CN107483187A - A kind of data guard method and device based on credible password module - Google Patents
A kind of data guard method and device based on credible password module Download PDFInfo
- Publication number
- CN107483187A CN107483187A CN201710651171.4A CN201710651171A CN107483187A CN 107483187 A CN107483187 A CN 107483187A CN 201710651171 A CN201710651171 A CN 201710651171A CN 107483187 A CN107483187 A CN 107483187A
- Authority
- CN
- China
- Prior art keywords
- tcm
- encryption
- data
- key
- hardware keys
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mathematical Physics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of data guard method and device based on credible password module, methods described includes:Receive the instruction for accessing data;The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware keys are pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is pre-created, to use the software cryptography encrypted data;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.When visitor wants to conduct interviews to data, it is necessary to first decrypt software cryptography key using TCM hardware keys, then reuse software cryptography secret key decryption data, the process of decryption becomes more complicated difficulty, so as to preferably protect the safety of data.Data and physical platform can also be bound using method provided by the present invention simultaneously, prevent encryption data and key data to be stolen.
Description
Technical field
The present invention relates to information security field, more particularly to a kind of data guard method based on credible password module and
Device.
Background technology
With the fast development of information technology and increasingly extensive, the people of the electronics applications including computer
Life become more and more convenient, but the phenomenon of user data leakage is also following, the mode of leakage be also it is varied,
And the baneful influence caused by these leakages is probably to retrieve, so the protection to data seems more and more important.
Nowadays people protect the mode of data that data are encrypted generally by software, are converted to data clear text close
Text, but this cipher mode is carried out in computer-internal, is easier to be cracked by data theft person, so as to cause letting out for data
Dew, it is limited to the degree of protection of data.
The content of the invention
It is an object of the invention to provide a kind of data guard method and device based on credible password module, to solve logarithm
According to degree of protection it is limited the problem of.
In order to solve the above technical problems, the present invention provides a kind of data guard method based on credible password module, including:
Receive the instruction for accessing data;
The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware is close
Key is pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is advance
Create, to use the software cryptography encrypted data;
The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
Alternatively, the described second default enciphering and deciphering algorithm is symmetrical enciphering and deciphering algorithm.
Alternatively, the symmetrical enciphering and deciphering algorithm is SM4 algorithms.
Alternatively, the described first default enciphering and deciphering algorithm is SM2 algorithms.
Alternatively, before TCM hardware keys are pre-created, in addition to:
TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, it is close to create the TCM hardware
Key, if acquisition is unsuccessful, return to TCM error message.
Alternatively, after the software cryptography key using the encryption of TCM hardware keys, in addition to:
Judge that the use TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then utilizing
The data of software cryptography secret key decryption encryption, and TCM error message is returned, so that user judges according to the error message
Error reason, it is encrypted again, until encrypting successfully.
Present invention also offers a kind of data protecting device based on credible password module, including:Receiving module, encryption and decryption
Module;
Wherein, the receiving module, the instruction of data is accessed for receiving;
The encryption/decryption module, for being pre-created software cryptography key, use software cryptography encrypted data;In advance
TCM hardware keys are created, encrypt the software cryptography key using TCM hardware keys, and using TCM hardware keys encryption institute
State the success of software cryptography key and delete software cryptography key afterwards;The the first default plus solution used according to the TCM hardware keys
Close algorithm decryption software encryption key;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
Alternatively, the second default enciphering and deciphering algorithm decryption that the encryption/decryption module uses according to the software cryptography key
Data, including:
The SM4 algorithm ciphertext datas that the encryption/decryption module uses according to the software cryptography key.
Alternatively, the first default enciphering and deciphering algorithm decryption that the encryption/decryption module uses according to the TCM hardware keys
Software cryptography key, including:
The SM2 algorithm decryption software encryption keys that the encryption/decryption module uses according to TCM hardware keys.
Alternatively, the encryption/decryption module, it is additionally operable to before TCM hardware keys are pre-created, obtains TCM user's body
Part, and judge whether to obtain successfully, if obtained successfully, the TCM hardware keys are created, if acquisition is unsuccessful, are returned
Return TCM error message;
The encryption/decryption module, it is additionally operable to after the software cryptography key using the encryption of TCM hardware keys, sentences
Disconnected TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then being added using software cryptography secret key decryption
Close data, and TCM error message is returned, so that user judges error reason according to the error message, carry out again
Encryption, until encrypting successfully.
Data guard method and device provided by the present invention based on credible password module, are added by being pre-created software
Key, using software cryptography encrypted data, TCM hardware keys are pre-created, are added using TCM hardware keys encryption softwares
Key, after the success of TCM hardware keys encryption softwares encryption key, software cryptography key source file is deleted, is not just had so
There is method directly to obtain software cryptography key, when visitor wants to conduct interviews to data, it is necessary to first using TCM hardware keys
Software cryptography key is decrypted, then reuses software cryptography secret key decryption data, the process of decryption becomes more complicated difficulty,
So as to preferably protect the safety of data.Simultaneously can also be by data and physical platform using method provided by the present invention
Binding, prevents encryption data and key data to be stolen.
Brief description of the drawings
, below will be to embodiment or existing for the clearer explanation embodiment of the present invention or the technical scheme of prior art
The required accompanying drawing used is briefly described in technology description, it should be apparent that, drawings in the following description are only this hair
Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can be with root
Other accompanying drawings are obtained according to these accompanying drawings.
The flow chart for the data guard method based on credible password module that Fig. 1 is provided by the embodiment of the present invention;
Advance ciphering process in the data guard method based on credible password module that Fig. 2 is provided by the embodiment of the present invention
Flow chart;
The structured flowchart for the data protecting device based on credible password module that Fig. 3 is provided by the embodiment of the present invention.
Embodiment
The core of the present invention is to provide a kind of data guard method and device based on credible password module, to solve logarithm
According to degree of protection it is limited the problem of.
In order that those skilled in the art more fully understand the present invention program, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.Obviously, described embodiment is only part of the embodiment of the present invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, belongs to the scope of protection of the invention.
Referring to Fig. 1, the stream for the data guard method based on credible password module that Fig. 1 is provided by the embodiment of the present invention
Cheng Tu, comprise the following steps:
Step 101:Receive the instruction for accessing data.
When visitor desires access to the data encrypted in equipment, TCM modules can be sent instructions to, TCM modules receive should
Instruction, to carry out subsequent treatment.
Step 102:The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys.
Because created in advance ciphering process, it is necessary to select a kind of enciphering and deciphering algorithm for TCM hardware keys by TCM modules
TCM hardware keys are built, to use its encryption software encryption key, by software cryptography key from ciphertext is changed into plain text, are encrypted to
After work(, the source file of software cryptography key is deleted, so when desiring access to data, it is necessary to first by software cryptography key solution
It is close to come out.During decryption software encryption key, create what enciphering and deciphering algorithm is TCM hardware keys employ, decrypt also according to the calculation
Software cryptography key is decrypted method.When creating TCM hardware keys, each TCM hardware keys have father's key, and one
As use SMK keys as his father's key, but can also be that TCM hardware keys separately specify father key.
Step 103:The the second default enciphering and deciphering algorithm ciphertext data used according to software cryptography key.
Because created in advance ciphering process, it is necessary to select a kind of enciphering and deciphering algorithm for software cryptography key by equipment
Software cryptography key, to use its encryption data, by data from ciphertext is changed into plain text, so being obtained in execution step 102 soft
After part encryption key, it is desirable to which accessing data needs that data are decrypted according to the enciphering and deciphering algorithm that software cryptography key uses.
Above-mentioned technical proposal disclosed in the present application, after the success of TCM hardware keys encryption softwares encryption key, delete
Software cryptography key source file, so just have no idea directly to obtain the plaintext of software cryptography key, and according to its decryption
Data, visitor want to conduct interviews to data, it is necessary to first decrypt software cryptography key using TCM hardware keys, then
Software cryptography secret key decryption data are reused, the process of decryption becomes more complicated difficulty, so as to preferably protect data
Safety, while data and physical platform can also be bound, prevent encryption data and key data to be stolen.
The data guard method based on credible password module that the embodiment of the present invention is provided, it is advance in TCM hardware keys
Before establishment, it can also include:
TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, creates TCM hardware keys,
If acquisition is unsuccessful, TCM error message is returned.
TCM user identity is obtained, and is judged whether to obtain successfully, can further improve the degree of protection to data.
The data guard method based on credible password module that the embodiment of the present invention is provided, using TCM hardware keys
After encryption software encryption key, it can also include:
Whether judgement is succeeded using TCM hardware keys encryption software encryption keys, if it fails, then utilizing software cryptography
The data of secret key decryption encryption, and TCM error message is returned, so that user judges error reason according to error message, then
It is secondary to be encrypted, until encrypting successfully.
For the ease of a further understanding of the present invention, the present invention is carried out with reference to the embodiment of the present invention
Detailed description.
It refer to Fig. 2, it is pre- in the data guard method based on credible password module that Fig. 2 is provided by the embodiment of the present invention
The flow chart of first ciphering process, comprises the following steps:
Step 201:TCM user identity is obtained, acquisition is unsuccessful, performs step 202, obtains successfully, performs step
203。
The user identity of TCM modules is obtained by TCM_TakeOwnership instructions, the instruction can create SMK simultaneously
Key, SMK keys can be as father's keys of TCM hardware keys.Obtain successfully explanation to have the right to carry out the operation of next step to it, obtain
Take unsuccessful explanation can not carry out next step operation to it.
Step 202:Return to TCM error message.
Step 203:SM4 algorithms are selected to create software cryptography key.
Using sms4_set_encrypt_key interfaces in gmssl, software cryptography key is set.
SM4 algorithms are a kind of symmetric encipherment algorithms in national secret algorithm, and on system upper strata, selection uses symmetric encipherment algorithm,
Can ensure encryption when efficiency, in addition to SM4 algorithms, other symmetry algorithms it is also ensured that encryption when efficiency, but select
SM4 algorithms can ensure the uniformity with the key code system of TCM modules simultaneously, naturally it is also possible to select other asymmetric encryption to calculate
Method, which kind of specifically chosen algorithm can't influence the realization of the present invention.
Step 204:Use software cryptography encrypted data.
Use sms4_ecb_encrypt interface cipherings data in gmssl.Now data are via being converted to ciphertext in plain text,
But directly data can be decrypted after being obtained by people in itself also in plaintext state for software cryptography key.
Step 205:SM2 algorithms are selected to create TCM hardware keys.
TCM hardware keys are created by TCM_CreateWrapKey instructions.
Because TCM modules only support national secret algorithm system, so have selected SM2 algorithms here, naturally it is also possible to select state
Other algorithms in close algorithm, this can't influence the realization of the present invention.
Step 206:Using TCM hardware keys encryption software encryption keys, encrypt successfully, into step 207, encryption not into
Work(enters step 208.
Step 207:Delete software cryptography key source file.
Now, encrypted by TCM hardware keys, software cryptography key also by becoming for ciphertext, and set after deleting in plain text
Software cryptography key is also not present in standby.
Step 208:Using software cryptography secret key decryption encrypted data, and return to TCM error message, step is performed
Rapid 203.
Because it is possible that inputing authorization value by mistake so as to cause the situation of failed encryption when using TCM hardware keys, because
Need to decrypt encrypted data, and return to TCM error message after this failure, user can sentence according to TCM error message
The disconnected reason that makes mistake, is encrypted, until encrypting successfully again.
In the method encrypted in advance, step 203,204,205 orders performed are not necessarily according to described above suitable
Sequence, software cryptography encrypted data is used as long as realizing, with TCM hardware keys encryption software encryption keys, for example may be used also
First to create TCM hardware keys, software cryptography key is then created, software cryptography encrypted data is reused, finally makes again
With TCM hardware keys encryption software encryption keys.Step 201 and matching step 202, step 208 are not necessarily to
The step of execution, delete the realization that these steps do not interfere with the present invention yet.
The data protecting device provided in an embodiment of the present invention based on credible password module is introduced below, hereafter retouched
The data protecting device based on credible password module stated and the above-described data guard method based on credible password module
Can be mutually to should refer to.
It refer to Fig. 3, the knot for the data protecting device based on credible password module that Fig. 3 is provided by the embodiment of the present invention
Structure block diagram, the data protecting device based on credible password module can include:Receiving module, encryption/decryption module;
Wherein receiving module receives the instruction for accessing data;
Encryption/decryption module is pre-created software cryptography key, uses software cryptography encrypted data;It is hard to be pre-created TCM
Part key, using TCM hardware keys encryption software encryption keys, and using TCM hardware keys encryption software encryption keys into
Software cryptography key is deleted after work(;The the first default enciphering and deciphering algorithm decryption software encryption used according to TCM hardware keys is close
Key;The the second default enciphering and deciphering algorithm ciphertext data used according to software cryptography key.
In the data protecting device based on credible password module that the embodiment of the present invention is provided, encryption/decryption module can be with
Before TCM hardware keys are pre-created, TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully,
TCM hardware keys are then created, if acquisition is unsuccessful, return to TCM error message;Or TCM hardware can also used
After key cryptography software encryption key, judge whether TCM hardware keys encryption software encryption keys succeed, if it fails,
Then using the data of software cryptography secret key decryption encryption, and TCM error message is returned to, so that user judges according to error message
Make mistake reason, is encrypted again, until encrypting successfully.
The data protecting device based on credible password module of the present embodiment is foregoing based on trusted cryptography's mould for realizing
The data guard method of block, therefore the embodiment in the data protecting device based on credible password module is visible hereinbefore
The data guard method based on credible password module embodiment part, for example, receiving module 301, encryption/decryption module 302 is divided
Yong Yu not realize step 101 in the above-mentioned data guard method based on credible password module, 102 and 103 so, it is embodied
Mode is referred to the description of corresponding various pieces embodiment, will not be repeated here.
Each embodiment is described by the way of progressive in this specification, what each embodiment stressed be with it is other
The difference of embodiment, between each embodiment same or similar part mutually referring to.For dress disclosed in embodiment
For putting, because it is corresponded to the method disclosed in Example, so description is fairly simple, related part is referring to method part
Explanation.
Professional further appreciates that, with reference to the unit of each example of the embodiments described herein description
And algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software, the composition and step of each example are generally described according to function in the above description.These
Function is performed with hardware or software mode actually, application-specific and design constraint depending on technical scheme.Specialty
Technical staff can realize described function using distinct methods to each specific application, but this realization should not
Think beyond the scope of this invention.
The data guard method provided by the present invention based on credible password module and device have been carried out in detail above
Introduce.Specific case used herein is set forth to the principle and embodiment of the present invention, the explanation of above example
It is only intended to help the method and its core concept for understanding the present invention.It should be pointed out that the ordinary skill people for the art
For member, under the premise without departing from the principles of the invention, some improvement and modification can also be carried out to the present invention, these improve and
Modification is also fallen into the protection domain of the claims in the present invention.
Claims (10)
- A kind of 1. data guard method based on credible password module, it is characterised in that including:Receive the instruction for accessing data;The the first default enciphering and deciphering algorithm decryption software encryption key used according to TCM hardware keys;The TCM hardware keys are It is pre-created, to encrypt the software cryptography key using TCM hardware keys;The software cryptography key is to be pre-created , to use the software cryptography encrypted data;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
- 2. the method as described in claim 1, it is characterised in that the described second default enciphering and deciphering algorithm is calculated for symmetrical encryption and decryption Method.
- 3. method as claimed in claim 2, it is characterised in that the symmetrical enciphering and deciphering algorithm is SM4 algorithms.
- 4. the method as described in claim 1, it is characterised in that the described first default enciphering and deciphering algorithm is SM2 algorithms.
- 5. the method as described in claim 1-4 any one, it is characterised in that before TCM hardware keys are pre-created, also Including:TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, creates the TCM hardware keys, If acquisition is unsuccessful, TCM error message is returned.
- 6. the method as described in claim 1-4 any one, it is characterised in that use TCM hardware keys encryption institute described After stating software cryptography key, in addition to:Judge that the use TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then utilizing software The data of encryption key decryption encryption, and TCM error message is returned, so that user judges to make mistake according to the error message Reason, it is encrypted again, until encrypting successfully.
- A kind of 7. data protecting device based on credible password module, it is characterised in that including:Receiving module, encryption/decryption module;Wherein, the receiving module, the instruction of data is accessed for receiving;The encryption/decryption module, for being pre-created software cryptography key, use software cryptography encrypted data;It is pre-created TCM hardware keys, the software cryptography key is encrypted using TCM hardware keys, and it is described soft being encrypted using TCM hardware keys Software cryptography key is deleted after the success of part encryption key;The the first default encryption and decryption used according to the TCM hardware keys is calculated Method decryption software encryption key;The the second default enciphering and deciphering algorithm ciphertext data used according to the software cryptography key.
- 8. device as claimed in claim 7, it is characterised in that the encryption/decryption module uses according to the software cryptography key The second default enciphering and deciphering algorithm ciphertext data, including:The SM4 algorithm ciphertext datas that the encryption/decryption module uses according to the software cryptography key.
- 9. device as claimed in claim 7, it is characterised in that the encryption/decryption module uses according to the TCM hardware keys The first default enciphering and deciphering algorithm decryption software encryption key, including:The SM2 algorithm decryption software encryption keys that the encryption/decryption module uses according to TCM hardware keys.
- 10. the device as described in claim 7-9 any one, it is characterised in that the encryption/decryption module, be additionally operable to advance Before creating TCM hardware keys, TCM user identity is obtained, and judges whether to obtain successfully, if obtained successfully, is created The TCM hardware keys, if acquisition is unsuccessful, return to TCM error message;The encryption/decryption module, it is additionally operable to after the software cryptography key using the encryption of TCM hardware keys, judges TCM hardware keys encrypt whether the software cryptography key succeeds, if it fails, then being encrypted using software cryptography secret key decryption Data, and return to TCM error message, so that user judges error reason according to the error message, added again It is close, until encrypting successfully.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710651171.4A CN107483187A (en) | 2017-08-02 | 2017-08-02 | A kind of data guard method and device based on credible password module |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710651171.4A CN107483187A (en) | 2017-08-02 | 2017-08-02 | A kind of data guard method and device based on credible password module |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107483187A true CN107483187A (en) | 2017-12-15 |
Family
ID=60597382
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710651171.4A Pending CN107483187A (en) | 2017-08-02 | 2017-08-02 | A kind of data guard method and device based on credible password module |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107483187A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108133144A (en) * | 2017-12-22 | 2018-06-08 | 浪潮(北京)电子信息产业有限公司 | A kind of virtual disk files guard method, device, equipment and readable storage medium storing program for executing |
CN108572861A (en) * | 2018-04-26 | 2018-09-25 | 浪潮(北京)电子信息产业有限公司 | A kind of guard method, system, equipment and the storage medium of virtual credible root |
CN113609497A (en) * | 2021-06-30 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102207999A (en) * | 2010-03-29 | 2011-10-05 | 国民技术股份有限公司 | Data protection method based on trusted computing cryptography support platform |
CN102236756A (en) * | 2011-05-09 | 2011-11-09 | 山东超越数控电子有限公司 | File encryption method based on TCM (trusted cryptography module) and USBkey |
US20140281509A1 (en) * | 2013-03-15 | 2014-09-18 | Novell, Inc. | Techniques for secure data extraction in a virtual or cloud environment |
CN106533663A (en) * | 2016-11-01 | 2017-03-22 | 广东浪潮大数据研究有限公司 | Data encryption method, encryption party device, data decryption method, and decryption party device |
CN106570402A (en) * | 2015-10-13 | 2017-04-19 | 深圳市中电智慧信息安全技术有限公司 | Encryption module and process trusted measurement method |
-
2017
- 2017-08-02 CN CN201710651171.4A patent/CN107483187A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102207999A (en) * | 2010-03-29 | 2011-10-05 | 国民技术股份有限公司 | Data protection method based on trusted computing cryptography support platform |
CN102236756A (en) * | 2011-05-09 | 2011-11-09 | 山东超越数控电子有限公司 | File encryption method based on TCM (trusted cryptography module) and USBkey |
US20140281509A1 (en) * | 2013-03-15 | 2014-09-18 | Novell, Inc. | Techniques for secure data extraction in a virtual or cloud environment |
CN106570402A (en) * | 2015-10-13 | 2017-04-19 | 深圳市中电智慧信息安全技术有限公司 | Encryption module and process trusted measurement method |
CN106533663A (en) * | 2016-11-01 | 2017-03-22 | 广东浪潮大数据研究有限公司 | Data encryption method, encryption party device, data decryption method, and decryption party device |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108133144A (en) * | 2017-12-22 | 2018-06-08 | 浪潮(北京)电子信息产业有限公司 | A kind of virtual disk files guard method, device, equipment and readable storage medium storing program for executing |
CN108572861A (en) * | 2018-04-26 | 2018-09-25 | 浪潮(北京)电子信息产业有限公司 | A kind of guard method, system, equipment and the storage medium of virtual credible root |
CN113609497A (en) * | 2021-06-30 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and device |
CN113609497B (en) * | 2021-06-30 | 2022-09-23 | 荣耀终端有限公司 | Data protection method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7516330B2 (en) | Platform and method for establishing provable identities while maintaining privacy | |
CN1914849B (en) | Trusted mobile platform architecture | |
JP2008520030A (en) | Method, device and system for securely storing data | |
CN106101150B (en) | The method and system of Encryption Algorithm | |
JP2007027896A (en) | Communication card, secret information processing system, secret information transmission method, and program | |
CN106533663B (en) | Data ciphering method, encryption method, apparatus and data decryption method, decryption method, apparatus | |
CN108718233B (en) | Encryption method, computer equipment and storage medium | |
CN101950347A (en) | Method and system for encrypting data | |
US20050069138A1 (en) | Application program obfuscation | |
CN110401538A (en) | Data ciphering method, system and terminal | |
CN107196907A (en) | A kind of guard method of Android SO files and device | |
CN105468940A (en) | Software protection method and apparatus | |
TW201003451A (en) | Safety storage device with two-stage symmetrical encryption algorithm | |
CN107483187A (en) | A kind of data guard method and device based on credible password module | |
WO2017050152A1 (en) | Password security system adopted by mobile apparatus and secure password entering method thereof | |
WO2021018306A1 (en) | Method and system for protecting authentication credentials | |
CN103929312A (en) | Mobile terminal and method and system for protecting individual information of mobile terminal | |
CN109510702A (en) | A method of it key storage based on computer characteristic code and uses | |
CN105825142A (en) | Method and device for encrypting and decrypting documents in mobile terminal | |
CN100561913C (en) | A kind of method of access code equipment | |
CN107276961A (en) | A kind of method and device based on cipher algorithm encryption and ciphertext data | |
CN108809889B (en) | Data deterministic deletion method based on data block random position negation | |
CN115801232A (en) | Private key protection method, device, equipment and storage medium | |
CN109784072A (en) | Security file management method and system | |
CN107994998A (en) | A kind of authentication information encryption method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171215 |
|
RJ01 | Rejection of invention patent application after publication |