CN106992851A - 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 - Google Patents
基于TrustZone的数据库文件口令加解密方法、装置及终端设备 Download PDFInfo
- Publication number
- CN106992851A CN106992851A CN201710214713.1A CN201710214713A CN106992851A CN 106992851 A CN106992851 A CN 106992851A CN 201710214713 A CN201710214713 A CN 201710214713A CN 106992851 A CN106992851 A CN 106992851A
- Authority
- CN
- China
- Prior art keywords
- metadata
- execution environment
- database file
- password
- trusted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 230000007246 mechanism Effects 0.000 claims description 22
- 238000004891 communication Methods 0.000 description 23
- 238000010586 diagram Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 230000008569 process Effects 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (12)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710214713.1A CN106992851B (zh) | 2017-04-01 | 2017-04-01 | 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710214713.1A CN106992851B (zh) | 2017-04-01 | 2017-04-01 | 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106992851A true CN106992851A (zh) | 2017-07-28 |
CN106992851B CN106992851B (zh) | 2020-04-10 |
Family
ID=59414649
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710214713.1A Active CN106992851B (zh) | 2017-04-01 | 2017-04-01 | 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106992851B (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107579987A (zh) * | 2017-09-22 | 2018-01-12 | 郑州云海信息技术有限公司 | 一种服务器云端诊断系统规则库二级加密、访问方法及系统 |
CN108390753A (zh) * | 2018-01-04 | 2018-08-10 | 中国地质大学(武汉) | 一种基于密文哈希检索的应用程序账户登录方法及系统 |
CN108595970A (zh) * | 2018-03-13 | 2018-09-28 | Oppo广东移动通信有限公司 | 处理组件的配置方法、装置、终端及存储介质 |
CN110858249A (zh) * | 2018-08-24 | 2020-03-03 | 中移(杭州)信息技术有限公司 | 一种数据库文件加密方法、解密方法和相关装置 |
CN111324910A (zh) * | 2020-03-20 | 2020-06-23 | 山东大学 | 一种采用TrustZone技术实现内存数据库的方法 |
CN111475832A (zh) * | 2020-06-24 | 2020-07-31 | 腾讯科技(深圳)有限公司 | 一种数据管理的方法以及相关装置 |
WO2020163758A1 (en) * | 2019-02-08 | 2020-08-13 | Arthur Young | Systems, methods and machine readable programs for isolation of data |
CN113297611A (zh) * | 2021-02-08 | 2021-08-24 | 阿里云计算有限公司 | 数据处理、加密存储、读取方法、设备及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103514414A (zh) * | 2012-06-26 | 2014-01-15 | 上海盛轩网络科技有限公司 | 一种基于ARM TrustZone的加密方法及加密系统 |
CN103856485A (zh) * | 2014-02-14 | 2014-06-11 | 武汉天喻信息产业股份有限公司 | 可信用户界面安全指示器的初始化系统及方法 |
US20160191236A1 (en) * | 2014-12-31 | 2016-06-30 | Sergey Smirnoff | Hybrid integration of software development kit with secure execution environment |
CN105812332A (zh) * | 2014-12-31 | 2016-07-27 | 北京握奇智能科技有限公司 | 数据保护方法 |
CN105978917A (zh) * | 2016-07-19 | 2016-09-28 | 恒宝股份有限公司 | 一种用于可信应用安全认证的系统和方法 |
CN106464485A (zh) * | 2014-02-11 | 2017-02-22 | 爱立信股份有限公司 | 用于保护在清单文件中输送的内容密钥的系统和方法 |
-
2017
- 2017-04-01 CN CN201710214713.1A patent/CN106992851B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103514414A (zh) * | 2012-06-26 | 2014-01-15 | 上海盛轩网络科技有限公司 | 一种基于ARM TrustZone的加密方法及加密系统 |
CN106464485A (zh) * | 2014-02-11 | 2017-02-22 | 爱立信股份有限公司 | 用于保护在清单文件中输送的内容密钥的系统和方法 |
CN103856485A (zh) * | 2014-02-14 | 2014-06-11 | 武汉天喻信息产业股份有限公司 | 可信用户界面安全指示器的初始化系统及方法 |
US20160191236A1 (en) * | 2014-12-31 | 2016-06-30 | Sergey Smirnoff | Hybrid integration of software development kit with secure execution environment |
CN105812332A (zh) * | 2014-12-31 | 2016-07-27 | 北京握奇智能科技有限公司 | 数据保护方法 |
CN105978917A (zh) * | 2016-07-19 | 2016-09-28 | 恒宝股份有限公司 | 一种用于可信应用安全认证的系统和方法 |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107579987A (zh) * | 2017-09-22 | 2018-01-12 | 郑州云海信息技术有限公司 | 一种服务器云端诊断系统规则库二级加密、访问方法及系统 |
CN108390753A (zh) * | 2018-01-04 | 2018-08-10 | 中国地质大学(武汉) | 一种基于密文哈希检索的应用程序账户登录方法及系统 |
CN108595970A (zh) * | 2018-03-13 | 2018-09-28 | Oppo广东移动通信有限公司 | 处理组件的配置方法、装置、终端及存储介质 |
CN108595970B (zh) * | 2018-03-13 | 2020-08-28 | Oppo广东移动通信有限公司 | 处理组件的配置方法、装置、终端及存储介质 |
CN110858249A (zh) * | 2018-08-24 | 2020-03-03 | 中移(杭州)信息技术有限公司 | 一种数据库文件加密方法、解密方法和相关装置 |
CN110858249B (zh) * | 2018-08-24 | 2021-11-16 | 中移(杭州)信息技术有限公司 | 一种数据库文件加密方法、解密方法和相关装置 |
WO2020163758A1 (en) * | 2019-02-08 | 2020-08-13 | Arthur Young | Systems, methods and machine readable programs for isolation of data |
CN111324910A (zh) * | 2020-03-20 | 2020-06-23 | 山东大学 | 一种采用TrustZone技术实现内存数据库的方法 |
CN111475832A (zh) * | 2020-06-24 | 2020-07-31 | 腾讯科技(深圳)有限公司 | 一种数据管理的方法以及相关装置 |
CN111475832B (zh) * | 2020-06-24 | 2021-01-12 | 腾讯科技(深圳)有限公司 | 一种数据管理的方法以及相关装置 |
CN113297611A (zh) * | 2021-02-08 | 2021-08-24 | 阿里云计算有限公司 | 数据处理、加密存储、读取方法、设备及存储介质 |
CN113297611B (zh) * | 2021-02-08 | 2023-05-26 | 阿里云计算有限公司 | 数据处理、加密存储、读取方法、设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN106992851B (zh) | 2020-04-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106980794B (zh) | 基于TrustZone的文件加解密方法、装置及终端设备 | |
CN106997439B (zh) | 基于TrustZone的数据加解密方法、装置及终端设备 | |
CN106992851B (zh) | 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 | |
CN112818380B (zh) | 业务行为的回溯处理方法、装置、设备及系统 | |
LU101903B1 (en) | System and method for storing and accessing private data of Hyperledger Fabric blockchain | |
US10708051B2 (en) | Controlled access to data in a sandboxed environment | |
CN106980793B (zh) | 基于TrustZone的通用口令存储及读取方法、装置及终端设备 | |
US7587608B2 (en) | Method and apparatus for storing data on the application layer in mobile devices | |
US8489889B1 (en) | Method and apparatus for restricting access to encrypted data | |
CN106487763B (zh) | 一种基于云计算平台的数据访问方法及用户终端 | |
US8181028B1 (en) | Method for secure system shutdown | |
WO2022028289A1 (zh) | 数据加密方法、数据解密方法、装置、终端和存储介质 | |
CN107040520B (zh) | 一种云计算数据共享系统及方法 | |
US20150143107A1 (en) | Data security tools for shared data | |
US7234060B1 (en) | Generation and use of digital signatures | |
US8402278B2 (en) | Method and system for protecting data | |
CN111917711B (zh) | 数据访问方法、装置、计算机设备和存储介质 | |
US9607176B2 (en) | Secure copy and paste of mobile app data | |
US12061706B2 (en) | Encrypted file control | |
US9754118B2 (en) | Performing an operation on a data storage | |
CN106453398B (zh) | 一种数据加密系统及方法 | |
CN110830252B (zh) | 数据加密的方法、装置、设备和存储介质 | |
KR101249343B1 (ko) | 디지털 권한 파일의 보호를 위한 방법 | |
CN106897613B (zh) | 一种操作执行方法及装置 | |
US11841970B1 (en) | Systems and methods for preventing information leakage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210226 Address after: 101300 room 153, 1 / F, building 17, 16 Caixiang East Road, Nancai Town, Shunyi District, Beijing Patentee after: Yuanxin Information Technology Group Co.,Ltd. Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Beijing Patentee before: BEIJING YUANXIN SCIENCE & TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20170728 Assignee: Beijing Yuanxin Junsheng Technology Co.,Ltd. Assignor: Yuanxin Information Technology Group Co.,Ltd. Contract record no.: X2021110000018 Denomination of invention: Database file password encryption and decryption method, device and terminal device based on TrustZone Granted publication date: 20200410 License type: Common License Record date: 20210531 |
|
EE01 | Entry into force of recordation of patent licensing contract |