CN107733844A - A kind of encryption of Network Educational Resources and traceability system method - Google Patents

A kind of encryption of Network Educational Resources and traceability system method Download PDF

Info

Publication number
CN107733844A
CN107733844A CN201710242750.3A CN201710242750A CN107733844A CN 107733844 A CN107733844 A CN 107733844A CN 201710242750 A CN201710242750 A CN 201710242750A CN 107733844 A CN107733844 A CN 107733844A
Authority
CN
China
Prior art keywords
user
key
topic
webserver
decrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710242750.3A
Other languages
Chinese (zh)
Inventor
张烨
董敏
蒋美仙
金寿松
刘齐齐
刘俊杨
杜建超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University of Technology ZJUT
Original Assignee
Zhejiang University of Technology ZJUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University of Technology ZJUT filed Critical Zhejiang University of Technology ZJUT
Priority to CN201710242750.3A priority Critical patent/CN107733844A/en
Publication of CN107733844A publication Critical patent/CN107733844A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/20Education
    • G06Q50/205Education administration or guidance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Abstract

A kind of encryption of Network Educational Resources and traceability system and method, including the webserver, the webserver is provided with user management module, exam pool, authorization center, key generates and preserving module is directed to the different RSA key pair of different user generation, topic is encrypted and uploads to exam pool by user by key, the topic that user is uploaded by key to oneself is decrypted and edited, the user of non-topic original author is decrypted and edited to other people topic by the license of authorization center, new topic after editor uploads to exam pool again by key encryption, simultaneously record to the number of educational resource editor to trace to the source.The present invention is it is possible to prevente effectively from validated user disseminates educational resource and largely avoids the leakage of educational resource, exam pool website is that educational resource is sent into user in the form of ciphertext, and ciphertext can only be held by user unique one private key be decrypted into used in plain text.

Description

A kind of encryption of Network Educational Resources and traceability system method
Technical field
The present invention relates to the communication process field in digital information transmission, more particularly to a kind of encryption of Network Educational Resources With source tracing method.
Technical background
Educational resource encryption, to decrypt and trace to the source be common information encryption and problem of tracing to the source in cryptography, educational resource Encrypt and topic together with General Intellignet Item Bank System is refered in particular at this added from processes such as generation, modification, upgrade maintenances with tracing to the source Upload after close and used with being read after decryption, and a series of processes traced to the source are tracked to topic evolutionary process.And educational resource As a kind of information resources shared between multi-user, there is multi-user to the access with a information, and as information Provider, outside information reading side as third party's problem database system server the problems such as.
Mainly there are three kinds of resource encryption modes at present:First, obtain and add from resource database and user key database respectively Resource and key after close, resource is decrypted afterwards;2nd, identify whether network used in user belongs to and bought copyright Collective user, the authority for browsing or downloading resource is limited the user for not buying copyright;3rd, provided in customer access network education Browsed and download permission, it is necessary to whether enjoy correlation to resource by inputting default password authentication user before source.These three The shortcomings that mode is shared is can not to tackle divulging a secret for internal competent person, and is difficult to prevent validated user from document content is passed through Some means disseminate educational resource.
The content of the invention
A kind of encryption of Network Educational Resources and traceability system, including the webserver, the webserver are managed provided with user Manage module, exam pool, authorization center, key generation and preserving module;
User management module is used for the registration for managing user;
Exam pool is used for the topic for preserving user's upload;
Authorization center is used for the right for permitting user to change educational resource topic;
Key generates and preserving module is used for the generation and preservation of key, and the key is RSA key pair.
A kind of encryption of Network Educational Resources and source tracing method, user are registered in the webserver, key generation and Preserving module generates different RSA keys pair for different user, and topic is encrypted and uploads to exam pool by user by key, The topic that user is uploaded by key to oneself is decrypted and edited, and the user of non-topic original author is permitted by authorization center Other people topic can be decrypted and be edited, the new topic after editor uploads to exam pool again by key encryption, simultaneously Record to the number of educational resource editor to trace to the source.
A kind of encryption of above-mentioned Network Educational Resources and source tracing method, the topic that user is uploaded by key to oneself enter The process of row decryption and editor include:
Application accesses the topic of oneself establishment after user's logging in network server;
The random key of encryption is decrypted with the public key of the user for the webserver, and it is close to obtain the encryption that user randomly generates Key;
The ciphertext of topic is decrypted with the random key for the webserver, obtains the plaintext of topic, then by random key Abandon;
The digital signature of user is decrypted with the public key of user for the webserver, obtains informative abstract, and public key is made Counted once with the frequency;
The webserver, to being encrypted in plain text, is obtained ciphertext and sends ciphertext to user with the public key of user;
After user receives ciphertext, ciphertext is decrypted with the private key of oneself, obtains the plaintext of topic, so as to enter to topic Edlin;
The topic completed to editor, user are encrypted by key and upload to exam pool.
A kind of encryption of above-mentioned Network Educational Resources and source tracing method, non-original author is by the license of authorization center to him The process that the topic of people is decrypted and edited includes:
The user of non-original author signs in the webserver, and the topic is accessed to webserver application;
After the exam pool webserver receives the access application of the user, by the license of authorization center, added using public key pair Close key is decrypted, and obtains the encryption key that original author randomly generates;
The ciphertext of topic is decrypted with random key for the webserver, is obtained the plaintext of topic, is then thrown random key Abandon;
The digital signature of original author is decrypted with the public key of original author for the webserver, obtains informative abstract and to public key Frequency of usage counts once;
Digital information is encrypted with the public key of non-original author for the webserver, obtains ciphertext, and ciphertext is sent into the use Family;
After the user receives ciphertext, ciphertext is decrypted the private key held with oneself, obtains the plaintext of topic, and to topic Mesh enters edlin;
The topic completed to editor, user are encrypted by key and upload to exam pool.
A kind of encryption of above-mentioned Network Educational Resources and traceability system, wherein, the mistake for uploading topic is encrypted by key Journey includes:
User is ready to the plaintext of the topic of transmission;
Hash operation is carried out to the digital information of topic plaintext, obtains an informative abstract;
Informative abstract is encrypted with the private key of oneself to obtain the digital signature of the author of establishment topic by user, and is attached to On topic;
A random key is randomly generated, and the topic to be sent is encrypted with this random key, forms ciphertext;
Random key is encrypted with private key by user, and the key after encryption is sent jointly into the webserver together with ciphertext.
RSA is a kind of algorithm of asymmetric encryption, a pair of secret keys of generation to comprising a public key and one key, public key It is different with key, it can only be decrypted by the resource of public key encryption with private key, public key decryptions can only be used by the resource of private key encryption. The private key of generation is retained by user, and the information that public key encloses user is sent to webserver retention, and user profile is identifying Public key source.
The advantages of this programme:
The advantages of this programme, is it is possible to prevente effectively from validated user disseminates educational resource and largely avoids educational resource Leakage, exam pool website is that educational resource is sent into user in the form of ciphertext, and ciphertext can only be held by user Unique one private key be decrypted into plain text use, even if validated user the educational resource ciphertext obtained from exam pool website is disseminated to it is non- In method user's hand, disabled user also can not use educational resource because of that can not decrypt.
According to being counted using the number of public key, topic state when using public key every time can be inquired, is counted Numerical value is smaller, and the state of educational resource is more original;Count value is bigger, and the state of educational resource is more recently.Traced to the source so as to reach Purpose.
Brief description of the drawings
Fig. 1 is hardware block diagram of the present invention.
Fig. 2 is the flow chart that user encryption uploads topic.
Fig. 3 is the flow chart that topic original author decrypts topic.
Fig. 4 is that the original author of non-topic decrypts the flow chart of topic.
Embodiment
A kind of encryption of Network Educational Resources and traceability system, including the webserver, the webserver are managed provided with user Manage module, exam pool, authorization center, key generation and preserving module;
User management module is used for the registration for managing user;
Exam pool is used for the topic for preserving user's upload;
Authorization center is used for the right for permitting user to change educational resource topic;
Key generates and preserving module is used for the generation and preservation of key, and the key is RSA key pair.
A kind of encryption of Network Educational Resources and source tracing method, user are registered in the webserver, key generation and Preserving module generates different RSA keys pair for different user, and topic is encrypted and uploads to exam pool by user by key, The topic that user is uploaded by key to oneself is decrypted and edited, and the user of non-topic original author is permitted by authorization center Other people topic can be decrypted and be edited, the new topic after editor uploads to exam pool again by key encryption, records To the number of educational resource editor to trace to the source.
Wherein, the process of upload topic is encrypted by key to be included:
User I registers at exam pool website client end, and the key generation of the webserver and preserving module are for user generation one To RSA key pair;
User I is ready to the plaintext A of the topic of transmission;
User I carries out Hash to topic A(hash)Computing, obtain an informative abstract;
User I is encrypted to obtain the digital signature of the user I of establishment topic with the private key H of oneself to informative abstract, and by its It is attached on digital information A;
A random key is randomly generated simultaneously, and the topic A to be sent is encrypted with this key, forms ciphertext a;
Random key is encrypted with private key H by user I, and the key after encryption is uploaded into network service together with ciphertext a Device.
When the original author of topic is that user I can be to existing topic when being unsatisfied with to former topic or have new thinking Mesh is modified and uploaded again, i.e., the process that the topic that the original author of topic is uploaded by key to oneself is decrypted and edited Including:
The logging in network server of user I, retrieves the topic of oneself, and the topic of oneself establishment is accessed to webserver application;
After the webserver receives the access application of user I, the random key of encryption is solved using the public key h of the user It is close, obtain the random key of user I;
Ciphertext a is decrypted with random key for the webserver, is obtained plaintext A, is then abandoned random key;
The digital signature of user I is decrypted with the public key h of user I for the webserver, obtains informative abstract and to public key q's Frequency of usage counts once;
Plaintext A is encrypted with the public key h of user I for the webserver, is obtained ciphertext α and is sent ciphertext α to users I;
After user I receives ciphertext α, ciphertext α is decrypted the private key H held with oneself, obtains plaintext A;
User I carries out edit-modify to the plaintext A of topic, obtains new topic B;
Ciphertext b is obtained using above-mentioned key cipher mode to new topic B, and new topic is uploaded into the webserver.
When other user II are not satisfied enough to user I topic, or separately there is the opinion of oneself, it can be repaiied Change, i.e., the process that non-original author is decrypted and edited to other people topic by the license of authorization center includes:
User II is registered in the webserver, and the webserver equally can also generate another pair RSA key pair;
User II signs in the webserver, retrieves topic A, and the topic is accessed to webserver application;
After the webserver receives the access application of user II, by the license of authorization center, with topic original author user I Public key q the key of encryption is decrypted, obtain the random key of user I;
The ciphertext a received is decrypted with random key for the webserver, obtains the plaintext A of topic, i.e., former topic;If with That family application accesses is plaintext B, then ciphertext b is decrypted with user I public key h for server, obtains plaintext B;Then will be with Secret key is abandoned;
The digital signature of user I is decrypted with the public key h of user I for the webserver, obtains informative abstract and to public key q's Frequency of usage counts once;
Digital information A is encrypted with the public key e of user II for the webserver, obtains ciphertext α, and ciphertext α is sent into use Family II;
After user II receives ciphertext α, ciphertext α is decrypted the private key E held with oneself, obtains topic plaintext A;
User II is that original topic enters edlin, modification and perfect to topic A, obtains topic C;
Ciphertext c is obtained using above-mentioned key cipher mode to new topic C, and new topic is uploaded into the webserver.
Educational resource is traced to the source:The frequency of usage of public key is inquired about in the webserver, according to the counting frequency using public key It is secondary, topic state when using public key every time is inquired, count value is smaller, and the state of educational resource is more original, count value Bigger, the state of educational resource is more recently.

