CN109753810A - Data classification storage and its device, electronic equipment, computer-readable medium - Google Patents
Data classification storage and its device, electronic equipment, computer-readable medium Download PDFInfo
- Publication number
- CN109753810A CN109753810A CN201811517644.2A CN201811517644A CN109753810A CN 109753810 A CN109753810 A CN 109753810A CN 201811517644 A CN201811517644 A CN 201811517644A CN 109753810 A CN109753810 A CN 109753810A
- Authority
- CN
- China
- Prior art keywords
- data
- stored
- security level
- storage
- classification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
This application discloses a kind of data classification storage and its device, electronic equipment, computer-readable medium, method includes: to carry out classification to data to be stored to handle to obtain the security level of the data to be stored;The data to be stored for being more than setting security level boundary to wherein security level carries out asymmetric encryption processing;According to the storage rule of setting, the data to be stored after asymmetric encryption is subjected to cochain storage processing.The embodiment of the present application realizes the secure storage to data, avoids data malice and the adverse consequences that will cause such as distorts, reveals, losing, damaging.
Description
Technical field
This application involves internet areas, and in particular to Internet technical field more particularly to a kind of storage of data staging
Method and device thereof, electronic equipment, computer-readable medium.
Background technique
Nowadays, big data cloud storage popularity is higher and higher, and undoubtedly the privacy of its information also has and is compromised
Risk, thus caused problem of data safety is to cannot be neglected.
Data are often stored in the database with certain forms, and user is facilitated to access and operate.Nowadays, big data is relied on
Occur in more extensive more open cloud platform, on the one hand changes people's lives mode and the cognition to data, on the other hand
Also to the safeguard protection of sensitive private data, more stringent requirements are proposed.It is desirable to data service providers to deposit safely
Store up tagged word and reliably data service be simultaneously provided, especially under big data environment because the malice of tagged word distort, reveal,
Loss, damage etc. will cause consequence very serious.
Summary of the invention
The purpose of the application is to propose a kind of data classification storage and its device, electronic equipment, computer-readable
Medium, for solving the above problem in the prior art.
In a first aspect, the embodiment of the present application provides a kind of data classification storage comprising:
Classification is carried out to data to be stored to handle to obtain the security level of the data to be stored;
The data to be stored for being more than setting security level boundary to wherein security level carries out asymmetric encryption processing;
According to the storage rule of setting, the data to be stored after asymmetric encryption is subjected to cochain storage processing.
Optionally, in any embodiment of the application, to data to be stored carry out classification handle to obtain it is described wait store
The security level of data, comprising: according to the parsing to security level configuration item, classification is carried out to data to be stored and handles to obtain institute
The security level of data to be stored is stated, records the security level for having user to specify in the security level configuration item.
Optionally, in any embodiment of the application, to data to be stored carry out classification handle to obtain it is described wait store
The security level of data, comprising: according to the security level hierarchy model pre-established, classification is carried out to data to be stored and is handled
To the security level of the data to be stored.
Optionally, in any embodiment of the application, further includes: according to tagged word dictionary and the tagged word dictionary
In the security feature vector of each tagged word pre-establish the security level hierarchy model.
Optionally, in any embodiment of the application, the asymmetric encryption processing includes: Large integer factoring problem
At least one of class, discrete logarithm problem class, elliptic curve class.
Optionally, in any embodiment of the application, according to the storage rule of setting, by after asymmetric encryption wait deposit
It stores up data and carries out cochain storage processing, comprising: encrypted data to be stored is divided into several data packets, and according to each data
Packet generates corresponding uniqueness characteristic value, when storing current data packet by the corresponding uniqueness characteristic value of a upper data packet
It is stored together with the current data packet.
Optionally, in any embodiment of the application, a uniqueness characteristic value is generated according to each data packet, comprising:
Secure hash is carried out to each data packet and generates a corresponding cryptographic Hash, the cryptographic Hash is as the uniqueness characteristic value.
Second aspect, the embodiment of the present application provide a kind of data staging storage device comprising:
Stage unit handles to obtain the security level of the data to be stored for carrying out classification to data to be stored;
Encryption unit, the data to be stored for being more than setting security level boundary to wherein security level carry out asymmetric
Encryption;
Data to be stored after asymmetric encryption is carried out cochain and deposited by storage unit for the storage rule according to setting
Storage processing.
The third aspect, the embodiment of the present application provide a kind of electronic equipment, comprising:
One or more processors;
Computer-readable medium is configured to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the method as described in above-mentioned any embodiment.
Fourth aspect, the embodiment of the present application provide a kind of computer-readable medium, are stored thereon with computer program, should
The method as described in above-mentioned any embodiment is realized when program is executed by processor.
Data classification storage provided by the present application and its device, electronic equipment, in computer-readable medium, by right
Data to be stored carries out classification and handles to obtain the security level of the data to be stored;It is more than setting safety to wherein security level
The data to be stored of class boundaries carries out asymmetric encryption processing, realizes the secure storage to data, avoids data malice
The adverse consequences that will cause such as distort, reveal, losing, damaging.
Detailed description of the invention
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, the application's is other
Feature, objects and advantages will become more apparent upon:
Fig. 1 is data classification storage flow diagram in the embodiment of the present application one;
Fig. 2 is data classification storage flow diagram in the embodiment of the present application two;
Fig. 3 is the structural schematic diagram of data staging storage device in the embodiment of the present application three;
Fig. 4 is the structural schematic diagram of electronic equipment in the embodiment of the present application four;
Fig. 5 is the hardware configuration of electronic equipment in the embodiment of the present application five.
Specific embodiment
The application is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated only is only configured to explain related invention, rather than the restriction to the invention.It also should be noted that being
Convenient for description, part relevant to related invention is illustrated only in attached drawing.
It should be noted that in the absence of conflict, the features in the embodiments and the embodiments of the present application can phase
Mutually combination.The application is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Data classification storage provided by the present application and its device, electronic equipment, in computer-readable medium, by right
Data to be stored carries out classification and handles to obtain the security level of the data to be stored;It is more than setting safety to wherein security level
The data to be stored of class boundaries carries out asymmetric encryption processing, realizes the secure storage to data, avoids data malice
The adverse consequences that will cause such as distort, reveal, losing, damaging.
Fig. 1 is data classification storage flow diagram in the embodiment of the present application one;As shown in Figure 1, it may include
Following steps:
S101, classification is carried out to data to be stored handle to obtain the security level of the data to be stored;
In the present embodiment, the format of data to be stored without limitation, for example can be text, can be video, audio, figure
Any format of piece does not specially require the size of data to be stored.
Specifically, it in a concrete application scene, handles to obtain institute carrying out classification to data to be stored in step S101
When stating the security level of data to be stored, data to be stored can specifically be carried out according to the parsing to security level configuration item
Classification handles to obtain the security level of the data to be stored, records the safety for having user to specify in the security level configuration item
Grade.
Further, in the specific implementation, when user is specified goes out data to be stored, while grade configuration component is generated,
It is provided with grade configuration item in the grade configuration component, the specific variable of grade configuration item such as one, according to the variable
Assignment, thus the security level that corresponding user specifies, the assignment of the variable is higher, then the security level for showing that user specifies is got over
Height, on the contrary, the security level for then showing that user specifies is lower.In the specific implementation, the height of security level can specifically pass through
The size of numerical value is distinguished.
Certainly, in specific application, in order to reduce the calculation amount that follow-up data stores, which can be roughly divided into several
A specified value, different values indicate that security level is different.
It S102, is more than at the data to be stored progress asymmetric encryption of setting security level boundary to wherein security level
Reason;
In the present embodiment, security level boundary is not to immobilize, and when application difference, value can not also
Together, alternatively, in same application occasion, the security level boundary can also be updated, for example increases according to actual demand
Big or reduction.For example, the security level boundary can be increased if to reduce the data of cochain storage, deposited to realize
The dynamic adjustment for storing up data volume, on the contrary, then can reduce the security level boundary.
In the specific implementation, security level boundary is specifically as follows a single security level threshold value, or two
The range that a security level threshold value of different sizes limits, or referred to as security level threshold value has bound.
In the present embodiment, asymmetric encryption is used in encryption, mainly in view of the safety for increasing data, and is saved
Go not needing the process that first synchronize code key before a communication as symmetric cryptography.
In a concrete application scene, specifically key can be generated with RSA Algorithm, detailed process is such as follows:
1.1 selection two different Big prime p and q;
1.2 calculate product n=pq and Φ (n)=(p-1) (q-1);
1.3 selections are greater than the 1 random integers e for being less than Φ (n), so that gcd (e, Φ (n))=1;Gcd, that is, greatest common divisor.
1.4 calculating d make d*e=1mod Φ (n);Note: i.e. d*emod Φ (n)=1.
1.5 pairs of each key k=(n, p, q, d, e), definition enciphering transformation are Ek (x)=xemod n, and decryption transformation is
Dk (x)=yd mod n, here x, y ∈ Zn;
1.6p, q are destroyed, and with { e, n } for public-key cryptography, { d, n } is private cipher key.
Example:
2.1 assume p=3, q=11 (p, q are prime numbers), then N=pq=33;
2.2r=Φ (n)=(p-1) (q-1)=(3-1) (11-1)=20;
2.3 enable e=3, then, d=7 according to gcd (e, Φ (n))=1, i.e. gcd (e, 20)=1.
It arrives here, public key and key have determined.Public key is (N, e)=(33,3), and key is (N, d)=(33,7).
Data to be stored after asymmetric encryption is carried out cochain storage processing by S103, the storage rule according to setting.
In the present embodiment, the storage location of data to be stored can be located on some memory node in cloud, Huo Zheyou
Selection of land is stored in multiple nodes in cloud, to realize the backup or redundancy of data, avoids data caused by single storage
Lose the defect that can not be given for change.
Specifically, the data to be stored after asymmetric encryption is carried out according to the storage rule of setting in step s 103
When cochain storage processing, encrypted data to be stored can be specifically divided into several data packets, and raw according to each data packet
At corresponding uniqueness characteristic value, when storing current data packet by the corresponding uniqueness characteristic value of a upper data packet and institute
Current data packet is stated to store together.In other words, for different data packets, different uniqueness characteristic values, data packet are corresponding with
There are absolute one-to-one relationships between uniqueness characteristic value, once the content of data packet changes, and it is corresponding unique
Property characteristic value also changes therewith.For the safety of data, if the content of data packet is tampered, that is according to the number
It will necessarily change according to the uniqueness characteristic value regenerated with being compared before not distorting, from there through uniqueness characteristic value
Whether variation to judge data with the presence or absence of security risk.
In a concrete application scene, in step S103 when generating a uniqueness characteristic value according to each data packet, tool
Body can generate a corresponding cryptographic Hash by carrying out secure hash processing to each data packet, the cryptographic Hash as it is described only
One property characteristic value.The realization of secure hash processing specifically can by SHA-224, SHA-256, SHA-384, SHA-512,
SHA-512/224, SHA-512/256, for example for SHA-256, for the message of random length, SHA256 can be generated
The cryptographic Hash of one 256bit long, referred to as eap-message digest, this abstract are the equal of the array that length is 32 bytes, usually
It is indicated with the hexadecimal string that a length is 64.
Fig. 2 is data classification storage flow diagram in the embodiment of the present application two;In the present embodiment, with number to be stored
According to be illustrated for text, as shown in Fig. 2, it may include steps of:
S201, it is built in advance according to the security feature vector of each tagged word in tagged word dictionary and the tagged word dictionary
Found the security level hierarchy model.
Tagged word dictionary collects security-related tagged word and its safe weight record.In database, very much
Attribute record tagged word, such as name, gender, account, password etc..And the safe weighted of these security attributes, safety
Weight is higher, indicates that the data should be more protected, for example the weight of gender can be lower than account and password.And the tax of weight
Value can change according to demand, and the weight of all tagged words is greater than 0.The format of one record are as follows: " tagged word-weight ", such as it is " close
Code -3 ".Tagged word dictionary as far as possible comprehensively gets off the safety-related attribute record occurred in tables of data.
The organizational form of tagged word dictionary is to be distinguished to store according to the length of tagged word.That is the word of word a length of 1 is recorded in one
The word of a individual position, word a length of 2 is recorded in another position, and so on.The benefit stored in this way is one number of identification
When whether being characterized word according to attribute in table, the length L of word is first determined, according to length positioning to first length be directly then L
Word storage location, then traverse, improve the efficiency for looking into word.
Further, the subject classification to tagged word, such as " economical related ", " personnel's letter are realized by clustering algorithm
Manner of breathing closes ", the themes such as " film information is related ".Further, security feature vector is constructed for each tagged word comprising
Safety-related feature: sensitive score a1, theme a2, sensitive score can measure total safe coefficient an of tagged word.According to poly-
Class sets safe weight as a result, total k theme for each theme, and weight is greater than 0, for example film related subject weight is 1, that
Personal information related subject weight is 3, and national security information associated weight is 5.Further, due to 2 peaces of tagged word
Influence of the total correlation feature for security level is different, it is therefore desirable to be this 2 safe weights of feature-set, if the safe weight of a1
For s1, the safe weight of a2 is s2.It since a1, a2 are numerical attribute, therefore is directly this by characteristic value and multiplied by weight
The security feature vector of tagged word.According to feature-set safety classification of all categories, security level is higher, illustrates to include this feature word
Required security levels it is higher.
S202, according to the security level hierarchy model that pre-establishes, to data to be stored carry out classification handle to obtain it is described
The security level of data to be stored.
In the present embodiment, determines that the process to the security level of data to be stored is as follows in detail: determining number to be stored first
According to tagged word vector, that is, determine all tagged words for including in the data to be stored, then carry out with aforementioned body classification
With to obtain the theme of the data to be stored, such as using the highest theme of adduction of weight as the data to be stored
Theme.Further, construct safety-related feature vector, and by each dimension of this amount multiplied by its corresponding safety right restore to
The corresponding security feature vector v of storing data=(a1 × s1, a2 × s2), v is inputted in above-mentioned safety classification model, thus
To its security level.For example, showing its corresponding data to be stored if the weighted average of safety-related feature is bigger in V
Security level it is higher.
It S203, is more than to set the data to be stored progress elliptic curve class encryption of security level boundary to wherein security level
Processing;
In the present embodiment, specifically data to be stored is carried out at encryption using this expense symmetric encipherment algorithm of elliptic curve class
Reason gives elliptic curve E, basic point G and point xG in elliptic curve cryptography, our xG are referred to as public key, and x value is private key, by ellipse
Curve Property is it is found that known private key asks public key very simple, and known public key asks private key to be nearly impossible thing, for this purpose, this
After kind encryption method, the safety of data is relatively high.
In other embodiments, Large integer factoring problem class also can be used, discrete logarithm problem class carries out above-mentioned encryption.
Data to be stored after asymmetric encryption is carried out cochain storage processing by S204, the storage rule according to setting.
It is similar with above-described embodiment one in the present embodiment, the safety that data have been effectively ensured is handled by cochain.
Certainly, the data to be stored for then setting secure registration threshold value small for those security levels can be according to practical need
Seek flexible storage, naturally it is also possible to according to the specified carry out cochain storage processing of user.
Fig. 3 is the structural schematic diagram of data staging storage device in the embodiment of the present application three;As shown in figure 3, comprising:
Stage unit 301 handles to obtain the security level of the data to be stored for carrying out classification to data to be stored;
Encryption unit 302, the data to be stored for being more than setting security level boundary to wherein security level carry out non-
Symmetric cryptography processing;
Data to be stored after asymmetric encryption is carried out cochain for the storage rule according to setting by storage unit 303
Storage processing.
Optionally, in any embodiment of the application, stage unit is further used for according to security level configuration item
Parsing, classification is carried out to data to be stored and handles to obtain the security level of the data to be stored, the security level configuration
The security level for having user to specify is recorded in.
Optionally, in any embodiment of the application, stage unit is further used for according to the safety etc. pre-established
Grade hierarchy model, carries out classification to data to be stored and handles to obtain the security level of the data to be stored.
Optionally, in any embodiment of the application, model foundation unit, for according to tagged word dictionary and described
The security feature vector of each tagged word pre-establishes the security level hierarchy model in tagged word dictionary.It is described it is asymmetric plus
Close processing includes: at least one of Large integer factoring problem class, discrete logarithm problem class, elliptic curve class.
Optionally, in any embodiment of the application, storage unit is further used for encrypted data to be stored
It is divided into several data packets, and corresponding uniqueness characteristic value is generated according to each data packet, it will when storing current data packet
The corresponding uniqueness characteristic value of a upper data packet stores together with the current data packet.
Optionally, in any embodiment of the application, storage unit is further used for carrying out safety to each data packet
Hash generates a corresponding cryptographic Hash, and the cryptographic Hash is as the uniqueness characteristic value.
In the present embodiment, stage unit 301, encryption unit 302, storage unit 303 can be referred to as the first journey again
Sequence unit, the second program unit, third program unit, are not restrictions to quantity, can also be between two program units
It is integrated together.
Fig. 4 is the structural schematic diagram of electronic equipment in the embodiment of the present application four;The electronic equipment may include:
One or more processors 401;
Computer-readable medium 402 is configurable to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the storage method as described in above-mentioned any embodiment.
Fig. 5 is the hardware configuration of electronic equipment in the embodiment of the present application five;As shown in figure 5, the hardware knot of the electronic equipment
Structure may include: processor 501, communication interface 502, computer-readable medium 503 and communication bus 504;
Wherein processor 501, communication interface 502, computer-readable medium 503 are completed each other by communication bus 504
Communication;
Optionally, communication interface 502 can be the interface of communication module, such as the interface of gsm module;
Wherein, processor 501 is specifically configurable to: being carried out classification to data to be stored and is handled to obtain the number to be stored
According to security level;The data to be stored for being more than setting security level boundary to wherein security level carries out at asymmetric encryption
Reason;According to the storage rule of setting, the data to be stored after asymmetric encryption is subjected to cochain storage processing.
Processor 501 can be general processor, including central processing unit (CentralProcessing Unit, abbreviation
CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (DSP), dedicated
Integrated circuit (ASIC), ready-made programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor
Logical device, discrete hardware components.It may be implemented or execute disclosed each method, step and the logic in the embodiment of the present application
Block diagram.General processor can be microprocessor or the processor is also possible to any conventional processor etc..
In above-described embodiment, electronic equipment can be the intelligent terminal of front end, or the server on backstage, when for before
When the intelligent terminal at end, to be intelligent appliance.The household electrical appliances may include following at least one, such as: TV, digital video disc
(DVD) player, audio device, refrigerator, air-conditioning, vacuum cleaner, oven, micro-wave oven, washing machine, air purifier, machine top
Box, home automation controlling panel, security control panel, TV box are (for example, SAMSUNG HOMESYNCTM, APPLE TVTM
Or GOOGLE TVTM), game machine (for example, XBOXTM and PLAYSTATIONTM), electronic dictionary, electron key, video camera and
Digital photo frame.
According to another embodiment, electronic equipment may include following at least one: various Medical Devices are (for example, various
Portable medical measuring device is (for example, blood glucose monitoring device, heart rate monitor apparatus, blood pressure measurement device, body temperature measuring devices
Deng), magnetic resonance angiography (MRA), magnetic resonance imaging (MRI), computed tomography (CT) instrument and Ultrasound Instrument), navigation
Equipment, global positioning system (GPS) receiver, event data recorder (EDR), flight data recorder (FDR), vehicle entertainment
Information equipment, the electronic equipment navigation equipment and gyro compass of ship (for example, be used for) for ship, avionic device,
Safety equipment, motor vehicle head unit, household or industrial robot, the ATM (ATM) in bank, the sale in shop
Point (POS) or internet of things equipment are (for example, bulb, various sensors, voltameter or gas gauge, sprinkling equipment, fire protection warning
Device, constant temperature controller, street lamp, toaster, sports apparatus, boiler, heater, water heater etc.).
According to some embodiments, electronic equipment may include following at least one: furniture or building/structure a part,
Electron plate, electronic signature receiving device, projector and various types of measuring instruments are (for example, watermeter, voltameter, gas gauge
Or radio wave meter).It can be the one or more of above-mentioned various equipment according to the electronic equipment of the various embodiments of the disclosure
Combination.It can be flexible apparatus according to the electronic equipment of some embodiments of the disclosure.In addition, according to disclosure embodiment party
The electronic equipment of formula is not limited to above equipment, and may include the new electronic equipment developed according to technology.
Particularly, in accordance with an embodiment of the present disclosure, it may be implemented as computer above with reference to the process of flow chart description
Software program.For example, embodiment of the disclosure includes a kind of computer program product comprising be carried on computer-readable medium
On computer program, which includes to be configured to the program code of method shown in execution flow chart.Such
In embodiment, which can be downloaded and installed from network by communications portion, and/or from detachable media quilt
Installation.When the computer program is executed by central processing unit (CPU), the above-mentioned function limited in the present processes is executed
Energy.It should be noted that computer-readable medium described herein can be computer-readable signal media or computer
Readable storage medium storing program for executing either the two any combination.Computer-readable medium for example can be, but not limited to be electricity, magnetic,
Optical, electromagnetic, the system of infrared ray or semiconductor, device or device, or any above combination.Computer-readable storage medium
The more specific example of matter can include but is not limited to: have the electrical connections of one or more conducting wires, portable computer diskette,
Hard disk, random access storage medium (RAM), read-only storage medium (ROM), erasable type may be programmed read-only storage medium (EPROM or
Flash memory), optical fiber, the read-only storage medium of portable compact disc (CD-ROM), optical storage media part, magnetic storage medium part or
Above-mentioned any appropriate combination.In this application, computer readable storage medium can be it is any include or storage program
Tangible medium, the program can be commanded execution system, device or device use or in connection.And in the application
In, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal, wherein
Carry computer-readable program code.The data-signal of this propagation can take various forms, including but not limited to electric
Magnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be computer-readable and deposit
Any computer-readable medium other than storage media, which can send, propagate or transmission configuration is served as reasons
Instruction execution system, device or device use or program in connection.The journey for including on computer-readable medium
Sequence code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
It can be write by one or more programming languages or combinations thereof in terms of the operation for being configured to execute the application
Calculation machine program code, described program design language include object oriented program language-such as Java, Smalltalk, C
++, further include conventional procedural programming language-such as " C " language or similar programming language.Program code can
Fully to execute, partly execute on the user computer on the user computer, be executed as an independent software package,
Part executes on the remote computer or executes on a remote computer or server completely on the user computer for part.
In situations involving remote computers, remote computer can pass through the network of any kind: including local area network (LAN) or extensively
Domain net (WAN)-be connected to subscriber computer, or, it may be connected to outer computer (such as provided using Internet service
Quotient is connected by internet).
Flow chart and block diagram in attached drawing are illustrated according to the system of the various embodiments of the application, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of the module, program segment or code are matched comprising one or more
It is set to the executable instruction of logic function as defined in realizing.There is specific precedence relationship in above-mentioned specific embodiment, but these are successively
Relationship is only exemplary, when specific implementation, these steps may less, more or execution sequence have adjustment.I.e.
In some implementations as replacements, function marked in the box can also be sent out in a different order than that indicated in the drawings
It is raw.For example, two boxes succeedingly indicated can actually be basically executed in parallel, they sometimes can also be by opposite suitable
Sequence executes, and this depends on the function involved.It is also noted that each box and block diagram in block diagram and or flow chart
And/or the combination of the box in flow chart, can with execute as defined in functions or operations dedicated hardware based system come
It realizes, or can realize using a combination of dedicated hardware and computer instructions.
Being described in unit involved in the embodiment of the present application can be realized by way of software, can also pass through hardware
Mode is realized.Described unit also can be set in the processor, for example, can be described as: a kind of processor includes point
Grade unit, handles to obtain the security level of the data to be stored for carrying out classification to data to be stored;Encryption unit is used for
The data to be stored for being more than setting security level boundary to wherein security level carries out asymmetric encryption processing;Storage unit is used
In the storage rule according to setting, the data to be stored after asymmetric encryption is subjected to cochain storage processing., for example, classification is single
Member is also described as " handling to obtain the list of the security level of the data to be stored for carrying out classification to data to be stored
Member ".
As on the other hand, present invention also provides a kind of computer-readable mediums, are stored thereon with computer program, should
The method as described in above-mentioned any embodiment is realized when program is executed by processor.
As on the other hand, present invention also provides a kind of computer-readable medium, which can be above-mentioned
Included in device described in embodiment;It is also possible to individualism, and without in the supplying device.Above-mentioned computer can
It reads medium and carries one or more program, when said one or multiple programs are executed by the device, so that the device:
Classification is carried out to data to be stored to handle to obtain the security level of the data to be stored;It is more than setting peace to wherein security level
The data to be stored of full class boundaries carries out asymmetric encryption processing;According to the storage rule of setting, after asymmetric encryption
Data to be stored carries out cochain storage processing.
Statement " first ", " second " used in various embodiments of the present disclosure, " first " or " described the
Two " can modify various parts and unrelated with sequence and/or importance, but these statements do not limit corresponding component.The above statement
It is only configured to the purpose for distinguishing element and other elements.For example, the first user equipment and second user equipment indicate different
User equipment, although being both user equipment.For example, first element can under the premise of without departing substantially from the scope of the present disclosure
Referred to as second element, similarly, second element can be referred to as first element.
When an element (for example, first element) referred to as " (operationally or can with another element (for example, second element)
Communicatedly) connection " or " (operationally or communicably) being attached to " another element (for example, second element) or " being connected to " are another
When one element (for example, second element), it is thus understood that an element is connected directly to another element or an element
Another element is indirectly connected to via another element (for example, third element).On the contrary, it is appreciated that when element (for example,
First element) it referred to as " is directly connected to " or when " directly connection " to another element (second element), then without element (for example, the
Three elements) it is inserted between the two.
Term " module " used herein or " functional unit " can for example mean to include hardware, software and firmware
Unit or include two or more in hardware, software and firmware combined unit." module " can be " single with such as term
Member ", " logic ", " logical block ", " component " or " circuit " convertibly use." module " or " functional unit " can be integral part
The minimum unit of part element or a part of integrated component element." module " can be for executing one or more functions most
Junior unit or part of it." module " or " functional unit " mechanically or is electrically implemented.For example, according to the " mould of the disclosure
Block " or " functional unit " may include following at least one: specific integrated circuit (ASIC) chip, field programmable gate array (FPGA)
And it is known or leaved for development from now on for executing the programmable logic device of operation.
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle.Those skilled in the art
Member is it should be appreciated that invention scope involved in the application, however it is not limited to technology made of the specific combination of above-mentioned technical characteristic
Scheme, while should also cover in the case where not departing from foregoing invention design, it is carried out by above-mentioned technical characteristic or its equivalent feature
Any combination and the other technical solutions formed.Such as features described above has similar function with (but being not limited to) disclosed herein
Can technical characteristic replaced mutually and the technical solution that is formed.
Claims (10)
1. a kind of data classification storage characterized by comprising
Classification is carried out to data to be stored to handle to obtain the security level of the data to be stored;
The data to be stored for being more than setting security level boundary to wherein security level carries out asymmetric encryption processing;
According to the storage rule of setting, the data to be stored after asymmetric encryption is subjected to cochain storage processing.
2. the method according to claim 1, wherein to data to be stored carry out classification handle to obtain it is described wait deposit
Store up the security level of data, comprising: according to the parsing to security level configuration item, classification is carried out to data to be stored and handles to obtain
The security level of the data to be stored records the security level for having user to specify in the security level configuration item.
3. the method according to claim 1, wherein to data to be stored carry out classification handle to obtain it is described wait deposit
Store up the security level of data, comprising: according to the security level hierarchy model pre-established, classification processing is carried out to data to be stored
Obtain the security level of the data to be stored.
4. according to the method described in claim 3, it is characterized by further comprising: according to tagged word dictionary and the tagged word
The security feature vector of each tagged word pre-establishes the security level hierarchy model in dictionary.
5. the method according to claim 1, wherein asymmetric encryption processing includes: that factoring problem is asked
Inscribe at least one of class, discrete logarithm problem class, elliptic curve class.
6. the method according to claim 1, wherein according to the storage rule of setting, after asymmetric encryption
Data to be stored carries out cochain storage processing, comprising: encrypted data to be stored is divided into several data packets, and according to each
Data packet generates corresponding uniqueness characteristic value, when storing current data packet that the corresponding uniqueness of a upper data packet is special
Value indicative stores together with the current data packet.
7. according to the method described in claim 6, it is characterized in that, generating a uniqueness characteristic value, packet according to each data packet
It includes: secure hash being carried out to each data packet and generates a corresponding cryptographic Hash, the cryptographic Hash is as the uniqueness characteristic value.
8. a kind of data staging storage device characterized by comprising
Stage unit handles to obtain the security level of the data to be stored for carrying out classification to data to be stored;
Encryption unit, the data to be stored for being more than setting security level boundary to wherein security level carry out asymmetric encryption
Processing;
Storage unit carries out the data to be stored after asymmetric encryption at cochain storage for the storage rule according to setting
Reason.
9. a kind of electronic equipment, comprising:
One or more processors;
Computer-readable medium is configured to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
The now method as described in any in claim 1-7.
10. a kind of computer-readable medium, is stored thereon with computer program, which is characterized in that the program is executed by processor
Method of the Shi Shixian as described in any in claim 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811517644.2A CN109753810B (en) | 2018-12-12 | 2018-12-12 | Data hierarchical storage method and device, electronic equipment and computer readable medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811517644.2A CN109753810B (en) | 2018-12-12 | 2018-12-12 | Data hierarchical storage method and device, electronic equipment and computer readable medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109753810A true CN109753810A (en) | 2019-05-14 |
CN109753810B CN109753810B (en) | 2021-06-29 |
Family
ID=66403807
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811517644.2A Active CN109753810B (en) | 2018-12-12 | 2018-12-12 | Data hierarchical storage method and device, electronic equipment and computer readable medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109753810B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112693360A (en) * | 2020-12-10 | 2021-04-23 | 重庆邮电大学移通学院 | Electric automobile electric quantity management method and related device |
CN114580005A (en) * | 2022-05-09 | 2022-06-03 | 深圳市航顺芯片技术研发有限公司 | Data access method, computer device and readable storage medium |
CN116663020A (en) * | 2023-07-21 | 2023-08-29 | 江苏华存电子科技有限公司 | Data storage environment safety monitoring method and system |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105933361A (en) * | 2016-07-13 | 2016-09-07 | 何钟柱 | Big data security protection cloud system based on trusted calculation |
CN106534317A (en) * | 2016-11-17 | 2017-03-22 | 杭州云象网络技术有限公司 | Disaster recovery cloud storage system construction method based on block chain technology |
CN106936771A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | A kind of secure cloud storage method and system based on graded encryption |
CN107249046A (en) * | 2017-08-15 | 2017-10-13 | 李俊庄 | A kind of distributed cloud storage system construction method based on block chain |
CN107425962A (en) * | 2017-04-21 | 2017-12-01 | 济南浪潮高新科技投资发展有限公司 | A kind of high in the clouds data guard method of data staging encryption and segmentation |
CN107566414A (en) * | 2017-10-24 | 2018-01-09 | 黄挺冠 | A kind of data encryption cloud system |
CN108702287A (en) * | 2018-04-16 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Information publication based on block chain and acquisition methods, device and block chain node |
CN108712251A (en) * | 2018-05-28 | 2018-10-26 | 江苏众享金联科技有限公司 | It is a kind of difference trust domain under to block chain be written user privacy information method |
CN108881474A (en) * | 2018-07-10 | 2018-11-23 | 南京邮电大学 | A kind of internet of things data cascade protection framework based on block chain |
-
2018
- 2018-12-12 CN CN201811517644.2A patent/CN109753810B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106936771A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | A kind of secure cloud storage method and system based on graded encryption |
CN105933361A (en) * | 2016-07-13 | 2016-09-07 | 何钟柱 | Big data security protection cloud system based on trusted calculation |
CN106534317A (en) * | 2016-11-17 | 2017-03-22 | 杭州云象网络技术有限公司 | Disaster recovery cloud storage system construction method based on block chain technology |
CN107425962A (en) * | 2017-04-21 | 2017-12-01 | 济南浪潮高新科技投资发展有限公司 | A kind of high in the clouds data guard method of data staging encryption and segmentation |
CN107249046A (en) * | 2017-08-15 | 2017-10-13 | 李俊庄 | A kind of distributed cloud storage system construction method based on block chain |
CN107566414A (en) * | 2017-10-24 | 2018-01-09 | 黄挺冠 | A kind of data encryption cloud system |
CN108702287A (en) * | 2018-04-16 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Information publication based on block chain and acquisition methods, device and block chain node |
CN108712251A (en) * | 2018-05-28 | 2018-10-26 | 江苏众享金联科技有限公司 | It is a kind of difference trust domain under to block chain be written user privacy information method |
CN108881474A (en) * | 2018-07-10 | 2018-11-23 | 南京邮电大学 | A kind of internet of things data cascade protection framework based on block chain |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112693360A (en) * | 2020-12-10 | 2021-04-23 | 重庆邮电大学移通学院 | Electric automobile electric quantity management method and related device |
CN114580005A (en) * | 2022-05-09 | 2022-06-03 | 深圳市航顺芯片技术研发有限公司 | Data access method, computer device and readable storage medium |
CN116663020A (en) * | 2023-07-21 | 2023-08-29 | 江苏华存电子科技有限公司 | Data storage environment safety monitoring method and system |
CN116663020B (en) * | 2023-07-21 | 2023-11-14 | 江苏华存电子科技有限公司 | Data storage environment safety monitoring method and system |
Also Published As
Publication number | Publication date |
---|---|
CN109753810B (en) | 2021-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106105146B (en) | Prove that Energy Resources Service's protection client specifies voucher in password | |
US11469891B2 (en) | Expendable cryptographic key access | |
EP3639465B1 (en) | Improved hardware security module management | |
CN109740370A (en) | Data access method and its device, electronic equipment, computer-readable medium | |
CN109788025B (en) | Data grading method and device, electronic equipment and computer readable medium | |
CN105893853B (en) | The method and delegation system of one of multiple hardware security modules are assigned to guest system | |
CN110033368A (en) | The method of secret protection is realized in block chain | |
CN107003815A (en) | The automatic management of confidential data in cloud environment | |
CN109753810A (en) | Data classification storage and its device, electronic equipment, computer-readable medium | |
CN107392040A (en) | A kind of method and device for checking of knowing together | |
JP5957095B2 (en) | Tamper detection device, tamper detection method, and program | |
CN105071937B (en) | Ciphertext policy ABE base encryption method with the revocation of efficient attribute | |
US10454910B2 (en) | Management apparatus, computer program product, system, device, method, information processing apparatus, and server | |
CN108809646A (en) | Secure shared key shared system and method | |
WO2021036086A1 (en) | Transaction data processing method, apparatus and system, and computer-readable storage medium | |
CN109739927A (en) | Date storage method and its device, electronic equipment, computer-readable medium | |
US11290269B2 (en) | Self certification of devices for secure transactions | |
US11804961B1 (en) | Secure video content transmission over a computer network | |
CN107018174A (en) | A kind of method, device and the transaction processing system of blocking system service processing | |
CN109255210A (en) | The method, apparatus and storage medium of intelligent contract are provided in block chain network | |
US20190260715A1 (en) | Computer system, connection apparatus, and processing method using transaction | |
US9755840B2 (en) | Backup and invalidation of authentication credentials | |
CN108830107A (en) | Protect method, apparatus, electronic equipment and the computer readable storage medium of privacy information | |
CN109756561A (en) | Date storage method and its device, electronic equipment, computer-readable medium | |
US9965625B2 (en) | Control system and authentication device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |