CN108920967B - Data processing method, device, terminal and computer storage medium - Google Patents
Data processing method, device, terminal and computer storage medium Download PDFInfo
- Publication number
- CN108920967B CN108920967B CN201810685729.5A CN201810685729A CN108920967B CN 108920967 B CN108920967 B CN 108920967B CN 201810685729 A CN201810685729 A CN 201810685729A CN 108920967 B CN108920967 B CN 108920967B
- Authority
- CN
- China
- Prior art keywords
- data
- search
- security
- storage area
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The embodiment of the invention discloses a data processing method, a device, a terminal and a computer storage medium, wherein the method comprises the following steps: when determining to search data derived from the security-hardened application by using a search engine in a security domain, performing data search in the derived data according to an encryption processing mode of a derivation process of the data, wherein the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting. Therefore, for the search engine in the security domain, the data in the security-reinforced application can be searched out according to the encryption processing mode of the data export process; for the search engine in the personal domain, because the data export process is encrypted, the data of the application which is subjected to security reinforcement cannot be searched from the exported data through a default data searching mode, and the application data of the security domain is prevented from being leaked to the personal domain.
Description
Technical Field
The present invention relates to a dual-domain isolation technology, and in particular, to a data processing method, apparatus, terminal, and computer storage medium.
Background
At present, dual-domain isolation is widely applied in the field of data security, and the main targets of dual-domain isolation are as follows: data isolation between the security domain and the personal domain is realized, so that users of the personal domain cannot access the security domain data, and the users of the security domain cannot access the personal domain data; however, the existing dual-domain isolation scheme has the following disadvantages: the Application that is secured in the secure domain can still perform data search through a global search engine of the personal domain, for example, the Application that is secured in the secure domain may be an Application (App) packaged by a Software Development Kit (SDK), and the described App packaged by the SDK supports security functions such as network isolation, file isolation, sharing isolation, and clipboard isolation; however, the above-described App packaged with SDK also supports searching by a global search engine in the personal domain, and specifically, in the personal domain, by searching for a keyword using the global search engine, the above-described key information of the App packaged with SDK can be viewed, which leads to information leakage of the security domain.
Disclosure of Invention
In order to solve the above technical problems, embodiments of the present invention are intended to provide a data processing method, an apparatus, a terminal, and a computer storage medium, and aim to solve the problem in the prior art that security domain data is leaked to a personal domain.
The embodiment of the invention provides a data processing method, which comprises the following steps:
when determining to search data derived from the security-hardened application by using a search engine in a security domain, performing data search in the derived data according to an encryption processing mode of a derivation process of the data, wherein the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting.
In the foregoing solution, the searching data in the derived data according to the encryption processing mode of the derivation process of the data includes:
the encryption processing mode is that when the data is exported to a newly-built storage area, data search is carried out in the newly-built storage area;
when the data is encrypted and exported, encrypting keywords used in data searching according to the encryption mode of the data to obtain encrypted keywords; and searching data in the derived encrypted data according to the encrypted keywords.
In the above solution, after performing data search on the derived encrypted data, the method further includes: and decrypting the searched data by adopting a decryption mode corresponding to the encryption mode of the data.
In the above scheme, after decrypting the searched data, the method further includes: and displaying the decrypted data.
In the above solution, after performing data search in the newly created storage area, the method further includes: and displaying the searched data.
An embodiment of the present invention further provides a data processing apparatus, where the apparatus includes a processor and a memory for storing a computer program capable of running on the processor; wherein the content of the first and second substances,
the processor is configured to execute the steps of any one of the data processing methods when the computer program is run.
An embodiment of the present invention further provides another data processing apparatus, where the apparatus includes: the device comprises a judging module and a data searching module; wherein the content of the first and second substances,
a determining module for triggering the data search module when determining to search for data derived from the security-hardened application using a search engine in the security domain;
the data search module is used for searching data in the exported data according to an encryption processing mode of the export process of the data when being triggered, and the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting.
In the above scheme, the data search module is specifically configured to, when the encryption processing mode is to export the data to a newly-built storage area, perform data search in the newly-built storage area; when the encryption processing mode is to encrypt and export the data, encrypting keywords used in data searching according to the encryption mode of the data to obtain encrypted keywords; and searching data in the derived encrypted data according to the encrypted keywords.
The embodiment of the invention also provides a terminal, and the terminal comprises any one of the data processing devices.
Embodiments of the present invention further provide a computer storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of any one of the data processing methods described above.
In the embodiment of the invention, when determining to search data derived from a security-reinforced application by using a search engine in a security domain, the data search is carried out in the derived data according to an encryption processing mode of a data deriving process, wherein the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting. Therefore, for the search engine in the security domain, data search can be performed in the exported data according to the encryption processing mode of the export process of the data, and then the data in the application subjected to security reinforcement is searched; for the search engine in the personal domain, because the data export process is encrypted, the data of the application which is subjected to security reinforcement cannot be searched from the exported data through a default data searching mode, and the application data of the security domain is prevented from being leaked to the personal domain.
Drawings
FIG. 1 is a flow chart of a data processing method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of data interaction of another data processing method according to an embodiment of the present invention;
FIG. 3 is a schematic data interaction diagram of another data processing method according to an embodiment of the present invention;
FIG. 4 is a block diagram of a data processing apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of another data processing apparatus according to an embodiment of the present invention.
Detailed Description
The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention.
In the embodiment of the present invention, the security-enhanced application is located in a security domain, for example, the security-enhanced application may be an App packaged by some SDK with a security function, where the App packaged by SDK described above may be referred to as SApp, and the SApp supports security functions such as network isolation, file isolation, sharing isolation, and clipboard isolation.
In one embodiment, when exporting data from a security-hardened application, the data is generally exported to a default storage area, where the data exported to the default storage area may include at least one of: keywords, pictures, characters, time, content size; after the data are exported to the default storage area, the global search engine of the personal domain can search and acquire the data in the default storage area through the keywords and can display the acquired data, so that the data of the security domain can be leaked; for example, the default storage area is a Spotlight storage area, and after data can be exported to the default Spotlight storage area by using the SApp, in the personal domain, the global search engine Spotlight of the iOS can search out the data located in the Spotlight storage area through local keyword information of the search terminal, so that data leakage in the security domain is caused.
Example one
To solve the technical problem in the foregoing embodiment, an embodiment of the present invention provides a data processing method, which may be applied to a device such as a terminal, and fig. 1 is a flowchart of the data processing method in the embodiment of the present invention, and as shown in fig. 1, the flowchart may include:
step 101: when determining to search data derived from the security-hardened application by using a search engine in a security domain, performing data search in the derived data according to an encryption processing mode of a derivation process of the data, wherein the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting.
That is, the encryption processing method for the data export process can be implemented in the following two ways.
Mode 1:
the method comprises the steps that a storage area can be newly built in advance, when data are exported from a security-reinforced application, the data are not exported to a default storage area, but are redirected to the newly built storage area, and the newly built storage area is different from the default storage area.
Mode 2:
when data is exported from the security-enhanced application, the data is encrypted according to a set encryption mode, and then the encrypted data is exported.
Here, the Encryption scheme set may be any Data Encryption scheme, for example, the Encryption scheme set may be a Data Encryption Standard (DES) Algorithm, a Digital Signature Algorithm (DSA), or an Advanced Encryption Standard (AES) Algorithm; after the data is encrypted according to the set encryption mode, the encrypted data can be exported to a default storage area or a newly-created storage area.
Here, the search engine in the secure domain may be implemented by a secure domain management application, for example, the secure domain management application is an awok application (software) that can perform data interaction with the SApp.
In practical implementation, when the method 1 described above is used to encrypt the data export process and a search engine in the secure domain is used to perform data search, the search engine in the secure domain may perform data search in a newly created storage area, for example, a keyword search may be performed in the newly created storage area; in this way, a search engine in the secure domain can read data of the security-hardened application located in the secure domain, meeting the actual application requirements.
When the above-described method 1 is used to encrypt the data export process and a search engine in the personal domain is used to search for data, the search engine in the personal domain searches for data from a default storage area, such as a Spotlight storage area, and since the data of the security-hardened application is not exported to the default storage area, the search engine in the personal domain cannot search for the data of the security-hardened application from the default storage area, and thus, the application data of the security domain can be prevented from leaking to the personal domain.
In practice, when the method 2 described above is used to encrypt the data export process and a search engine in a secure domain is used to search data, the keyword used in the data search may be encrypted according to the set encryption method described above, and then a keyword search method may be used to search data in the exported encrypted data according to the encrypted keyword; in this way, after the keyword is encrypted in the same encryption mode as the derived data, the encrypted keyword can be used to search the corresponding encrypted data.
Further, after data search is performed on the derived encrypted data, the searched data may be decrypted by a decryption method corresponding to the above-described set encryption method; in this way, the search engine in the secure domain can read the data of the security-hardened application located in the secure domain from the derived encrypted data, and the actual application requirements are met.
When the derivation process of the data is encrypted in the above-described method 2 and a search engine in the personal domain is used to perform data search, the search engine in the personal domain performs data search by default using an unencrypted keyword (i.e., a plaintext keyword), however, the above-described derived data is encrypted data, and thus, the corresponding data cannot be searched by using the unencrypted keyword; that is, the search engine in the personal domain cannot search the data of the security-hardened application from the derived data, so that the application data of the security domain can be prevented from being leaked to the personal domain.
Further, when the export process of the data is encrypted by the method 1 described above, the decrypted data can be displayed after the searched data is decrypted; when the data export process is encrypted in the above-described manner 2, the decrypted data can be displayed after the searched data is decrypted.
In practical applications, the above-mentioned processes of deriving data from the security-enhanced application, searching data in the derived data, and decrypting the searched data can be implemented by a processor in the terminal; the process of displaying the data can be realized by combining a processor and a display of the terminal.
When determining to search data derived from a security-hardened application by using a search engine in a security domain, performing data search in the derived data according to an encryption processing mode of a derivation process of the data, wherein the encryption processing mode is as follows: and exporting the data to a newly-built storage area, or exporting the data after encrypting. Therefore, for the search engine in the security domain, data search can be performed in the exported data according to the encryption processing mode of the export process of the data, and then the data in the application subjected to security reinforcement is searched; for the search engine in the personal domain, because the data export process is encrypted, the data of the application which is subjected to security reinforcement cannot be searched from the exported data through a default data searching mode, and the application data of the security domain is prevented from being leaked to the personal domain.
Example two
In order to further embody the object of the present invention, a further example is provided on the basis of the first embodiment of the present invention.
The second embodiment of the present invention provides another data processing method, which can be implemented by using a processor of a terminal, where the securely reinforced application is SApp, the default storage area is Spotlight storage area, the application in the secure domain is an aWork application, and the newly created storage area can be marked as an aPotlight storage area.
Fig. 2 is a schematic data interaction diagram of another data processing method according to an embodiment of the present invention, and as shown in fig. 2, when it is determined that data needs to be exported from the SApp, data is not exported to the Spotlight storage area, because the global search engine Spotlight in the personal area can only read data from the Spotlight storage area, data in the SApp cannot be searched from the Spotlight storage area.
Accordingly, when it is determined that data needs to be exported from the SApp, the data may be exported to the aSpotlight storage area, for example, in the SApp, an interception tool SpotLightHooker may be used to intercept the data and redirect the data to the customized aSpotlight storage area.
After the data in the SApp is exported to the aSpotright storage area, the aWork application can search the data in the aSpotright storage area, and read the data from the aSpotright storage area and display the data; for example, a custom module aSpotlight for performing data search from the aSpotlight storage area may be set in the ahook application, and then data search is performed in the aSpotlight storage area by using the custom module aSpotlight; in fig. 2, SApp data 1 and SApp data 2 represent searched data.
EXAMPLE III
In order to further embody the object of the present invention, a further example is provided on the basis of the first embodiment of the present invention.
The third embodiment of the present invention provides another data processing method, which can be implemented by using a processor of a terminal, where the application subjected to security reinforcement is SApp, the default storage area is Spotlight storage area, and the application in the security domain is an ahork application.
Fig. 3 is a schematic data interaction diagram of another data processing method according to an embodiment of the present invention, as shown in fig. 3, when it is determined that data needs to be derived from the SApp, the data that needs to be derived may be encrypted to obtain encrypted data; illustratively, the derived data may be encrypted using the customized tool SpotLightHooker in the SApp.
After the derived data is encrypted, the encrypted data can be derived to a Spotlight storage area, and the search engine Spotlight in the personal area can only use unencrypted keywords (i.e., plaintext keywords) to perform data search, so that the corresponding data, i.e., the search engine Spotlight, cannot search for empty content.
In the aWork application, a user-defined module aSPotLight for encrypting and decrypting data can be set; when the aWork application needs to search keywords for data in the Spotlight storage area, the keywords can be encrypted by using a user-defined module aDispotlight to obtain encrypted keywords; then, the user-defined module aSpotLight can search data in the Spotlight storage area by using the encrypted keywords (namely ciphertext keywords), and the searched data is ciphertext data; the custom module aSpotLight may also decrypt ciphertext data obtained by the search, that is, the decrypted data may be obtained, and here, the decrypted data may also be displayed.
Example four
On the basis of the data processing method provided in the foregoing embodiment, a fourth embodiment of the present invention provides a data processing apparatus.
Fig. 4 is a schematic diagram of a configuration of a data processing apparatus according to an embodiment of the present invention, as shown in fig. 4, the apparatus includes a determining module 401 and a data searching module 402; wherein the content of the first and second substances,
a determining module 401, configured to trigger the data searching module when determining to search for data derived from the security-hardened application using a search engine in the security domain;
a data search module 402, configured to, when triggered, perform data search in the derived data according to an encryption processing manner of a derivation process of the data, where the encryption processing manner is: and exporting the data to a newly-built storage area, or exporting the data after encrypting.
In an embodiment, the data searching module 402 is specifically configured to, when the encryption processing mode is to export the data to a newly-created storage area, perform data search in the newly-created storage area; when the encryption processing mode is to encrypt and export the data, encrypting keywords used in data searching according to the encryption mode of the data to obtain encrypted keywords; and searching data in the derived encrypted data according to the encrypted keywords.
In an embodiment, the data searching module 402 is further configured to perform a data search on the derived encrypted data, and then decrypt the searched data by using a decryption method corresponding to the encryption method of the data.
In an embodiment, the data searching module 402 is further configured to display the decrypted data after decrypting the searched data.
In an embodiment, the data searching module 402 is further configured to perform data search in the newly created storage area, and then display the searched data.
In practical applications, the judging module 401 and the data searching module 402 can be implemented by a Central Processing Unit (CPU), a microprocessor Unit (MPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), or the like located in the terminal.
In addition, each functional module in this embodiment may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware or a form of a software functional module.
Based on the understanding that the technical solution of the present embodiment essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, and include several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor (processor) to execute all or part of the steps of the method of the present embodiment. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Specifically, the computer program instructions corresponding to a data processing method in the present embodiment may be stored on a storage medium such as an optical disc, a hard disc, a usb disk, or the like, and when the computer program instructions corresponding to a data processing method in the storage medium are read or executed by an electronic device, the steps of any one of the data processing methods in the foregoing embodiments are implemented.
Based on the same technical concept of the foregoing embodiment, referring to fig. 5, it shows another data processing apparatus 50 provided by the embodiment of the present invention, which may include: memory 51, processor 52 and bus 53; wherein the content of the first and second substances,
the bus 53 is used for connecting the memory 51, the processor 52 and the intercommunication among these devices;
the memory 51 for storing computer programs and data;
the processor 52 is configured to execute the computer program stored in the memory to implement the steps of any one of the data processing methods of the foregoing embodiments.
In practical applications, the memory 51 may be a volatile memory (RAM); or a non-volatile memory (non-volatile memory) such as a ROM, a flash memory (flash memory), a Hard Disk (Hard Disk Drive, HDD) or a Solid-State Drive (SSD); or a combination of the above types of memories and provides instructions and data to the processor 52.
The processor 52 may be at least one of an Application Specific Integrated Circuit (ASIC), a DSP, a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), an FPGA, a CPU, a controller, a microcontroller, and a microprocessor. It will be appreciated that the electronic components used to implement the processor functions described above may be other devices, and embodiments of the present invention are not limited in particular.
EXAMPLE five
An embodiment of the present invention provides a terminal, where the terminal includes any one of the data processing apparatuses in the foregoing embodiments.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (8)
1. A method of data processing, the method comprising:
when determining to search data derived from the security-hardened application by using a search engine in a security domain, performing data search in the derived data according to an encryption processing mode of a derivation process of the data, wherein the encryption processing mode is as follows: exporting the data to a newly-built storage area, or encrypting the data and exporting; the security-hardened application is located in a security domain;
the searching data in the derived data according to the encryption processing mode of the data derivation process comprises the following steps:
the encryption processing mode is that when the data is exported to a newly-built storage area, data search is carried out in the newly-built storage area;
when the data is encrypted and exported, encrypting keywords used in data searching according to the encryption mode of the data to obtain encrypted keywords; and searching data in the derived encrypted data according to the encrypted keywords.
2. The method of claim 1, wherein after performing a data search in the derived encrypted data, the method further comprises:
and decrypting the searched data by adopting a decryption mode corresponding to the encryption mode of the data.
3. The method of claim 2, wherein after decrypting the searched data, the method further comprises: and displaying the decrypted data.
4. The method of claim 1, wherein after performing a data search in the newly created storage area, the method further comprises: and displaying the searched data.
5. A data processing apparatus, characterized in that the apparatus comprises a processor and a memory for storing a computer program capable of running on the processor; wherein the content of the first and second substances,
the processor is adapted to perform the steps of the method of any one of claims 1 to 4 when running the computer program.
6. A data processing apparatus, characterized in that the apparatus comprises: the device comprises a judging module and a data searching module; wherein the content of the first and second substances,
a determining module for triggering the data search module when determining to search for data derived from the security-hardened application using a search engine in the security domain;
the data search module is used for searching data in the exported data according to an encryption processing mode of the export process of the data when being triggered, and the encryption processing mode is as follows: exporting the data to a newly-built storage area, or encrypting the data and exporting; the security-hardened application is located in a security domain;
the searching data in the derived data according to the encryption processing mode of the data derivation process comprises the following steps:
the encryption processing mode is that when the data is exported to a newly-built storage area, data search is carried out in the newly-built storage area;
when the data is encrypted and exported, encrypting keywords used in data searching according to the encryption mode of the data to obtain encrypted keywords; and searching data in the derived encrypted data according to the encrypted keywords.
7. A terminal, characterized in that it comprises a data processing device according to any one of claims 5 to 6.
8. A computer storage medium on which a computer program is stored, characterized in that the computer program realizes the steps of the method of any one of claims 1 to 4 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810685729.5A CN108920967B (en) | 2018-06-28 | 2018-06-28 | Data processing method, device, terminal and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810685729.5A CN108920967B (en) | 2018-06-28 | 2018-06-28 | Data processing method, device, terminal and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108920967A CN108920967A (en) | 2018-11-30 |
| CN108920967B true CN108920967B (en) | 2022-08-05 |
Family
ID=64421907
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810685729.5A Active CN108920967B (en) | 2018-06-28 | 2018-06-28 | Data processing method, device, terminal and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108920967B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111338899B (en) * | 2020-02-26 | 2023-07-14 | 深信服科技股份有限公司 | Monitoring method, terminal and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105205370A (en) * | 2015-08-24 | 2015-12-30 | 北京恒信安科技有限公司 | Safety protection method for mobile terminal, mobile terminal, safety system and application method |
| CN106407822A (en) * | 2016-09-14 | 2017-02-15 | 华南理工大学 | Keyword or multi-keyword based searchable encryption method and system |
| CN106610995A (en) * | 2015-10-23 | 2017-05-03 | 华为技术有限公司 | Ciphertext index creating method, device and system |
-
2018
- 2018-06-28 CN CN201810685729.5A patent/CN108920967B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105205370A (en) * | 2015-08-24 | 2015-12-30 | 北京恒信安科技有限公司 | Safety protection method for mobile terminal, mobile terminal, safety system and application method |
| CN106610995A (en) * | 2015-10-23 | 2017-05-03 | 华为技术有限公司 | Ciphertext index creating method, device and system |
| CN106407822A (en) * | 2016-09-14 | 2017-02-15 | 华南理工大学 | Keyword or multi-keyword based searchable encryption method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108920967A (en) | 2018-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9811478B2 (en) | Self-encrypting flash drive | |
| CN106971121B (en) | Data processing method, device, server and storage medium | |
| WO2016058487A1 (en) | Information processing method and apparatus | |
| CN110457945B (en) | List query method, query party device, service party device and storage medium | |
| US8112634B2 (en) | Security-enhanced storage devices using media location factor in encryption of hidden and non-hidden partitions | |
| TWI740399B (en) | Data processing method, device and electronic equipment | |
| KR102051720B1 (en) | Method and apparatus for encrypting/decrypting data on mobile terminal | |
| US20060262928A1 (en) | Method, device, and system of encrypting/decrypting data | |
| US20120260106A1 (en) | System and method for binary layout randomization | |
| US11042652B2 (en) | Techniques for multi-domain memory encryption | |
| US10027640B2 (en) | Secure data re-encryption | |
| KR20080074848A (en) | Methods and apparatus for the secure handling of data in a microcontroller | |
| US10452564B2 (en) | Format preserving encryption of object code | |
| CN114327261B (en) | Data file storage method and data security agent | |
| CN114139204A (en) | Method, device and medium for inquiring hiding trace | |
| CN110855433A (en) | Data encryption method and device based on encryption algorithm and computer equipment | |
| CN114003559A (en) | Log access method, device and equipment and computer readable storage medium | |
| CN112733180A (en) | Data query method and device and electronic equipment | |
| CN108920967B (en) | Data processing method, device, terminal and computer storage medium | |
| CN112487444A (en) | Database-based data encryption method and device, storage medium and electronic equipment | |
| CN108256346B (en) | Key data protection method, encryption protection device and embedded system device | |
| WO2019184741A1 (en) | Application program information storing method and apparatus, and application program information processing method and apparatus | |
| KR101999209B1 (en) | A system and method for encryption of pointers to virtual function tables | |
| CN110764797A (en) | Method, device and system for upgrading file in chip and server | |
| CN104866740A (en) | Static analysis preventing method and device for files |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |