CN1080964C - Apparatus and method for storing data - Google Patents
Apparatus and method for storing data Download PDFInfo
- Publication number
- CN1080964C CN1080964C CN94191037A CN94191037A CN1080964C CN 1080964 C CN1080964 C CN 1080964C CN 94191037 A CN94191037 A CN 94191037A CN 94191037 A CN94191037 A CN 94191037A CN 1080964 C CN1080964 C CN 1080964C
- Authority
- CN
- China
- Prior art keywords
- identification item
- sid
- storage identification
- algorithm
- uid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention discloses a method and a device used for depositing an original identification item (OID) and a data of correlative describing information (DI). The present invention is characterized in that the original identification item (OID) is encrypted to an up-to-date identification item (UID) by using a first algorithm (ALG1), the up-to-date identification item (UID) is encrypted to a storage identification item (SID) by using a reversible algorithm (ALG2), and the storage identification item (SID) and the correlative describing information (DI) are stored in a storage medium together as a record (P).
Description
The present invention relates to be used for the apparatus and method of store data, more particularly, institute's deposit data comprises such as the such identifying information of personal digital and the descriptor of associated.
In the area of computer aided information management system,, must protect the integrality of personal information not to be damaged setting up when preserving individual entry and also promptly comprise the entry of relevant individual information.In the department of industry, bank and national defence and other supplementary management system that much uses a computer, importantly protect institute's deposit data not visited equally by unauthorized persons.Prescribed limits is especially arranged or forbids logotype and the individual entry of contrast because this way often causes producing one or multinomial new individual entry, and the latter comprise can with the sensitive information of the direct logotype of individual.
Yet often need be, and don't can damage the integrality of personal information with logotype and the contrast in addition of the individual entry of difference.
In this technical field, there is different encryption storage meanss to can be used for security purpose, wherein the information of depositing is at first encrypted, and then is stored on the medium.Yet the enciphered method of these prior aries is often to following the tracks of sensitivity, because all comprising, entry of each in the database or renewal item change item, the latter can get up by means of tracking and corresponding unencryption initial information logotype, and this initial information has man-to-man relation with enciphered message.Through after a series of tracking, all enciphered messages all can be exchanged into open text.
The objective of the invention is to solve the aforementioned problems in the prior, and a kind of apparatus and method that are used to deposit the data of the descriptor (DI) that comprises an initial identification item (OID) and associated are provided for this purpose.
The inventive system comprises: one first encryption device is used to utilize first algorithm that the initial identification item is encrypted as the renewal identification item; One second encryption device, be used to utilize second algorithm will upgrade identification item and be encrypted as the storage identification item, the descriptor of this storage identification item and associated leaves on the medium as a record together, and decryption device, the storage identification item of the selected record of depositing is used for when will be substituted by new storage identification item, these storage identification items are deciphered, so that rebulid corresponding renewal identification item; Second encryption device is used for being encrypted as new storage identification item at the renewal identification item that the described moment utilizes a reversible algorithm that changed to rebulid, and is used for substituting original storage identification item.
Method of the present invention may further comprise the steps: utilize first algorithm that the initial identification item is encrypted as the renewal identification item; Utilize reversible algorithm will upgrade identification item and be encrypted as the storage identification item; To store identification item and descriptor deposits on the medium as a record, and when the storage identification item at the selected record of depositing will be substituted by new storage identification item, finish following substep: the storage identification item of selected record is deciphered, so that rebulid corresponding renewal identification item, the renewal identification item that the reversible algorithm that change reversible algorithm and utilization changed will rebulid is encrypted as new storage identification item, and the storage identification item that substitutes selected record with new storage identification item.
For prevent descriptor DI again with initial identification item OID logotype, preferably a kind of non-reversible algorithm of the first algorithm ALG1 also is this algorithm gives the renewal identification item of a uniqueness and a lot of identification items is provided when the deciphering for each initial identification item.
In addition, distinctive feature of the present invention is that initial identification item OID encrypts respectively in two steps when producing storage identification item SID, and the encryption of second step utilizes reversible algorithm ALG2 to finish.These obvious characteristics of the present invention are convenient to set up " floating " storage identification item of record, so that prevent all undelegated tracking.According to the present invention, deposit in the selected record on the medium, preferably the storage identification item SID of all records is substituted by new storage identification item SID ' certain constantly.Consequently, after in case the storage identification item is substituted by new storage identification item according to the present invention, any by following the tracks of gained information all to no avail, according to the present invention, the storage identification item SID of the record of depositing changes with laxative remedy: at first utilize algorithm ALG3 that the storage identification item SID of selected record is deciphered, thereby rebulid corresponding renewal identification item UID.To can find out that the algorithm ALG3 that is used to decipher is directly relevant with the reversible algorithm ALG2 that is used in early time from upgrading identification item UID foundation storage identification item SID.So reversible algorithm ALG2 changes into new reversible algorithm ALG2 ', the renewal identification item UID encryption that utilizes the new reversible algorithm ALG2 ' changed to rebulid on this basis.Become new storage identification item SID '.
The moment of the identification item of new storage identification item replace old can fully optionally be controlled, carried out constantly at predetermined space, the quantity that is decided by to upgrade, or the like.
In most preferred embodiment of the present invention, when given new storage identification item, selected record also moves to the new physical locations on the medium.The storage identification item that " floats " combines all attempts that this can stop unauthorized to be followed the tracks of effectively.
The present invention can also can be effective retrieval that strategic purpose realizes institute's deposit data for the operation purpose, also can be used for the so-called of strategic data and vertically upgrades.
When for operation purpose retrieve data, can retrieve be a given stored descriptor of initial identification item be used to read, upgrade, change, print, or the like.According to the present invention, this is possible, promptly at first utilizes above-mentioned two algorithms that given initial identification item is encrypted in two steps, becomes the storage identification item.The institute that can find all to comprise the storage identification item that so obtains easily deposits record and corresponding descriptor is retrieved.Especially, the retrieval of the operating data of this and given initial identification item associated had not both required any deciphering of respective stored identification item, do not require any storage of given initial identification item yet, so just stoped any unnecessary logotype between the descriptor of initial identification item and associated thereof.
During for the strategic purpose retrieve data, the data with identical storage identification item can be put together, thereby use the storage identification item effectively.For the strategic purpose retrieve data with for the difference of operating the purpose retrieve data is that people do not wish or does not need to know which initial identification item is certain descriptor project belong to, but must affirm fully that all descriptors that are retrieved all belong to same initial identification item.Obviously, when initial identification item during corresponding to a certain particular individual, this is crucial, also acquire a special sense, because the present invention can will put together with the descriptor of Different Individual associated, and not have the danger that discloses their identification items for strategic purpose.Should be appreciated that, the present invention can realize vertical renewal of so-called strategic information, this means to carve at a time in other things observes given individuality, also mean in new descriptor of the difference moment and so deposit, so that it can with the information logotype of before having deposited of same individuality, and do not have the danger of the identification item of any announcement individuality.
Should emphasize, with the new descriptor of certain initial identification item associated deposit and unnecessary asking set up the new record that comprises storage identification item and descriptor.On the contrary, this new descriptor is deposited in the existing record, and the storage identification item of this existing record is corresponding to the initial identification item of being spoken of.
These and other obvious characteristic of the present invention, character and advantage will be stated in appended book, also in the following description of an Implementation Modes of the present invention, occur simultaneously, and in drawing,
Fig. 1 is used for describing how implementing block diagram of the present invention in computer system;
Used different encrypting steps when Fig. 2 has explained according to the present invention stored information; And
Fig. 3 has explained used encryption and decryption step when changing the storage identification item according to the present invention.
Now consult Fig. 1, the computer system that it is described comprises the ACS of authorization check system of any known type; A series of user instruments or application program, one of them is marked with AP-PL1; A database management language DBM; A database 10, it comprises that 20, one of a public entry that are used to deposit public information is used for operation entry 30 and strategic entry 40 that is used to deposit strategic data of deposit operation data here; A hardware component 50; And program module 60.The present invention mainly implements in hardware component 50 and program module 60.
Hardware component 50 has an encapsulation, it is tamped, to prevent that its tracked means or compiler from being supervised.This hardware component 50 is as distributed processors, and it has following function especially:
-set up reversible and irreversible cryptographic algorithm,
-for the encryption and decryption algorithm provides at random the variable that produces, one starts, also promptly at the storage identification item of selected at random record that time changing is deposited,
-deposit used encryption and decryption algorithm last time,
-when operation note of a plurality of subscriber authorisation accesses, deposit the information of subscriber authorisation, reach
-with an initial identification item (promptly people's number) one by one with get according to record logotype correct in the storehouse.
Therefore, this hardware component 50 can comprise a microprocessor, microcode programming prom memory, required Unit 1/0, an encryption and decryption unit and be used to deposit the memory cell that is used as the algorithm information of subscriber authorisation simultaneously.The structure of hardware component 50 is different with different purposes, and can easily utilize this description to be implemented by the person skilled in the art, for this reason in detail the structure of these parts will be described in detail no longer.
In the description to the system of Fig. 1, given sign is used to describe used encryption and decryption algorithm below.In general, the encryption and decryption algorithm can followingly be described:
F
TYPE(random number, input data)=result is function of F sign wherein, TYPE marker function type.(the following type of use in the present embodiment:
F
KIR=irreversible encryption algorithm
F
KR=irreversible cryptographic algorithm
F
DKR=decipherment algorithm), random number is represented one or more of constants and/or is included in the variable of function F, and the input data are to want encrypted or decrypted data, and unique functional value of a given function of sign as a result.
Depositing the process of information in database 10 is explained seeing figures.1.and.2 simultaneously.This is under a kind of situation, promptly the information of depositing can be divided into the descriptor of identifying information and associated.The information of a following particular individual is an example.
| The information of depositing | |||
| Identifying information | Descriptor | ||
| Personal digital (PCN) | Title | The address | DI |
In the first step of process, information is divided into identifying information and descriptor.
In second step (as shown in Figure 2), identifying information (PCN, title, address) is deposited in the public entry 20, just deposit with open textual form sometimes, so category information generally is accessible.
In the 3rd step, from identifying information, select initial identification item OID.OID=personal digital PCN in this example.Utilization is encrypted initial identification item OID by 50 non-reversible algorithm ALG1 that produce at random of hardware component.This irreversible encryption operation produces following renewal identification item UID:
ALG1:F
KIR(random number, OID)=UID
Cryptographic algorithm ALG1 so designs, make anyly will upgrade identification item UID deciphering and can produce a large amount of identification items for the attempt of initial identification item OID, consequently specific UID can't with corresponding OID logotype.
In the 4th step, utilizing also is will upgrade identification item UID by 50 reversible algorithm ALG2 that produce at random of hardware component to encrypt.This reversible encryption operation produces following storage identification item SID:
ALG2:F
KR(random number, UID)=SID
Cryptographic algorithm ALG2 so designs, and to obtain a corresponding decipherment algorithm ALG3, utilizes the latter storage identification item SID deciphering can be upgraded identification item UID so that rebuild one.
In the 5th step, gained storage identification item SID and descriptor DI deposit on the medium as an information record P together, and the latter is marked with M in Fig. 2.In this example, record P deposits in operating database 30 and the strategic database 40 simultaneously.
Change in the database and preferably finish under the timing controlled at random in batches, so that each change under normal circumstances comprises the change of numerous records or additional in entry, it to be intended that in order preventing and to follow the tracks of.For this purpose, data can be deposited in the buffer temporarily, and available sometimes encrypted form is deposited.
As shown in top, a stored information record P has following form:
| Storage identification item (SID) | Descriptor (DI) |
Because initial identification item OID encrypts in two steps, wherein the first step is irreversible, second step was reversible, therefore just descriptor DI and storage identification item SID might be deposited together and descriptor DI must not with initial identification item OID logotype, simultaneously when being left institute that a specific initial identification item OID seeks associated and depositing the possibility of descriptor DI, set up the storage identification item SID of " floating " (also i.e. variation in time).
Referring now to Fig. 3 the process of setting up " floating " storage identification item is made more detailed description.
As mentioned above, storage identification item SID often change with prevent made a stab, or make it much more difficult at least.Above-mentioned attempt is gone to seek given initial information and is left attempt on the medium in wherein and with which kind of form also promptly when upgrading an entry.
The moment that substitutes storage identification item SID with new storage identification item SID ' can be controlled randomly by hardware component 50.These constantly can be controlled the number of times that changes in these factors such as the database or the number of renewal by other factors in another program.
The storage identification item SID of the record P that its storage identification item will " float " or change with all is deciphered each time.Hardware component 50 has an internal storage, wherein deposited the last information of using reversible algorithm ALG2, this just can produce a corresponding decipherment algorithm ALG3 each time in hardware component 50, utilize this decipherment algorithm ALG3 storage identification item SID can be deciphered, to rebulid corresponding renewal identification item UID.
ALG3:F
DKR(random number, SID)=therefore there is following relationship in UID:
F
DKR(random number, F
KR(random number, UID))=UID
After this, hardware component 50 utilizes newly at random, and (random number) produces a reversible algorithm ALG2 ' new, that changed, the renewal identification item UID that this rebulids utilizes ALG2 ' reversibly to be encrypted, become storage identification item SID ' new, that changed, the descriptor of the latter and associated leaves in the selected record together.
ALG2 ': F
KR(random number, UID)=SID '
As top and information stores together as described in, on the medium storage identification item best a collection of the finishing of change.
When the storage identification item SID of record P is so substituted by new storage identification item (SID '),, can move to new physical locations on the medium with writing down P as further precautionary measures.
In most preferred embodiment of the present invention, when data-base content changes or upgrade, be about to store the identification item change.
Operating data is retrieved in the operation entry 30 from Fig. 1 in the following manner.To start with, the user inputs to application A PPL1.APPL1 together with the relevant statement that is requested information PCN and the relevant statement that is requested information is deposited to have initial identification item OID now be PCN, and this statement also is the statement of the database of relevant entry or relevant search information therein.Then APPL1 is sent to database management language DBM with PCN and database statement, and the latter will retrieve the information of being requested.This database management language notices that the record of existing database is protected by invention system of institute, therefore PCN and database-name is sent to program module 60 and hardware component 50 together.The database-name that is marked is used for producing correct algorithm ALG1 and ALG2 from the form data of depositing in hardware component 50, utilizes the latter PCN can be converted to and upgrades identification item UID, converts storage identification item SID then again to.So the storage identification item SID that produces promptly is sent to database management language DBM.The latter is (being operation entry 30 here) search descriptor DI in the database of being discussed then, and the storage identification item of this DI is corresponding to the storage identification item SID that is produced.Database management language DBM returns descriptor DI to application A PPL1, descriptor DI that the latter will so produce and personal digital PCN logotype, here should emphasize that personal digital only deposits among the APPL1, also promptly only in the working storage of computer, therefore individual identification item is overall safety still.
Data are retrieved from strategic database 40 and are got, and needn't seek help from any initial identification item OID.Descriptor directly is based in search, also have owing to be to deposit in together, so can easily put together with all descriptors of single individual associated and a bit prestige rib can not arranged the anonymity of individuality with identical storage identification item SID with the descriptor of same individual associated.
Can in operation entry 30 and strategic entry 40, use different cryptographic algorithm.Yet non-reversible algorithm ALG1 can be same, in addition, is appreciated that the form algorithm information of depositing in the hardware component 50 can comprise than much more entry shown in Figure 1.
Change in many ways in the scope of the present invention that the invention described above embodiment can define in appended claims." encryption " speech means fully and comprises " hash-coding " speech.
Have in the change of certain sense of the inventive method, in each information record P of operating database 30, replenished a following User Recognition item UI.
| Storage identification item (SID) | User Recognition item (UI) | Descriptor (DI) |
Therefore might in operating database, will write down and individual consumer's logotype, when the user attempts in record retrieving information, check he whether authorize to discuss to write down and carry out access.Particularly, may allow different user deposit the descriptor of relevant same individuality and do not allow unauthorized user information that access is deposited.User Recognition item UI in all records can change and can not influence storage identification item SID or descriptor DI.Want access to comprise record except that other user UI he the User Recognition item UI as the user, then can replenish a form in hardware component 50, the latter comprises the information of depositing that is used to control this class authority.
Another modification that can expect of the embodiment that describes is possible use reversible algorithm in the first encrypting step ALG1, does not provide and equal fail safe when using non-reversible algorithm yet do like this.
At last, should be mentioned that if desired, before depositing descriptor, can utilize reversible algorithm that descriptor is encrypted, with further tightening security property.
Claims (11)
1. device that is used to deposit the data of the descriptor (DI) that comprises an initial identification item (OID) and associated is characterized in that:
One first encryption device (50) is arranged to utilize first algorithm (ALG1) that initial identification item (OID) is encrypted as and is upgraded identification item (UID),
One second encryption device (50), arrange to utilize second algorithm (ALG2) will upgrade identification item (UID) and be encrypted as storage identification item (SID), the descriptor (DI) of this storage identification item (SID) and associated leaves on the medium (30,40) as a record (P) together, and
A decryption device (50), arrange when the storage identification item (SID) of the selected record of depositing (P) will be when substituting by new storage identification item (SID '), these storage identification items (SID) are deciphered, so that rebulid corresponding renewal identification item (UID)
Second encryption device (50) is arranged to be encrypted as new storage identification item (SID ') at the renewal identification item (UID) that the described moment utilizes a reversible algorithm that changed (ALG2 ') to rebulid, and is used for alternative original storage identification item (SID).
2. the device that proposes in the claim 1 is characterized in that one of them device arrangement determines randomly the described moment, is substituted by new storage identification item (SID ') at the storage identification item (SID) of selected record of the described moment (P).
3. the device that proposes in top each claim, it is characterized in that wherein being used for setting up first algorithm (ALG1) that upgrades identification item (UID) is a non-reversible algorithm.
4. the device that proposes in the claim 3 is characterized in that wherein first and second encryption devices and decryption device are realized as a hardware component (50).
5. the device that proposes in the claim 4 is characterized in that hardware component (50) comprises its processor, and this processor is suitable for as the distributed processors in the computer.
6. the device that proposes in the claim 5 is characterized in that hardware component (50) is suitable for setting up algorithms of different and comprises a device that is used to deposit the last algorithm of setting up.
7. method that is used to deposit the data of the descriptor (DI) that comprises an initial identification item (OID) and associated is characterized in that following steps:
Utilize first algorithm (ALG1) that initial identification item (OID) is encrypted as and upgrade identification item (UID),
Utilize reversible algorithm (ALG2) will upgrade identification item (UID) and be encrypted as storage identification item (SID),
To store identification item (SID) and descriptor (DI) is deposited on the medium (30,40) as a record (P), and
When the moment that will substitute by new storage identification item (SID ') at the storage identification item (SID) of the selected record of depositing (P), finish following substep :-the storage identification item (SID) of selected record (P) is deciphered, so that rebulid corresponding renewal identification item (UID),-renewal the identification item (UID) that changes reversible algorithm (ALG2) and utilize the reversible algorithm that changed (ALG2 ') to rebulid is encrypted as new storage identification item (SID '), and-with the storage identification item (SID) of the alternative selected record (P) of new storage identification item (SID ').
8. the method that proposes in the claim 7 is characterized in that comprising and selects all to deposit in record (P) on the medium (30,40) as the step of selected record (P).
9. the method that proposes in the claim 7, it is characterized in that the step that substitutes selected record (P) storage identification item (SID) with new storage identification item (SID ') finishes in a collection of, so that on medium (30,40), can side by side change the storage identification item (SID) of selected record (P).
10. the method for each proposition among the claim 7-9, it is characterized in that also comprising selected record (P) is moved to new physical locations on the medium (30,40) with the step that new storage identification item (SID ') substitutes the storage identification item (SID) of selected record (P).
11. the method for each proposition in the claim 10 is characterized in that being included in descriptor (DI) is deposited to the medium accordingly record (P) before, also the step that descriptor (DI) is encrypted.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| SE9300984A SE9300984D0 (en) | 1993-03-23 | 1993-03-23 | TO ADMINISTER MSH IFPEA |
| SE930984-0 | 1993-11-30 | ||
| SE9309840 | 1993-11-30 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1116890A CN1116890A (en) | 1996-02-14 |
| CN1080964C true CN1080964C (en) | 2002-03-13 |
Family
ID=20389349
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN94191037A Expired - Fee Related CN1080964C (en) | 1993-03-23 | 1994-09-23 | Apparatus and method for storing data |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN1080964C (en) |
| SE (1) | SE9300984D0 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108694333B (en) * | 2017-04-07 | 2021-11-19 | 华为技术有限公司 | User information processing method and device |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1993011619A1 (en) * | 1991-12-04 | 1993-06-10 | Enco-Tone, Ltd. | Method and apparatus for data encryption and transmission |
-
1993
- 1993-03-23 SE SE9300984A patent/SE9300984D0/en unknown
-
1994
- 1994-09-23 CN CN94191037A patent/CN1080964C/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1993011619A1 (en) * | 1991-12-04 | 1993-06-10 | Enco-Tone, Ltd. | Method and apparatus for data encryption and transmission |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1116890A (en) | 1996-02-14 |
| SE9300984D0 (en) | 1993-03-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3678746B2 (en) | Data storage device and method | |
| CN1133935C (en) | Security system for protecting information stored in portable storage media | |
| US4588991A (en) | File access security method and means | |
| CN1122951C (en) | Method for storing and operating sensitive information in security module, and associated security module | |
| US8782437B2 (en) | Content protection using block reordering | |
| US9324361B2 (en) | Protecting stored data from traffic analysis | |
| CN101655858B (en) | Cryptograph index structure based on blocking organization and management method thereof | |
| CN101079008A (en) | Mobile memory divulgence protection method and system | |
| IL167014A (en) | Encrypting operating system | |
| KR20030055702A (en) | File security system by using a security class and method for managing security key | |
| EP1374063A2 (en) | Method and apparatus for automatic database encryption | |
| CN111858519B (en) | System and method for sharing confidential data on blockchain | |
| CN106776904A (en) | The fuzzy query encryption method of dynamic authentication is supported in a kind of insincere cloud computing environment | |
| US20080123858A1 (en) | Method and apparatus for accessing an encrypted file system using non-local keys | |
| CN108573176B (en) | Method and system for safely deleting data of mobile terminal encrypted by key derivation | |
| CN111651779B (en) | Privacy protection method for encrypted image retrieval in block chain | |
| US8364979B1 (en) | Apparatus, system, and method to efficiently search and modify information stored on remote servers, while hiding access patterns | |
| CN1080964C (en) | Apparatus and method for storing data | |
| CN1514572A (en) | Distribution type data encryption method | |
| Troncoso et al. | Traffic analysis attacks on a continuously-observable steganographic file system | |
| GB2598130A (en) | Controlled data access | |
| CN112306582A (en) | Configuration variable encryption and decryption method and device, computer equipment and readable storage medium | |
| CN1131476C (en) | Content secrete method and layout of non-volatile storage | |
| CN108416232A (en) | encryption method for storage device | |
| EP4137978A1 (en) | Enhanced data security through combination of encryption and vertical fragmentation of tabular data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |