CN106357601A - Method for data access, device and system thereof - Google Patents
Method for data access, device and system thereof Download PDFInfo
- Publication number
- CN106357601A CN106357601A CN201610671818.5A CN201610671818A CN106357601A CN 106357601 A CN106357601 A CN 106357601A CN 201610671818 A CN201610671818 A CN 201610671818A CN 106357601 A CN106357601 A CN 106357601A
- Authority
- CN
- China
- Prior art keywords
- data
- private data
- proxy gateway
- client
- gateway equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000012795 verification Methods 0.000 abstract 1
- 230000000875 corresponding effect Effects 0.000 description 55
- 230000008569 process Effects 0.000 description 15
- 241001269238 Data Species 0.000 description 4
- 230000008901 benefit Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000004913 activation Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a method for data access, device and system thereof, relating to the information technology field, the method can improve the safety of private data, and reducing the the leakage of user's privacy. The method comprises the steps of: the client sends a request to the security server when accessing to private data stored in the cloud server, the identification verification information is included in the request so as that the user can access to the private data after verifying the user's information, the privacy data is the encrypted data for the proxy gateway device configured by the client; obtaining the decrypted private data by sending and receiving the private data and decrypting the private data by the proxy gateway device. The invention is used for data access.
Description
Technical field
The present invention relates to a kind of areas of information technology, more particularly to a kind of data access method, apparatus and system.
Background technology
Cloud storage is a new concept extending and developed conceptive in cloud computing, is that a kind of emerging network is deposited
Storage technology, refers to by functions such as cluster application, network technology or distributed file systems, by various inhomogeneities in a large number in network
The storage device of type gathers collaborative work by application software, jointly externally provides data storage and Operational Visit function
One system.Follow cloud computing closely, after cloud storage, cloud security also occurs in succession, and cloud security is the important branch of cloud computing technology,
It is applied widely in the middle of anti-viruss field.
At present, user can upload to private data in Cloud Server and be stored, however, Cloud Server is generally not
Effectively guard against measure, attacker can have access to the secret number stealing user in Cloud Server using some any special measures
According to, and then the potential safety hazard of privacy of user leakage can be caused.
Content of the invention
In view of this, the invention provides a kind of data access method, apparatus and system, main purpose is to improve
The safety of private data, reduces the potential safety hazard that privacy of user is revealed.
According to one aspect of the invention, there is provided a kind of data access method, the method includes:
When needing to access the private data being stored in Cloud Server, client sends to access to security server and asks
Ask, in described access request, carry the authentication information of user, so that described security server is tested according to described identity
When card information determines that described user passes through authentication, obtain private data corresponding with described user in described Cloud Server,
Described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data of described security server transmission is received by described proxy gateway equipment and is decrypted, obtain
Described private data to after deciphering.
According to another aspect of the invention, there is provided a kind of data access method, the method includes:
Security server receives the access request that client sends, and carries the authentication of user in described access request
Information, described access request is that described security server sends when needing to access the private data being stored in Cloud Server
's;
Subscriber authentication is carried out according to described authentication information;
If described user passes through authentication, obtain private data corresponding with described user in described Cloud Server,
Described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data getting is sent to described client by described preset proxy gateway equipment, so that
Described private data after described preset proxy gateway equipment is deciphered for the described client output.
According to another aspect of the present invention, there is provided a kind of client, this client includes:
Transmitting element, for when needing to access the private data being stored in Cloud Server, sending to security server
Access request, carries the authentication information of user in described access request, so that described security server is according to described
When authentication information determines that described user passes through authentication, obtain secret corresponding with described user in described Cloud Server
Data, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Receiving unit, for receiving, by described proxy gateway equipment, the described secret number that described security server sends
According to;
Decryption unit, for being decrypted to described private data by described proxy gateway equipment, after being deciphered
Described private data.
According to another aspect of the present invention, there is provided a kind of security server, this security server includes:
Receiving unit, for receiving the access request of client transmission, carries the identity of user in described access request
Checking information, described access request is that described security server is sent out when needing and accessing the private data being stored in Cloud Server
Send;
Authentication unit, for carrying out subscriber authentication according to described authentication information;
Acquiring unit, if for described user pass through authentication, obtain in described Cloud Server with described user couple
The private data answered, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Transmitting element, described for being sent to the described private data getting by described preset proxy gateway equipment
Client, so that described private data after described preset proxy gateway equipment is deciphered for the described client output.
According to another aspect of the present invention, there is provided a kind of data access system, comprising: client and security server;
Described client, for when needing to access the private data being stored in Cloud Server, to described security service
Device sends access request;
Described security server, for receiving the access request that described client sends, carries in described access request
The authentication information of described user, carries out subscriber authentication according to described authentication information;If described user passes through body
Part checking, then obtain private data corresponding with described user in described Cloud Server, described private data is by described visitor
Data after the proxy gateway equipment encryption that family end is pre-configured with;The described private data getting is passed through described preset agency
Gateway device is sent to described client;
Described client, is additionally operable to receive, by described proxy gateway equipment, the described secret that described security server sends
Data is simultaneously decrypted, the described private data after being deciphered.
