CN106941492A - Data safe transmission method between multiple cloud service nodes - Google Patents
Data safe transmission method between multiple cloud service nodes Download PDFInfo
- Publication number
- CN106941492A CN106941492A CN201710201989.6A CN201710201989A CN106941492A CN 106941492 A CN106941492 A CN 106941492A CN 201710201989 A CN201710201989 A CN 201710201989A CN 106941492 A CN106941492 A CN 106941492A
- Authority
- CN
- China
- Prior art keywords
- data
- transmission
- terminal
- source
- cloud service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a kind of encrypted transmission method of electronic data, data safe transmission method between specifically a kind of multiple cloud service nodes.This method is:Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into data terminal, carries out a secondary key exchange;Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;When above-mentioned data terminal by data to next node-node transmission when, now it is as data source of this transmission, and next node is the data terminal of this transmission, is then repeated the above steps, and completes data transfer again.The present invention both ensure that effective transmission of data, also improve security of the data during cloud service data relay.
Description
Technical field
The present invention relates to a kind of encrypted transmission method of electronic data, data between specifically a kind of multiple cloud service nodes
Safe transmission method.
Background technology
As data user accelerates traditional IT data to move on Cloud Server, cloud service is becoming increasingly popular, its
Middle picture AWS, A Liyun, Baidu's cloud etc. is all known cloud service application system.Current cloud application program is primarily been limited to
One Ge Yun providers, and as increasing people uses cloud service, it is foreseen that one kind is needed from association of multiple cloud providers
Application program with service will appear from.For example, some cloud service provider may need to provide its client by form for enterprise
Service condition etc..
If there is no PII in data transmission procedure(Privacy protection verification), then data are inevitably exposed to
Tripartite.Current common technology is that, by data transfer the opposing party, therefore can strictly ensure can using anonymization PII cipher modes
Terminal user from one weblication of browser execution when the opposing party service safety and effectiveness.Because anonymous encryption data
It is usually irreversible, so can not crack, it is ensured that the security of data transfer.
So currently used SSL data encryption mode is only protected from a terminal to another terminal(Such as browser)
Transmission security, but when data are passed through from intermediate node, this data encryption mode is inoperative, at present can only
It is believable to give tacit consent to intermediate node, but is thus likely to result in data transmission procedure, the leakage of data.
The content of the invention
The technical problems to be solved by the invention, which are to provide, a kind of can improve data security during cloud service
Data safe transmission method between multiple cloud service nodes.
Data safe transmission method is between the multiple cloud service nodes of the present invention:Number between the different nodes of cloud service
According in transmitting procedure, the node that data transfer is initiated in data transfer each time is referred to as data source, the node for receiving data claims
For data terminal;The flow of data transfer is:
1)Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number
According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next
Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out
It is to transmit data from the last time that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged
The public key in source.
Further, the data source of data transmission for the first time can be that operation web apply and initiated data transfer and asks
The browser asked.
It is an advantage of the invention that:When data are in a series of different cloud node-node transmission procedures, it would be desirable to the encryption of transmission
Key --- PII is together transmitted.All cloud services can serve as data source or data terminal and carry out data processing, and PII
Itself keeps constant during data transfer and processing.Due to just key being handed in initial data source, institute
In whole transmitting procedure it is variable with key, this assures the reliability of data safety.And internally believable cloud
Data are transmitted in service node, the cloud service that can be used without PII checkings carrys out processing data, but PII is for these clouds
It is sightless for service, because PII is by encryption, only possessing key could decrypt.So, it just both ensure that number
According to effective transmission, also improve security of the data during cloud service data relay.
Embodiment
Technical scheme is described further with reference to embodiment.
Data safe transmission method is between multiple cloud service nodes of the embodiment of the present invention:Will enterprise during cloud service
The browser that industry web is applied and initiated data transfer request will receive number as the data source most started in each transmitting procedure
According to node be used as data terminal;The flow of data transfer is:
1)Before data start transmission, data source (enterprise web is applied and initiated the browser of data transfer request) and data are whole
End generates respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number
According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next
Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out
It is from enterprise's web application datas that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged
The public key in source.
Claims (2)
1. data safe transmission method between a kind of multiple cloud service nodes, it is characterized in that:
In data transmission procedure between the different nodes of cloud service, the section of data transfer will be initiated in data transfer each time
Point is referred to as data source, receives the node referred to as data terminal of data;The flow of data transfer is:
1)Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number
According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next
Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out
It is to transmit data from the last time that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged
The public key in source.
