CN109981669B - Data security method and system applied to server - Google Patents

Data security method and system applied to server Download PDF

Info

Publication number
CN109981669B
CN109981669B CN201910262284.4A CN201910262284A CN109981669B CN 109981669 B CN109981669 B CN 109981669B CN 201910262284 A CN201910262284 A CN 201910262284A CN 109981669 B CN109981669 B CN 109981669B
Authority
CN
China
Prior art keywords
data
module
server
unit
unit data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910262284.4A
Other languages
Chinese (zh)
Other versions
CN109981669A (en
Inventor
赵新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan Guanruan Information Technology Co ltd
Original Assignee
Henan Guanruan Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan Guanruan Information Technology Co ltd filed Critical Henan Guanruan Information Technology Co ltd
Priority to CN201910262284.4A priority Critical patent/CN109981669B/en
Publication of CN109981669A publication Critical patent/CN109981669A/en
Application granted granted Critical
Publication of CN109981669B publication Critical patent/CN109981669B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data

Abstract

The invention discloses a data security method and system applied to a server, and belongs to the field of server data security systems. The system comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system; the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data disassembly and decryption module, the server storage module and the server. The data source is sequentially split, packed, encrypted, unpacked and the like, the data are stored in the server storage module and are independently identified through the server, and the data crisis caused by the fact that external virus data enter the server is avoided.

Description

Data security method and system applied to server
Technical Field
The invention belongs to the field of server data security systems, and relates to a data security method and system applied to a server.
Background
With the rapid development of social economy and scientific technology and the improvement of the living standard of people, people pay more and more attention to the problems of personal safety, property safety and the like. Information security is always a very important problem in network construction and maintenance, and over 60% of companies in the world worry about security of servers, particularly security of cloud data, and once a certain link of a system applied to the servers has a bug, data loss is easily caused. Therefore, security protection is required at each data access point of the server.
Disclosure of Invention
The invention aims to: the data security method and the data security system applied to the server are provided, and the probability that an external virus data source invades the server can be effectively reduced through all-around interception and data splitting and integration, so that the security of the server is ensured.
The technical scheme adopted by the invention is as follows:
the data security system applied to the server comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data unpacking and decryption module, a server storage module, a server and a power supply system;
the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server;
the network checking module checks the network type of the access network; if the access network is detected as an external network, automatically entering a data source identification module, wherein the data source identification module comprises identity authentication, and the identity authentication comprises authentication user identification, a password and an authentication code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server;
if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence;
the data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresents a number for distinguishing unit data, andtincreasing in order, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) H. cndot. cndot.; and sequentially decrypting the corresponding unit data through the keys of the unit data, sequentially sending the decrypted unit data to the server storage module, and integrally sending the decrypted unit data to the server by the server storage module.
The network inspection module, the data source identification module, the data disassembly module, the data packaging encryption module, the data unpacking decryption module and the server storage module are arranged between the external access servers, and the data are scattered to enter the server storage module through identification, disassembly, packaging, encryption, unpacking and decryption of the data, so that the invasion of virus data is effectively reduced.
Further, the data packaging and encrypting module receives unit data from the data disassembling module, sequentially packages the unit data, sequentially adds keys to the unit data packets, and stores the keys in a text; and the unit data of the data unpacking module sequentially sends the unit data packets and the texts to the data unpacking and decrypting module.
Furthermore, the data unpacking and decrypting module acquires a unit data packet and a text, sequentially decompresses the unit data packet by acquiring a key in the text to acquire unit data, and sequentially sends the unit data to the server storage module; and the server storage module stores and integrates the single-bit data and sends the single-bit data to the server.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
1. the data security method and the data security system applied to the server judge whether the data is an external network or not by carrying out network check in the first step of accessing the server, thereby judging whether the data source identification module is triggered or not, preventing unsafe access of the external network and simultaneously not occupying the verification time of the internal network.
2. According to the data security method and system applied to the server, the data disassembly module, the data packaging encryption module and the data disassembly and decryption module are set, so that data transmitted from the outside can be disassembled into a plurality of unit data and encrypted, the unit data can be verified after being disassembled and decrypted and then transmitted to the server storage module, and unsafe data are prevented from directly entering the server.
3. The invention relates to a data security method and a system applied to a server, which utilize single data by St(Xt,Yt) The form storage is convenient for distinguishing each piece of data, and simultaneously, the array is used for storing all the unit data, thereby effectively reducing the storage space.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and that for those skilled in the art, other relevant drawings can be obtained according to the drawings without inventive effort, wherein:
fig. 1 is a data transmission flow diagram of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It is noted that relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The features and properties of the present invention are described in further detail below with reference to examples.
The data security system applied to the server provided by the preferred embodiment of the invention comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system; the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server; the network checking module checks the network type of the access network, if the access network is detected as an external network, the access network automatically enters the data source identification module, the data source verification module comprises identity verification, and the identity verification comprises verification user identification, a password and a verification code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server; if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence.
The data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresents a number for distinguishing unit data, andtincreasing in order, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) The corresponding unit data are sequentially decrypted through the keys of the unit data, and the decrypted unit data are sequentially sent to the server storage module and are integrally sent to the server through the server storage module.
The data packing and encrypting module receives the unit data from the data disassembling module, packs the unit data in sequence, adds keys to the unit data packets in sequence, and stores the keys into the text; and the unit data packet sequentially sends the unit data packet and the text to a data unpacking and decrypting module.
The data unpacking and decrypting module acquires a unit data packet and a text, sequentially decompresses the unit data packet by acquiring a key in the text to acquire unit data, and sequentially sends the unit data to the server storage module; and the server storage module stores and integrates the single-bit data and sends the single-bit data to the server.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents and improvements made by those skilled in the art within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (3)

1. Data security system for a server, characterized by: the system comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system;
the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server;
the network checking module checks the network type of the access network; if the access network is detected as an external network, automatically entering a data source identification module, wherein the data source identification module comprises identity authentication, and the identity authentication comprises authentication user identification, a password and an authentication code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server;
if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence;
the data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresenting a number distinguishing unit data, and t is sequentially incremented, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) H. cndot. cndot.; and sequentially decrypting the corresponding unit data through the keys of the unit data, sequentially sending the content of the decrypted unit data to the server storage module, and integrally sending the content of the decrypted unit data to the server by the server storage module.
2. A data security system for a server as claimed in claim 1, wherein: the data packing and encrypting module receives the unit data from the data unpacking module, packs the unit data in sequence and sends the unit data packet to the data unpacking and decrypting module.
3. A data security system for a server as claimed in claim 2, wherein: the data unpacking and decrypting module acquires the unit data packets, sequentially decrypts the unit data packets by acquiring the keys in the unit data packets, acquires the content of the unit data, and sequentially transmits the content of the unit data to the server storage module; and the server storage module stores and integrates the content of the single-bit data and sends the content to the server.
CN201910262284.4A 2019-04-02 2019-04-02 Data security method and system applied to server Active CN109981669B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910262284.4A CN109981669B (en) 2019-04-02 2019-04-02 Data security method and system applied to server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910262284.4A CN109981669B (en) 2019-04-02 2019-04-02 Data security method and system applied to server

Publications (2)

Publication Number Publication Date
CN109981669A CN109981669A (en) 2019-07-05
CN109981669B true CN109981669B (en) 2021-10-29

Family

ID=67082330

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910262284.4A Active CN109981669B (en) 2019-04-02 2019-04-02 Data security method and system applied to server

Country Status (1)

Country Link
CN (1) CN109981669B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110516455A (en) * 2019-08-16 2019-11-29 青岛大快搜索计算技术股份有限公司 A kind of method of source of tax revenue data encryption processing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102821092A (en) * 2012-07-03 2012-12-12 华为技术有限公司 Internet of Things system and Internet of Things service providing and monitoring method
WO2016002545A1 (en) * 2014-07-02 2016-01-07 シャープ株式会社 Transmission device and reception device
CN109543463A (en) * 2018-10-11 2019-03-29 平安科技(深圳)有限公司 Data Access Security method, apparatus, computer equipment and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102821092A (en) * 2012-07-03 2012-12-12 华为技术有限公司 Internet of Things system and Internet of Things service providing and monitoring method
WO2016002545A1 (en) * 2014-07-02 2016-01-07 シャープ株式会社 Transmission device and reception device
CN109543463A (en) * 2018-10-11 2019-03-29 平安科技(深圳)有限公司 Data Access Security method, apparatus, computer equipment and storage medium

Also Published As

Publication number Publication date
CN109981669A (en) 2019-07-05

Similar Documents

Publication Publication Date Title
US11366882B2 (en) Method and system for verifying integrity of a digital asset using a distributed hash table and a peer-to-peer distributed ledger
US10958436B2 (en) Methods contract generator and validation server for access control of contract data in a distributed system with distributed consensus
CN107508812B (en) Industrial control network data storage method, calling method and system
CN101174295B (en) Off-line DRM authentication method and system
CN101272237B (en) Method and system for automatically generating and filling login information
CN108737374A (en) The method for secret protection that data store in a kind of block chain
CN106936771A (en) A kind of secure cloud storage method and system based on graded encryption
CN103051600A (en) File access control method and system
CN101401341A (en) Secure data parser method and system
CN105991563B (en) Method and device for protecting security of sensitive data and three-party service system
CN110061967B (en) Service data providing method, device, equipment and computer readable storage medium
US20200193057A1 (en) Privacy enhanced data lake for a total customer view
CN111177763A (en) Two-dimensional code electronic encryption and decryption management system and method for file multiple encryption
CN114500093A (en) Safe interaction method and system for message information
CN112307515A (en) Database-based data processing method and device, electronic equipment and medium
CN109981669B (en) Data security method and system applied to server
CN113918977A (en) User information transmission device based on Internet of things and big data analysis
CN107743120B (en) Detachable encrypted test question data transmission system and method
CN108900472A (en) The transmission method and device of information
CN115514578B (en) Block chain based data authorization method and device, electronic equipment and storage medium
CN110890979A (en) Automatic deploying method, device, equipment and medium for fortress machine
CN115134150A (en) Block chain-based data acquisition method and system, storage medium and electronic device
CN114782045A (en) Cross-chain non-transactional writing method and device, storage medium and electronic equipment
JP2001005784A (en) Device and method for collating password
CN113037743A (en) Encryption method and system for cloud server file

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant