CN107995147B - Metadata encryption and decryption method and system based on distributed file system - Google Patents
Metadata encryption and decryption method and system based on distributed file system Download PDFInfo
- Publication number
- CN107995147B CN107995147B CN201610948055.4A CN201610948055A CN107995147B CN 107995147 B CN107995147 B CN 107995147B CN 201610948055 A CN201610948055 A CN 201610948055A CN 107995147 B CN107995147 B CN 107995147B
- Authority
- CN
- China
- Prior art keywords
- metadata
- node
- data
- encrypted
- hdfs client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Abstract
The invention discloses a metadata encryption and decryption method and system based on a distributed file system, and relates to the field of Hadoop security of big data. The method comprises the following steps: the HDFS client sends a data writing request to the metadata node; the metadata node encrypts the metadata according to the data writing request; when the metadata is read by the HDFS client, the encrypted metadata is obtained from the metadata node and is sent to the data node; and the data node decrypts the ciphertext of the metadata by using the public key issued by the key management server, acquires the plaintext of the metadata, and sends the file stream of the metadata to the HDFS client. Compared with the method for encrypting the big data, the method for encrypting the big data has the advantages that the magnitude order of the metadata is smaller, the metadata is encrypted and decrypted, the data transmission efficiency is improved, and the privacy protection of the data is further improved.
Description
Technical Field
The invention relates to the field of Hadoop security of big data, in particular to a metadata encryption and decryption method and system based on a distributed file system.
Background
Big data plays more and more important roles in the current social and economic development, but the security problem faces more and more problems while the big data is in the aspects of centralized processing and mass storage.
HDFS (Hadoop distributed file system) is designed to fit distributed file systems running on general purpose hardware (comfort hardware). It has many commonalities with existing distributed file systems, but at the same time its distinctions from other distributed file systems are also apparent. HDFS is a highly fault tolerant system suitable for deployment on inexpensive machines; the HDFS can provide data access with high throughput, and is very suitable for application on a large-scale data set; HDFS relaxes the (relax) POSIX requirements so that access to data in the file system can be achieved in the form of streams. Hadoop provides several different forms of encryption. For example, the bottom-most encryption, i.e., encrypting all node data, effectively protects the data, but lacks finer grained encryption. Furthermore, encryption may be performed at different levels, including software/software stacks, with each having advantages and disadvantages in choosing different levels of encryption. Such as application level encryption, which is the most secure and flexible method, can accurately reflect the needs of the user, but the encryption method is difficult in writing applications. Database-level encryption is an attribute of application-level encryption that most database vendors provide some form of encryption, however this may have performance issues, such as the index not being encrypted. File system level encryption provides a high performance, application transparent encryption scheme that is generally easy to deploy, but it does not mimic some of the application level policies, such as multi-tenant applications that may require different encryption settings per column stored in a single file based on the end user's desire to encrypt.
In the aspect of big data protection, the conventional methods guarantee system security through traditional components and products such as firewalls, VPN intrusion detection and antivirus, and the like, and the methods guarantee system security from the aspects of network protocols and mode characteristics and cannot protect sensitive information and sensitive data inside a big data platform. Hadoop is a mainstream product for storing and analyzing large data at present, and if data is leaked, the reputation of an enterprise is influenced, so that the security of the enterprise is essential.
Disclosure of Invention
The invention aims to solve the technical problem of providing a metadata encryption and decryption method and system based on a distributed file system to improve the data security.
According to an aspect of the present invention, a metadata encryption and decryption method based on a distributed file system is provided, including: the method comprises the steps that a Hadoop Distributed File System (HDFS) client sends a data writing request to a metadata node; the metadata node encrypts the metadata according to the data writing request; when the metadata is read by the HDFS client, the encrypted metadata is obtained from the metadata node and is sent to the data node; and the data node decrypts the ciphertext of the metadata by using the public key issued by the key management server, acquires the plaintext of the metadata, and sends the file stream of the metadata to the HDFS client.
Further, the encrypting the metadata by the metadata node according to the data write request includes: and after receiving the data writing request, the metadata node acquires a private key from the key management server and encrypts the metadata according to the private key.
Further, still include: the data node sends data block information of the metadata to the metadata node at regular time; and the metadata node acquires a private key from the key management server, decrypts the encrypted metadata, combines the decrypted metadata and the data block information to acquire updated metadata, and encrypts the updated metadata.
Further, when the HDFS client reads the metadata, acquiring the encrypted metadata from the metadata node includes: the HDFS client sends a file opening request to the metadata node; the metadata node returns a data node address ciphertext of the encrypted metadata to the HDFS client; and the HDFS client acquires the encrypted metadata according to the data node address ciphertext.
Further, the sending, by the HDFS client, the request to open the file to the metadata node includes: and the HDFS client sends a file opening request to the metadata node, and calls a metadata node interface in a remote procedure call protocol mode so that the metadata node returns a data node address ciphertext of the encrypted metadata to the HDFS client.
According to another aspect of the present invention, there is provided a metadata encryption and decryption system based on a distributed file system, including: the Hadoop distributed file system HDFS client is used for sending a data writing request to the metadata node, acquiring encrypted metadata from the metadata node and sending the encrypted metadata to the data node; the metadata node is used for encrypting the metadata according to the data writing request; the data node is used for decrypting the ciphertext of the metadata by using the public key issued by the key management server, acquiring the plaintext of the metadata and sending the file stream of the metadata to the HDFS client; and the key management server is used for issuing keys.
Further, the metadata node is configured to obtain a private key from the key management server after receiving the data write request, and encrypt the metadata according to the private key.
Further, the data node is used for sending data block information of the metadata to the metadata node at regular time; the metadata node is used for acquiring a private key from the key management server, decrypting the encrypted metadata, merging the decrypted metadata and the data block information to acquire updated metadata, and encrypting the updated metadata.
Further, the HDFS client is used for sending a file opening request to the metadata node and acquiring encrypted metadata according to the data node address ciphertext; and the metadata node is used for returning a data node address ciphertext of the encrypted metadata to the HDFS client.
Further, the HDFS client is configured to send a file opening request to the metadata node, and call the metadata node interface in a remote procedure call protocol manner, so that the metadata node returns a data node address ciphertext for encrypting the metadata to the HDFS client.
Compared with the prior art, the method and the device have the advantages that the metadata in the memory is encrypted, the metadata can be obtained by the HDFS client in a ciphertext mode, the data is prevented from being tampered by knowing the block identifier, and the safety of the data is improved. In addition, compared with the encryption of big data, the magnitude of metadata is small, and the encryption and decryption of the metadata are performed, so that the data transmission efficiency is improved, and the privacy protection of the data is further improved.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention.
The invention will be more clearly understood from the following detailed description, taken with reference to the accompanying drawings, in which:
fig. 1 is a flowchart illustrating an embodiment of a metadata encryption and decryption method based on a distributed file system according to the present invention.
Fig. 2 is a flowchart illustrating an encryption method in metadata encryption and decryption based on a distributed file system according to an embodiment of the present invention.
Fig. 3 is a flowchart illustrating a decryption method in metadata encryption and decryption based on a distributed file system according to an embodiment of the present invention.
Fig. 4 is a schematic structural diagram of an embodiment of the metadata encryption and decryption system based on the distributed file system according to the present invention.
Detailed Description
Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to specific embodiments and the accompanying drawings.
Fig. 1 is a flowchart illustrating an embodiment of a metadata encryption and decryption method based on a distributed file system according to the present invention. The system comprises the following steps:
in step 110, the HDFS Client (Hadoop Distributed File System Client ) sends a data write request to the metadata node (NameNode).
At step 120, the metadata node encrypts the metadata according to the data write request. If the metadata is attacked by the user to cause leakage, the user can bypass Hadoop and directly tamper the data through Linux, and even if the data is encrypted, the data can be damaged.
In step 130, when the HDFS client reads the metadata, the HDFS client obtains the encrypted metadata from the metadata node and sends the encrypted metadata to the data node (DateNode).
In step 140, the data node decrypts the ciphertext of the metadata by using a public Key issued by a KMS Server (Key Management Server), obtains a plaintext of the metadata, and sends a file stream of the metadata to the HDFS client.
In the embodiment, the metadata in the memory is encrypted, and the HDFS client is ensured to acquire the metadata in a ciphertext form, so that data is prevented from being tampered by knowing the block identifier, and the security of the data is improved. In addition, compared with the encryption of big data, the magnitude of metadata is small, and the encryption and decryption of the metadata are performed, so that the data transmission efficiency is improved, and the privacy protection of the data is further improved.
Fig. 2 is a flowchart illustrating an encryption method in metadata encryption and decryption based on a distributed file system according to an embodiment of the present invention. The method comprises the following steps:
at step 210, the HDFS client sends a data write request to the metadata node.
In step 220, after receiving the data write request, the metadata node obtains an SK (Secret Key) from the Key management server, and encrypts the metadata according to the Secret Key.
At step 230, the HDFS client sends a Data flow (Data flow) to the Data node.
In step 240, the data node returns an acknowledgement packet (ensure package) to the HDFS client.
In step 250, the HDFS client closes the data stream after completing (complete) the data write operation. The metadata node encrypts metadata according to the data write request, and the metadata node stores Encrypted metadata information (Encrypted metadata info), directory structure (directory structure), block map (block map) information, and the like.
At step 260, the data node periodically sends the latest cipher block information (cipher (block info)) to the metadata node.
In step 270, the metadata node sends a request to the key management server to obtain SK, and the SK is used to decrypt the metadata ciphertext to obtain plaintext.
In step 280, the metadata node merges the decrypted metadata with the data block information to obtain updated metadata, encrypts the updated metadata, and updates the editlg file.
In the embodiment, after receiving a data write-in request, a metadata node acquires a private key from a key management server, encrypts metadata according to the private key, and sends a heartbeat to the metadata node at a certain time interval, wherein the heartbeat content comprises all block information.
Fig. 3 is a flowchart illustrating a decryption method in metadata encryption and decryption based on a distributed file system according to an embodiment of the present invention. The method comprises the following steps:
in step 310, the HDFS client sends an open file request to Call a metadata node interface in the form of an RPC (Remote Procedure Call Protocol).
At step 320, the metadata node returns the data node address ciphertext of the encrypted metadata to the HDFS client. The metadata node stores the ciphertext of each file data block, and returns the ciphertext of the metadata node address of the block copy, so that the HDFS client obtains the storage position of the data block, and the HDFS client obtains the ciphertext of the storage position of the data block and can send the metadata information ciphertext to the data node.
In step 330, the HDFS client obtains the encrypted metadata according to the data node address ciphertext and sends the encrypted metadata to the data node.
In step 340, the data node decrypts the metadata ciphertext by using a PK (Public Key) issued by the KMS Server, and obtains the metadata plaintext of the file after decryption.
At step 350, the data node reads the file and returns the file stream to the HDFS client, which closes the data stream.
In this embodiment, when the HDFS client reads the metadata, the metadata is obtained in the form of a ciphertext, so that tampering with the data by knowing the block information is avoided. The HDFS client calls the metadata node interface in an RPC mode, so that the data security is guaranteed and low coupling is achieved. In addition, compared with the encryption of big data, the magnitude of metadata is small, and the encryption and decryption of the metadata are performed, so that the data transmission efficiency is improved, and the privacy protection of the data is further improved.
Fig. 4 is a schematic structural diagram of an embodiment of the metadata encryption and decryption system based on the distributed file system according to the present invention. The system comprises an HDFS client 410, a metadata node 420, a data node 430 and a key management server 440, wherein:
the HDFS client 410 is configured to send a data write request to the metadata node 420, and to obtain encrypted metadata from the metadata node 420 and send the encrypted metadata to the data node 430. The metadata node 420 is used to encrypt the metadata according to the data write request. The metadata of the HDFS are stored in the memory, and the security of the data can be improved by encrypting the metadata. The data node 430 is configured to decrypt the ciphertext of the metadata with the public key issued by the key management server 440, obtain the plaintext of the metadata, and send the file stream of the metadata to the HDFS client 410, where the key management server 440 is configured to issue the key.
In this embodiment, the metadata in the memory is encrypted, and it is ensured that the HDFS client 410 obtains the metadata in a form of a ciphertext, thereby avoiding tampering the data by knowing the block identifier. In addition, the metadata is encrypted and decrypted, and the magnitude of the metadata is small, so that the data transmission efficiency is improved.
In another embodiment of the present invention, the HDFS client 410 is configured to send a data write request to the metadata node 420, and close the data flow after completing the data write operation. The metadata node 420 is configured to obtain a private key SK from the key management server 440 after receiving the data write request, encrypt the metadata according to the private key, merge the decrypted metadata with the data block information to obtain updated metadata, encrypt the updated metadata, and update the editlg file. The data node 430 is configured to return a confirmation packet to the HDFS client 410 when the HDFS client 410 sends a data stream to the data node 430, and periodically send the latest cipher block information to the metadata node 420.
In this embodiment, after receiving the data write request, the metadata node 420 obtains a private key from the key management server 440, encrypts the metadata according to the private key, and the data node 430 sends a heartbeat to the metadata node 420 at a certain interval, where the heartbeat includes information of all blocks, and in the update stage, the metadata node 420 first decrypts the metadata in the memory, obtains a plaintext, updates the metadata, and updates the editlg file, thereby ensuring that the latest metadata is stored at the metadata node 420.
In another embodiment of the present invention, the HDFS client 410 sends an open file request to call the interface of the metadata node 420 in an RPC manner, and obtains encrypted metadata according to the data node address ciphertext returned by the metadata node 420, and sends the encrypted metadata to the data node 430. Metadata node 420 is used to return the data node address ciphertext of the encrypted metadata to HDFS client 410. The metadata node 420 stores the ciphertext of each file data block, and returns the ciphertext of the metadata node address of the block copy, so that the HDFS client 410 obtains the storage position of the data block, and the HDFS client 410 obtains the ciphertext of the storage position of the data block, and can send the metadata information ciphertext to the data node 430. The data node 430 is configured to decrypt the ciphertext of the metadata with the PK issued by the KMS Server, obtain the plaintext of the metadata of the file after decryption, read the file, and return the file stream to the HDFS client 410, where the HDFS client 410 closes the data stream.
In this embodiment, when the HDFS client 410 reads the metadata, the metadata is obtained in the form of a ciphertext, so as to avoid tampering with the data by knowing the block information. The HDFS client calls the metadata node interface in an RPC mode, so that the data security is guaranteed and low coupling is achieved. In addition, compared with the encryption of big data, the magnitude of metadata is small, and the encryption and decryption of the metadata are performed, so that the data transmission efficiency is improved, and the privacy protection of the data is further improved.
Thus far, the present invention has been described in detail. Some details well known in the art have not been described in order to avoid obscuring the concepts of the present invention. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
The method and apparatus of the present invention may be implemented in a number of ways. For example, the methods and apparatus of the present invention may be implemented by software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described order for the steps of the method is for illustrative purposes only, and the steps of the method of the present invention are not limited to the order specifically described above unless specifically indicated otherwise. Furthermore, in some embodiments, the present invention may also be embodied as a program recorded in a recording medium, the program including machine-readable instructions for implementing a method according to the present invention. Thus, the present invention also covers a recording medium storing a program for executing the method according to the present invention.
Although some specific embodiments of the present invention have been described in detail by way of illustration, it should be understood by those skilled in the art that the above illustration is only for the purpose of illustration and is not intended to limit the scope of the invention. It will be appreciated by those skilled in the art that modifications may be made to the above embodiments without departing from the scope and spirit of the invention. The scope of the invention is defined by the appended claims.
Claims (4)
1. A metadata encryption and decryption method based on a distributed file system is characterized by comprising the following steps:
the method comprises the steps that a Hadoop Distributed File System (HDFS) client sends a data writing request to a metadata node;
the metadata node encrypts metadata according to the data writing request;
the data node sends data block information of the metadata to the metadata node at regular time;
the metadata node acquires a private key from a key management server, decrypts encrypted metadata to obtain decrypted metadata, combines the decrypted metadata with the data block information to obtain updated metadata, and encrypts the updated metadata;
when the HDFS client reads metadata, a file opening request is sent to the metadata node, an interface of the metadata node is called in a remote procedure call protocol mode, encryption metadata are obtained from the metadata node, and the obtained encryption metadata are sent to a data node;
the data node decrypts encrypted metadata by using a public key issued by a key management server to obtain a plaintext of the metadata, and sends a plaintext file stream of the metadata to the HDFS client;
when the HDFS client reads metadata, acquiring encrypted metadata from the metadata node includes:
the HDFS client sends a file opening request to the metadata node;
the metadata node returns a data node address ciphertext of the encrypted metadata to the HDFS client;
and the HDFS client acquires encryption metadata according to the data node address ciphertext.
2. The method of claim 1, wherein the metadata node encrypting the metadata according to the data write request comprises:
and after receiving the data writing request, the metadata node acquires a private key from the key management server and encrypts the metadata according to the private key.
3. A metadata encryption and decryption system based on a distributed file system, comprising:
the Hadoop distributed file system HDFS client is used for sending a data writing request to a metadata node and sending a file opening request to the metadata node, calling an interface of the metadata node in a remote procedure call protocol mode, acquiring encrypted metadata from the metadata node according to a data node address ciphertext returned by the metadata node, and sending the acquired encrypted metadata to the data node;
the metadata node is used for encrypting the metadata according to the data writing request, acquiring a private key from a key management server, decrypting the encrypted metadata to obtain decrypted metadata, merging the decrypted metadata and the data block information to obtain updated metadata, and encrypting the updated metadata; the HDFS server is also used for returning a data node address ciphertext of the encrypted metadata to the HDFS client according to a file opening request sent by the HDFS client, so that the HDFS client can obtain the encrypted metadata according to the data node address ciphertext;
the data node is used for sending data block information of the metadata to the metadata node at regular time, decrypting the encrypted metadata by using a public key issued by a key management server to obtain a plaintext of the metadata, and sending a plaintext file stream of the metadata to the HDFS client;
and the key management server is used for issuing keys.
4. The system of claim 3,
and the metadata node is used for acquiring a private key from the key management server after receiving the data writing request and encrypting the metadata according to the private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610948055.4A CN107995147B (en) | 2016-10-27 | 2016-10-27 | Metadata encryption and decryption method and system based on distributed file system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610948055.4A CN107995147B (en) | 2016-10-27 | 2016-10-27 | Metadata encryption and decryption method and system based on distributed file system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107995147A CN107995147A (en) | 2018-05-04 |
| CN107995147B true CN107995147B (en) | 2021-05-14 |
Family
ID=62029252
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610948055.4A Active CN107995147B (en) | 2016-10-27 | 2016-10-27 | Metadata encryption and decryption method and system based on distributed file system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107995147B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111181899B (en) * | 2018-11-13 | 2022-11-11 | 阿里巴巴集团控股有限公司 | Data processing method, device and system and electronic equipment |
| CN109344656B (en) * | 2018-11-29 | 2021-10-22 | 杭州涂鸦信息技术有限公司 | Database data encryption/decryption method, device and equipment |
| CN109981579B (en) * | 2019-02-25 | 2021-07-02 | 北京工业大学 | Hadoop key management service security enhancement method based on SGX |
| CN116167030A (en) * | 2021-11-25 | 2023-05-26 | 华为技术有限公司 | Information processing system, method, apparatus, and storage medium |
| CN115242538A (en) * | 2022-07-28 | 2022-10-25 | 天翼云科技有限公司 | Data transmission method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103220097A (en) * | 2004-05-07 | 2013-07-24 | 美商内数位科技公司 | Method for assigning automatic repeat request (ARQ) support enhanced uplink (EU) data transmissions and WTRU |
| CN103530387A (en) * | 2013-10-22 | 2014-01-22 | 浪潮电子信息产业股份有限公司 | Improved method aimed at small files of HDFS |
| CN104852922A (en) * | 2015-05-26 | 2015-08-19 | 陈彬 | Big data encrypting and decrypting method based on distributed file system |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075584B (en) * | 2011-01-30 | 2014-08-06 | 中国科学院计算技术研究所 | Distributed file system and access method thereof |
| CN102307185B (en) * | 2011-06-27 | 2015-02-25 | 北京大学 | Data isolation method used in storage cloud |
| CN202663444U (en) * | 2012-06-29 | 2013-01-09 | 上海海事大学 | Cloud safety data migration model |
| CN102916963B (en) * | 2012-10-26 | 2014-12-31 | 中国人民解放军信息工程大学 | Safe data exchange method, device, nodes and safe data exchange system |
| US9130920B2 (en) * | 2013-01-07 | 2015-09-08 | Zettaset, Inc. | Monitoring of authorization-exceeding activity in distributed networks |
| US9229814B2 (en) * | 2013-03-15 | 2016-01-05 | Seagate Technology Llc | Data error recovery for a storage device |
| CN103986718A (en) * | 2014-05-23 | 2014-08-13 | 南京大学 | Method for improving transmission safety and reading efficiency of HDFS files |
-
2016
- 2016-10-27 CN CN201610948055.4A patent/CN107995147B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103220097A (en) * | 2004-05-07 | 2013-07-24 | 美商内数位科技公司 | Method for assigning automatic repeat request (ARQ) support enhanced uplink (EU) data transmissions and WTRU |
| CN103530387A (en) * | 2013-10-22 | 2014-01-22 | 浪潮电子信息产业股份有限公司 | Improved method aimed at small files of HDFS |
| CN104852922A (en) * | 2015-05-26 | 2015-08-19 | 陈彬 | Big data encrypting and decrypting method based on distributed file system |
Non-Patent Citations (3)
| Title |
|---|
| 《HDFS元数据管理的高可用性优化技术研究》;李聪;《中国优秀硕士学位论文全文数据库 信息科技辑》;20160630;全文 * |
| 《HDFS文件系统中元数据的高可用性管理方法研究》;易理林;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130530;全文 * |
| 《基于HDFS的文件传输策略的研究与实现》;王银芳;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130430;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107995147A (en) | 2018-05-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11108753B2 (en) | Securing files using per-file key encryption | |
| CN111130757B (en) | Multi-cloud CP-ABE access control method based on block chain | |
| CN107995147B (en) | Metadata encryption and decryption method and system based on distributed file system | |
| US10819521B2 (en) | Providing low risk exceptional access | |
| US11363454B2 (en) | Providing low risk exceptional access with verification of device possession | |
| US11601261B1 (en) | Secure key exchange electronic transactions | |
| US8806200B2 (en) | Method and system for securing electronic data | |
| CN107506659B (en) | Data protection system and method of general database based on SGX | |
| US20180254901A1 (en) | Method and system for secure delegated access to encrypted data in big data computing clusters | |
| US20140281526A1 (en) | Secure Network Storage | |
| WO2019098895A1 (en) | Method and arrangement for detecting digital content tampering | |
| EP3860036B1 (en) | Key management method, security chip, service server and information system | |
| CN103731395A (en) | Processing method and system for files | |
| CN107453880B (en) | Cloud data secure storage method and system | |
| US20120036349A1 (en) | Datebase server, customer terminal and protection method for digital contents | |
| WO2022206453A1 (en) | Method and apparatus for providing cross-chain private data | |
| CN114556869A (en) | Key management for encrypted data | |
| CN112054899A (en) | Container mirror image encryption management method based on encryption machine | |
| CN107094075A (en) | A kind of data block dynamic operation method based on convergent encryption | |
| CN104601820A (en) | Mobile terminal information protection method based on TF password card | |
| CN111079188B (en) | mybatis field encryption and decryption device and encryption and decryption system | |
| CN104283868A (en) | Encryption method for internet of things and cloud computing secure storage distributed file system | |
| US9178855B1 (en) | Systems and methods for multi-function and multi-purpose cryptography | |
| Thota et al. | Split key management framework for Open Stack Swift object storage cloud | |
| KR101106101B1 (en) | System and Method for Reading a Classified Digital Document using Environmental Information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180504 Assignee: Dbappsecurity Co.,Ltd. Assignor: CHINA TELECOM Corp.,Ltd. Contract record no.: X2023110000022 Denomination of invention: Metadata encryption and decryption method and system based on distributed file system Granted publication date: 20210514 License type: Common License Record date: 20230220 |
|
| EE01 | Entry into force of recordation of patent licensing contract |