Claims (5)

1. encryption and the source tracing method of a kind of Network Educational Resources, user are registered in the webserver, key generation and guarantor Storing module generates different RSA keys pair for different user, and topic is encrypted and uploads to exam pool by user by key, uses The topic that family is uploaded by key to oneself is decrypted and edited, the license that the user of non-topic original author passes through authorization center Other people topic is decrypted and edited, the new topic after editor uploads to exam pool again by key encryption, remembers simultaneously Record to the number of educational resource editor to trace to the source.
2. encryption and the source tracing method of a kind of Network Educational Resources as claimed in claim 1, user is by key on oneself The process that the topic of biography is decrypted and edited includes:
Application accesses the topic of oneself establishment after user's logging in network server;
The random key of encryption is decrypted with the public key of the user for the webserver, and it is close to obtain the encryption that user randomly generates Key;
The ciphertext of topic is decrypted with the random key for the webserver, obtains the plaintext of topic, then by random key Abandon;
The digital signature of user is decrypted with the public key of user for the webserver, obtains informative abstract, and public key is made Counted once with the frequency;
The webserver, to being encrypted in plain text, is obtained ciphertext and sends ciphertext to user with the public key of user;
After user receives ciphertext, ciphertext is decrypted with the private key of oneself, obtains the plaintext of topic, so as to enter to topic Edlin;
The topic completed to editor, user are encrypted by key and upload to exam pool.
3. a kind of encryption of Network Educational Resources as claimed in claim 1 and source tracing method, non-original author pass through authorization center License process that other people topic is decrypted and edited include:
The user of non-original author signs in the webserver, and the topic is accessed to webserver application;
After the exam pool webserver receives the access application of the user, by the license of authorization center, added using public key pair Close key is decrypted, and obtains the encryption key that original author randomly generates;
The ciphertext of topic is decrypted with random key for the webserver, is obtained the plaintext of topic, is then thrown random key Abandon;
The digital signature of original author is decrypted with the public key of original author for the webserver, obtains informative abstract and to public key Frequency of usage counts once;
Digital information is encrypted with the public key of non-original author for the webserver, obtains ciphertext, and ciphertext is sent into the use Family;
After the user receives ciphertext, ciphertext is decrypted the private key held with oneself, obtains the plaintext of topic, and to topic Mesh enters edlin;
The topic completed to editor, user are encrypted by key and upload to exam pool.
4. encryption and the source tracing method of a kind of Network Educational Resources as claimed in claim 1, wherein, encrypted and uploaded by key The process of topic includes:
User is ready to the plaintext of the topic of transmission;
Hash operation is carried out to the digital information of topic plaintext, obtains an informative abstract;
Informative abstract is encrypted with the private key of oneself to obtain the digital signature of the author of establishment topic by user, and is attached to On topic;
A random key is randomly generated, and the topic to be sent is encrypted with this random key, forms ciphertext;
Random key is encrypted with private key by user, and the key after encryption is sent jointly into the webserver together with ciphertext.
5. encryption and the traceability system of a kind of Network Educational Resources, including the webserver, the webserver is provided with user management Module, exam pool, authorization center, key generation and preserving module;
User management module is used for the registration for managing user;
Exam pool is used for the topic for preserving user's upload;
Authorization center is used for the right for permitting user to change educational resource topic;
Key generates and preserving module is used for the generation and preservation of key, and the key is RSA key pair.
CN201710242750.3A 2017-04-14 2017-04-14 A kind of encryption of Network Educational Resources and traceability system method Pending CN107733844A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710242750.3A CN107733844A (en) 2017-04-14 2017-04-14 A kind of encryption of Network Educational Resources and traceability system method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710242750.3A CN107733844A (en) 2017-04-14 2017-04-14 A kind of encryption of Network Educational Resources and traceability system method

