CN106557708A - A kind of method for security protection and system - Google Patents
A kind of method for security protection and system Download PDFInfo
- Publication number
- CN106557708A CN106557708A CN201611024357.9A CN201611024357A CN106557708A CN 106557708 A CN106557708 A CN 106557708A CN 201611024357 A CN201611024357 A CN 201611024357A CN 106557708 A CN106557708 A CN 106557708A
- Authority
- CN
- China
- Prior art keywords
- file
- terminal
- module
- encrypted
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000004891 communication Methods 0.000 claims abstract description 19
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 13
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000010187 selection method Methods 0.000 description 1
- 230000020509 sex determination Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention provides a kind of method for security protection and system, are applied to the user terminal being connected with first terminal near-field communication, are related to field of information security technology.In the embodiment of the present invention, user terminal obtains the sequence code information of first terminal, as encrypting metadata, encrypting metadata is encrypted by AES again, encryption key is generated, then, is encrypted by encrypting secret key pair file to be encrypted, obtain encrypting file, and encryption file is preserved according to specified path.The present invention utilizes near-field communication technology, the personal information in user terminal is encrypted by near-field communication terminal, can effectively improve the safety of personal information.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of method for security protection and system.
Background technology
With the continuous popularization of the various terminal equipments such as smart mobile phone, IPAD, end message also becomes further important safely.
Under normal circumstances, some data in terminal, file are encrypted using passwords such as gesture, numerals, to ensure individual privacy
Safety.Jing inventor's research finds that cipher mode so is easily caused password leakage, so as to cause encryption data to be lost
Or password is forgotten, and the information after can not being decrypted.
The content of the invention
It is contemplated that improving above-mentioned technical problem.For this purpose, the present invention provides a kind of method for security protection and system, purport
In the safety for further improving terminal data.
Present pre-ferred embodiments provide a kind of method for security protection, are applied to the use being connected with first terminal near-field communication
Family terminal, methods described include:
The sequence code information of first terminal is obtained, as encrypting metadata;
The encrypting metadata is encrypted by AES, generates encryption key;
It is encrypted by encryption secret key pair file to be encrypted, obtains encrypting file, and the encryption file is pressed
Preserved according to specified path.
Another preferred embodiment of the present invention provides a kind of safety system, is applied to be connected with first terminal near-field communication
User terminal, the system includes first information acquisition module, the first key generation module and encrypting module:
The first information acquisition module, for obtaining the sequence code information of first terminal, as encrypting metadata;
The first key generation module, for being encrypted to the encrypting metadata by AES, is added
Close key;
The encrypting module, for being encrypted by encryption secret key pair file to be encrypted, obtains encrypting file, and
The encryption file is preserved according to specified path.
Compared with prior art, a kind of method for security protection provided in an embodiment of the present invention and system, using near-field communication
Technology, is encrypted to the personal information in user terminal by near-field communication terminal.Can be prevented effectively from prior art, it is close
The code series of problems that easily leakage, loss etc. are brought, while also further increasing the safety of terminal data.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate
Appended accompanying drawing, is described in detail below.
Description of the drawings
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, below by to be used attached needed for embodiment
Figure is briefly described, it will be appreciated that the following drawings illustrate only certain embodiments of the present invention, thus be not construed as it is right
The restriction of scope, for those of ordinary skill in the art, on the premise of not paying creative work, can be with according to this
A little accompanying drawings obtain other related accompanying drawings.
The structured flowchart of the safety system that Fig. 1 is provided for present pre-ferred embodiments.
Structured flowcharts of the Fig. 2 for the encryption function unit of safety system.
Structured flowcharts of the Fig. 3 for the decryption functional unit of safety system.
Encryption flow figure in the method for security protection that Fig. 4 is provided for present pre-ferred embodiments.
Decryption flow chart in the method for security protection that Fig. 5 is provided for present pre-ferred embodiments.
Icon:10- user terminals;102- first choice modules;The first judge modules of 104-;The second judge modules of 106-;
108- first information acquisition modules;110- the first key generation modules;112- encrypting modules;The 3rd judge modules of 114-;116-
Second selecting module;The second data obtaining modules of 118-;120- the second key generation modules;122- key matching modules;20-
One terminal;30- second terminals.
Specific embodiment
Below in conjunction with accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Ground description, it is clear that described embodiment is only a part of embodiment of the invention, rather than the embodiment of whole.Generally exist
The component of the embodiment of the present invention described and illustrated in accompanying drawing can be arranged and be designed with a variety of configurations herein.Cause
This, the detailed description of the embodiments of the invention to providing in the accompanying drawings is not intended to limit claimed invention below
Scope, but it is merely representative of the selected embodiment of the present invention.Based on embodiments of the invention, those skilled in the art are not doing
The every other embodiment obtained on the premise of going out creative work, belongs to the scope of protection of the invention.
It should be noted that:Similar label and letter represent similar terms in following accompanying drawing, therefore, once a certain Xiang Yi
It is defined in individual accompanying drawing, then in subsequent accompanying drawing which further need not be defined and is explained.Meanwhile, the present invention's
In description, unless otherwise clearly defined and limited, should be interpreted broadly term " installation ", " setting ", " connection ", for example, can
Being to be fixedly connected, or be detachably connected, or it is integrally connected;Can be mechanically connected, or electrically connect;Can
Being to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be the connection of two element internals.For this area
For those of ordinary skill, above-mentioned term concrete meaning in the present invention can be understood with concrete condition.
Fig. 1 is referred to, is a kind of safety system block diagram provided in an embodiment of the present invention.The safety system should
For user terminal 10, the user terminal 10 and first terminal 20 and second terminal 30 near-field communication (Near Field
Communication, NFC) connection.Wherein, the near-field communication is a kind of radiotechnics of short distance high frequency, 10 centimetres away from
Can be run with the frequency of 13.56MHz from interior, its transmission speed has 106Kbit/ seconds, 212Kbit/ seconds or 424Kbit/ seconds
Three kinds.At present, near-field communication has become 18092 international standards of ISO/IEC IS, ECMA-340 standards and ETSI TS102 190
Standard.Alternatively, near-field communication equipment information can be using actively and passively two kinds of read modes.
Alternatively, the user terminal 10 can adopt Android, IOS, BlackBerry or other can support institute
State other operating systems of near-field communication application.The embodiment of the present invention is using the user terminal 10 for being provided with android system.
Alternatively, during the first terminal 20 and the second terminal 30 can be daily life, common nfc card piece,
Such as mass transit card, access card etc., or mobile terminal with NFC function etc..In embodiments of the present invention, carry out file to add
During close and decryption, the sequence code information of the first terminal 20 or the second terminal 30 is only read, will not be obtained or be write
Any other information, to ensure the safety of the user of the user terminal 20.
Further, Fig. 2 is referred to, is the encryption function cellular construction frame of the safety system of the embodiment of the present invention
Figure.During being encrypted to file, the system includes first choice module 102, the first judge module 104, second
Judge module 106, first information acquisition module 108, the first key generation module 110 and encrypting module 112.
The first choice module 102 is used to choose privacy of user file.Alternatively, the first choice module 102 can
For the file browser that the operating system in the user terminal 10 is carried.
First judge module 104 is used to judge that the privacy of user file whether there is, if existing, to the use
Family private file is marked, and as file to be encrypted.First judge module 104 is additionally operable to judge the privacy of user
Whether the type of file is specified type, if specified type, then as file to be encrypted.
Alternatively, except the first judge module 104 excessively described above is used to successively judge whether the privacy of user file is deposited
Outside whether the type with the privacy of user file is specified type, first judge module 104 individually can also be used
In judging that the privacy of user file whether there is, or it is individually used for judging whether the type of the privacy of user file is specified
Type.
Second judge module 106 is used to judge whether the user terminal 10 supports 20 information of the first terminal
Read, if the user terminal 10 supports the reading of 20 information of the first terminal, read the sequence of the first terminal 20
Code information.
The first information acquisition module 108 is used for the sequence code information for obtaining first terminal 20, used as encrypting metadata.
Specifically, the first information acquisition module 108 obtains the data message of the first terminal 20 first, then to the data
Information carries out filtration extraction, so as to obtain the sequence code information, using as encrypting metadata.
The first key generation module 110 is used to be encrypted the encrypting metadata by AES, obtains
Encryption key.Alternatively, when being encrypted to the encrypting metadata, one or more different encryptions can be chosen and is calculated
Method, wherein, the embodiment of the present invention is encrypted to the encrypting metadata using md5 encryption algorithm.
The encrypting module 112 is used to be encrypted by encryption secret key pair file to be encrypted, obtains encrypting file,
And the encryption file is preserved according to specified path.
Alternatively, the safety system is when file encryption is carried out, also including the 3rd judge module 114, described
Three judge modules 114 are used for the storage address for choosing the encryption file, and whether judge the memory space of the storage address
Enough, and choose target storage address whether be specified type.
Further, Fig. 3 is referred to, is the decryption functional unit structural frames of the safety system of the embodiment of the present invention
Figure, during being decrypted to file, the system also includes the second selecting module 116, the second data obtaining module
118th, the second key generation module 120 and key matching module 122.
Wherein, second selecting module 116 is used to choose file to be decrypted.Second data obtaining module 118
For obtaining the sequence code information of the second terminal 30, as decrypted metadata.The second key generation module 120, uses
In encrypting the decrypted metadata using the AES, obtain decrypting key.The key matching module 122, is used for
The decryption key is matched with the encryption key, if the match is successful, the file to be decrypted is opened.
Wherein, when being encrypted by 120 pairs of decrypted metadatas of the second key generation module, and first key
, when being encrypted to the encrypting metadata, the AES of employing is identical for generation module 110.
It should be appreciated that when to the file decryption to be decrypted success, the second terminal 30 and the first terminal 20
Should be the same terminal with same sequence number, i.e., the encryption key that described user terminal 10 is obtained by the first terminal 20
It is identical with the decryption key obtained by the second terminal 30.Conversely, decryption failure.
Design and description based on above safety system, below by the user terminal 10 using android system
In, the method for security protection is further elaborated.Refer to Fig. 4, be present pre-ferred embodiments provide be applied to Fig. 2
The encryption method flow chart in method for security protection in the encryption function unit of shown safety system.Following steps are
To elaborating for the idiographic flow shown in Fig. 4.
Step S101, chooses privacy of user file.
In the embodiment of the present invention, step S101 is performed by the first choice module 102 in Fig. 2.Specifically, in the user
In terminal 10, when user needs to be encrypted private data, file etc., chosen by the first choice module 102 and used
Family private file, its code are as follows:
Intent intent=new Intent (Intent.ACTION_GET_CONTENT);
intent.setType("*/*");// type is set, can be any type or any suffix
intent.addCategory(Intent.CATEGORY_OPENABLE);
startActivityForResult(intent,1);
After the selection of privacy of user file is completed, the user terminal 10 can be connect by onActivityResult methods
The private file information of user's selection is received, the information is the character string of the absolute address of a file, is passed through in Android
The character string can obtain the private file.
Step S102, judges that privacy of user file whether there is, if not existing, execution step S101, if existing, is held
Row step S103.
Step S103, is marked to privacy of user file, used as file to be encrypted.
Specifically, after step S101 is completed, after obtaining the absolute address of this document, need to judge the privacy of user text
Part whether there is.Because during selection, surprisingly causing this document to be deleted because of some, and making this encipheror
Cannot continue.Therefore, concrete determination methods are as follows:
File f=new File ("/storage/sdcard/test.pdf ");
f.exists();
In above-mentioned code, the newly-built File object of character string first to obtaining, the object are the private file for obtaining
The benchmark that whether there is, judges the privacy of user file by object execution exists methods and whether there is, if return value
For false, then do not exist;If return value is true, privacy of user file is present, and enters rower to the privacy of user file
Note, as file to be encrypted.
Step S104, determines whether specified type, if it is not, then execution step S101, if specified type, then performs
Step S105.
Specifically, after completing to walk S103, need to judge whether the file to be encrypted is specified type, that is, judge described
File to be encrypted is a file or a file, because the present invention can only encrypt a file, and cannot encrypt one
File.Whether in judge process, isDirectory () is performed using file functions judging the file to be encrypted is
File, if return value is true, for file, at this moment needs return to step S101 to reselect;If return value is
False, then execution step S105.In embodiments of the present invention, the first judge module during step S102- step S104 is by Fig. 2
104 complete.
Alternatively, step S102 and step S104 separately can also be carried out, i.e., in one embodiment, can be with
Only the privacy of user file to choosing carries out type decision, or the presence sex determination for only carrying out file, however it is not limited to this
The scope that inventive embodiments are given.
Step S105, judges whether the user terminal 10 supports the reading of 20 information of the first terminal, if not supporting,
Then encryption flow terminates;If supporting, execution step S106.
In the embodiment of the present invention, step S105 by Fig. 2 in the second judge module 106 complete.Specifically, user's end
When end 10 starts the sequence code information for reading the first terminal 20, it is by the NfcAdapter side on the user terminal 10
Method is obtaining.Therefore, it is necessary first to judge whether the user terminal 10 supports NFC function.If the user terminal 10 is not
Support, then after being initialized using NfcAdapter, return value is null, and encryption flow terminates;If return value is not null,
Continue step S106.
Step S106, obtains the sequence code information of first terminal 20, as encrypting metadata.
In the embodiment of the present invention, step S106 is completed by the first information acquisition module 108 in Fig. 2.Specifically, the use
Family terminal 10 obtains the data message of the first terminal 20 to be realized by following procedure:
Parcelable [] rawArray=
intent.getParcelableArrayExtra(NfcAdapter.EXTRA_NDEF_MESSAGES);
NdefMessage mNdefMsg=(NdefMessage) rawArray [0];
NdefRecord mNdefRecord=mNdefMsg.getRecords () [0];
Wherein, first and second line code is all NFC data information for starting to get, and the data message is NFC module
Data.The third line is reading the first terminal 20 with 10 near-field communication of the user terminal according to the data message
Data message, if obtaining 20 exception of failure or the first terminal, the return value of NdefRecord is empty, encryption flow knot
Beam;If return value there are data, the data message of the first terminal 20 is read by NdefRecord, program is as follows:
String(mNdefRecord.getPayload(),"UTF-8");
Further, as the data message has a lot, therefore the present invention implements column selection and takes the one of the data message
Part is used as the encrypting metadata.Specifically, using using the sequence code of the first terminal 20 as encrypting metadata, it is described
After sequence code is located at the SEL character strings of the data message, therefore, can be obtained by filtering the data before SEL character strings
To the sequence code information.
Specifically, the embodiment of the present invention intercepts the SEL character strings using the split in Android.I.e. by using
Strsplit (" [SEL] ") function intercepts a character string dimension, and the array has two data, first be SEL before number
According to, second is data after SEL, can directly adopt str [1] function to obtain second data, i.e., described sequence code information,
And as encrypting metadata.
Alternatively, after the data message that the first terminal 20 is read by NdefRecord, also can directly by institute
Data message is stated as encrypting metadata, so as to further increase the complexity of password.
Step S107, is encrypted to encrypting metadata, generates encryption key.
In embodiments of the present invention, the first key generation module 110 during step S108 is by Fig. 2 is completed.Specifically, should
Character string obtained by encrypting metadata is encrypted by md5 encryption algorithm as encrypts key.
Step S108, is encrypted by encryption secret key pair file to be encrypted, obtains encrypting file.
In embodiments of the present invention, step S108 is completed by the encrypting module 112 in Fig. 2, specifically, by using java
In DES carrying out, program is as follows:
In said method, an encryption class is created first by Cipher, and this.Key is incoming, and this.key is then
It is encryption key described above, after the encryption key write, file stream will be started, and add it to encryption stream
It is encrypted in CipherInputStream, obtains encrypting file.
Step S109, chooses encryption file storage address.
Whether enough step S110, judge parking space, if parking space is not enough, execution step S109, if storage is empty
Between enough, then execution step S111.
Step S111, storage encryption file.
In embodiments of the present invention, the 3rd judge module 114 during step S109- step S111 is by Fig. 2 is completed.Specifically
Ground, after file encryption is completed, the user terminal 10 will be prompted to the storage address that user chooses the encryption file.It is concrete to select
Selection method such as step S100 is chosen, then execution step S110, judges whether the memory space of file reaches encryption enough
Parking space size needed for file.The mode of judgement is as follows:
StatFs dataFs=new StatFs (Path);
Long sizes=(long) dataFs.getFreeBlocks () * (long) dataFs.getBlockSize
();
Above-mentioned code is to judge remaining space size under the path, and using the sizes for returning come the file with selection
Judged, if space greatly if can be write, if not enough, point out user reselect.
Alternatively, after step S109 is completed, can by and step S103 identical method carry out the judgement of file type.
But, the file type that this step is chosen should be file rather than file, therefore just may be used when judging isDirectory for true
To perform next step, if false, then need to re-execute step S109.
Further, Fig. 5 is refer to, is the safeguard protection system being applied to shown in Fig. 3 that present pre-ferred embodiments are provided
The decryption method flow chart in method for security protection in the decryption functional unit of system.Following steps are to concrete shown in Fig. 5
What flow process was carried out elaborates.
Step S112, chooses file to be decrypted.
In embodiments of the present invention, the second selecting module 116 during step S112 is by Fig. 3 is completed.Specifically, select to wait to solve
Ciphertext part, is still selected using above-mentioned steps S101 identical file selection mode.After the completion of selection, need to select solution
The storage address of close rear file, when using the address, while the text after needing the space for judging the address whether to decrypt enough
Part is deposited.Concrete grammar such as step S109 and step S110, are repeated no more here.
Step S113, obtains the sequence code information of second terminal 30, as decrypted metadata.
Step S114, encrypts to the decrypted metadata, obtains decrypting key.
Step S114 by Fig. 3 in the second key generation module 120 complete.Specifically, step S113 and step S114
Idiographic flow is identical with step S106 and step S107, obtains the sequence code information of second terminal 30, as decrypted metadata, right
The decrypted metadata encryption, obtains decrypting key.Detailed process is repeated no more here.
Step S115, the decryption key is matched with the encryption key, if the match is successful, is treated described in opening
Decryption file.
In embodiments of the present invention, step S115 is completed by the key matching module 122 in Fig. 3.Specifically, decrypting process
It is decrypted using the DES algorithms in java, file will be decrypted, file storage address is incoming after decryption key and decryption, makes
It is decrypted with following information:
Cipher cipher=Cipher.getInstance (" DES ");
cipher.init(Cipher.DECRYPT_MODE,this.key);
InputStream is=new FileInputStream (file);
OutputStream out=new FileOutputStream (dest);
CipherOutputStream cos=new CipherOutputStream (out, cipher);
In above- mentioned information, the Cipher of a des method is initialized first, then by establishment file stream by file and decryption
Key information is incoming together, generates the file stream of a decryption and is written in file.If it fails to match for the key of input, can
Mess code is generated, flow process terminates;If the match is successful for key, a decryption file is generated, it is finally required that this document is user
File.
In sum, the present invention is provided method for security protection and system, are applied to connect with 20 near-field communication of first terminal
The user terminal 10 for connecing.Sequence code information of the method for security protection based on safety system by acquisition first terminal 20,
As encrypting metadata.Encrypting metadata is encrypted by AES again, generates encryption key.Finally, by encryption
Secret key pair file to be encrypted is encrypted, and obtains encrypting file and being preserved according to specified path.When needing to carry out file solution
When close, then contacted with the user terminal 10 by the first terminal 20, you can complete file decryption.The present invention can be effective
In avoiding prior art, the series of problems that password is easily revealed, lost etc. brings, while also further increasing terminal data
Safety.
In embodiment provided herein, it should be understood that disclosed apparatus and method, it is also possible to by other
Mode realize.Device embodiment described above is only schematic, and for example, the flow chart and block diagram in accompanying drawing shows
Devices in accordance with embodiments of the present invention, the architectural framework in the cards of method and computer program product, function and behaviour
Make.At this point, each square frame in flow chart or block diagram can represent a part for module, program segment or a code, institute
State the executable instruction of the part comprising one or more logic functions for being used to realize regulation of module, program segment or code.
It should also be noted that at some as in the implementation replaced, the function of being marked in square frame can also be with different from accompanying drawing
The order for being marked occurs.For example, two continuous square frames can essentially be performed substantially in parallel, and they sometimes can also be by
Contrary order is performed, and this is depending on involved function.It is also noted that block diagram and/or each square frame in flow chart,
And the combination of block diagram and/or the square frame in flow chart, the special based on hardware of the function that performs regulation or action can be used
System realizing, or can be realized with the combination of specialized hardware and computer instruction.
It should be noted that herein, term " including ", "comprising" or its any other variant are intended to non-row
His property is included, so that a series of process, method, article or equipment including key elements not only include those key elements, and
And also include other key elements being not expressly set out, or also include for this process, method, article or equipment institute inherently
Key element.In the absence of more restrictions, the key element for being limited by sentence "including a ...", it is not excluded that including institute
Also there is other identical element in process, method, article or the equipment of stating key element.
The preferred embodiments of the present invention are the foregoing is only, the present invention is not limited to, for the skill of this area
For art personnel, the present invention can have various modifications and variations.It is all within the spirit and principles in the present invention, made any repair
Change, equivalent, improvement etc., should be included within the scope of the present invention.It should be noted that:Similar label and letter exist
Similar terms is represented in figure below, therefore, once being defined in a certain Xiang Yi accompanying drawing, then it is not required in subsequent accompanying drawing
Which is further defined and is explained.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention should be defined by the scope of the claims.
Claims (10)
1. a kind of method for security protection, is applied to the user terminal being connected with first terminal near-field communication, it is characterised in that described
Method includes:
The sequence code information of first terminal is obtained, as encrypting metadata;
The encrypting metadata is encrypted by AES, generates encryption key;
It is encrypted by encryption secret key pair file to be encrypted, obtains encrypting file, and by the encryption file according to finger
Determine path to be preserved.
2. method for security protection according to claim 1, it is characterised in that in the sequence code letter for obtaining first terminal
Before the step of breath, methods described also includes:
Choose privacy of user file;
Judge that the privacy of user file whether there is, if existing, the privacy of user file is marked, and conduct is treated
Encryption file.
3. method for security protection according to claim 1, it is characterised in that in the sequence code letter for obtaining first terminal
Before the step of breath, methods described also includes:
Choose privacy of user file;
Whether the type for judging the privacy of user file is specified type, if specified type, then the privacy of user file
As file to be encrypted.
4. method for security protection according to claim 1, it is characterised in that in the sequence code letter for obtaining first terminal
Before the step of breath, methods described also includes:
Judge whether the user terminal supports the reading of the first terminal information;
If the user terminal supports the reading of the first terminal information, the sequence code information of the first terminal is read.
5. method for security protection according to claim 1, the user terminal can with second terminal near-field communication, its
It is characterised by, methods described also includes:
Choose file to be decrypted;
The sequence code information of the second terminal is obtained, as decrypted metadata;
The decrypted metadata is encrypted using the AES, obtains decrypting key;
The decryption key is matched with the encryption key, if the match is successful, the file to be decrypted is opened.
6. a kind of safety system, is applied to the user terminal being connected with first terminal near-field communication, it is characterised in that described
System includes first information acquisition module, the first key generation module and encrypting module:
The first information acquisition module, for obtaining the sequence code information of first terminal, as encrypting metadata;
The first key generation module, for being encrypted to the encrypting metadata by AES, obtains encryption secret
Key;
The encrypting module, for being encrypted by the encryption secret key pair file to be encrypted, obtains encrypting file, and by institute
State encryption file to be preserved according to specified path.
7. safety system according to claim 6, it is characterised in that the system also include first choice module and
First judge module;
The first choice module, for choosing privacy of user file;
First judge module, for judging that the privacy of user file whether there is, if existing, to the privacy of user
File is marked, and as file to be encrypted.
8. safety system according to claim 7, it is characterised in that first judge module is additionally operable to judge institute
Whether the type for stating privacy of user file is specified type, if specified type, then the privacy of user file is used as to be encrypted
File.
9. safety system according to claim 6, it is characterised in that the system also includes the second judge module;
Second judge module, for judging whether the user terminal supports the reading of the first terminal information, if institute
The reading that user terminal supports the first terminal information is stated, then reads the sequence code information.
10. safety system according to claim 6, the user terminal can with second terminal near-field communication,
Characterized in that, the system also includes the second selecting module, the second data obtaining module, the second key generation module and key
Matching module:
Second selecting module, for choosing file to be decrypted;
Second data obtaining module, for obtaining the sequence code information of the second terminal, as decrypted metadata;
The second key generation module, for being encrypted to the decrypted metadata using the AES, is solved
Close key;
The key matching module, for the decryption key is matched with the encryption key, if the match is successful, beats
Open the file to be decrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611024357.9A CN106557708B (en) | 2016-11-21 | 2016-11-21 | Safety protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611024357.9A CN106557708B (en) | 2016-11-21 | 2016-11-21 | Safety protection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106557708A true CN106557708A (en) | 2017-04-05 |
| CN106557708B CN106557708B (en) | 2020-03-17 |
Family
ID=58444531
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611024357.9A Active CN106557708B (en) | 2016-11-21 | 2016-11-21 | Safety protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106557708B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292199A (en) * | 2017-05-24 | 2017-10-24 | 上海泰金电子科技有限公司 | A kind of doorway machine safety system |
| CN110059489A (en) * | 2018-01-19 | 2019-07-26 | 旭景科技股份有限公司 | Safe electronic equipment |
| CN110730366A (en) * | 2019-10-30 | 2020-01-24 | 杭州叙简科技股份有限公司 | Bit operation-based lightweight video stream encryption and decryption method and encryption and decryption mechanism |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101599950A (en) * | 2008-06-04 | 2009-12-09 | 晨星软件研发(深圳)有限公司 | Verification System, device and method |
| CN101784045A (en) * | 2009-01-20 | 2010-07-21 | 英华达(上海)电子有限公司 | Method and device for generating secrete key and method and device for loading secrete key |
| CN102810191A (en) * | 2012-07-24 | 2012-12-05 | 深圳市杰瑞特科技有限公司 | Near field communication (NFC) system and mobile payment and charge methods thereof |
| CN103279692A (en) * | 2013-05-03 | 2013-09-04 | 广东欧珀移动通信有限公司 | File encrypting and decrypting method and device based on mobile phone |
| US20140006784A1 (en) * | 2012-06-27 | 2014-01-02 | Intel Corporation | Techniques for user-validated close-range mutual authentication |
| CN103870759A (en) * | 2014-03-27 | 2014-06-18 | 上海斐讯数据通信技术有限公司 | NFC encryption method, NFC encryption system and terminal |
| CN103985042A (en) * | 2014-06-04 | 2014-08-13 | 孙国华 | Digital information encryption and decryption method based on NFC mobile phone and IC card |
| CN104715365A (en) * | 2015-03-13 | 2015-06-17 | 江苏创新睿智科技有限公司 | Method for achieving E-wallet load credit over air based on Bluetooth transmission channel |
| CN104915606A (en) * | 2015-05-29 | 2015-09-16 | 努比亚技术有限公司 | File encryption and decryption methods and devices |
| CN105760764A (en) * | 2014-12-18 | 2016-07-13 | 中兴通讯股份有限公司 | Encryption and decryption methods and devices for embedded storage device file and terminal |
-
2016
- 2016-11-21 CN CN201611024357.9A patent/CN106557708B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101599950A (en) * | 2008-06-04 | 2009-12-09 | 晨星软件研发(深圳)有限公司 | Verification System, device and method |
| CN101784045A (en) * | 2009-01-20 | 2010-07-21 | 英华达(上海)电子有限公司 | Method and device for generating secrete key and method and device for loading secrete key |
| US20140006784A1 (en) * | 2012-06-27 | 2014-01-02 | Intel Corporation | Techniques for user-validated close-range mutual authentication |
| CN102810191A (en) * | 2012-07-24 | 2012-12-05 | 深圳市杰瑞特科技有限公司 | Near field communication (NFC) system and mobile payment and charge methods thereof |
| CN103279692A (en) * | 2013-05-03 | 2013-09-04 | 广东欧珀移动通信有限公司 | File encrypting and decrypting method and device based on mobile phone |
| CN103870759A (en) * | 2014-03-27 | 2014-06-18 | 上海斐讯数据通信技术有限公司 | NFC encryption method, NFC encryption system and terminal |
| CN103985042A (en) * | 2014-06-04 | 2014-08-13 | 孙国华 | Digital information encryption and decryption method based on NFC mobile phone and IC card |