By technique scheme, technical scheme provided in an embodiment of the present invention at least has the advantage that
A kind of data access method of present invention offer, apparatus and system, are stored in Cloud Server when needing to access
During private data, client sends access request to security server, carries the identity of described user in described access request
Checking information, so that when described security server determines that described user passes through authentication according to described authentication information,
Obtain private data corresponding with described user in described Cloud Server, described private data is to join in advance by described client
Data after the proxy gateway equipment encryption put;Received described in described security server transmission by described proxy gateway equipment
Private data is simultaneously decrypted, the described private data after being deciphered.Do not effectively guard against measure with current Cloud Server
Compare, private data to be uploaded can be encrypted by client of the present invention in advance, be uploaded to Cloud Server more afterwards it is ensured that
In Cloud Server, user's private data of storage is encryption data, improves the safety of private data, reduces privacy of user
The potential safety hazard revealed, when needing to access the private data of storage in Cloud Server, security server can be according to user's body
Part checking information carries out authentication, if by checking, obtains corresponding private data and is simultaneously handed down to by proxy gateway equipment
This client, can be decrypted to it by proxy gateway equipment, so that the data after this deciphering of client output display, enter
And facilitating user to carry out browsing data, data access process safety is higher.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of description, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description
By reading the detailed description of hereafter preferred implementation, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as to the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 shows a kind of data access method schematic flow sheet provided in an embodiment of the present invention;
Fig. 2 shows another kind data access method schematic flow sheet provided in an embodiment of the present invention;
Fig. 3 shows a kind of application scenarios schematic diagram provided in an embodiment of the present invention;
Fig. 4 shows another data access method schematic flow sheet provided in an embodiment of the present invention;
Fig. 5 shows a kind of client terminal structure schematic diagram provided in an embodiment of the present invention;
Fig. 6 shows another kind client terminal structure schematic diagram provided in an embodiment of the present invention;
Fig. 7 shows a kind of security server structural representation provided in an embodiment of the present invention;
Fig. 8 shows a kind of security server structural representation provided in an embodiment of the present invention;
Fig. 9 shows a kind of data access system structural representation provided in an embodiment of the present invention.
Specific embodiment
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to be able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Embodiments provide a kind of data access method, can apply to client, as shown in figure 1, described side
Method includes:
101st, when needing to access the private data being stored in Cloud Server, client sends to security server and accesses
Request.
Wherein, carry the authentication information of described user in described access request, further, so that described peace
Full server carries out subscriber authentication according to described authentication information, if described user passes through authentication, obtains institute
State private data corresponding with described user in Cloud Server, described private data is the generation being pre-configured with by described client
Data after reason gateway device encryption.
Described security server is one or more of public network server server, and each security server is used for
Forward the data processing request that the client in fixed area sends to Cloud Server, or forward Cloud Server to return to client
The data processing response returned, and each security server is owned by domain name and ip (internet protocol, the net of oneself
The agreement of interconnection between network) address is main and standby relation mutually between security server, specifically, security server can be
Cloudkeeper server, i.e. ck server.
Described private data can be the private data within business unit, the private data of scientific research achievement, individual
Private data of accounts information etc., is specifically as follows the data of document form.User can be comprised in described authentication information
The user account information logging in and encrypted message etc..Described proxy gateway equipment can be for carrying out gateway encryption, inquiry peace
The equipment of data cube computation is set up in full server ip address, specifically can be pre-configured with user.
For the embodiment of the present invention, client can carry out to private data adding by the proxy gateway equipment being pre-configured with
Close, specifically with being encrypted to private data using modes such as predetermined encryption algorithm or replacement data, private data can be carried out
Encryption, then the private data after encryption is saved in Cloud Server again.For example, private data is cba character string, by this private
Ciphertext data carries out data replacement and obtains!# $ character string.
It should be noted that for the embodiment of the present invention, encryption key can be saved in locally configured proxy gateway
In equipment, to be decrypted to this private data, it is possible to achieve only passing through locally configured proxy gateway equipment could be right
This private data is decrypted, and cannot decipher this private data by other clients, and then ensure that the peace of this private data
Quan Xing.
In embodiments of the present invention, when needing to access the private data being stored in Cloud Server, client can be passed through
Hold and send http (hypertext transfer protocol, HTTP) access request to security server, should
Account and the encrypted message of user is carried, security server carries out identity according to this account and encrypted message to user in request
Checking, if by checking, acquire private data corresponding with this user in Cloud Server.
102nd, the private data of security server transmission is received by proxy gateway equipment and be decrypted, after being deciphered
Private data.
It should be noted that the number after the proxy gateway equipment encryption being pre-configured with for client due to this private data
According to directly to the private data after client return encryption, client cannot be carried out accordingly deciphering, and can cause user's None- identified
This private data, therefore, it can first to be sent to the proxy gateway equipment that client is pre-configured with and is decrypted, then act on behalf of net by this
Pass equipment returns to client, and then the private data after user can be made to browse deciphering.
A kind of data access method provided in an embodiment of the present invention, does not effectively guard against measure phase with current Cloud Server
Than, private data to be uploaded can be encrypted by embodiment of the present invention client in advance, is uploaded to Cloud Server afterwards again,
Ensure that the user's private data storing in Cloud Server is encryption data, improve the safety of private data, reduce user
The potential safety hazard of privacy leakage, when need access Cloud Server in storage private data when, security server can according to
Family authentication information carries out authentication, if by checking, obtains corresponding private data and by under proxy gateway equipment
Issue this client, by proxy gateway equipment, it can be decrypted, so that the number after this deciphering of client output display
According to, and then facilitating user to carry out browsing data, data access process safety is higher.
Embodiments provide another kind of data access method, can apply to client, as shown in Fig. 2 described
Method includes:
201st, by proxy gateway equipment, private data to be uploaded is encrypted.
Specifically, step 201 specifically may include that by described proxy gateway equipment, and private data to be uploaded is entered
Row data is replaced.Wherein, proxy gateway equipment can for gateway encryption can be carried out, number is set up in query safe server ip address
According to the equipment connecting, specifically can be pre-configured with by user.
Further, in order to realize this private data is decrypted, during private data is encrypted, also
May include that the data of described private data is replaced corresponding relation is saved in preset memory locations, described default storage position
The data preserving different private datas in putting replaces corresponding relation.Described preset memory locations can be carried out according to the actual requirements
Configuration, for example, preset memory locations can be the data base being pre-configured with, data list etc..
For example, private data is 123 character strings, this private data is carried out data replacement and obtains $-* character string, by " 1 "
<>" $ ", " 2 "<>"-", " 3 "<>" * " these data are replaced corresponding relation and are saved in preset memory locations, so that real
Now corresponding decryption oprerations are carried out to this private data.
It should be noted that during being encrypted to private data by proxy gateway equipment, by by secret
The data of data is replaced corresponding relation and is saved in preset memory locations, and this preset memory locations is available for proxy gateway equipment to be carried out
Call acquisition, to be decrypted to this private data, it is possible to achieve only by locally configured proxy gateway equipment ability
This private data is decrypted, this private data be cannot be carried out decipher by other clients, and then ensure that this secret
The safety of data.
202nd, the private data after encryption is sent to Cloud Server by security server to be stored.
Specifically, step 202 specifically may include that and for the private data after replacing to be sent to cloud clothes by security server
Business device is stored.For example, client can be by the data cube computation passage pre-building, after user totem information and encryption
Private data be sent to security server, security server, according to user totem information, determines this user in Cloud Server
Private data after encrypting is sent in Cloud Server accordingly by the positional information of the memory space of distribution according to this positional information
Memory space stored.
203rd, when needing to access the private data being stored in Cloud Server, client sends to security server and accesses
Request.
Wherein, carry the authentication information of described user in described access request, further, so that described peace
Full server carries out subscriber authentication according to described authentication information, if described user passes through authentication, obtains institute
State private data corresponding with described user in Cloud Server, described private data is the generation being pre-configured with by described client
Data after reason gateway device encryption.
For example, when needing to access the private data being stored in Cloud Server, can be by client to security service
Device sends http access request, and the such as network address of security server is 123.456.com, and user logs on safety clothes by this network address
Business device in and further input account and password obtain Cloud Server in store private data, security server is according to this account
With encrypted message, authentication is carried out to user, if by checking, acquiring secret corresponding with this user in Cloud Server
Data.
204th, the private data of security server transmission is received by proxy gateway equipment and be decrypted, after being deciphered
Private data.
Specifically, step 204 specifically may include that the described security server of reception is sent to institute using data cube computation passage
State the private data of proxy gateway equipment, described private data is the number after the deciphering receiving by described proxy gateway equipment
According to.Described data cube computation passage can be the data cube computation passage pre-building between security server and proxy gateway equipment,
If it should be noted that this data cube computation passage is closed, security server can return to the private of client encryption
Ciphertext data is so that user cannot browse real private data, it is desirable, therefore, to assure that this data cube computation passage is in unlatching shape
State, specifically can keep long connection status, pass through this data cube computation channel reception by locally configured proxy gateway equipment and encrypt
Private data, more accordingly deciphered by proxy gateway equipment, the private data after deciphering be returned to local client, with
Just user browses the private data after deciphering.
When the private data receiving in described proxy gateway equipment interconnection is decrypted, according in described preset memory locations
The data of the private data preserving replaces corresponding relation, carries out data replacement to the described private data receiving, is deciphered
Private data afterwards.For example, the private data of encryption is $-* character string, according to " 1 "<>" $ ", " 2 "<>"-", " 3 "<>
The data of " * " replaces corresponding relation, this private data is replaced with 123 character strings, the private data after being deciphered, so that right
Private data after this deciphering carries out output display, and then facilitates user to carry out browsing data.
The application scenarios of method provided in an embodiment of the present invention can be as follows, but not limited to this, for example, as Fig. 3 institute
Show, under conditions of having pre-build data cube computation passage, when user 1 needs to upload data in Cloud Server, can be by
Data is issued proxy gateway equipment by route and is encrypted, then through routeing the data is activation encrypted to security server, pacifies
Full server sends the data to Cloud Server and is stored, i.e. flow process shown in figure label 1-5;And work as user 1 and need to visit
When asking this data, access request can be sent to security server, security server is according to the corresponding data of acquisition request, and warp
Route is sent to proxy gateway equipment and is decrypted, and end user 1 client receives the data after deciphering, so that user is carried out
Browse, i.e. flow process shown in figure label 6-10.And user 2 need access user 1 upload data when, can directly access cloud clothes
Business device finds corresponding data, but the data obtaining is the data of encryption, and user 2 browses less than real data, therefore, whole
Individual flow process ensure that the data safety of user 1, does not result in the privacy leakage of user 1.
Another kind data access method provided in an embodiment of the present invention, does not effectively guard against measure with current Cloud Server
Compare, private data to be uploaded can be encrypted by embodiment of the present invention client in advance, be uploaded to cloud service afterwards again
Device, it is ensured that the user's private data storing in Cloud Server is encryption data, improves the safety of private data, reduces use
The potential safety hazard of family privacy leakage, when needing to access the private data of storage in Cloud Server, security server can basis
Subscriber authentication information carries out authentication, if by checking, obtains corresponding private data and passes through proxy gateway equipment
It is handed down to this client, by proxy gateway equipment, it can be decrypted, so that after this deciphering of client output display
Data, and then facilitate user to carry out browsing data, data access process safety is higher.
Embodiments provide another data access method, can apply to security server, as shown in figure 4,
Methods described includes:
401st, security server receives the access request that client sends.
Wherein, carry the authentication information of described user in described access request, can in described authentication information
To comprise user account information and encrypted message of User logs in etc..Described access request is that described security server is needing to visit
Ask and send during the private data being stored in Cloud Server.This private data is after preset proxy gateway equipment is encrypted
Data.
Before step 401, can also include: by the transmission of described client after described proxy gateway equipment is encrypted
Private data be sent to Cloud Server and stored.Specifically, set what described client sent by described proxy gateway
It is sent to Cloud Server for the private data carrying out after data replacement to be stored.
For example, client carries out data replacement by preset proxy gateway equipment to private data to be uploaded, and will replace
Private data after changing and user totem information are sent to security server, and security server determines according to this user totem information
The positional information of the memory space that this user distributes in Cloud Server, then according to this positional information by replace after secret number
Stored according to being sent in Cloud Server corresponding memory space.
402nd, subscriber authentication is carried out according to authentication information.
For example, preserve the presets list in security server, preserve different user account information in this table and correspond to respectively
Encrypted message, authentication is carried out according to this presets list and the user account that receives and password.
If 403 users pass through authentication, obtain private data corresponding with user in Cloud Server.
Wherein, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client.
Described proxy gateway equipment can for gateway encryption can be carried out, setting of data cube computation is set up in query safe server ip address
Standby.
In embodiments of the present invention, the different memory spaces in Cloud Server can be corresponded to respectively without user, that is, each
User can have one's own memory space, and security server can determine this user in Cloud Server by ID
The positional information of the memory space of distribution, and private data corresponding with user in Cloud Server is obtained according to this positional information.
404th, the private data getting is sent to client by preset proxy gateway equipment.
Further, so that described client obtains the described secret after described preset proxy gateway equipment is deciphered
Data.
Before step 404, can also include: detect that described security server is current and whether there is and described proxy gateway
Data cube computation passage between equipment, if not existing, security server directly can return the private data getting to client,
The data being encryption due to this private data, so that user cannot browse real private data it is therefore desirable to keep peace
Full connection status long between server and proxy gateway equipment, and then ensure that data cube computation passage is opening.
Specifically, if step 404 specifically may include that presence, utilize described data cube computation passage, by the institute getting
State private data and described client is sent to by described preset proxy gateway equipment.
For example, it is possible to send registration request beforehand through to security server, security server is taken according in registration request
The log-on message of band, configures corresponding domain-name information, specially http://abc.123.456.cn, the domain name of security server
For http: // 123.456.cn, user can be logged in by this domain name, by local dns (domain name
System, domain name analysis system) name server parses to the domain name of User logs in, obtains the corresponding net of security server
Pass information, by proxy gateway equipment query security server corresponding public network dns name server, obtains and this gateway information
Corresponding ip address, sets up local data cube computation passage and security server between it is possible to keep length according to this ip address
Connection status.
When needing to access this private data being stored in Cloud Server, http can be inputted by client: //
123.456.cn network address logs in security server, and input account and password obtain the secret storing in Cloud Server further
Data, security server carries out authentication according to this account and encrypted message to user, if passing through authentication, acquires
Private data corresponding with this user in Cloud Server, private data is sent to generation by the data cube computation passage of above-mentioned foundation
Reason gateway device, proxy gateway equipment is decrypted to it and the private data after deciphering is sent to client, so that user
Browse the private data after deciphering.
Another data access method provided in an embodiment of the present invention, does not effectively guard against measure with current Cloud Server
Compare, the private data after encryption to be uploaded can be sent to Cloud Server and be deposited by embodiment of the present invention security server
Storage, it is ensured that the user's private data storing in Cloud Server is encryption data, improves the safety of private data, reduces use
The potential safety hazard of family privacy leakage, when needing to access the private data of storage in Cloud Server, security server can basis
Subscriber authentication information carries out authentication, if by checking, obtains corresponding private data and passes through proxy gateway equipment
It is handed down to this client, by proxy gateway equipment, it can be decrypted, so that after this deciphering of client output display
Data, and then facilitate user to carry out browsing data, data access process safety is higher.
Further, implementing as Fig. 1 methods described, embodiments provides a kind of client, such as Fig. 5
Shown, described client includes: transmitting element 51, receiving unit 52, decryption unit 53.
Described transmitting element 51, can be used for when needs access the private data being stored in Cloud Server, to safety
Server sends access request, carries the authentication information of user in described access request.
Further, so that described security server carries out subscriber authentication according to described authentication information, if
Described user passes through authentication, then obtain private data corresponding with described user in described Cloud Server, described secret number
According to the data after the proxy gateway equipment encryption for being pre-configured with by described client.
Described receiving unit 52, can be used for receiving, by described proxy gateway equipment, the institute that described security server sends
State private data.
Described decryption unit 53, can be used for by described proxy gateway equipment, described private data being decrypted.
Further, in order to export the described private data after deciphering.
It should be noted that other of each functional unit involved by a kind of client provided in an embodiment of the present invention are accordingly retouched
State, may be referred to the corresponding description in Fig. 1, will not be described here.
A kind of client provided in an embodiment of the present invention, do not effectively guard against measure with current Cloud Server compared with, this
Private data to be uploaded can be encrypted by inventive embodiments client in advance, be uploaded to Cloud Server more afterwards it is ensured that
In Cloud Server, user's private data of storage is encryption data, improves the safety of private data, reduces privacy of user
The potential safety hazard revealed, when needing to access the private data of storage in Cloud Server, security server can be according to user's body
Part checking information carries out authentication, if by checking, obtains corresponding private data and is simultaneously handed down to by proxy gateway equipment
This client, can be decrypted to it by proxy gateway equipment, so that the data after this deciphering of client output display, enter
And facilitating user to carry out browsing data, data access process safety is higher.
Further, implementing as Fig. 2 methods described, embodiments provides another kind of client, such as
Shown in Fig. 6, described client includes: transmitting element 61, receiving unit 62, decryption unit 63.
Described transmitting element 61, can be used for when needs access the private data being stored in Cloud Server, to safety
Server sends access request, carries the authentication information of user in described access request.
Further, so that described security server carries out subscriber authentication according to described authentication information, if
Described user passes through authentication, then obtain private data corresponding with described user in described Cloud Server, described secret number
According to the data after the proxy gateway equipment encryption for being pre-configured with by described client.
Described receiving unit 62, can be used for receiving, by described proxy gateway equipment, the institute that described security server sends
State private data.
Described decryption unit 63, can be used for by described proxy gateway equipment, described private data being decrypted.
Further, in order to export the described private data after deciphering.
Described receiving unit 62, specifically can be used for receiving described security server and is sent to institute using data cube computation passage
State the private data of proxy gateway equipment, described private data is the number after the deciphering receiving by described proxy gateway equipment
According to.
Further, described client also includes: ciphering unit 64.
Described ciphering unit 64, can be used for private data to be uploaded being carried out add by described proxy gateway equipment
Close.
Described transmitting element 61, can be also used for for the described private data after encryption being sent to cloud by security server
Server is stored.
Described ciphering unit 64, specifically can be used for, by described proxy gateway equipment, private data to be uploaded being entered
Row data is replaced.
Described transmitting element 61, specifically can be used for for the private data after replacing being sent to cloud clothes by security server
Business device is stored.
Further, described client also includes: storage unit 65.
Described storage unit 65, can be used for for the data replacement corresponding relation of described private data being saved in default storage
In position, the data preserving different private datas in described preset memory locations replaces corresponding relation.
Described decryption unit 63, the private data that specifically can be used for receiving in described proxy gateway equipment interconnection is solved
When close, the data according to the private data preserving in described preset memory locations replaces corresponding relation, to the described private receiving
Ciphertext data carries out data replacement, the private data after being deciphered.
It should be noted that other of each functional unit involved by another kind client provided in an embodiment of the present invention are corresponding
Description, may be referred to the corresponding description in Fig. 1, will not be described here.
Provided in an embodiment of the present invention another kind client, do not effectively guard against measure with current Cloud Server compared with,
Private data to be uploaded can be encrypted by embodiment of the present invention client in advance, is uploaded to Cloud Server afterwards again, protects
In card Cloud Server, user's private data of storage is encryption data, improves the safety of private data, reduces user hidden
The private potential safety hazard revealed, when needing to access the private data of storage in Cloud Server, security server can be according to user
Authentication information carries out authentication, if by checking, obtains corresponding private data and is issued by proxy gateway equipment
To this client, by proxy gateway equipment, it can be decrypted, so that the data after this deciphering of client output display,
And then facilitating user to carry out browsing data, data access process safety is higher.
Further, implementing as Fig. 4 methods described, embodiments provides a kind of security server,
As shown in fig. 7, described security server includes: receiving unit 71, authentication unit 72, acquiring unit 73, transmitting element 74.
Described receiving unit 71, can be used for receiving the access request that client sends, carries in described access request
The authentication information of user, described access request is that described security server is needing to access the private being stored in Cloud Server
Send during ciphertext data.
Described authentication unit 72, can be used for carrying out subscriber authentication according to described authentication information.
Described acquiring unit 73, if can be used for described user pass through authentication, obtain in described Cloud Server with
The corresponding private data of described user, described private data is the proxy gateway equipment encryption being pre-configured with by described client
Data afterwards.
Described transmitting element 74, can be used for for the described private data getting passing through described preset proxy gateway equipment
It is sent to described client.
Further, so that described client exports the described secret after described preset proxy gateway equipment is deciphered
Data.
Further, as shown in figure 8, described cloud server also includes: detector unit 75.
Described detector unit 75, can be used for detecting that current whether there is of described security server is set with described proxy gateway
Data cube computation passage between standby.
Described transmitting element 74, if specifically for described detector unit 75 detect presence with described proxy gateway equipment it
Between data cube computation passage, then utilize described data cube computation passage, by the described private data getting pass through described preset generation
Reason gateway device is sent to described client.
Described transmitting element 71, can be also used for the transmission of described client after described proxy gateway equipment is encrypted
Private data be sent to Cloud Server and stored.
Described transmitting element 71, specifically can be used for carrying out what described client sent by described proxy gateway equipment
Private data after data replacement is sent to Cloud Server and is stored.
It should be noted that other phases of each functional unit involved by a kind of security server provided in an embodiment of the present invention
Should describe, may be referred to the corresponding description in Fig. 4, will not be described here.
A kind of security server provided in an embodiment of the present invention, does not effectively guard against measure phase with current Cloud Server
Private data after encryption to be uploaded can be sent to Cloud Server and be deposited ratio by embodiment of the present invention security server
Storage, it is ensured that the user's private data storing in Cloud Server is encryption data, improves the safety of private data, reduces use
The potential safety hazard of family privacy leakage, when needing to access the private data of storage in Cloud Server, security server can basis
Subscriber authentication information carries out authentication, if by checking, obtains corresponding private data and passes through proxy gateway equipment
It is handed down to this client, by proxy gateway equipment, it can be decrypted, so that after this deciphering of client output display
Data, and then facilitate user to carry out browsing data, data access process safety is higher.
Further, embodiments provide a kind of data access system, as shown in Figure 9, comprising: client 91,
Security server 92.
Described client 91, can be used for when needs access the private data being stored in Cloud Server, to described peace
Full server 82 sends access request.
Described security server 92, can be used for receiving the access request that described client 91 sends, described access request
In carry the authentication information of user, subscriber authentication is carried out according to described authentication information;If described user is led to
Cross authentication, then obtain private data corresponding with described user in described Cloud Server, described private data is by institute
State the data after the proxy gateway equipment encryption that client is pre-configured with;The described private data getting is passed through described preset
Proxy gateway equipment is sent to described client 91.
Described client 91, can be also used for receiving what described security server 92 sent by described proxy gateway equipment
Described private data is simultaneously decrypted, the described private data after being deciphered.
A kind of data access system provided in an embodiment of the present invention, does not effectively guard against measure phase with current Cloud Server
Than, private data to be uploaded can be encrypted by embodiment of the present invention client in advance, is uploaded to Cloud Server afterwards again,
Ensure that the user's private data storing in Cloud Server is encryption data, improve the safety of private data, reduce user
The potential safety hazard of privacy leakage, when need access Cloud Server in storage private data when, security server can according to
Family authentication information carries out authentication, if by checking, obtains corresponding private data and by under proxy gateway equipment
Issue this client, by proxy gateway equipment, it can be decrypted, so that the number after this deciphering of client output display
According to, and then facilitating user to carry out browsing data, data access process safety is higher.
The embodiment of the invention discloses:
A1, a kind of data access method, comprising:
When needing to access the private data being stored in Cloud Server, client sends to access to security server and asks
Ask, in described access request, carry the authentication information of user, so that described security server is tested according to described identity
When card information determines that described user passes through authentication, obtain private data corresponding with described user in described Cloud Server,
Described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data of described security server transmission is received by described proxy gateway equipment and is decrypted, obtain
Described private data to after deciphering.
A 2, the data access method as described in a 1, described by described proxy gateway equipment receive described security service
Described private data that device sends simultaneously carries out decrypted packet and includes:
Receive the private data that described security server is sent to described proxy gateway equipment using data cube computation passage, institute
State the data that private data is after described proxy gateway equipment is deciphered.
A 3, the data access method as described in a 1, methods described also includes:
By described proxy gateway equipment, private data to be uploaded is encrypted;
Described private data after encryption is sent to Cloud Server by security server stored.
A 4, the data access method as described in a 2, described by described proxy gateway equipment to secret number to be uploaded
According to be encrypted including:
By described proxy gateway equipment, data replacement is carried out to private data to be uploaded;
Described by encryption after described private data pass through security server be sent to Cloud Server carry out storage inclusion:
Private data after replacing is sent to Cloud Server by security server stored.
A 5, the data access method as described in a 4, methods described also includes:
The data of described private data is replaced corresponding relation be saved in preset memory locations, described preset memory locations
In preserve different private datas data replace corresponding relation;
When the private data receiving in described proxy gateway equipment interconnection is decrypted, according in described preset memory locations
The data of the private data preserving replaces corresponding relation, carries out data replacement to the described private data receiving, is deciphered
Private data afterwards.
B6, a kind of data access method, comprising:
Security server receives the access request that client sends, and carries the authentication of user in described access request
Information, described access request is that described security server sends when needing to access the private data being stored in Cloud Server
's;
Subscriber authentication is carried out according to described authentication information;
If described user passes through authentication, obtain private data corresponding with described user in described Cloud Server,
Described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data getting is sent to described client by described proxy gateway equipment, so that described
Client obtains the described private data after described proxy gateway equipment is deciphered.
B 7, the data access method as described in b 6, described by the described private data getting pass through described preset generation
Before reason gateway device is sent to described client, methods described also includes:
Detect the current data cube computation passage that whether there is and described proxy gateway equipment between of described security server;
Described the described private data getting is sent to described client bag by described preset proxy gateway equipment
Include:
If existing, utilize described data cube computation passage, the described private data getting is passed through described preset agency
Gateway device is sent to described client.
B 8, the data access method as described in b 6, methods described also includes:
The private data after described proxy gateway equipment is encrypted that described client is sent is sent to Cloud Server
Stored.
B 9, the data access method as described in b 8, described being set the transmission of described client by described proxy gateway
Private data after standby encryption is sent to Cloud Server to carry out storage and includes:
It is sent to what described client sent by the private data that described proxy gateway equipment is carried out after data replacement
Cloud Server is stored.
C10, a kind of client, comprising:
Transmitting element, for when needing to access the private data being stored in Cloud Server, sending to security server
Access request, carries the authentication information of user in described access request, so that described security server is according to described
When authentication information determines that described user passes through authentication, obtain secret corresponding with described user in described Cloud Server
Data, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Receiving unit, for receiving, by described proxy gateway equipment, the described secret number that described security server sends
According to;
Decryption unit, for being decrypted to described private data by described proxy gateway equipment, after being deciphered
Described private data.
C 11, the client as described in c 10,
Described receiving unit, is sent to described agency specifically for receiving described security server using data cube computation passage
The private data of gateway device, described private data is the data after described proxy gateway equipment is deciphered.
C 12, the client as described in c 10, described client also includes: ciphering unit;
Described ciphering unit, for being encrypted to private data to be uploaded by described proxy gateway equipment;
Described transmitting element, is additionally operable to for the described private data after encryption to be sent to Cloud Server by security server
Stored.
C 13, the client as described in c 12,
Described ciphering unit, specifically for by described proxy gateway equipment, carrying out data to private data to be uploaded
Replace;
Described transmitting element, enters specifically for the private data after replacing is sent to Cloud Server by security server
Row storage.
C 14, the client as described in c 13, described client also includes: storage unit;
Described storage unit, is saved in preset memory locations for the data of described private data is replaced corresponding relation
In, the data preserving different private datas in described preset memory locations replaces corresponding relation;
Described decryption unit, when the private data specifically for receiving in described proxy gateway equipment interconnection is decrypted,
Data according to the private data preserving in described preset memory locations replaces corresponding relation, to the described private data receiving
Carry out data replacement, the private data after being deciphered.
D15, a kind of security server, comprising:
Receiving unit, for receiving the access request of client transmission, carries the identity of user in described access request
Checking information, described access request is that described security server is sent out when needing and accessing the private data being stored in Cloud Server
Send;
Authentication unit, for carrying out subscriber authentication according to described authentication information;
Acquiring unit, if for described user pass through authentication, obtain in described Cloud Server with described user couple
The private data answered, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Transmitting element, for being sent to described client by the described private data getting by described proxy gateway equipment
End, so that described client obtains the described private data after described proxy gateway equipment is deciphered.
D 16, the security server as described in d 15, described security server also includes: detector unit;
Described detector unit, whether there is and described proxy gateway equipment between for detecting that described security server is current
Data cube computation passage;
Described transmitting element, if detect between presence and described proxy gateway equipment specifically for described detector unit
Data cube computation passage, then utilize described data cube computation passage, and the described private data getting is passed through described preset to act on behalf of net
Pass equipment is sent to described client.
D 17, the security server as described in d 15,
Described transmitting element, is additionally operable to the secret after described proxy gateway equipment is encrypted sending described client
Data is activation is stored to Cloud Server.
D 18, the security server as described in d 17,
Described transmitting element, carries out data by described proxy gateway equipment and replaces specifically for send described client
Private data after changing is sent to Cloud Server and is stored.
E19, a kind of data access system, comprising: client as described in any one of c10-c14 and as arbitrary in d15-d18
Security server described in.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not have the portion described in detail in certain embodiment
Point, may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in said method and device can mutually reference.In addition, in above-described embodiment
" first ", " second " etc. be for distinguishing each embodiment, and do not represent the quality of each embodiment.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description,
Device and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this
Bright preferred forms.
In description mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect,
Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect an intention that i.e. required guarantor
The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any
Combination is to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint
One of meaning can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (dsp) are realizing a kind of data access method according to embodiments of the present invention, device
And some or all functions of some or all parts in system.The present invention is also implemented as execution institute here
(for example, computer program and computer program produce for some or all equipment of method of description or program of device
Product).Such program realizing the present invention can store on a computer-readable medium, or can have one or more
The form of signal.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or to appoint
What other forms provides.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference markss between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can come real by means of the hardware including some different elements and by means of properly programmed computer
Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Claims (10)
1. a kind of data access method is it is characterised in that include:
When needing to access the private data being stored in Cloud Server, client sends access request, institute to security server
State the authentication information carrying user in access request, so that described security server is according to described authentication information
When determining that described user passes through authentication, obtain private data corresponding with described user in described Cloud Server, described private
Ciphertext data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data of described security server transmission is received by described proxy gateway equipment and is decrypted, solved
Described private data after close.
2. data access method according to claim 1 is it is characterised in that described received by described proxy gateway equipment
Described private data that described security server sends simultaneously carries out decrypted packet and includes:
Receive the private data that described security server is sent to described proxy gateway equipment using data cube computation passage, described private
Ciphertext data is the data after described proxy gateway equipment is deciphered.
3. data access method according to claim 1 is it is characterised in that methods described also includes:
By described proxy gateway equipment, private data to be uploaded is encrypted;
Described private data after encryption is sent to Cloud Server by security server stored.
4. a kind of data access method is it is characterised in that include:
Security server receives the access request that client sends, and carries the authentication letter of user in described access request
Breath, described access request is that described security server sends when needing and accessing the private data being stored in Cloud Server;
Subscriber authentication is carried out according to described authentication information;
If described user passes through authentication, obtain private data corresponding with described user in described Cloud Server, described
Private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
The described private data getting is sent to described client by described proxy gateway equipment, so that described client
End obtains the described private data after described proxy gateway equipment is deciphered.
5. data access method according to claim 4 is it is characterised in that described lead to the described private data getting
Cross before described preset proxy gateway equipment is sent to described client, methods described also includes:
Detect the current data cube computation passage that whether there is and described proxy gateway equipment between of described security server;
Described the described private data getting be sent to described client by described preset proxy gateway equipment include:
If existing, utilize described data cube computation passage, the described private data getting is passed through described preset proxy gateway
Equipment is sent to described client.
6. a kind of client is it is characterised in that include:
Transmitting element, for when needing to access the private data being stored in Cloud Server, sending to security server and accessing
Request, carries the authentication information of user, so that described security server is according to described identity in described access request
When checking information determines that described user passes through authentication, obtain secret number corresponding with described user in described Cloud Server
According to described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Receiving unit, for receiving, by described proxy gateway equipment, the described private data that described security server sends;
Decryption unit, for being decrypted to described private data by described proxy gateway equipment, described after being deciphered
Private data.
7. client according to claim 6 it is characterised in that
Described receiving unit, is sent to described proxy gateway specifically for receiving described security server using data cube computation passage
The private data of equipment, described private data is the data after described proxy gateway equipment is deciphered.
8. a kind of security server is it is characterised in that include:
Receiving unit, for receiving the access request of client transmission, carries the authentication of user in described access request
Information, described access request is that described security server sends when needing to access the private data being stored in Cloud Server
's;
Authentication unit, for carrying out subscriber authentication according to described authentication information;
Acquiring unit, if passing through authentication for described user, obtains corresponding with described user in described Cloud Server
Private data, described private data is the data after the proxy gateway equipment encryption being pre-configured with by described client;
Transmitting element, for the described private data getting is sent to described client by described proxy gateway equipment,
So that described client obtains the described private data after described proxy gateway equipment is deciphered.
9. security server according to claim 8 is it is characterised in that described security server also includes: detector unit;
Described detector unit, for detecting the current number that whether there is and described proxy gateway equipment between of described security server
According to interface channel;
Described transmitting element, if detect the data between presence and described proxy gateway equipment specifically for described detector unit
Interface channel, then utilize described data cube computation passage, the described private data getting set by described preset proxy gateway
Preparation gives described client.
10. a kind of data access system is it is characterised in that include: the client described in any one of claim 6-7 and right will
Seek the security server described in any one of 8-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610671818.5A CN106357601A (en) | 2016-08-15 | 2016-08-15 | Method for data access, device and system thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610671818.5A CN106357601A (en) | 2016-08-15 | 2016-08-15 | Method for data access, device and system thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106357601A true CN106357601A (en) | 2017-01-25 |
Family
ID=57844245
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610671818.5A Pending CN106357601A (en) | 2016-08-15 | 2016-08-15 | Method for data access, device and system thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106357601A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070931A (en) * | 2017-04-21 | 2017-08-18 | 北京奇安信科技有限公司 | Cloud application data upload/access method, system and cloud proxy server |
| CN109495426A (en) * | 2017-09-12 | 2019-03-19 | 腾讯科技(深圳)有限公司 | A kind of data access method, device and electronic equipment |
| CN110581897A (en) * | 2019-09-30 | 2019-12-17 | 山东浪潮通软信息科技有限公司 | Method for realizing data interaction between two systems under unidirectional network environment |
| CN111740826A (en) * | 2020-07-20 | 2020-10-02 | 腾讯科技(深圳)有限公司 | Encryption method, decryption method, device and equipment based on encryption proxy gateway |
| CN111917711A (en) * | 2020-06-15 | 2020-11-10 | 广州市设计院 | Data access method and device, computer equipment and storage medium |
| CN112434080A (en) * | 2020-11-25 | 2021-03-02 | 国网湖北省电力有限公司咸宁供电公司 | Data acquisition method, equipment and storage medium of power distribution network analysis platform |
| CN112887427A (en) * | 2021-03-05 | 2021-06-01 | 杭州奕锐电子有限公司 | Cloud platform encryption system and method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102055730A (en) * | 2009-11-02 | 2011-05-11 | 华为终端有限公司 | Cloud processing system, cloud processing method and cloud computing agent device |
| CN103731475A (en) * | 2013-12-06 | 2014-04-16 | 中国科学院深圳先进技术研究院 | Data protection system |
| CN103763308A (en) * | 2013-12-31 | 2014-04-30 | 北京明朝万达科技有限公司 | Method and device for having access to webpage safely and downloading data through intelligent terminal |
| CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
| US20160226831A1 (en) * | 2015-01-30 | 2016-08-04 | Electronics And Telecommunications Research Institute | Apparatus and method for protecting user data in cloud computing environment |
-
2016
- 2016-08-15 CN CN201610671818.5A patent/CN106357601A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102055730A (en) * | 2009-11-02 | 2011-05-11 | 华为终端有限公司 | Cloud processing system, cloud processing method and cloud computing agent device |
| CN103731475A (en) * | 2013-12-06 | 2014-04-16 | 中国科学院深圳先进技术研究院 | Data protection system |
| CN103763308A (en) * | 2013-12-31 | 2014-04-30 | 北京明朝万达科技有限公司 | Method and device for having access to webpage safely and downloading data through intelligent terminal |
| CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
| US20160226831A1 (en) * | 2015-01-30 | 2016-08-04 | Electronics And Telecommunications Research Institute | Apparatus and method for protecting user data in cloud computing environment |
Non-Patent Citations (1)
| Title |
|---|
| 徐向阳: "《网络安全和网络行为研究》", 31 August 2008 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070931A (en) * | 2017-04-21 | 2017-08-18 | 北京奇安信科技有限公司 | Cloud application data upload/access method, system and cloud proxy server |
| CN109495426A (en) * | 2017-09-12 | 2019-03-19 | 腾讯科技(深圳)有限公司 | A kind of data access method, device and electronic equipment |
| CN110581897A (en) * | 2019-09-30 | 2019-12-17 | 山东浪潮通软信息科技有限公司 | Method for realizing data interaction between two systems under unidirectional network environment |
| CN111917711A (en) * | 2020-06-15 | 2020-11-10 | 广州市设计院 | Data access method and device, computer equipment and storage medium |
| CN111917711B (en) * | 2020-06-15 | 2023-04-18 | 广州市设计院集团有限公司 | Data access method and device, computer equipment and storage medium |
| CN111740826A (en) * | 2020-07-20 | 2020-10-02 | 腾讯科技(深圳)有限公司 | Encryption method, decryption method, device and equipment based on encryption proxy gateway |
| CN112434080A (en) * | 2020-11-25 | 2021-03-02 | 国网湖北省电力有限公司咸宁供电公司 | Data acquisition method, equipment and storage medium of power distribution network analysis platform |
| CN112887427A (en) * | 2021-03-05 | 2021-06-01 | 杭州奕锐电子有限公司 | Cloud platform encryption system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106357601A (en) | Method for data access, device and system thereof | |
| JP7434342B2 (en) | Container builder for personalized network services | |
| CN105050081B (en) | Method, device and system for connecting network access device to wireless network access point | |
| CN103297437B (en) | A kind of method of mobile intelligent terminal secure access service device | |
| CN105610845B (en) | A kind of data routing method based on cloud service, apparatus and system | |
| AU2020202168B2 (en) | Method and system related to authentication of users for accessing data networks | |
| US20140351593A1 (en) | Process for encrypted login to a secure computer network, for the creation of a session of encrypted communications between computers and a device including a mobile phone logged into a network, for the persistence of encrypted communications between communication devices, and for the termination of communications | |
| CN109347835A (en) | Information transferring method, client, server and computer readable storage medium | |
| CN107040922A (en) | Wireless network connecting method, apparatus and system | |
| CN108028845A (en) | Use the mobile device management service of export voucher registered enterprise | |
| CN110351228A (en) | Remote entry method, device and system | |
| CN106657014B (en) | Method, device and system for accessing data | |
| CN111770088A (en) | Data authentication method, device, electronic equipment and computer readable storage medium | |
| CN103634399B (en) | Method and device for realizing cross-domain data transmission | |
| CN106060099A (en) | Data access method and system, and devices | |
| CN105516169A (en) | Method and device for detecting website security | |
| CN107070931A (en) | Cloud application data upload/access method, system and cloud proxy server | |
| CN104348838B (en) | A kind of document file management system and method | |
| Punarselvam et al. | Effective and Efficient Traffic Scrutiny in Sweet Server with Data Privacy | |
| CN103401885A (en) | Network file authorization control method, device and system | |
| CN105516066A (en) | Method and device for identifying existence of intermediary | |
| CN109409109A (en) | Data processing method, device, processor and server in network service | |
| CN109218334A (en) | Data processing method, device, access control equipment, certificate server and system | |
| CN114422216A (en) | Internet of things equipment binding method and device and storage medium | |
| CN109740319A (en) | Digital identity verification method and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Liu Jingliang Inventor after: Huang Lingzhi Inventor after: Wu Yunkun Inventor before: Liu Jingliang Inventor before: Huang Lingzhi |
|
| CB03 | Change of inventor or designer information | ||
| CB02 | Change of applicant information |
Address after: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Applicant after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant after: QAX Technology Group Inc. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Applicant before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170125 |
|
| RJ01 | Rejection of invention patent application after publication |