CN105939354A - Large-scale network key management system based on GDOI protocol - Google Patents
Large-scale network key management system based on GDOI protocol Download PDFInfo
- Publication number
- CN105939354A CN105939354A CN201610405993.XA CN201610405993A CN105939354A CN 105939354 A CN105939354 A CN 105939354A CN 201610405993 A CN201610405993 A CN 201610405993A CN 105939354 A CN105939354 A CN 105939354A
- Authority
- CN
- China
- Prior art keywords
- key
- management
- module
- unit
- management module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a large-scale network key management system based on a GDOI protocol. The management system comprises a key management centre and a key management control terminal; and the key management centre is connected to the key management control terminal. According to the large-scale network key management system disclosed by the invention, a group encryption and deployment model of a key management server and a group member (GM) and a whole network consultation mechanism (Group SA) are provided based on the GDOI protocol; the flow among nodes is encrypted and decrypted by using the Group SA; and security communication is provided for the IP of any node.
Description
Technical field
The invention belongs to technical field of network security, be specifically related to a kind of based on large scale network key management system under GDOI agreement.
Background technology
Global Internet is indispensable in the Working Life of people, but the information security threats of network is but being aggravated year by year.In " prism door " event that network safety filed in 2013 is famous, the existing network architecture with switch, router as core is highly susceptible to monitored.Bulk information is leaked by switch and router, has beaten an alarm bell for all-network user.For large-scale corporation or the internet of government department of global range, it often uses network topology structure.The services such as whole network is divided into three layers, and wherein group's looped network platform is made up of several data centers, is become looped network by multiple 10G group of networks between data center, rolls into a ball offer applied business for complete or collected works and accesses, data summarization;Regional center platform, is made up of several regional centers, and regional center collects the data of each department company according to region, and provides the data channel leading to group's looped network;Regional corporation's platform, is made up of various places regional corporation LAN or Metropolitan Area Network (MAN), the network insertion of the base application of carrying various places company.For the ease of realizing the mutually addressing between each object and data exchange in above-mentioned network, the ICP/IP protocol of existing standard takes the mode of plaintext transmission, substantial amounts of data to be transmitted in the case of not having any safeguard protection on channel;The routing mechanism of network makes not to be had at " gateway of a country " at cyberspace between different geographical, country, and transmission data can arbitrary be intercepted, restructuring, and restores original data message and cause data message to leak.More it is a risk that most of switches of present domestic use and router are all foreign brand names, use external acp chip to design even if home brands are also more, cause domestic transmission network data may be monitored by foreign organization.Therefore, for ensureing the safety transmission of network internal information, in system interconnects, need to use the network switching equipment of a large amount of independent research, data encryption equipment, key management apparatus, equipment safety control etc..Meanwhile, in internet, the service needed such as various Distributed Calculation, voice, video is run anywhere or anytime between each branch, and traditional Hub-Spoke, point-to-point ipsec tunnel solution can not meet the demand of user.GDOI(Group
Domain ofInterpretation) agreement proposes Key Management server and the group encryption deployment model of group membership (GM), whole net negotiation mechanism (Group SA), uses Group
The internodal flow of SA encryption and decryption, provides possibility for arbitrary node IP secure communication.To this end, the large scale network KMC under exploitation GDOI agreement has important theory and practical significance.
Summary of the invention
In order to solve foregoing, the present invention provides a kind of based on large scale network key management system under GDOI agreement, and described management system includes that KMC and key management control terminal, and described KMC connects key management and controls terminal;
Further; described KMC is for the machine authentication of described management system, the encipherment protection of data storage and the identity key management of the whole network encryption device, and described key management controls the distribution of the identity public key of terminal KMC under key information input and off-line state;
Further, described KMC includes device management module, algorithm processing module, key management module, Communications Processor Module, local monitoring module and Integrated Management Module, wherein;
Device management module, described device management module for the whole network encryption device management, condition monitoring and the management of identity key and group Password Policy maintenance;
Algorithm processing module, described algorithm processing module carries out key information calculating by SM2, SM3 and SM4 algorithm to encryption device;
Key management module; described key management module join algorithm processing module, carries out maintenance and management by SM2, SM3 and SM4 algorithm in algorithm processing module to the storage protection of local critical data and to the whole network session encryption key, group policy key-encrypting key and group policy transmission cryptographic work key;
Communications Processor Module, described Communications Processor Module controls the communication connection of terminal, described device management module and key management control terminal and key management module and described device management module in order to realize described key management module and key management, described Communications Processor Module is externally unified provides GDOI protocol interface, and the distribution of key uses GDOI actualizing;
Local monitoring module, described local monitoring module is for collecting device management module, algorithm processing module, key management module, Integrated Management Module and the running status of Communications Processor Module, checking the integrity of critical data, abnormality triggers reports to the police;
Integrated Management Module, device management module, algorithm processing module, key management module, Communications Processor Module and local monitoring module are managed and safeguard based on WEB mode by described Integrated Management Module, and operation information, status information and maintenance information record are formed daily record;
Further, described device management module includes remote status inquiry and monitoring unit, group policy processing unit and identity key management unit,
Remote status inquiry and monitoring unit, the inquiry of described remote status and monitoring unit are for collecting and monitor the running status of encryption device;
Group policy processing unit, described group policy processing unit, for realizing the maintenance of group policy information, increases and deletion action including to the encryption device member of group policy;
Identity key management unit, described identity key management unit includes noting key spoon and certification key, described note key spoon for key parameter first realizing encryption device be filled with into, described certification key is for realizing local identity authentication function when encryption device starts;
Further; described key management module includes noise code processing unit, local critical data memory protection unit, session encryption key (SEK) administrative unit, group policy key-encrypting key (KEK) administrative unit and group policy transmission cryptographic work key (TEK) administrative unit, wherein;
Noise code processing unit, described noise code processing unit is in order to obtain and the noise data in random detection physical noise source;
Local critical data memory protection unit, described local critical data memory protection unit realizes local identity authentication function by the certification key of identity key management unit, obtains storage protection key, local sensitive information is carried out storage protection;
Session encryption key (SEK) administrative unit, described session encryption key (SEK) administrative unit, by carrying out IKE exchange with encryption device, carries out maintenance and management to SEK key between the whole network encryption device;
Group policy key-encrypting key (KEK) administrative unit, the whole network KEK key is updated and manages according to the group policy state of device management module by described group policy key-encrypting key (KEK) administrative unit;
Group policy transmission cryptographic work key (TEK) administrative unit, described group policy transmission cryptographic work key (TEK) administrative unit is according to group policy state and key updating cycle, to TEK key data maintenance and management;
Further, described Communications Processor Module includes safety management communications interface unit, GDOI protocol processing unit and cast communication processing unit, wherein;
Safety management communications interface unit, described safety management communications interface unit is for resolving and process, be collected group policy information the communication protocol of key management module Yu device management module and device management module is carried out command analysis and information reporting;
GDOI protocol processing unit, described GDOI protocol processing unit controls the communication connection between terminal and key management for realizing key management, and according to GDOI agreement to IKE SA, KEK SA and the foundation of TEK SA and maintenance;
Cast communication processing unit, described cast communication processing unit, in order to realize device management module and the communication connection of key management control terminal, carries out multicast distribution to TEK key;
Further, described management module includes cryptogram management center administrative unit and daily record maintenance unit, wherein;
Cryptogram management center administrative unit, described cryptogram management center administrative unit carries out parameter configuration and operational management based on WEB mode unit all kinds of to KMC;
Daily record maintenance unit, described daily record maintenance unit is for collecting the operation information of all kinds of unit of KMC, status information, maintenance information, and forms log recording, for retrieval and inquiry;
Further, described key management controls terminal and includes credit card information input module and PKI distribution module, and it is key management control station that described key management controls terminal;
The present invention proposes Key Management server and the group encryption deployment model of group membership (GM), whole net negotiation mechanism (Group SA) based on GDOI agreement, uses Group
The internodal flow of SA encryption and decryption, providing for arbitrary node IP can secure communication.
Accompanying drawing explanation
Fig. 1 is the hardware composition structure chart of management system of the present invention;
Fig. 2 is the topological schematic diagram of large-scale internetwork in global range described in background of invention.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is explained in further detail.Should be appreciated that specific embodiment described herein is used only for explaining the present invention, be not intended to limit the present invention.On the contrary, the present invention contains any replacement made in the spirit and scope of the present invention, amendment, equivalent method and scheme being defined by the claims.Further, in order to make the public that the present invention to be had a better understanding, in below the details of the present invention being described, detailed describe some specific detail sections.The description not having these detail sections for a person skilled in the art can also understand the present invention completely.
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as a limitation of the invention.Below for the most preferred embodiment of enumerating of the present invention:
nullAs Figure 1-Figure 2,The present invention provides a kind of based on large scale network key management system under GDOI agreement,Described management system includes that KMC and key management control terminal,Described KMC is the server apparatus of 2U height,Described server apparatus includes X86-based mainboard、Special PCI-E cipher card、Storage assembly、Network interface card、ID card driver、ID card read write line and power supply,Described KMC is arranged on X86-based mainboard,And it is configured with Usb-KEY on this mainboard,The machine authentication when system boot、The encipherment protection of data storage、And the identity key management of the whole network encryption device,Described KMC connects key management and controls terminal,Described key management controls the identity public key distribution of terminal KMC under the registration and off-line state of cipher machine ID card used by the whole network.
Described KMC includes device management module, algorithm processing module, key management module, Communications Processor Module, local monitoring module and management module.
Described device management module be used for the whole network encryption device management, condition monitoring, the maintenance work of group Password Policy, realizing the management of the whole network identity key, described device management module includes remote status inquiry and monitoring unit, group policy processing unit, identity key management unit.
The inquiry of described remote status and monitoring unit, for collecting and monitor the running status of encryption device, are reported to device management module in time if any abnormal, and described device management module carries out maintenance and management to the encryption device of abnormality.Described group policy processing unit, for realizing the maintenance of group policy information, is supported to increase the encryption device member of group policy and deletion action, and most group policy entries that the whole network is supported are less than 10000, and the member that each group policy is supported is less than 1000.Described identity key management unit includes noting key spoon and certification key, described note key spoon for realize the key parameter of encryption device first be filled with into, described certification key is for realizing local identity authentication function when encryption device starts.
Described algorithm processing module passes through SM2, SM3 and SM4 algorithm process, and described algorithm processing module carries out key information calculating by SM2, SM3 and SM4 algorithm to encryption device, supports the authentication registration of the most most 200 encryption devices.
Described key management module includes noise code processing unit, local critical data memory protection unit, session encryption key (SEK) administrative unit, group policy key-encrypting key (KEK) administrative unit and group policy transmission cryptographic work key (TEK) administrative unit; described noise code processing unit is in order to obtain the noise data in physical noise source; the noise data obtained is carried out randomness detection, it is ensured that the randomness of key the most processed.Described local critical data memory protection unit realizes local identity authentication function by the certification key of identity key management unit, obtains storage protection key, it is achieved the storage protection of local sensitive information.Described session encryption key (SEK) administrative unit is by carrying out IKE exchange with encryption device, it is achieved and the maintenance and management of SEK key between the whole network encryption device, complete the protection of the transmission to KEK data.Described group policy key-encrypting key (KEK) administrative unit is according to the renewal of group policy state-maintenance the whole network KEK key and management, it is achieved the transmission to TEK data is protected.Described group policy transmission cryptographic work key (TEK) administrative unit is according to group policy state and the management of key updating periodic maintenance TEK key data, it is achieved the transmission to group policy data is protected.
Described algorithm processing module connects key management module, by SM2, SM3 and SM4 algorithm, it is achieved the storage protection of local critical data, the whole network session encryption key, group policy key-encrypting key and the maintenance and management of group policy transmission cryptographic work key.
Described Communications Processor Module includes safety management communications interface unit, GDOI protocol processing unit and cast communication processing unit, described Communications Processor Module controls the communication connection of the communication connection of terminal, described device management module and the communication connection of key management control terminal and key management module and described device management module in order to realize described key management module and key management, described Communications Processor Module is externally unified provides GDOI protocol interface, and the distribution of key uses GDOI actualizing.Described safety management communications interface unit resolves and process, the collection of group policy information, device management module command analysis and information reporting for the communication protocol realizing key management module and device management module.Described GDOI protocol processing unit controls the communication connection between terminal and key management for realizing key management, and completes IKE SA, KEK SA and the foundation of TEK SA and maintenance according to GDOI agreement.Described cast communication processing unit, in order to realize device management module and the communication connection of key management control terminal, carries out multicast distribution to TEK key.
Described local monitoring module, for collecting the running status of each unit, checks the integrity of critical data, and abnormality triggers reports to the police.
Described management module includes cryptogram management center administrative unit and daily record maintenance unit, described cryptogram management center administrative unit management based on WEB mode maintenance function, KMC is carried out parameter configuration, operational management, described daily record maintenance unit is for collecting each generic operation information of operation, status information, maintenance information in KMC, and form log recording, it is simple to retrieve and inquire about.
Described key management controls terminal and includes credit card information input module and PKI distribution module, and it is key management control station that described key management controls terminal.
Embodiment described above, the simply one of the present invention more preferably detailed description of the invention, the usual variations and alternatives that those skilled in the art is carried out in the range of technical solution of the present invention all should comprise within the scope of the present invention.
Claims (8)
1., based on a large scale network key management system under GDOI agreement, described management system includes that KMC and key management control terminal, and described KMC connects key management and controls terminal.
Management system the most according to claim 1; it is characterized in that; described KMC is for the machine authentication of described management system, the encipherment protection of data storage and the identity key management of the whole network encryption device, and described key management controls the distribution of the identity public key of terminal KMC under key information input and off-line state.
Management system the most according to claim 2, it is characterised in that described KMC includes device management module, algorithm processing module, key management module, Communications Processor Module, local monitoring module and Integrated Management Module, wherein;
Device management module, described device management module for the whole network encryption device management, condition monitoring and the management of identity key and group Password Policy maintenance;
Algorithm processing module, described algorithm processing module carries out key information calculating by SM2, SM3 and SM4 algorithm to encryption device;
Key management module; described key management module join algorithm processing module, carries out maintenance and management by SM2, SM3 and SM4 algorithm in algorithm processing module to the storage protection of local critical data and to the whole network session encryption key, group policy key-encrypting key and group policy transmission cryptographic work key;
Communications Processor Module, described Communications Processor Module controls the communication connection of terminal, described device management module and key management control terminal and key management module and described device management module in order to realize described key management module and key management, described Communications Processor Module is externally unified provides GDOI protocol interface, and the distribution of key uses GDOI actualizing;
Local monitoring module, described local monitoring module is for collecting device management module, algorithm processing module, key management module, Integrated Management Module and the running status of Communications Processor Module, checking the integrity of critical data, abnormality triggers reports to the police;
Integrated Management Module, device management module, algorithm processing module, key management module, Communications Processor Module and local monitoring module are managed and safeguard based on WEB mode by described Integrated Management Module, and operation information, status information and maintenance information record are formed daily record.
Management system the most according to claim 3, it is characterised in that described device management module includes remote status inquiry and monitoring unit, group policy processing unit and identity key management unit,
Remote status inquiry and monitoring unit, the inquiry of described remote status and monitoring unit are for collecting and monitor the running status of encryption device;
Group policy processing unit, described group policy processing unit, for realizing the maintenance of group policy information, increases and deletion action including to the encryption device member of group policy;
Identity key management unit, described identity key management unit includes noting key spoon and certification key, described note key spoon for key parameter first realizing encryption device be filled with into, described certification key is for realizing local identity authentication function when encryption device starts.
Management system the most according to claim 4; it is characterized in that; described key management module includes noise code processing unit, local critical data memory protection unit, session encryption key (SEK) administrative unit, group policy key-encrypting key (KEK) administrative unit and group policy transmission cryptographic work key (TEK) administrative unit, wherein;
Noise code processing unit, described noise code processing unit is in order to obtain and the noise data in random detection physical noise source;
Local critical data memory protection unit, described local critical data memory protection unit realizes local identity authentication function by the certification key of identity key management unit, obtains storage protection key, local sensitive information is carried out storage protection;
Session encryption key (SEK) administrative unit, described session encryption key (SEK) administrative unit, by carrying out IKE exchange with encryption device, carries out maintenance and management to SEK key between the whole network encryption device;
Group policy key-encrypting key (KEK) administrative unit, the whole network KEK key is updated and manages according to the group policy state of device management module by described group policy key-encrypting key (KEK) administrative unit;
Group policy transmission cryptographic work key (TEK) administrative unit, described group policy transmission cryptographic work key (TEK) administrative unit is according to group policy state and key updating cycle, to TEK key data maintenance and management.
Management system the most according to claim 5, it is characterised in that described Communications Processor Module includes safety management communications interface unit, GDOI protocol processing unit and cast communication processing unit, wherein;
Safety management communications interface unit, described safety management communications interface unit is for resolving and process, be collected group policy information the communication protocol of key management module Yu device management module and device management module is carried out command analysis and information reporting;
GDOI protocol processing unit, described GDOI protocol processing unit controls the communication connection between terminal and key management for realizing key management, and according to GDOI agreement to IKE SA, KEK SA and the foundation of TEK SA and maintenance;
Cast communication processing unit, described cast communication processing unit, in order to realize device management module and the communication connection of key management control terminal, carries out multicast distribution to TEK key.
Management system the most according to claim 6, it is characterised in that described management module includes cryptogram management center administrative unit and daily record maintenance unit, wherein;
Cryptogram management center administrative unit, described cryptogram management center administrative unit carries out parameter configuration and operational management based on WEB mode unit all kinds of to KMC;
Daily record maintenance unit, described daily record maintenance unit is for collecting the operation information of all kinds of unit of KMC, status information, maintenance information, and forms log recording, for retrieval and inquiry.
Management system the most according to claim 7, it is characterised in that described key management controls terminal and includes credit card information input module and PKI distribution module, and it is key management control station that described key management controls terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610405993.XA CN105939354A (en) | 2016-06-10 | 2016-06-10 | Large-scale network key management system based on GDOI protocol |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610405993.XA CN105939354A (en) | 2016-06-10 | 2016-06-10 | Large-scale network key management system based on GDOI protocol |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105939354A true CN105939354A (en) | 2016-09-14 |
Family
ID=57152369
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610405993.XA Pending CN105939354A (en) | 2016-06-10 | 2016-06-10 | Large-scale network key management system based on GDOI protocol |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105939354A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106953873A (en) * | 2017-04-19 | 2017-07-14 | 讯美科技股份有限公司 | A kind of safety management system of encryption device encryption information |
CN111835510A (en) * | 2020-05-28 | 2020-10-27 | 无锡航天江南数据系统科技有限公司 | ETC safety management method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080298592A1 (en) * | 2007-05-29 | 2008-12-04 | Mohamed Khalid | Technique for changing group member reachability information |
US20100142711A1 (en) * | 2008-12-09 | 2010-06-10 | Brian Weis | Group key management re-registration method |
CN102447690A (en) * | 2010-10-12 | 2012-05-09 | 中兴通讯股份有限公司 | Key management method and network equipment |
WO2016061126A1 (en) * | 2014-10-14 | 2016-04-21 | Cisco Technology, Inc. | Scalable federated policy for network-provided flow-based performance metrics |
-
2016
- 2016-06-10 CN CN201610405993.XA patent/CN105939354A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080298592A1 (en) * | 2007-05-29 | 2008-12-04 | Mohamed Khalid | Technique for changing group member reachability information |
US20100142711A1 (en) * | 2008-12-09 | 2010-06-10 | Brian Weis | Group key management re-registration method |
CN102447690A (en) * | 2010-10-12 | 2012-05-09 | 中兴通讯股份有限公司 | Key management method and network equipment |
WO2016061126A1 (en) * | 2014-10-14 | 2016-04-21 | Cisco Technology, Inc. | Scalable federated policy for network-provided flow-based performance metrics |
Non-Patent Citations (1)
Title |
---|
卓才华等: ""基于GDOI的国产化加密系统设计与实现"", 《信息网络安全》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106953873A (en) * | 2017-04-19 | 2017-07-14 | 讯美科技股份有限公司 | A kind of safety management system of encryption device encryption information |
CN106953873B (en) * | 2017-04-19 | 2020-03-20 | 讯美科技股份有限公司 | Security management system for encrypted information of encryption equipment |
CN111835510A (en) * | 2020-05-28 | 2020-10-27 | 无锡航天江南数据系统科技有限公司 | ETC safety management method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101094056B (en) | Security system of wireless industrial control network, and method for implementing security policy | |
Choi et al. | Efficient secure group communications for SCADA | |
US20080195740A1 (en) | Maintaining session state information in a client server system | |
Ming et al. | An efficient attribute based encryption scheme with revocation for outsourced data sharing control | |
JP2009515232A (en) | Network user authentication system and method | |
US20070055893A1 (en) | Method and system for providing data field encryption and storage | |
US8583943B2 (en) | Method and system for providing data field encryption and storage | |
CN101467131A (en) | Network user authentication system and method | |
CN101310544A (en) | A device and method for tracking usage of content distributed to media devices of a local area network | |
CN108881240B (en) | Member privacy data protection method based on block chain | |
US8401183B2 (en) | Method and system for keying and securely storing data | |
Buchade et al. | Key management for cloud data storage: methods and comparisons | |
EP2992646B1 (en) | Handling of performance monitoring data | |
Murala et al. | Secure dynamic groups data sharing with modified revocable attribute-based encryption in cloud | |
CN105939353B (en) | Safety management and information feedback system based on GDOI protocol | |
CN105939354A (en) | Large-scale network key management system based on GDOI protocol | |
CN107733881A (en) | Digital authenticating system based on data exchange | |
CN206364833U (en) | One kind is based on large scale network key management system under GDOI agreements | |
Zhu et al. | An edge re‐encryption‐based access control mechanism in NDN | |
Aziz et al. | A recent survey on key management schemes in manet | |
CN114422189A (en) | Park security management system and method based on block chain technology | |
CN206364832U (en) | One kind is based on safety management and information feedback system under GDOI agreements | |
Arcieri et al. | A layered IT infrastructure for secure interoperability in Personal Data Registry digital government services | |
Agrawal et al. | Access control framework using dynamic attributes encryption for mobile cloud environment | |
CN106230856A (en) | A kind of System of Industrial Device Controls based on Internet of Things |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160914 |
|
RJ01 | Rejection of invention patent application after publication |