUNICATION AND INFORMATION SYSTEM Co.,Ltd.

Address before: No. 1036, Shandong high tech Zone wave road, Ji'nan, Shandong

Patentee before: INSPUR TIANYUAN COMMUNICATION INFORMATION SYSTEM Co.,Ltd.

CP03 Change of name, title or address