CN106941492A - Data safe transmission method between multiple cloud service nodes - Google Patents

Data safe transmission method between multiple cloud service nodes Download PDF

Info

Publication number
CN106941492A
CN106941492A CN201710201989.6A CN201710201989A CN106941492A CN 106941492 A CN106941492 A CN 106941492A CN 201710201989 A CN201710201989 A CN 201710201989A CN 106941492 A CN106941492 A CN 106941492A
Authority
CN
China
Prior art keywords
data
transmission
terminal
source
cloud service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710201989.6A
Other languages
Chinese (zh)
Inventor
陈伟
马志伟
王旭
刘宇光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Rui Xin New Information Technology Co Ltd
Original Assignee
Nanjing Rui Xin New Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Rui Xin New Information Technology Co Ltd filed Critical Nanjing Rui Xin New Information Technology Co Ltd
Priority to CN201710201989.6A priority Critical patent/CN106941492A/en
Publication of CN106941492A publication Critical patent/CN106941492A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a kind of encrypted transmission method of electronic data, data safe transmission method between specifically a kind of multiple cloud service nodes.This method is:Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into data terminal, carries out a secondary key exchange;Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;When above-mentioned data terminal by data to next node-node transmission when, now it is as data source of this transmission, and next node is the data terminal of this transmission, is then repeated the above steps, and completes data transfer again.The present invention both ensure that effective transmission of data, also improve security of the data during cloud service data relay.

Description

Data safe transmission method between multiple cloud service nodes
Technical field
The present invention relates to a kind of encrypted transmission method of electronic data, data between specifically a kind of multiple cloud service nodes Safe transmission method.
Background technology
As data user accelerates traditional IT data to move on Cloud Server, cloud service is becoming increasingly popular, its Middle picture AWS, A Liyun, Baidu's cloud etc. is all known cloud service application system.Current cloud application program is primarily been limited to One Ge Yun providers, and as increasing people uses cloud service, it is foreseen that one kind is needed from association of multiple cloud providers Application program with service will appear from.For example, some cloud service provider may need to provide its client by form for enterprise Service condition etc..
If there is no PII in data transmission procedure(Privacy protection verification), then data are inevitably exposed to Tripartite.Current common technology is that, by data transfer the opposing party, therefore can strictly ensure can using anonymization PII cipher modes Terminal user from one weblication of browser execution when the opposing party service safety and effectiveness.Because anonymous encryption data It is usually irreversible, so can not crack, it is ensured that the security of data transfer.
So currently used SSL data encryption mode is only protected from a terminal to another terminal(Such as browser) Transmission security, but when data are passed through from intermediate node, this data encryption mode is inoperative, at present can only It is believable to give tacit consent to intermediate node, but is thus likely to result in data transmission procedure, the leakage of data.
The content of the invention
The technical problems to be solved by the invention, which are to provide, a kind of can improve data security during cloud service Data safe transmission method between multiple cloud service nodes.
Data safe transmission method is between the multiple cloud service nodes of the present invention:Number between the different nodes of cloud service According in transmitting procedure, the node that data transfer is initiated in data transfer each time is referred to as data source, the node for receiving data claims For data terminal;The flow of data transfer is:
1)Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out It is to transmit data from the last time that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged The public key in source.
Further, the data source of data transmission for the first time can be that operation web apply and initiated data transfer and asks The browser asked.
It is an advantage of the invention that:When data are in a series of different cloud node-node transmission procedures, it would be desirable to the encryption of transmission Key --- PII is together transmitted.All cloud services can serve as data source or data terminal and carry out data processing, and PII Itself keeps constant during data transfer and processing.Due to just key being handed in initial data source, institute In whole transmitting procedure it is variable with key, this assures the reliability of data safety.And internally believable cloud Data are transmitted in service node, the cloud service that can be used without PII checkings carrys out processing data, but PII is for these clouds It is sightless for service, because PII is by encryption, only possessing key could decrypt.So, it just both ensure that number According to effective transmission, also improve security of the data during cloud service data relay.
Embodiment
Technical scheme is described further with reference to embodiment.
Data safe transmission method is between multiple cloud service nodes of the embodiment of the present invention:Will enterprise during cloud service The browser that industry web is applied and initiated data transfer request will receive number as the data source most started in each transmitting procedure According to node be used as data terminal;The flow of data transfer is:
1)Before data start transmission, data source (enterprise web is applied and initiated the browser of data transfer request) and data are whole End generates respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out It is from enterprise's web application datas that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged The public key in source.

Claims (2)

1. data safe transmission method between a kind of multiple cloud service nodes, it is characterized in that:
In data transmission procedure between the different nodes of cloud service, the section of data transfer will be initiated in data transfer each time Point is referred to as data source, receives the node referred to as data terminal of data;The flow of data transfer is:
1)Before data start transmission, data source and data terminal generate respective a pair of public keys and private key respectively;
2)Then, before data are sent data source can request data terminal first public key, and the public key of data source is issued into number According to terminal, a secondary key exchange is carried out;
3)Then, data source carries out PII encryptions according to the public key of data terminal, and initiates data transfer;
4)Data terminal carries out data deciphering using the private key of data terminal, completes a data transfer;
5)When above-mentioned data terminal by data to next node-node transmission when, now its as this transmission data source, it is and next Node is the data terminal of this transmission, then repeats the above steps 1)To step 4), complete data transfer again;Carrying out It is to transmit data from the last time that the data source of this transmission, which is exchanged to the public key of the data terminal of this transmission, when key is exchanged The public key in source.
2. data safe transmission method between multiple cloud service nodes according to claim 1, it is characterized in that:The data The data source of transmission can be that operation web is applied and initiated the browser of data transfer request for the first time.
CN201710201989.6A 2017-03-30 2017-03-30 Data safe transmission method between multiple cloud service nodes Pending CN106941492A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710201989.6A CN106941492A (en) 2017-03-30 2017-03-30 Data safe transmission method between multiple cloud service nodes

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710201989.6A CN106941492A (en) 2017-03-30 2017-03-30 Data safe transmission method between multiple cloud service nodes

Publications (1)

Publication Number Publication Date
CN106941492A true CN106941492A (en) 2017-07-11

Family

ID=59464459

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710201989.6A Pending CN106941492A (en) 2017-03-30 2017-03-30 Data safe transmission method between multiple cloud service nodes

Country Status (1)

Country Link
CN (1) CN106941492A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768930A (en) * 2018-04-09 2018-11-06 华北水利水电大学 A kind of encrypted transmission method of data
CN110650121A (en) * 2019-08-28 2020-01-03 深圳市天道日新科技有限公司 Stream media data security system based on distributed system
CN113541934A (en) * 2021-05-18 2021-10-22 南通京希信息技术有限公司 Encryption communication method and system and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102186170A (en) * 2010-11-24 2011-09-14 北京天融信科技有限公司 Method and device for managing secret keys in wireless sensor network
CN103701700A (en) * 2013-12-24 2014-04-02 中国科学院信息工程研究所 Node discovering method and system in communication network
EP3016343A1 (en) * 2014-10-31 2016-05-04 Sap Se Telecommunication method for securely exchanging data
CN105610847A (en) * 2016-01-08 2016-05-25 成都卫士通信息产业股份有限公司 Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes
CN106453428A (en) * 2016-12-15 2017-02-22 中国科学院上海微系统与信息技术研究所 Anonymous safety communication method applicable to MANET (mobile ad-hoc network) network layer

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102186170A (en) * 2010-11-24 2011-09-14 北京天融信科技有限公司 Method and device for managing secret keys in wireless sensor network
CN103701700A (en) * 2013-12-24 2014-04-02 中国科学院信息工程研究所 Node discovering method and system in communication network
EP3016343A1 (en) * 2014-10-31 2016-05-04 Sap Se Telecommunication method for securely exchanging data
CN105610847A (en) * 2016-01-08 2016-05-25 成都卫士通信息产业股份有限公司 Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes
CN106453428A (en) * 2016-12-15 2017-02-22 中国科学院上海微系统与信息技术研究所 Anonymous safety communication method applicable to MANET (mobile ad-hoc network) network layer

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768930A (en) * 2018-04-09 2018-11-06 华北水利水电大学 A kind of encrypted transmission method of data
CN110650121A (en) * 2019-08-28 2020-01-03 深圳市天道日新科技有限公司 Stream media data security system based on distributed system
CN113541934A (en) * 2021-05-18 2021-10-22 南通京希信息技术有限公司 Encryption communication method and system and electronic equipment

Similar Documents

Publication Publication Date Title
CN110971415B (en) Space-ground integrated space information network anonymous access authentication method and system
CN106487749B (en) Key generation method and device
CN110190955B (en) Information processing method and device based on secure socket layer protocol authentication
CN110166242B (en) Message transmission method and device
TWI791050B (en) Data transmission method and system
US7321971B2 (en) System and method for secure remote access
CN109428867B (en) Message encryption and decryption method, network equipment and system
CN108075890A (en) Data sending terminal, data receiver, data transmission method and system
CN109167802B (en) Method, server and terminal for preventing session hijacking
CN111756529B (en) Quantum session key distribution method and system
RU2645597C2 (en) Method of authentication in data hidden terminal transmission channel
TW201537937A (en) Unified identity authentication platform and authentication method thereof
CN106941492A (en) Data safe transmission method between multiple cloud service nodes
CN112187832A (en) Data transmission method and electronic equipment
CN111010399A (en) Data transmission method and device, electronic equipment and storage medium
CN111988301A (en) Secure communication method for preventing client from hacker violence attack
US11539671B1 (en) Authentication scheme in a virtual private network
US10015208B2 (en) Single proxies in secure communication using service function chaining
CN111901335B (en) Block chain data transmission management method and system based on middle station
US20170070481A1 (en) Communication channel security against packet sniffing
US20240106811A1 (en) Systems and methods for network privacy
CN104394532A (en) Anti-brute force safe log-in method for mobile terminal
US11943201B2 (en) Authentication procedure in a virtual private network
WO2016176858A1 (en) Request transmission method and client
TWI724091B (en) Method and device for generating key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170711

RJ01 Rejection of invention patent application after publication