2. data safe transmission method between multiple cloud service nodes according to claim 1, it is characterized in that:The data
The data source of transmission can be that operation web is applied and initiated the browser of data transfer request for the first time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710201989.6A CN106941492A (en) | 2017-03-30 | 2017-03-30 | Data safe transmission method between multiple cloud service nodes |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710201989.6A CN106941492A (en) | 2017-03-30 | 2017-03-30 | Data safe transmission method between multiple cloud service nodes |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106941492A true CN106941492A (en) | 2017-07-11 |
Family
ID=59464459
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710201989.6A Pending CN106941492A (en) | 2017-03-30 | 2017-03-30 | Data safe transmission method between multiple cloud service nodes |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106941492A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
CN110650121A (en) * | 2019-08-28 | 2020-01-03 | 深圳市天道日新科技有限公司 | Stream media data security system based on distributed system |
CN113541934A (en) * | 2021-05-18 | 2021-10-22 | 南通京希信息技术有限公司 | Encryption communication method and system and electronic equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102186170A (en) * | 2010-11-24 | 2011-09-14 | 北京天融信科技有限公司 | Method and device for managing secret keys in wireless sensor network |
CN103701700A (en) * | 2013-12-24 | 2014-04-02 | 中国科学院信息工程研究所 | Node discovering method and system in communication network |
EP3016343A1 (en) * | 2014-10-31 | 2016-05-04 | Sap Se | Telecommunication method for securely exchanging data |
CN105610847A (en) * | 2016-01-08 | 2016-05-25 | 成都卫士通信息产业股份有限公司 | Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes |
CN106453428A (en) * | 2016-12-15 | 2017-02-22 | 中国科学院上海微系统与信息技术研究所 | Anonymous safety communication method applicable to MANET (mobile ad-hoc network) network layer |
-
2017
- 2017-03-30 CN CN201710201989.6A patent/CN106941492A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102186170A (en) * | 2010-11-24 | 2011-09-14 | 北京天融信科技有限公司 | Method and device for managing secret keys in wireless sensor network |
CN103701700A (en) * | 2013-12-24 | 2014-04-02 | 中国科学院信息工程研究所 | Node discovering method and system in communication network |
EP3016343A1 (en) * | 2014-10-31 | 2016-05-04 | Sap Se | Telecommunication method for securely exchanging data |
CN105610847A (en) * | 2016-01-08 | 2016-05-25 | 成都卫士通信息产业股份有限公司 | Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes |
CN106453428A (en) * | 2016-12-15 | 2017-02-22 | 中国科学院上海微系统与信息技术研究所 | Anonymous safety communication method applicable to MANET (mobile ad-hoc network) network layer |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
CN110650121A (en) * | 2019-08-28 | 2020-01-03 | 深圳市天道日新科技有限公司 | Stream media data security system based on distributed system |
CN113541934A (en) * | 2021-05-18 | 2021-10-22 | 南通京希信息技术有限公司 | Encryption communication method and system and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110971415B (en) | Space-ground integrated space information network anonymous access authentication method and system | |
CN106487749B (en) | Key generation method and device | |
CN110190955B (en) | Information processing method and device based on secure socket layer protocol authentication | |
CN110166242B (en) | Message transmission method and device | |
TWI791050B (en) | Data transmission method and system | |
US7321971B2 (en) | System and method for secure remote access | |
CN109428867B (en) | Message encryption and decryption method, network equipment and system | |
CN108075890A (en) | Data sending terminal, data receiver, data transmission method and system | |
CN109167802B (en) | Method, server and terminal for preventing session hijacking | |
CN111756529B (en) | Quantum session key distribution method and system | |
RU2645597C2 (en) | Method of authentication in data hidden terminal transmission channel | |
TW201537937A (en) | Unified identity authentication platform and authentication method thereof | |
CN106941492A (en) | Data safe transmission method between multiple cloud service nodes | |
CN112187832A (en) | Data transmission method and electronic equipment | |
CN111010399A (en) | Data transmission method and device, electronic equipment and storage medium | |
CN111988301A (en) | Secure communication method for preventing client from hacker violence attack | |
US11539671B1 (en) | Authentication scheme in a virtual private network | |
US10015208B2 (en) | Single proxies in secure communication using service function chaining | |
CN111901335B (en) | Block chain data transmission management method and system based on middle station | |
US20170070481A1 (en) | Communication channel security against packet sniffing | |
US20240106811A1 (en) | Systems and methods for network privacy | |
CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal | |
US11943201B2 (en) | Authentication procedure in a virtual private network | |
WO2016176858A1 (en) | Request transmission method and client | |
TWI724091B (en) | Method and device for generating key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170711 |
|
RJ01 | Rejection of invention patent application after publication |