CN106326758A - System for performing classified encryption on data according to user demand - Google Patents
System for performing classified encryption on data according to user demand Download PDFInfo
- Publication number
- CN106326758A CN106326758A CN201610748024.4A CN201610748024A CN106326758A CN 106326758 A CN106326758 A CN 106326758A CN 201610748024 A CN201610748024 A CN 201610748024A CN 106326758 A CN106326758 A CN 106326758A
- Authority
- CN
- China
- Prior art keywords
- data
- database
- encryption
- public
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a system for performing classified encryption on data according to a user demand. Data are input into the system from a data input end, and are unloaded into a temporary database; a processor reads the data from the temporary database to add labels to the data, divides the data into encrypted data and public data, and transmits the public data to a public database; the labels of the public data are transmitted to a first-stage database; an encrypted file is transmitted to an encrypted database; a secret key of the encrypted database is stored in a secret key database; when the secret key database does not access the system, the encrypted database only allows for data storage and not for data reading; after the secret key database accesses the system, the encrypted database is started, and meanwhile the secret key database acquires the encrypted data labels from the encrypted database. The system has the advantages that classified encryption is performed, so that data extraction becomes convenient; the secret key database can be carried along, so that high security is achieved; the system performs automatic encryption, so that manual work is not required, and errors are avoided.
Description
Technical field
The present invention relates to a kind of data-storage system, be specifically related to a kind of data carry out according to user's request classification encryption
System.
Background technology
Data storage object includes requiring to look up in temporary file that data stream produces in the course of processing or the course of processing
Information.Data record in a certain format in computer-internal or exterior storage medium.Data storage to be named, this name
The composition implication of information characteristics to be reflected.Data stream reflects the data of flowing in system, shows the feature of dynamic data;Number
According to data static in storage reflection system, show the feature of static data.Disk and tape is all conventional storage medium.
Data storage organization mode is different because of storage medium.Data file mode the most in order access on tape;Disk then may be used
Sequential access or direct access method is used by using requirement.Data storage method is closely related with data file tissue, and it closes
Key is to set up corresponding relation between the logical AND physical sequential recorded, and determines storage address, to improve data access speed.
And existing encryption system typically can only encryption unified to All Files, waste hardware uses inconvenience simultaneously, it is impossible to
Carry out classification automatically according to user's request and judge that degree of secrecy is encrypted.
Summary of the invention
The technical problem to be solved is mass data classification encryption, it is therefore intended that provide a kind of according to user's need
Seek the system that data are carried out classification encryption, solve existing encryption system and typically can only encrypt All Files is unified, waste
Hardware uses inconvenience simultaneously, it is impossible to carries out classification automatically according to user's request and judges the problem that degree of secrecy is encrypted.
The present invention is achieved through the following technical solutions:
A kind of system that data carry out classification encryption according to user's request, including key data base, processor and and processor
The data input pin of connection, Primary database, public data storehouse, encrypting database, volatile data base;
Data input pin: external data is input in system;
Primary database: the file label in the public data storehouse that storage is sent by processor;
Public data storehouse: store the data of public data of endorsing after treated device processes;
Encrypting database: store the data of encryption data of endorsing after treated device processes;
Volatile data base: store the file that the unprocessed device inputted by data input pin processes;
Processor: from data input pin reception data conversion storage to volatile data base, read data from volatile data base and endorse,
Being divided into encryption data and public data, public data is sent to public data storehouse, the label of public data is sent to a progression
According to storehouse, encryption file is sent to encrypting database;
Key data base: store the unlatching key of encrypting database, updates encryption file according to encrypting database during access system
Label.After data are by data input pin input system, being first transferred to volatile data base, processor reads data from volatile data base
Endorsing, be divided into encryption data and public data, public data is sent to public data storehouse, the label of public data sends
To Primary database, encryption file being sent to encrypting database, the key of encrypting database is stored in key data base, when
During the non-access system of key data base, encrypting database is stored in the non-readable data of data only, and when key, data base accesses system
After system, opening encrypting database, key data base obtains encryption data label from encrypting database simultaneously.
The label that described processor is endorsed also includes data entry time section, data source and storage position, data high in the clouds.
Extracting section input time of data, data source and storage position, data high in the clouds carry out storage and are easy to inquire about in the future and extract.
Key database purchase medium is USB flash disk.Can carry with, break off the possibility of leaking data from physical layer.
The present invention compared with prior art, has such advantages as and beneficial effect:
1, a kind of system that according to user's request, data are carried out classification encryption of the present invention, classification encryption, facilitate data to extract;
2, a kind of system that data carry out classification encryption according to user's request of the present invention, key data base can carry with, peace
Quan Xinggao;
3, a kind of system that data carry out classification encryption according to user's request of the present invention, system is encrypted automatically, it is not necessary to artificial, keeps away
Exempt from error.
Accompanying drawing explanation
Accompanying drawing described herein is used for providing being further appreciated by the embodiment of the present invention, constitutes of the application
Point, it is not intended that the restriction to the embodiment of the present invention.In the accompanying drawings:
Fig. 1 is present system structural representation.
Detailed description of the invention
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with embodiment and accompanying drawing, to this
Invention is described in further detail, and the exemplary embodiment of the present invention and explanation thereof are only used for explaining the present invention, do not make
For limitation of the invention.
Embodiment
As it is shown in figure 1, a kind of system that according to user's request, data are carried out classification encryption of the present invention, including key data
Storehouse, processor and the data input pin being connected with processor, Primary database, public data storehouse, encrypting database, ephemeral data
Storehouse;Processor uses E3-1230 V3, and data input pin uses USB and SATA interface, and key data base uses the USB flash disk of 1 1TB
Composition, Primary database uses the SSD of 2 512GB to carry out RAID0, and public data storehouse uses 4 pieces of 1TB, and the machinery of 7200 turns is hard
Dish forms, and encrypting database uses 4 pieces of 1TB, the mechanical hard disk RAID10 of 7200 turns, and volatile data base uses the SSD of 512GB,
Data input pin uses SATA mouth or USB port, after data have data input pin input system, is first transferred to volatile data base, place
Reason device reads data from volatile data base and endorses, and is divided into encryption data and public data, and public data is sent to disclosure
Data base, the label of public data is sent to Primary database, and encryption file is sent to encrypting database, encrypting database
Key is stored in key data base, and when the non-access system of key data base, it is unreadable that encrypting database is stored in data only
Fetching data, when, after key data base's access system, opening encrypting database, key data base obtains from encrypting database and adds simultaneously
Ciphertext data label.
Above-described detailed description of the invention, has been carried out the purpose of the present invention, technical scheme and beneficial effect further
Describe in detail, be it should be understood that the detailed description of the invention that the foregoing is only the present invention, be not intended to limit the present invention
Protection domain, all within the spirit and principles in the present invention, any modification, equivalent substitution and improvement etc. done, all should comprise
Within protection scope of the present invention.
Claims (3)
1. the system that according to user's request, data are carried out classification encryption, it is characterised in that include key data base, process
Device and the data input pin being connected with processor, Primary database, public data storehouse, encrypting database, volatile data base;
Data input pin: external data is input in system;
Primary database: the file label in the public data storehouse that storage is sent by processor;
Public data storehouse: store the data of public data of endorsing after treated device processes;
Encrypting database: store the data of encryption data of endorsing after treated device processes;
Volatile data base: store the file that the unprocessed device inputted by data input pin processes;
Processor: from data input pin reception data conversion storage to volatile data base, read data from volatile data base and endorse,
Being divided into encryption data and public data, public data is sent to public data storehouse, the label of public data is sent to a progression
According to storehouse, encryption file is sent to encrypting database;
Key data base: store the unlatching key of encrypting database, updates encryption file according to encrypting database during access system
Label.
A kind of system that according to user's request, data are carried out classification encryption the most according to claim 1, it is characterised in that
The label that described processor is endorsed also includes data entry time section, data source and storage position, data high in the clouds.
A kind of system that according to user's request, data are carried out classification encryption the most according to claim 1, it is characterised in that
Key database purchase medium is USB flash disk.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610748024.4A CN106326758A (en) | 2016-08-30 | 2016-08-30 | System for performing classified encryption on data according to user demand |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610748024.4A CN106326758A (en) | 2016-08-30 | 2016-08-30 | System for performing classified encryption on data according to user demand |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106326758A true CN106326758A (en) | 2017-01-11 |
Family
ID=57788210
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610748024.4A Withdrawn CN106326758A (en) | 2016-08-30 | 2016-08-30 | System for performing classified encryption on data according to user demand |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106326758A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107786662A (en) * | 2017-10-31 | 2018-03-09 | 湖北师范大学 | A kind of efficient communication message processing method |
CN107818536A (en) * | 2017-11-24 | 2018-03-20 | 上海市精神卫生中心(上海市心理咨询培训中心) | The monitoring system and method for community's drug rehabilitation and rehabilitation is realized based on intelligent mobile terminal |
CN112487461A (en) * | 2020-12-07 | 2021-03-12 | 重庆电子工程职业学院 | Data encryption method |
WO2022001683A1 (en) * | 2020-07-03 | 2022-01-06 | Huawei Technologies Co., Ltd. | Database access control service in networks |
-
2016
- 2016-08-30 CN CN201610748024.4A patent/CN106326758A/en not_active Withdrawn
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107786662A (en) * | 2017-10-31 | 2018-03-09 | 湖北师范大学 | A kind of efficient communication message processing method |
CN107818536A (en) * | 2017-11-24 | 2018-03-20 | 上海市精神卫生中心(上海市心理咨询培训中心) | The monitoring system and method for community's drug rehabilitation and rehabilitation is realized based on intelligent mobile terminal |
CN107818536B (en) * | 2017-11-24 | 2022-05-31 | 上海市精神卫生中心(上海市心理咨询培训中心) | Monitoring system and method for realizing community drug rehabilitation and rehabilitation based on intelligent mobile terminal |
WO2022001683A1 (en) * | 2020-07-03 | 2022-01-06 | Huawei Technologies Co., Ltd. | Database access control service in networks |
US11537733B2 (en) | 2020-07-03 | 2022-12-27 | Huawei Technologies Co., Ltd. | Database access control service in networks |
CN112487461A (en) * | 2020-12-07 | 2021-03-12 | 重庆电子工程职业学院 | Data encryption method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106326758A (en) | System for performing classified encryption on data according to user demand | |
CN102855452B (en) | Fast Data Encipherment strategy based on encryption chunk is deferred to | |
US20200082111A1 (en) | Security Application for Data Security Formatting, Tagging and Control | |
CN109522328B (en) | Data processing method and device, medium and terminal thereof | |
CN108133151B (en) | File encryption device, file processing method and mobile terminal equipment | |
KR101983120B1 (en) | Method for replication of database | |
US9098713B2 (en) | Clipboard protection system in DRM environment and recording medium in which program for executing method in computer is recorded | |
CN103294960A (en) | Portable data wiping device based on U disk | |
FR3025041A1 (en) | ||
CN102622547A (en) | Key based server data reading method | |
US10985916B2 (en) | Obfuscation of keys on a storage medium to enable storage erasure | |
US11501016B1 (en) | Digital password protection | |
CN104361297B (en) | A kind of file encryption-decryption method based on (SuSE) Linux OS | |
CN105825136B (en) | Method and device for realizing safe transmission of electronic file by combining software and hardware | |
CN202838313U (en) | Encrypted mobile hard disk of integrated NFC technology | |
US20180314837A1 (en) | Secure file wrapper for tiff images | |
CN104200173B (en) | A kind of electronic document is trusted and method of controlling security and system | |
US20130151862A1 (en) | Systems and methods for digital evidence preservation, privacy, and recovery | |
US20120089849A1 (en) | Cookie management system and method | |
CN103456340A (en) | Safe movable hard disk and application method thereof | |
CN101848089A (en) | Establishment management system based on USB hardware device | |
AU2008344947B2 (en) | System and method for securely storing information | |
Willett | Encrypted SSDs: self-encryption versus software solutions | |
TWI352290B (en) | The optical storage media and the corresponding cr | |
CN102789555A (en) | Method and system for safely moving file |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20170111 |