Publications (1)

Publication Number Publication Date
CN107733844A true CN107733844A (en) 2018-02-23

Family

ID=61201095

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710242750.3A Pending CN107733844A (en) 2017-04-14 2017-04-14 A kind of encryption of Network Educational Resources and traceability system method

Country Status (1)

Country Link
CN (1) CN107733844A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390886A (en) * 2018-03-05 2018-08-10 商丘师范学院 Educate big data secure access control system
CN109189742A (en) * 2018-11-02 2019-01-11 苏州友教习亦教育科技有限公司 topic extracting method and system
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102156844A (en) * 2011-04-22 2011-08-17 南京邮电大学 Implementation method of electronic document on-line/off-line safety management system
CN102880932A (en) * 2012-09-04 2013-01-16 北京邮电大学 Network courseware system and learning management system
CN105224874A (en) * 2014-06-24 2016-01-06 深圳市茁壮网络股份有限公司 Based on plug-in security control method and the client of middleware card cage
US9552738B2 (en) * 2012-04-04 2017-01-24 Educational Testing Service Systems and methods for computer-based testing

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102156844A (en) * 2011-04-22 2011-08-17 南京邮电大学 Implementation method of electronic document on-line/off-line safety management system
US9552738B2 (en) * 2012-04-04 2017-01-24 Educational Testing Service Systems and methods for computer-based testing
CN102880932A (en) * 2012-09-04 2013-01-16 北京邮电大学 Network courseware system and learning management system
CN105224874A (en) * 2014-06-24 2016-01-06 深圳市茁壮网络股份有限公司 Based on plug-in security control method and the client of middleware card cage

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390886A (en) * 2018-03-05 2018-08-10 商丘师范学院 Educate big data secure access control system
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof
CN109189742A (en) * 2018-11-02 2019-01-11 苏州友教习亦教育科技有限公司 topic extracting method and system

Similar Documents

Publication Publication Date Title
CN105027130B (en) Delayed data access
Li et al. Attribute-based access control for ICN naming scheme
Wang et al. Sieve: Cryptographically enforced access control for user data in untrusted clouds
CN108900533B (en) Shared data privacy protection method, system, terminal and medium
CN105103488B (en) By the policy Enforcement of associated data
CN1307819C (en) Method and apparatus for secure distribution of public/private key pairs
Han et al. A data sharing protocol to minimize security and privacy risks of cloud storage in big data era
CN105122265B (en) Data safety service system
Gupta et al. Layer-based privacy and security architecture for cloud data sharing
CN108476133A (en) The key carried out by the believable third party in part exchanges
Swathy et al. Providing advanced security mechanism for scalable data sharing in cloud storage
WO2015056601A1 (en) Key device, key cloud system, decryption method, and program
Cui et al. A practical and efficient bidirectional access control scheme for cloud-edge data sharing
EP2942899B1 (en) Information processing method, trust server and cloud server
CN107733844A (en) A kind of encryption of Network Educational Resources and traceability system method
CN108965279A (en) Data processing method, device, terminal device and computer readable storage medium
JPH10154977A (en) User certification system and method therefor
CN109039997A (en) Key preparation method, apparatus and system
CN107196918A (en) A kind of method and apparatus of matched data
Ramachandran et al. Secure and efficient data forwarding in untrusted cloud environment
Agarwal et al. Guarded dual authentication based DRM with resurgence dynamic encryption techniques
KR20040097016A (en) Method and System of Web Storage Service with Cipher
CN107682156A (en) A kind of encryption communication method and device based on SM9 algorithms
Mittal et al. A novel two-level secure access control approach for blockchain platform in healthcare
Peng et al. On the security of fully homomorphic encryption for data privacy in Internet of Things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180223

WD01 Invention patent application deemed withdrawn after publication