CN106060084A - Transparent file encryption technology - Google Patents
Transparent file encryption technology Download PDFInfo
- Publication number
- CN106060084A CN106060084A CN201610566308.1A CN201610566308A CN106060084A CN 106060084 A CN106060084 A CN 106060084A CN 201610566308 A CN201610566308 A CN 201610566308A CN 106060084 A CN106060084 A CN 106060084A
- Authority
- CN
- China
- Prior art keywords
- module
- file
- safety
- key
- place
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The invention discloses a transparent file encryption technology, comprising a safe area setting module, a safe area importing module, an encryption algorithm setting module, an automatic encryption and decryption module, an automatic backup module, an automatic invalidation module, a transmission path setting module, a safe area exporting module, a data processing module, a private key setting module, a file matching module, a private key detection module, a private key matching module, a file replacement module, a file deletion module, a file environment detection module and a transmission path detection module. According to the technology, the security of a secret file before and after loss can be ensured; the efficiency of an encryption and decryption algorithm is relatively high; the encryption and decryption speed is relatively fast; and the program portability is high. The technology can be applied to storage media such as local hard disks and cloud disks of different brands, and the technology has very high flexibility. Both local data and cloud data can be protected effectively. In the process of automatically synchronizing the secret file from the local to the cloud, the transmission data is ciphertext; and attacks such as sniffing and packet capture can be effectively defended.
Description
Technical field
The present invention relates to file ciphering technology field, particularly relate to a kind of transparent file encryption technology.
Background technology
Transparent encryption technology is a kind of file ciphering technology arisen at the historic moment for enterprise document privacy requirements in recent years;Institute
Call transparent, refer to it is unknown for user;When user is when opening or edit specified file, system will be automatically to not
The file of encryption is encrypted, and automatically deciphers the file encrypted;File is ciphertext on hard disk, is in plain text in internal memory;
Once leave use environment, the service that cannot automatically be deciphered due to application program and cannot open, thus the protection literary composition that gets up
The effect of part content.
In the last few years, along with popularizing of network and improving constantly of network technology, big data age is following, " cloud "
Concept is also arisen at the historic moment;Owing to cloud has plurality of advantages of waiting so long convenient, long, increasing user tends to individual's
Private data is sent to high in the clouds and preserves;But, owing to individual's private data is stored in clear beyond the clouds, this just gives illegal point
Sub-opportunity;Once cloud server is broken, or individual subscriber password is stolen, and personal data will be completely exposed;Add
The insecurity of conventional hard medium stored in clear, the popularization of transparent encryption technology is extremely urgent.
Summary of the invention
The technical problem existed based on background technology, the present invention proposes a kind of transparent file encryption technology.
A kind of transparent file encryption technology that the present invention proposes, imports module including place of safety setting module, place of safety, adds
Close algorithm setting module, automatic encryption/decryption module, automated back-up module, the module that ceases to be in force automatically, delivering path setting module, safety
District derive module, data processing module, key setting module, file matching module, key detection module, key matching module,
File replacement module, file removing module, document environment detection module and delivering path detection module, the described whole district sets mould
Block, place of safety import module, AES setting module, automatic encryption/decryption module, automated back-up module, the module that ceases to be in force automatically,
Module, key setting module, file matching module, key detection module, key are derived in delivering path setting module, place of safety
Join module, file replacement module, file removing module, document environment detection module and delivering path detection module all with data at
Reason module connects, and described whole district setting module and place of safety import module and connect, AES setting module and automatic encryption and decryption
Module connects, and key setting module and key matching module connect.
Preferably, described place of safety setting module is for setting the position of place of safety, and place of safety imports module for inciting somebody to action
File imports place of safety.
Preferably, described AES setting module is for setting the cipher mode of AES, and encryption and decryption mould automatically
Block is for automatically encrypting and decrypting file.
Preferably, described automated back-up module is for automatically backing up file, and the module that ceases to be in force automatically is for automatically
Change relief file at document environment to lose efficacy.
Preferably, described delivering path setting module is used for setting executable delivering path, and module is derived in place of safety
For the file in place of safety is derived.
Preferably, described key setting module is for being set the key entering place of safety, and is used for key
Authority is set, described file matching module file within mating the file and place of safety that user opens.
Preferably, described key detection module is for detecting the existence of key, and key matching module is for user's
The key of key and setting is mated.
Preferably, the file after editor, for after user's editing files, is replaced original by described file replacement module
File, and file removing module is for deleting the file outside place of safety after file replacement.
Preferably, described document environment detection module is for detecting the environment of file in place of safety, and transmission way
Footpath detection module is for detecting the file delivering path of user operation.
In the present invention, this transparent file encryption technology can force, automatically, transparent encryption electronic document, prevent the first work
Person divulges a secret;Document is set and reads authority, prevent reading of going beyond one's commission, it is possible to automated back-up encrypted document, prevent malice from deleting;Omnidistance note
Record file operation behavior, it is possible to effectively control delivering path: equipment limits;Forbid screenshotss, pull;Forbid that content replicates;Triple
Key management, safe and reliable;Do not affect original operating habit, it is not necessary to place restrictions on port;Externally forbid to reveal: once file leaves
Using environment, file will cease to be in force automatically, thus protect intellectual property, before and after the present invention can protect secret file to lose
Safety, enciphering and deciphering algorithm efficiency is higher, and encryption/decryption speed is fast, and program portability is good, can be applicable to this locality of different brands
The storage medium such as hard disk and cloud disk, has the highest motility, and either local data or high in the clouds data, can obtain
Effectively protection, resists the attack of hacker, and during secret file is automatically from local synchronization to high in the clouds, transmission data are ciphertexts,
Can effectively resist sniff, packet capturing etc. to attack.
Accompanying drawing explanation
Fig. 1 is the system structure schematic diagram of a kind of transparent file encryption technology that the present invention proposes.
Detailed description of the invention
Below in conjunction with specific embodiment, the present invention is explained orally further.
Embodiment
With reference to Fig. 1, the present embodiment proposes a kind of transparent file encryption technology, including place of safety setting module, place of safety
Importing module, AES setting module, automatic encryption/decryption module, automated back-up module, the module that ceases to be in force automatically, delivering path set
Cover half block, place of safety derive module, data processing module, key setting module, file matching module, key detection module, secret
Key matching module, file replacement module, file removing module, document environment detection module and delivering path detection module, described
Whole district's setting module, place of safety import module, AES setting module, automatic encryption/decryption module, automated back-up module, automatically
Module, key setting module, file matching module, key detection mould are derived in failed module, delivering path setting module, place of safety
Block, key matching module, file replacement module, file removing module, document environment detection module and delivering path detection module
All being connected with data processing module, described whole district setting module and place of safety import module and connect, AES setting module and
Automatically encryption/decryption module connects, and key setting module and key matching module connect, this transparent file encryption technology can force,
Automatically, transparent encryption electronic document, prevent the first authors from divulging a secret;Document is set and reads authority, prevent reading of going beyond one's commission, it is possible to automatically
Backup encrypted document, prevents malice from deleting;Omnidistance log file operation behavior, it is possible to effectively control delivering path: equipment limits;
Forbid screenshotss, pull;Forbid that content replicates;Triple key managements, safe and reliable;Do not affect original operating habit, it is not necessary to limit
Not-go-end mouth;Externally forbid to reveal: once file leaves use environment, and file will cease to be in force automatically, thus protect intellectual property, this
Bright protect secret file to lose before and after safety, enciphering and deciphering algorithm efficiency is higher, and encryption/decryption speed is fast, and program can
Transplantability is good, the storage medium such as local hard drive and cloud disk of can be applicable to different brands, has the highest motility, either
Local data or high in the clouds data, can be effectively protected, and resists the attack of hacker, and secret file is automatically from local synchronization
During high in the clouds, transmission data are ciphertexts, can effectively resist sniff, packet capturing etc. and attack.
In the present embodiment, described place of safety setting module is for setting the position of place of safety, and place of safety imports module and uses
In file imports place of safety, described AES setting module is for setting the cipher mode of AES, and automatically adds solution
Close module is for automatically encrypting and decrypting file, and described automated back-up module is used for automatically backing up file, and
The module that ceases to be in force automatically lost efficacy for automatically changing relief file at document environment, and described delivering path setting module can for setting
The delivering path performed, and derivation module in place of safety is for deriving the file in place of safety, described key setting module is used for
The key entering place of safety is set, and for the authority of key is set, described file matching module for
File in file that adapted family is opened and place of safety, described key detection module is for detecting the existence of key, and key
Joining module for mating the key of user and the key of setting, described file replacement module is at user's editing files
After, the file after editor is replaced original file, and file removing module is used for the literary composition outside place of safety after file is replaced
Part is deleted, and described document environment detection module is for detecting the environment of file in place of safety, and delivering path detection mould
Block is for detecting the file delivering path of user operation, and this transparent file encryption technology can force, automatic, transparent add
Cipher telegram subdocument, prevents the first authors from divulging a secret;Document is set and reads authority, prevent reading of going beyond one's commission, it is possible to automated back-up adds ciphertext
Shelves, prevent malice from deleting;Omnidistance log file operation behavior, it is possible to effectively control delivering path: equipment limits;Forbid screenshotss,
Pull;Forbid that content replicates;Triple key managements, safe and reliable;Do not affect original operating habit, it is not necessary to place restrictions on port;Right
Forbid outward to reveal: once file leaves use environment, and file will cease to be in force automatically, thus protects intellectual property, and the present invention can protect
Safety before and after secret file loss, enciphering and deciphering algorithm efficiency is higher, and encryption/decryption speed is fast, program portability
Good, can be applicable to the storage medium such as local hard drive and cloud disk of different brands, there is the highest motility, either local number
According to still high in the clouds data, can be effectively protected, resist the attack of hacker, secret file is automatically from local synchronization to high in the clouds
During, transmission data are ciphertexts, can effectively resist sniff, packet capturing etc. and attack.
In the present embodiment, the aspect that this transparent file encryption technology controls is relatively low, a lot of bottoms easy to control, and
Compatibility between various application programs, without special handling, is not easily susceptible to the restriction of application version, even if application have modified reading
Write method, encryption software is without amendment;Higher safety and efficiency can be obtained, but technical difficulty is relatively low;Need not be with
The application program of client layer is come into contacts with, and need not notify which program of system is legal program, and which program is illegal program;
Be easily handled drive with other conflict, the problem such as application program white list;Because all of encryption process is not related to complexity
Underlying programs, windows system program is consistent with the registration table path of the different editions of application program;So, hold in system
During row, it is not necessary to limited by program version, this enhances the motility of system application;Enciphering and deciphering algorithm is unrestricted
System;User can select the enciphering and deciphering algorithm of product voluntarily, changes program code without large area, and motility is stronger;Key is deposited
Storage is in the key floppy disc of user, and only other authorized users of user oneself and this user just have key floppy disc, can resist
The risk that medium is lost.
In the present embodiment, this technology, by the way of amendment system registry, associates specified type modes to open a file;Close
When method user opens encryption file, this document is deciphered and is saved as temporary file, and then calls original by automatic encryption/decryption module
The associated program of file opens file;After user completes Document Editing, automatic encryption/decryption module is by the temporary file after editor
Encryption, by file replacement module alternate file, file removing module deletes temporary file;If user does not revise file content,
File removing module directly deletes temporary file.
In the present embodiment, the transparency of transparent encryption is embodied in: the enforcement of the file encryption normal file to validated user
Browsing or edit operation does not results in impact, user can be continuing with original mode of operation, retains original operating habit.
The above, the only present invention preferably detailed description of the invention, but protection scope of the present invention is not limited thereto,
Any those familiar with the art in the technical scope that the invention discloses, according to technical scheme and
Inventive concept equivalent or change in addition, all should contain within protection scope of the present invention.
Claims (9)
1. a transparent file encryption technology, including place of safety setting module, place of safety imports module, AES sets mould
Block, automatic encryption/decryption module, automated back-up module, the module that ceases to be in force automatically, delivering path setting module, place of safety derive module,
Mould replaced by data processing module, key setting module, file matching module, key detection module, key matching module, file
Block, file removing module, document environment detection module and delivering path detection module, it is characterised in that the described whole district sets mould
Block, place of safety import module, AES setting module, automatic encryption/decryption module, automated back-up module, the module that ceases to be in force automatically,
Module, key setting module, file matching module, key detection module, key are derived in delivering path setting module, place of safety
Join module, file replacement module, file removing module, document environment detection module and delivering path detection module all with data at
Reason module connects, and described whole district setting module and place of safety import module and connect, AES setting module and automatic encryption and decryption
Module connects, and key setting module and key matching module connect.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described place of safety setting module is used
In the position of setting place of safety, and place of safety imports module for file is imported place of safety.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described AES setting module
For setting the cipher mode of AES, and encryption/decryption module is used for automatically encrypting and decrypting file automatically.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described automated back-up module is used for
Automatically file is backed up, and the module that ceases to be in force automatically lost efficacy for automatically changing relief file at document environment.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described delivering path setting module
For setting executable delivering path, and module is derived for being derived by the file in place of safety in place of safety.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described key setting module is used for
The key entering place of safety is set, and for the authority of key is set, described file matching module for
File in file that adapted family is opened and place of safety.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described key detection module is used for
The existence of detection key, and key matching module is for mating the key of user and the key of setting.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described file replacement module is used for
After user's editing files, the file after editor is replaced original file, and file removing module is after replacing at file
File outside place of safety is deleted.
A kind of transparent file encryption technology the most according to claim 1, it is characterised in that described document environment detection module
For detecting the environment of file in place of safety, and delivering path detection module is for transmitting way to the file of user operation
Footpath is detected.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610566308.1A CN106060084A (en) | 2016-07-18 | 2016-07-18 | Transparent file encryption technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610566308.1A CN106060084A (en) | 2016-07-18 | 2016-07-18 | Transparent file encryption technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106060084A true CN106060084A (en) | 2016-10-26 |
Family
ID=57187907
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610566308.1A Pending CN106060084A (en) | 2016-07-18 | 2016-07-18 | Transparent file encryption technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106060084A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1716219A (en) * | 2004-07-01 | 2006-01-04 | 三星电子株式会社 | The equipment and/or the method that are used for the encryption and/or the deciphering of multi-medium data |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| CN102075544A (en) * | 2011-02-18 | 2011-05-25 | 博视联(苏州)信息科技有限公司 | Encryption system, encryption method and decryption method for local area network shared file |
| CN103546472A (en) * | 2013-10-28 | 2014-01-29 | 中国软件与技术服务股份有限公司 | Method and device for anti-fake protection of service system |
| CN105681031A (en) * | 2016-01-08 | 2016-06-15 | 成都卫士通信息产业股份有限公司 | Storage encryption gateway key management system and method |
-
2016
- 2016-07-18 CN CN201610566308.1A patent/CN106060084A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1716219A (en) * | 2004-07-01 | 2006-01-04 | 三星电子株式会社 | The equipment and/or the method that are used for the encryption and/or the deciphering of multi-medium data |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| CN102075544A (en) * | 2011-02-18 | 2011-05-25 | 博视联(苏州)信息科技有限公司 | Encryption system, encryption method and decryption method for local area network shared file |
| CN103546472A (en) * | 2013-10-28 | 2014-01-29 | 中国软件与技术服务股份有限公司 | Method and device for anti-fake protection of service system |
| CN105681031A (en) * | 2016-01-08 | 2016-06-15 | 成都卫士通信息产业股份有限公司 | Storage encryption gateway key management system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101853363B (en) | File protection method and system | |
| US20140019753A1 (en) | Cloud key management | |
| US20080016127A1 (en) | Utilizing software for backing up and recovering data | |
| US9769213B1 (en) | Method and system for secure digital object management | |
| KR20040032786A (en) | Method of protecting recorded multimedia content against unauthorized duplication | |
| CN101923678A (en) | Data security protection method of enterprise management software | |
| RU2463721C2 (en) | Method of sending electronic file | |
| KR101033511B1 (en) | Method for protecting private information and computer readable recording medium therefor | |
| CN103106372A (en) | Lightweight class privacy data encryption method and system for Android system | |
| CN103995990A (en) | Method for preventing electronic documents from divulging secrets | |
| CN103647784A (en) | Public and private isolation method and device | |
| CN105827574A (en) | File access system, file access method and file access device | |
| CN105740725A (en) | File protection method and system | |
| CN103268452A (en) | Method and device for file processing | |
| CN104778954B (en) | A kind of CD subregion encryption method and system | |
| CN107563221A (en) | A kind of certification decoding security management system for encrypting database | |
| KR20220039779A (en) | Enhanced security encryption and decryption system | |
| CN104636675A (en) | System and method for providing safety protection for database | |
| CN202872828U (en) | A circulation control system of files | |
| CN104376270A (en) | File protection method and system | |
| CN110837634A (en) | Electronic signature method based on hardware encryption machine | |
| CN108399341B (en) | Windows dual file management and control system based on mobile terminal | |
| JP4471129B2 (en) | Document management system, document management method, document management server, work terminal, and program | |
| CN113987581A (en) | Method for data security protection and traceability check of intelligent security community platform | |
| CN106203130A (en) | A kind of transparent encipher-decipher method driving layer based on Intelligent Dynamic |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161026 |