| CN105760764A (en) * | 2014-12-18 | 2016-07-13 | 中兴通讯股份有限公司 | Encryption and decryption methods and devices for embedded storage device file and terminal |
| CN104715365A (en) * | 2015-03-13 | 2015-06-17 | 江苏创新睿智科技有限公司 | Method for achieving E-wallet load credit over air based on Bluetooth transmission channel |
| CN104915606A (en) * | 2015-05-29 | 2015-09-16 | 努比亚技术有限公司 | File encryption and decryption methods and devices |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292199A (en) * | 2017-05-24 | 2017-10-24 | 上海泰金电子科技有限公司 | A kind of doorway machine safety system |
| CN110059489A (en) * | 2018-01-19 | 2019-07-26 | 旭景科技股份有限公司 | Safe electronic equipment |
| CN110059489B (en) * | 2018-01-19 | 2021-08-17 | 旭景科技股份有限公司 | Secure electronic device |
| CN110730366A (en) * | 2019-10-30 | 2020-01-24 | 杭州叙简科技股份有限公司 | Bit operation-based lightweight video stream encryption and decryption method and encryption and decryption mechanism |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106557708B (en) | 2020-03-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104331644B (en) | A kind of transparent encipher-decipher method of intelligent terminal file | |
| EP2741443A1 (en) | Credential Recovery | |
| CA2964458A1 (en) | Securing host card emulation credentials | |
| US9276748B2 (en) | Data-encrypting method and decrypting method for a mobile phone | |
| CN104331653A (en) | Fingerprint decryption method and fingerprint decryption device | |
| CN105227537A (en) | Method for authenticating user identity, terminal and service end | |
| CN101488111A (en) | Identification authentication method and system | |
| CN106878231A (en) | Method, user terminal and system for realizing secure user data transmission | |
| CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
| Hufstetler et al. | Nfc unlock: Secure two-factor computer authentication using nfc | |
| EP2973182B1 (en) | Methods and apparatus for securing user input in a mobile device | |
| CN107196907A (en) | A kind of guard method of Android SO files and device | |
| CN103929312A (en) | Mobile terminal and method and system for protecting individual information of mobile terminal | |
| CN106557708A (en) | A kind of method for security protection and system | |
| CN107124279A (en) | The method and device of erasing terminal data | |
| CN108809982A (en) | It is a kind of that close authentication method and system is exempted from based on credible performing environment | |
| KR101792220B1 (en) | Method, mobile terminal, device and program for providing user authentication service of combining biometric authentication | |
| KR20100031354A (en) | Tag security processing method using one time password | |
| CN105915541A (en) | Mobile terminal password preservation and recovery processing method based on NFC and system thereof | |
| EP2985712B1 (en) | Application encryption processing method, apparatus, and terminal | |
| CN107590026A (en) | A kind of data back up method and device | |
| CN107704743A (en) | Device and Related product with data backup function | |
| CN107508814A (en) | Data ciphering method, decryption method, apparatus and system | |
| Mandalapu et al. | An NFC featured three level authentication system for tenable transaction and abridgment of ATM card blocking intricacies | |
| CN109075974A (en) | The binding authentication method and fingerprint recognition system in fingerprint algorithm library and fingerprint sensor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information |
Inventor after: Ding Peng Inventor after: Guo Hao Inventor before: Ding Peng |
|
| CB03 | Change of inventor or designer information | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231218 Address after: 719, podium building 12, Shenzhen Bay science and technology ecological park, No.18, South Keji Road, high tech community, Yuehai street, Nanshan District, Shenzhen, Guangdong 518000 Patentee after: Shenzhen Yuanpai Technology Co.,Ltd. Address before: 430000 East Lake Development Zone, Wuhan City, Hubei Province, No. 1 Software Park East Road 4.1 Phase B1 Building 11 Building Patentee before: WUHAN DOUYU NETWORK TECHNOLOGY Co.,Ltd. |
|
| TR01 | Transfer of patent right |