CN109981669B - Data security method and system applied to server - Google Patents
Data security method and system applied to server Download PDFInfo
- Publication number
- CN109981669B CN109981669B CN201910262284.4A CN201910262284A CN109981669B CN 109981669 B CN109981669 B CN 109981669B CN 201910262284 A CN201910262284 A CN 201910262284A CN 109981669 B CN109981669 B CN 109981669B
- Authority
- CN
- China
- Prior art keywords
- data
- module
- server
- unit
- unit data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Abstract
The invention discloses a data security method and system applied to a server, and belongs to the field of server data security systems. The system comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system; the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data disassembly and decryption module, the server storage module and the server. The data source is sequentially split, packed, encrypted, unpacked and the like, the data are stored in the server storage module and are independently identified through the server, and the data crisis caused by the fact that external virus data enter the server is avoided.
Description
Technical Field
The invention belongs to the field of server data security systems, and relates to a data security method and system applied to a server.
Background
With the rapid development of social economy and scientific technology and the improvement of the living standard of people, people pay more and more attention to the problems of personal safety, property safety and the like. Information security is always a very important problem in network construction and maintenance, and over 60% of companies in the world worry about security of servers, particularly security of cloud data, and once a certain link of a system applied to the servers has a bug, data loss is easily caused. Therefore, security protection is required at each data access point of the server.
Disclosure of Invention
The invention aims to: the data security method and the data security system applied to the server are provided, and the probability that an external virus data source invades the server can be effectively reduced through all-around interception and data splitting and integration, so that the security of the server is ensured.
The technical scheme adopted by the invention is as follows:
the data security system applied to the server comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data unpacking and decryption module, a server storage module, a server and a power supply system;
the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server;
the network checking module checks the network type of the access network; if the access network is detected as an external network, automatically entering a data source identification module, wherein the data source identification module comprises identity authentication, and the identity authentication comprises authentication user identification, a password and an authentication code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server;
if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence;
the data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresents a number for distinguishing unit data, andtincreasing in order, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) H. cndot. cndot.; and sequentially decrypting the corresponding unit data through the keys of the unit data, sequentially sending the decrypted unit data to the server storage module, and integrally sending the decrypted unit data to the server by the server storage module.
The network inspection module, the data source identification module, the data disassembly module, the data packaging encryption module, the data unpacking decryption module and the server storage module are arranged between the external access servers, and the data are scattered to enter the server storage module through identification, disassembly, packaging, encryption, unpacking and decryption of the data, so that the invasion of virus data is effectively reduced.
Further, the data packaging and encrypting module receives unit data from the data disassembling module, sequentially packages the unit data, sequentially adds keys to the unit data packets, and stores the keys in a text; and the unit data of the data unpacking module sequentially sends the unit data packets and the texts to the data unpacking and decrypting module.
Furthermore, the data unpacking and decrypting module acquires a unit data packet and a text, sequentially decompresses the unit data packet by acquiring a key in the text to acquire unit data, and sequentially sends the unit data to the server storage module; and the server storage module stores and integrates the single-bit data and sends the single-bit data to the server.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
1. the data security method and the data security system applied to the server judge whether the data is an external network or not by carrying out network check in the first step of accessing the server, thereby judging whether the data source identification module is triggered or not, preventing unsafe access of the external network and simultaneously not occupying the verification time of the internal network.
2. According to the data security method and system applied to the server, the data disassembly module, the data packaging encryption module and the data disassembly and decryption module are set, so that data transmitted from the outside can be disassembled into a plurality of unit data and encrypted, the unit data can be verified after being disassembled and decrypted and then transmitted to the server storage module, and unsafe data are prevented from directly entering the server.
3. The invention relates to a data security method and a system applied to a server, which utilize single data by St(Xt,Yt) The form storage is convenient for distinguishing each piece of data, and simultaneously, the array is used for storing all the unit data, thereby effectively reducing the storage space.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and that for those skilled in the art, other relevant drawings can be obtained according to the drawings without inventive effort, wherein:
fig. 1 is a data transmission flow diagram of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It is noted that relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The features and properties of the present invention are described in further detail below with reference to examples.
The data security system applied to the server provided by the preferred embodiment of the invention comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system; the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server; the network checking module checks the network type of the access network, if the access network is detected as an external network, the access network automatically enters the data source identification module, the data source verification module comprises identity verification, and the identity verification comprises verification user identification, a password and a verification code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server; if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence.
The data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresents a number for distinguishing unit data, andtincreasing in order, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) The corresponding unit data are sequentially decrypted through the keys of the unit data, and the decrypted unit data are sequentially sent to the server storage module and are integrally sent to the server through the server storage module.
The data packing and encrypting module receives the unit data from the data disassembling module, packs the unit data in sequence, adds keys to the unit data packets in sequence, and stores the keys into the text; and the unit data packet sequentially sends the unit data packet and the text to a data unpacking and decrypting module.
The data unpacking and decrypting module acquires a unit data packet and a text, sequentially decompresses the unit data packet by acquiring a key in the text to acquire unit data, and sequentially sends the unit data to the server storage module; and the server storage module stores and integrates the single-bit data and sends the single-bit data to the server.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents and improvements made by those skilled in the art within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (3)
1. Data security system for a server, characterized by: the system comprises a network inspection module, a data source identification module, a data disassembly module, a data packaging and encryption module, a data disassembly and decryption module, a server storage module, a server and a power supply system;
the power supply system supplies power to the network inspection module, the identity verification module, the user mobile phone verification module, the data source identification module, the data disassembly module, the data packaging and encryption module, the data unpacking and decryption module, the server storage module and the server;
the network checking module checks the network type of the access network; if the access network is detected as an external network, automatically entering a data source identification module, wherein the data source identification module comprises identity authentication, and the identity authentication comprises authentication user identification, a password and an authentication code; the verification code is obtained by sending a mobile phone number input by a user to the server, receiving the mobile phone number by the server and sending the mobile phone number to the server storage module, detecting whether the mobile phone number exists in the server memory module or not and feeding back a result to the server;
if the mobile phone number has the server memory module, randomly generating a verification code and feeding the verification code back to the mobile phone of the user, and accessing the server after the user inputs the verification code; otherwise, if the mobile phone number does not exist in the server memory module, the verification code is randomly generated and fed back to the user mobile phone, and the verification code is input and enters the data disassembling module; if the access network is detected as an intranet, automatically accessing a server; the data disassembling module is used for acquiring a data source, disassembling the data source into a plurality of unit data, naming the unit data with different identification names in sequence, and sending the unit data to the data packaging and encrypting module in sequence;
the data security system applied to the server processes the data, and the data processing method comprises the following steps:
a: acquiring a data source, and splitting the data source into a plurality of data streams S through a data splitting modulet(Xt,Yt) Unit data of the form StRepresenting a number distinguishing unit data, and t is sequentially incremented, XtRepresenting the content of a unit of data, YtA key representing a unit of data;
b: through a data packaging encryption module, St(Xt,Yt) Storing unit data of form into array M [ S ]1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········];
C: sending the array M to a data unpacking and decrypting module, and sequentially decomposing unit data S according to the characteristics of the array M1(X1,Y1),S2(X2,Y2),S3(X3,Y3)··········;
D: the decomposed unit data S1(X1,Y1),S2(X2,Y2),S3(X3,Y3) H. cndot. cndot.; and sequentially decrypting the corresponding unit data through the keys of the unit data, sequentially sending the content of the decrypted unit data to the server storage module, and integrally sending the content of the decrypted unit data to the server by the server storage module.
2. A data security system for a server as claimed in claim 1, wherein: the data packing and encrypting module receives the unit data from the data unpacking module, packs the unit data in sequence and sends the unit data packet to the data unpacking and decrypting module.
3. A data security system for a server as claimed in claim 2, wherein: the data unpacking and decrypting module acquires the unit data packets, sequentially decrypts the unit data packets by acquiring the keys in the unit data packets, acquires the content of the unit data, and sequentially transmits the content of the unit data to the server storage module; and the server storage module stores and integrates the content of the single-bit data and sends the content to the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910262284.4A CN109981669B (en) | 2019-04-02 | 2019-04-02 | Data security method and system applied to server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910262284.4A CN109981669B (en) | 2019-04-02 | 2019-04-02 | Data security method and system applied to server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109981669A CN109981669A (en) | 2019-07-05 |
CN109981669B true CN109981669B (en) | 2021-10-29 |
Family
ID=67082330
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910262284.4A Active CN109981669B (en) | 2019-04-02 | 2019-04-02 | Data security method and system applied to server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109981669B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110516455A (en) * | 2019-08-16 | 2019-11-29 | 青岛大快搜索计算技术股份有限公司 | A kind of method of source of tax revenue data encryption processing |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102821092A (en) * | 2012-07-03 | 2012-12-12 | 华为技术有限公司 | Internet of Things system and Internet of Things service providing and monitoring method |
WO2016002545A1 (en) * | 2014-07-02 | 2016-01-07 | シャープ株式会社 | Transmission device and reception device |
CN109543463A (en) * | 2018-10-11 | 2019-03-29 | 平安科技(深圳)有限公司 | Data Access Security method, apparatus, computer equipment and storage medium |
-
2019
- 2019-04-02 CN CN201910262284.4A patent/CN109981669B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102821092A (en) * | 2012-07-03 | 2012-12-12 | 华为技术有限公司 | Internet of Things system and Internet of Things service providing and monitoring method |
WO2016002545A1 (en) * | 2014-07-02 | 2016-01-07 | シャープ株式会社 | Transmission device and reception device |
CN109543463A (en) * | 2018-10-11 | 2019-03-29 | 平安科技(深圳)有限公司 | Data Access Security method, apparatus, computer equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109981669A (en) | 2019-07-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11366882B2 (en) | Method and system for verifying integrity of a digital asset using a distributed hash table and a peer-to-peer distributed ledger | |
US10958436B2 (en) | Methods contract generator and validation server for access control of contract data in a distributed system with distributed consensus | |
CN107508812B (en) | Industrial control network data storage method, calling method and system | |
CN101174295B (en) | Off-line DRM authentication method and system | |
CN101272237B (en) | Method and system for automatically generating and filling login information | |
CN108737374A (en) | The method for secret protection that data store in a kind of block chain | |
CN106936771A (en) | A kind of secure cloud storage method and system based on graded encryption | |
CN103051600A (en) | File access control method and system | |
CN101401341A (en) | Secure data parser method and system | |
CN105991563B (en) | Method and device for protecting security of sensitive data and three-party service system | |
CN110061967B (en) | Service data providing method, device, equipment and computer readable storage medium | |
US20200193057A1 (en) | Privacy enhanced data lake for a total customer view | |
CN111177763A (en) | Two-dimensional code electronic encryption and decryption management system and method for file multiple encryption | |
CN114500093A (en) | Safe interaction method and system for message information | |
CN112307515A (en) | Database-based data processing method and device, electronic equipment and medium | |
CN109981669B (en) | Data security method and system applied to server | |
CN113918977A (en) | User information transmission device based on Internet of things and big data analysis | |
CN107743120B (en) | Detachable encrypted test question data transmission system and method | |
CN108900472A (en) | The transmission method and device of information | |
CN115514578B (en) | Block chain based data authorization method and device, electronic equipment and storage medium | |
CN110890979A (en) | Automatic deploying method, device, equipment and medium for fortress machine | |
CN115134150A (en) | Block chain-based data acquisition method and system, storage medium and electronic device | |
CN114782045A (en) | Cross-chain non-transactional writing method and device, storage medium and electronic equipment | |
JP2001005784A (en) | Device and method for collating password | |
CN113037743A (en) | Encryption method and system for cloud server file |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |