CN107229872A - It is a kind of to separate storage query logic and the private data guard method of segment data - Google Patents

It is a kind of to separate storage query logic and the private data guard method of segment data Download PDF

Info

Publication number
CN107229872A
CN107229872A CN201610175639.2A CN201610175639A CN107229872A CN 107229872 A CN107229872 A CN 107229872A CN 201610175639 A CN201610175639 A CN 201610175639A CN 107229872 A CN107229872 A CN 107229872A
Authority
CN
China
Prior art keywords
data
client
uuid
user
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610175639.2A
Other languages
Chinese (zh)
Inventor
肖哲
杨晶晶
黄铭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610175639.2A priority Critical patent/CN107229872A/en
Publication of CN107229872A publication Critical patent/CN107229872A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

It is a kind of to separate storage query logic and the private data guard method of segment data.The present invention discloses one kind by separating storage " data query index/query logic " with " segmentation real data " to realize the system architecture method of protection private data.The core design of this method is:Client stores " data query index/logic " and " segmentation real data " respectively with server;The reconstruction of complete user data needs to be recombinated by the corresponding segmentation real data for being stored in server end of group polling index acquisition for being stored in client to realize.Data query index is defined as one group of insignificant GUID to mark segment data, and query logic is that user operates or the specific request of server and the mapping relations of one group of GUID.Data sectional upload, the storage organization of server end cannot be distinguished by the user sources of data and reach protection privacy effect.The present invention need not delete user and data needed for systemic-function, it is ensured that all function logics of system.

Description

It is a kind of to separate storage query logic and the private data guard method of segment data
Technical field
The present invention relates to a kind of storage method of protection privacy of user data, especially for based on internet(Including mobile Internet)Application and system platform protection privacy of user data.
Background technology
With developing rapidly for internet and mobile Internet and massive store technology, the collection issue of Internet user's data is increasingly facilitated with storage.People have been accustomed to searching for by internet terminals such as mobile phone and computers, access and sharing data;Internet user is daily in creation data, and substantial amounts of user data is interacted by network, becomes increasingly serious the problem of privacy leakage in this process, the problem of how effectively protecting privacy of user data therefore become more and more important.The technology of conventional protection privacy includes at present:Anonymization technology is such ask- anonymous(k-anonymity),l- diversity(l-diversity),t- close(t-closeness)Deng causing that specific user identity and data source can not be determined by way of vague generalization similar information;Access control technology, passes through the operation and access of control data(Such as the control of the data field accessed, data type or access time)To realize the protection of privacy;Burn-after-reading technology, i.e., delete sensitive data at once after system required function logic is completed;Increase noise technology, by increasing noise in initial data, prevent individual consumer's data from clearly being obtained;Secret protection designing technique in system architecture, it usually needs the support of the system such as password and certification.The information for being limited in that vague generalization user of de-identification method causes the information content of user data to reduce, and increase noise is with deleting the method for sensitive data because user can not be allowed, which to obtain data again, limits systemic-function and the scene of application.Access control can not fundamentally solve the protection of user privacy information, and the protection to privacy of user data will be lost after password and authentication information leakage by way of password and certification.The design of private data guard technology mostly dependent on internal system rule, data template and data interaction agreement on Solution Architecture; cause to be difficult to interact with external system integrated because must comply with these agreements in the exploitation of real system; the autgmentability of system is limited, also is difficult to be formed unified system architecture in addition and defines industrial quarters standard with data protection rule.
In the present invention, by fragmented storage privacy of user data, separation data storage index/logical AND actual segment data are in different physical locations(That is client and server)So that segment data only indexes to combine under the guidance of condition in a group polling is redeveloped into the complete user data of meaning.The reconstruction request of data is initiated by user from client, and the search index condition of reconstruction also only has client to obtain, and makes user that there is the acquisition to oneself data to have complete control.The segment data of server end storage has the consistent storage form of expression to the data from any user, therefore cannot be distinguished by the user identity of each segment data and can not also determine how segment data should combine being redeveloped into the complete information of meaning.The present invention to user data because only make segment processing without making " deletion ", not making " modification(Such as increase data noise)" operation of " vague generalization processing " is not also done, original information content of data is remained, the protection to privacy of user data can be realized on the premise of systemic-function logic is not influenceed.The present invention is independent of specific data storage format and specific data type and classification, with the general universality to various applications.
By prior art documents, there is presently no the method for protecting privacy of user data in different physical locations from real data using separation data storage index.
The content of the invention
The present invention is separated and data storage search index and query logic are in client.
Search indexindexBe specifically defined as:One group of GUID of partial data information is inquired about and rebuild with user identity being used for without practical significance unrelated with private data(UUID).GUID in search index has following characteristics:1. it is unrelated with user identity with private data, and the ordinal relation of segment data can not be expressed;2. specific search index [uuidi | i=1,2,3 ...] can be for obtaining a partial data information being combined into by corresponding segment real data;3. the operation of a clientoCorrespondence(It can obtain)Specific search index and then a partial data information corresponding with obtaining can be corresponded to by this feature 2.
Query logic is specifically included:The operation of useroWith the mapping relations of corresponding one group of unique identifier, it is expressed asP (o, index);The data reconstruction request of server endSRWith the mapping relations of corresponding one group of unique identifier, it is expressed asP (SR, index). Corresponding data sectional can be inquired by these mapping relations and is combined into complete data message.
Client needs the information stored to include:1. data query logic namely user's operationoWith the corresponding relation of search indexP(o, index) ={oi : [uuidj | j=1,2,3…] | i =1,2,3 ... }, each of which user operatesoi Correspondence one group of UUID search index [uuidj | j=1,2,3 ...], index group obtains segmentation real data and reassembles into the result that complete information operates as user in client and returns and show user by communication with server;2. the data reconstruction request of server endSRWith the corresponding relation of search indexP (SR, index) = {SRi : [uuidj | j=1, 2, 3…] | i =1,2,3 ... }, to send acquisition request search index to client when server end needs to carry out data reconstruction;3. the corresponding order identification mappings of UUIDP (uuid, seq), order information needs to use in data reconstruction;4. other data and data relationship that client functionality logic needs.
Server end needs the information stored to include:1. the corresponding relation of GUID and segment dataP(uuid, DS)={uuidi : DSi | i =1,2,3 ... }, this corresponding relation is the relation of " one-to-one ", and a UUID corresponds to a segment data, and this corresponding relation just produces when client is segmented but is stored in server end by uploading.2. other data and data relationship that server-side system function logic needs.
Client need data manipulation be:1. segment data, for privacy of user data need the result of segment processing data sectional be produce data slot array [DSi | i= 1, 2, 3…];2. distributing UUID to each data slot, UUID generation is limited to " claim 1 ", can be generated for distributed generation or by being concentrated in server end;3. upload with UUID data slotuuidi : DSi | i =1,2,3 ... }, data upload to be unordered, can also customize and plans different at the time of upload partial data fragment every time(The leak data in communications can be prevented).4. storage mapping relationP (o, index),P (SR, index) WithP (uuid, seq) 。
Server end need data manipulation be:1. receive come from client data sectionaluuidi : DSi | i =1,2,3, ... and be stored in the storage organization of server end, the storage of one data fragment be it is random and it is irregular do not preserve any information that may be exposed segment data order and combine, to ensure that the data slot from all users is to mix stored interleaved thus cannot be distinguished by the user sources of data.2. client with a group polling index [uuidi | i=1,2,3 ...] when request arrives, in UUID and the corresponding relation of segment dataP(uuid, DS)={uuidi : DSi | i =1,2,3 ... } storage organization in obtain segment data return client.3. when needed to client send data reconstruction request [SRi | i = 1, 2, 3 …]。
If server end need actively rebuilds user's partial data need to client initiate notice/request, via after the operation of user return UUID and corresponding order indicateuuidi : seqi | i=1,2,3 ... } and this combination and reconstruction for doing partial data is given.In this process, user is completely informed and whether can receive request corresponding with completion with control selections.
Compared with existing secret protection scheme, the present invention need not delete and change the private data of user, only do the processing of segment data, thus can ensure the integrality of systemic-function.
The storage of client of the present invention and server is independent of specific storage organization and form, it is only necessary to preserve mapping relations in clientP (o, index) ={oi : [uuidj | j=1,2,3…] | i =1,2,3 ... } andP (SR, index) ={SRi : [uuidj | j=1,2,3…] | i =1,2,3 ... } and order identificationP (uuid, seq), preserve GUID and the corresponding relation of segment data in server endP (uuid, DS)={uuidi : DSi | i = 1,2,3,…}。
The acquisition of user data of the present invention is with rebuilding completely by user's control, and either user terminal or server end initiate data reconstruction request, only client obtain specific search index [uuidi | iThe combination of segment data is just can determine that when=1,2,3 ...] with recovering privacy of user data again, and client obtains search index completely by user's control, or initiated by the operation of user or authorized by user and handled.
The present invention does not need the introducing of encrypting module just to realize the protection of privacy of user, but the introducing of encrypting module can strengthen protection intensity, and integrated with encipherment scheme is required no special processing.
The terminal such as mobile phone that client in the present invention can be locally stored for any band, tablet personal computer, computer even server etc..
Although the present invention is described as the scene mode of client/server, the application scenarios pattern of data harmonization between P2P and server is readily applicable to.
The core concept of the present invention is that separating data storage rebuilds the data query index logic and actual segment data of needs in different physical locations from innovative point(Or virtual environment), the flexible access control implementation for being adapted to concrete application can be derived based on this.
Brief description of the drawings
Fig. 1 is system storage and the functional schematic of the present invention.
Fig. 2 is the operation chart that client of the present invention uploads segmentation real data.
Operation chart when Fig. 3 is client request data reconstruction of the present invention.
Fig. 4 is operation chart when server end request data of the present invention is rebuild.
Embodiment
Embodiments of the invention are elaborated below in conjunction with accompanying drawing:The present embodiment is based on the present invention program, gives operating process specific in detail, but protection scope of the present invention is not limited to following embodiments.
As shown in figure 1, client needs UUID to generate distributor1With data blanking punch2, UUID generations distributor can be on demand by distributed or concentration generation, and data slicer does segment processing to the private data to user.
Client needs to design according to the function logic of system and store at least three kinds relations to reflect3:1. user operatesoWith the mapping relations of search indexP(o, index) ={oi : [uuidj | j=1,2,3…] | i =1,2,3 ... }, specific user's example of operation is such as " temporally(Date)Inquiry data " then need to store date and segment data UUID corresponding relation, and " inquired about by user's order number " then needs to store an order number and the corresponding relation of a component segment data UUID for another example.These corresponding relations are when user operates for obtaining the search index information of one group of UUID composition.2. the data reconstruction request of server endSRWith the corresponding relation of search indexP (SR, index) ={SRi : [uuidj | j=1,2,3…] | i =1,2,3 ... }, in most cases, the data reconstruction of server end is asked and the request of data of the operation logic based on user is consistent, but if server end has other special data reconstruction demands and these demands do not existP (o, index) described in, then it is accomplished by these special demands to be stored inP (SR, index) in support the logic function of system;P (SR, index) design based on the integrated planning and consideration to systemic-function;3. order identification mapping relations of the corresponding segment datas of UUID in partial dataP(uuid, seq), order information needs to use in data reconstruction.
Non- privacy information for user or the information without protection, can use general method to store these data with data relationship to realize systemic-function logic needs.
The design Storage of server end mainly includes:" UUID and the corresponding relation of actual segment data " P(uuid, DS)4, when needing to carry out data reconstruction, needs are inquired about according to one group of UUIDP(uuid, DS) storage organization to obtain actual segment data.
Interacting between user and server mainly includes segment data and uploaded5, client data acquisition6Rebuild with servers' data7
As shown in Figure 2, client uploads the operating process of data including obtaining data input8, the source of data input can be that the operation of user can also be produced by client hardware such as GPS, and the sensor such as accelerometer is produced;Data sectional processing9;The out of order processing of data10, data needs are out of order to be uploaded;UUID is generated and distribution11, the generation of distributed or centralized system;Segment data is uploaded12;And persistence user operation and UUID mapping relationsP(o, index) 13;The application of the demand of critical data uniformity guarantee is needed to need to carry out data consistency status checkout and processing for client and server14;Last other necessary data of persistence and data relationship15;Server end is processed as accordingly, if concentrating generating mode using UUID, server end needs to manage UUID global generation16;Receive segment data17;The mapping relations of perdurable data search index and segment dataP(index, DS)18;The relevant treatment of data consistency guarantee is carried out if needing data consistent check19;And other necessary datas of persistence and data relationship20
As shown in figure 3, operating process when client obtains data includes:Obtain the operation of user21;Operated based on stored useroWith the corresponding relation of search indexP(o, index) obtain one group of UUID22;It is one group of UUID to upload data query index23;Received server-side UUID index groups24, it is based onP(index, DS) obtain actual segment data25And actual segment data are sent to client26;Client receives segment data27And according toP(uuid, seq) recombination data and return be shown to user28
As shown in Fig. 4, operating process when data are rebuild in server end request includes:Server end sends data reconstruction request according to system requirementsSRTo client29;Client the reception server end data rebuilds request30And whether corresponding data is rebuild to user's query31, refuse information is returned to server end if user's negative rebuilds request, the request based on server end if user allows data reconstructionSRWith the mapping relations of search indexP(SR, index) obtain search index32And the UUID index groups with order sign are returned to server end33;The response of received server-side client, complete information is rebuild if user allows data reconstruction according to what is received with the UUID indexes group that order is indicated34;Server end deletes all after data reconstruction may expose the index information of privacy of user, during complete information after the data that generate and reconstruction35
By mask data search index from actual segment data in different physical locations(Or virtual environment), because mapping of the actual segment data without specific data with user identity or sensitive information, it is thus personal secrets that will not expose private data, can be shared with third party and do Data Analysis Services.
Although present disclosure is explained in detail by above preferred embodiment, it is appreciated that above-described embodiment description should not be regarded as limitation of the present invention.The present invention is to protecting the application of private data that there are some operations in general universality, the present invention can have flexible modification with substituting, and protection scope of the present invention should have appended claim to limit.

Claims (13)

1. a kind of secret protection framework method for separating storage subscriber identity information unrelated " data query index/query logic " and " segmentation real data ", is described herein as the definition of term and its feature in method:
Data query index is defined as the condition of inquiry, is one group of insignificant GUID to mark segmentation real data(UUID), the generation method of GUID must be unrelated with privacy information with any identity of user, and these privacy of identities information include but is not limited to the name of user, the account of user(System is distributed), user's characteristic information, the information hardware identifier of mobile phone (code) of subscription client hardware, user logs in all information for being possible to expose user identity such as the address at end;Data query index is stored in client, and server end is sent to obtain segmentation True Data when needing and rebuilding complete information;Data query logic is defined as user's operation or the specific data reconstruction request of server end and the mapping relations of one group of data query identifier, such as user needs to obtain mapping relations of the operation with the identifier of corresponding set of segmentation real data of specific data;Segmentation real data is the original private data of user to be carried out the segment data after data sectional operation.
2. the operation for needing the interaction of client and server to coordinate to complete in this method mainly includes:Segment data is uploaded, client data is rebuild and servers' data is rebuild.
3. the operation followed the steps below is needed when client uploads data in this method:
Step one, " data sectional ", data sectional can be according to the sizes of data, the physical type of data, and logic classification of data etc. is divided;The selection of data granularity of division by non-index can not be inquired about(It is i.e. non-to pass through one group of UUID identifier)Mode determine to be combined into full user data information for principle;Producing for UUID identifiers need to can not express the ordinal relation of segmentation real data, and the information of UUID and data order needs to be stored in client as a mapping relations;
Step 2 " distributes GUID for segment data(UUID), UUID can generate neatly by any unique identifier producing method, such as:Generate, or produced by server centered in a distributed way in client, client is by the way that with being obtained after server interaction, UUID generating modes are limited to feature 1;
Step 3 data storages query logic is in the local storage organization of client, query logic includes " client functionality operation logic " and corresponding " the corresponding one group of UUID " of segment data mapping relations, and " server data reconstruction logic " and corresponding " the corresponding one group of UUID " of segment data mapping relations, both usual query logics have certain plyability, and client needs to store the query logic that all systemic-functions are relied on;
Step 4 uses general method to be stored to realize systemic-function logic for the related data of other non-private datas and data relationship, index etc..
4. client in the present invention(User)The operation followed the steps below is needed when obtaining data:
Step one, clients operate the UUID obtained in the mapping relations of data query logic corresponding to corresponding set of segmentation real data based on user(Step three in feature based 3);
Step 2 data queries are indexed(I.e. one group UUID)Other subsidiary optional querying conditions are sent to server end, and server end will obtain segmentation real data according to this group of UUID and subsidiary querying condition and return to client;
Step 3 clients reconfigure segment data for the information with complete meaning according to the UUID of storage and the mapping relations of segmentation real data and return result to user.
5. server end such as needs active request to rebuild data in the present invention, need to send reconstruction request to client, and confirm to complete the combination and reconstruction of data after operation to server end according to the query logic of the client corresponding one group of UUID of acquisition and corresponding order identification via the agreement of user;In this process, user is known and whether can be received data reconstruction corresponding with completion with control selections and asked completely.
6. server end needs storage organization to preserve the corresponding record of UUID and segment data in the present invention, one record it is abstract be expressed asuuid: DS, the data of server end are because have anonymity and the protectiveness to private data, therefore can be shared with data analysis and other application that third party does the overall situation.
7. the UUID and its ordinal relation of client memory segment data in the present invention, and store " data query logic " and include:User operates and corresponding " the corresponding one group of UUID " of segment data corresponding relation(Client application logical operation needs the acquisition to complete to servers' data corresponding with one group of UUID;And all possible server end rebuilds request and one group of UUID corresponding relation.
8. system protection in need private data client complete be segmented, and will segmentation actual data storage in server end.
9. the storage organization of server end cannot be distinguished by any oneuuid: DSSpecific data and the user identity of record originate, data reconstruction can only send the inquiry request with one group of UUID in client or initiate request from server end to user and agree to via user after when could complete, other any situations, the complete data message of meaning can not be definitely combined into based on segment data.
10. the abstract sensitive data related for any privacy of user of the private data protected in the present invention, is not limited to any specific data type and classification.
Can be any memory technology such as relational database, non-relation data, key-value 11. the storage of client of the present invention and server is independent of specific storage organization and form(key-value)Storage, text storage etc.;The terminal that client in the present invention can be locally stored for any band(Such as cell-phone customer terminal and computer terminal)On application.
12. the access control of the invention by being indexed to data query(As part is accessed)The access control to real data can be conveniently realized; a variety of flexible access controls can be realized by increasing mapping relations in client; such as it is based on data category; based on system logic; based on access controls such as data fields, and the data of server end can be shared with third party and do Data Analysis Services because of the characteristic with secret protection.
13. the core concept of method is described in the present invention with client and server, but this separation query logic is not limited to the pattern of client/server with being segmented the method for real data, can be point-to-point(P2P)And between server, between cross-system, privacy not between same area or the protection of sensitive data can realize two-way access control in these cases.
CN201610175639.2A 2016-03-26 2016-03-26 It is a kind of to separate storage query logic and the private data guard method of segment data Pending CN107229872A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610175639.2A CN107229872A (en) 2016-03-26 2016-03-26 It is a kind of to separate storage query logic and the private data guard method of segment data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610175639.2A CN107229872A (en) 2016-03-26 2016-03-26 It is a kind of to separate storage query logic and the private data guard method of segment data

Publications (1)

Publication Number Publication Date
CN107229872A true CN107229872A (en) 2017-10-03

Family

ID=59932880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610175639.2A Pending CN107229872A (en) 2016-03-26 2016-03-26 It is a kind of to separate storage query logic and the private data guard method of segment data

Country Status (1)

Country Link
CN (1) CN107229872A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109769212A (en) * 2019-01-22 2019-05-17 安徽师范大学 Method for protecting track privacy based on slice in a kind of intelligent perception
CN111782662A (en) * 2020-07-23 2020-10-16 深圳市富之富信息科技有限公司 User privacy information query realization method and device based on distributed reconstruction
CN112104690A (en) * 2019-06-18 2020-12-18 明日基金知识产权控股有限公司 Virtualization for privacy control
CN112613009A (en) * 2020-12-28 2021-04-06 杭州涂鸦信息技术有限公司 Data center access method, client and computer storage medium
CN112910606A (en) * 2020-05-22 2021-06-04 陈杰 Data sending system adopting sectional type data structure
CN114567499A (en) * 2022-03-04 2022-05-31 重庆邮电大学 Offline system copyright protection method based on multi-fragment deletion and encryption
CN117034329A (en) * 2023-10-10 2023-11-10 武汉能钠智能装备技术股份有限公司四川省成都市分公司 Data encryption method and system based on cloud computing

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109769212A (en) * 2019-01-22 2019-05-17 安徽师范大学 Method for protecting track privacy based on slice in a kind of intelligent perception
CN109769212B (en) * 2019-01-22 2020-12-01 安徽师范大学 Track privacy protection method based on slice in crowd-sourcing perception
CN112104690A (en) * 2019-06-18 2020-12-18 明日基金知识产权控股有限公司 Virtualization for privacy control
CN112910606A (en) * 2020-05-22 2021-06-04 陈杰 Data sending system adopting sectional type data structure
CN112910606B (en) * 2020-05-22 2022-08-02 湖北省成套招标股份有限公司 Data sending system adopting sectional type data structure
CN111782662A (en) * 2020-07-23 2020-10-16 深圳市富之富信息科技有限公司 User privacy information query realization method and device based on distributed reconstruction
CN111782662B (en) * 2020-07-23 2022-02-11 深圳市富之富信息科技有限公司 User privacy information query realization method and device based on distributed reconstruction
CN112613009A (en) * 2020-12-28 2021-04-06 杭州涂鸦信息技术有限公司 Data center access method, client and computer storage medium
CN114567499A (en) * 2022-03-04 2022-05-31 重庆邮电大学 Offline system copyright protection method based on multi-fragment deletion and encryption
CN117034329A (en) * 2023-10-10 2023-11-10 武汉能钠智能装备技术股份有限公司四川省成都市分公司 Data encryption method and system based on cloud computing
CN117034329B (en) * 2023-10-10 2023-12-26 武汉能钠智能装备技术股份有限公司四川省成都市分公司 Data encryption method and system based on cloud computing

Similar Documents

Publication Publication Date Title
CN107229872A (en) It is a kind of to separate storage query logic and the private data guard method of segment data
CN106127075B (en) Encryption method can search for based on secret protection under a kind of cloud storage environment
CN110502916B (en) Sensitive data processing method and system based on block chain
CN111343001A (en) Social data sharing system based on block chain
US11855992B2 (en) Service-to-service role mapping systems and methods
JP2021533448A (en) Systems and methods to support SQL-based rich queries in hyperlegger fabric blockchain
Gao et al. BSSPD: A Blockchain‐Based Security Sharing Scheme for Personal Data with Fine‐Grained Access Control
CA3177369C (en) Method and system for a data custodian implemented as an entity-centric, resource-oriented database within a shared cloud platform
US8504590B2 (en) Methods of encapsulating information in records from two or more disparate databases
US11128457B2 (en) Cryptographic key generation using external entropy generation
US11392467B2 (en) Failover between decentralized identity stores
US11212263B2 (en) Dynamic generation of pseudonymous names
US11394542B2 (en) Deauthorization of private key of decentralized identity
US11509467B2 (en) Story assisted mnemonic phrase
US11916919B2 (en) Resolving decentralized identifiers using multiple resolvers
CN111680041A (en) Safe and efficient access method for heterogeneous data
CN109088858B (en) Medical system and method based on authority management
CN113239395A (en) Data query method, device, equipment, storage medium and program product
CN112511599A (en) Civil air defense data sharing system and method based on block chain
EP4018344A1 (en) Resolving decentralized identifiers at customized security levels
CN108170753A (en) A kind of method of Key-Value data base encryptions and Safety query in shared cloud
CN112818038A (en) Data management method based on combination of block chain and IPFS (Internet protocol file system) and related equipment
US11522858B2 (en) Event based transfer of did delegated authority
Swain et al. A Review on Privacy Preservation in Cloud Computing and Recent Trends
Deepalakshmi et al. An Enhanced Data Anonymization Technique to Preserve Privacy in Big Data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20171003