CN110324359A - The publication of internet individual information safety, access method and system - Google Patents

The publication of internet individual information safety, access method and system Download PDF

Info

Publication number
CN110324359A
CN110324359A CN201910709611.6A CN201910709611A CN110324359A CN 110324359 A CN110324359 A CN 110324359A CN 201910709611 A CN201910709611 A CN 201910709611A CN 110324359 A CN110324359 A CN 110324359A
Authority
CN
China
Prior art keywords
internet
individual information
recording
database
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910709611.6A
Other languages
Chinese (zh)
Inventor
李晓勇
郭煜
贺丽红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING PENGCHUANG TIANDI TECHNOLOGY CO LTD
Original Assignee
BEIJING PENGCHUANG TIANDI TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING PENGCHUANG TIANDI TECHNOLOGY CO LTD filed Critical BEIJING PENGCHUANG TIANDI TECHNOLOGY CO LTD
Priority to CN201910709611.6A priority Critical patent/CN110324359A/en
Publication of CN110324359A publication Critical patent/CN110324359A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Abstract

The invention discloses a kind of internet individual information safety publication, access method and systems, this method comprises: the variation of real-time monitoring Intranet personal information database;Changed data-base recording is encrypted, and is converted into recording text;Recording text is synchronized in the internet individual information publication database being isolated with intranet security.The present invention can effectively avoid hacker from directly acquiring the initial data of personal information by internet, dramatically increase difficulty and cost that hacker obtains internet individual information.

Description

The publication of internet individual information safety, access method and system
Technical field
The present invention relates to computer information safety technique fields, it particularly relates to which a kind of internet individual information is safe Publication, access method and system.
Background technique
Many internet individual information publication applications all suffer from data security protecting problem, such as medical treatment Internet-based Healthy convenience service etc..On the one hand, these applications all utilize the technical advantage of internet, greatly meet the quick clothes of user Business demand, but on the other hand, individual privacy information is often related in the publication application of these internet individual informations, these letters If breath is directly deposited on internet, and accessible by network protocol, then the system for storing them, including master Including machine, operating system, database etc., it is possible to attacked from internet by hacker, and then stolen a large amount of individual privacies etc. Sensitive data brings harm to social stability.
Obviously, internet individual information publication is applied wants the safety of summed data to protect requirement in data service convenience There is conflict in aspect, i.e., should guarantee normal data access, also to prevent large-scale data theft, while also want to protect The software compatibility of existing application is demonstrate,proved, cannot require to modify to application program.
Therefore, it is necessary to a kind of big data method for security protection and system for supporting internet individual information publication application.
Summary of the invention
It is an object of the invention to propose a kind of internet individual information publication, access method and system safely, Ji Nengman The normal user of foot accesses Internet application requirement, hacker can be prevented to steal Internet application by internet attack pattern again In mass data, to realize flat between internet individual information publication application service ability and data security protecting ability Weighing apparatus.
To realize the above-mentioned technical purpose, the technical scheme of the present invention is realized as follows:
The safe dissemination method of internet individual information, which comprises
1) variation of real-time monitoring Intranet personal information database;
2) changed data-base recording is encrypted, and is converted into recording text;
3) recording text is synchronized in the internet individual information publication database being isolated with intranet security.
Further, the combination according to personal characteristic information or personal characteristic information and other fields is to changed Data-base recording is encrypted.
Internet individual information secure publication system, the system comprises:
Intranet personal information database, for storing the initial data of personal information;
Individuation data library recording of encrypted module, for monitoring the variation of Intranet personal information database, to changed number It is encrypted according to library record, and is converted into recording text;
Data synchronize sending module, for recording text to be synchronized to the synchronous receiving module of the data in internet;
Data synchronize receiving module, for monitor the recording text come from the synchronous sending module transmission of data, and by the record Text is updated into the internet individual information publication database being isolated with intranet security;
Internet individual information publication database, for storing the recording text.
Further, the individuation data library recording of encrypted module is according to personal characteristic information or personal characteristic information Combination with other fields encrypts changed data-base recording.
Internet individual information safety access method, which comprises
1) internet login personal information delivery system;
2) access request is issued to internet individual information publication database;
3) access request is intercepted, and request content is converted to encryption note in internet individual information publication database The access of record inquires the relative recording in internet individual information publication database according to access request, if there is relative recording, into Row following below scheme;
4) key is generated according to access request, the relative recording is decrypted, and the result after decryption is returned into interconnection Net personal information delivery system.
Further, according in the personal characteristic information inquiry internet individual information publication database in access request Relative recording and according in access request personal characteristic information generate key.
Further, the time interval threshold value that user accesses same data-base recording under certain number is set, user is worked as When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit Ask the response time of session.
Internet individual information security access system, the system comprises:
Internet individual information issues application system, logs in for user, issues and visit to internet individual information publication database It asks request and returns to corresponding data-base recording to user;
Internet individual information publication database, for storing recording text;
Database broker for intercepting to the access request, and request content is converted to internet individual information The related note in internet individual information publication database is inquired in the access of scrambled record in publication database according to access request Record, and generate the data-base recording that key pair inquires and be decrypted and decrypted result is returned into internet individual information hair Cloth application.
Further, the database broker is for intercepting the access request, according in access request People's characteristic information inquires the relative recording in internet individual information publication database, and generates according to the personal characteristic information The data-base recording that key pair inquires is decrypted and decrypted result is returned to internet individual information publication application.
Further, further includes:
Setting module works as user for setting the time interval threshold value that user accesses same data-base recording under certain number When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit Ask the response time of session.
Beneficial effects of the present invention: by the way that the initial data of personal information is deposited in the Intranet being isolated with internet security In, personal information is stored on the internet in a manner of ciphertext, stores personal information original number so as to avoid hacker attack According to database, and then a possibility that directly acquire personal information;According to personal characteristic information or personal characteristic information and its The combination of its field encrypts personal information, record so as to avoid all database using identical Encryption Algorithm and Encryption keys, and then improve difficulty and cost acquisition that hacker's batch obtains personal information;By setting module, avoid Hacker decodes the time cost that mode obtains personal information using violence.
Detailed description of the invention
Fig. 1 is the flow chart of the safe dissemination method of internet individual information of the present invention;
Fig. 2 is the structural block diagram of internet individual information secure publication system of the present invention;
Fig. 3 is the flow chart of internet individual information safety access method of the present invention;
Fig. 4 is the structural block diagram of internet individual information secure publication system of the present invention.
Specific embodiment
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description.
As shown in Figure 1, the safe dissemination method of internet individual information described in embodiment according to the present invention, the method Include:
Step 101: the variation of real-time monitoring Intranet personal information database (as increased, deleting and modifying data-base recording).It is interior Net personal information database is not specific to some certain database, but sends out in Intranet to internet individual information including those Cloth database provides data synchronous all Production databases, and Intranet is isolated with internet security, cannot directly be visited from internet Ask Intranet system.
Step 102: changed data-base recording being encrypted, and is converted into recording text, guarantees internet Every data library record in people's information publication database is all ciphertext.
Step 103: recording text is synchronized in the internet individual information publication database being isolated with intranet security.Mutually Networking personal information publication database be located at internet-accessible cyberspace, in Intranet production system (including with it is a People's information generates relevant database and application) network security isolation is kept, user cannot be accessed in Intranet from internet Production system, to guarantee that production system is reliably and securely run.Internet individual information publication database can be used and is identical to Or it is different from Production database relevant to personal information in Intranet, for example Intranet may use oracle database, and interconnect Net personal information publication database may use MySQL or oracle database, to guarantee the business of the existing production system of user The flexibility of continuity and new business.
In a preferred embodiment of the present invention, according to personal characteristic information (such as name, identification card number or other Unique features) changed data-base recording is encrypted, to guarantee in internet individual information publication database Every data library record all may be different;Or the combination according to personal characteristic information and other fields, to prevent by poor Decryption of the act method to certain categorical datas (such as age).
Corresponding with the safe dissemination method of above-mentioned internet individual information, the embodiment of the invention also provides a kind of internets Personal information security delivery system.As shown in Fig. 2, the system comprises:
Intranet personal information database 201, for storing the initial data of personal information;
Individuation data library recording of encrypted module 202, for monitoring the variation of Intranet personal information database 201, to becoming The data-base recording of change is encrypted, and is converted into recording text;
Data synchronize sending module 203, for recording text to be synchronized to the synchronous receiving module 204 of the data in internet;
Data synchronize receiving module 204, for monitor the recording text come from the synchronous transmission of sending module 203 of data, and by institute Recording text is stated to update into the internet individual information publication database 205 being isolated with intranet security;
Internet individual information publication database 205, for storing the recording text.
In a preferred embodiment of the present invention, the individuation data library recording of encrypted module 202 is according to individual The combination of characteristic information or personal characteristic information and other fields encrypts changed data-base recording.
The invention also discloses a kind of internet individual information safety access methods, as shown in Figure 3, which comprises
Step 301: user's internet login personal information delivery system.
Step 302: access request is issued to internet individual information publication database.Internet individual information issues data Data source in the library Production database relevant to personal information in Intranet, when production relevant to personal information in Intranet When database changes, associated change translates into text entry and is updated in real time or as early as possible to internet individual information publication number According in library.
Step 303: access request being intercepted, and request content is converted to, data is issued to internet individual information The access of scrambled record in library inquires the relative recording in internet individual information publication database according to access request, if nothing Relative recording, access terminates, if there is relative recording, carries out following below scheme.
Step 304: key being generated according to access request, the relative recording is decrypted, and by the result after decryption Return to internet individual information delivery system.
In a preferred embodiment of the invention, according to the personal characteristic information inquiry internet in access request Relative recording in people's information publication database and key is generated according to the personal characteristic information in access request.
In a preferred embodiment of the invention, an access frequency is set in internet individual information publication database Rate field sets user accesses same data-base recording under certain number time interval threshold value and (for example accesses three times recently The time interval of specific record), when user is more than described to the time interval of same database access under the number of setting Between interval threshold when, extend the response time of user's current accessed session, the ciphertext data library record in a manner of slowing down through violence Degree of risk.
Corresponding with above-mentioned internet individual information safety access method, the embodiment of the invention also provides a kind of internets Personal information security accesses system.As shown in figure 4, the system comprises:
Internet individual information issues application system 401, logs in for user, to internet individual information publication database 404 It issues access request and returns to corresponding data-base recording to user;
Internet individual information publication database 404, for storing recording text;
Database broker 403 inquires internet individual information hair according to access request for intercepting to the access request Relative recording in cloth database 404, and generate the data-base recording that key pair inquires and be decrypted and by decrypted result Internet individual information publication is returned to using 401.
In a preferred embodiment of the embodiment of the present invention, the database broker 403 is for asking the access It asks and is intercepted, according to the phase in the personal characteristic information inquiry internet individual information publication database 404 in access request Record is closed, and generates the data-base recording that key pair inquires according to the personal characteristic information and is decrypted and will decrypt knot Fruit returns to internet individual information publication using 401.
In a preferred embodiment of the embodiment of the present invention, further includes:
Setting module 402, for setting the time interval threshold value that user accesses same data-base recording under certain number, when with When family is more than the time interval threshold value to the time interval of same database access under the number of setting, it is current to extend user The response time of access session.
In addition, in flow charts indicate or logic and/or step described otherwise above herein, for example, can be recognized For the order list for being executable instruction for realizing logic function, any computer-readable medium may be embodied in In, for instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be with From instruction execution system, device or equipment instruction fetch and the system that executes instruction) use, or combine these instruction execution systems, Device or equipment and use.For the purpose of this specification, " computer-readable medium " can be it is any may include, store, communicating, Propagate or transfer program for instruction execution system, device or equipment or in conjunction with these instruction execution systems, device or equipment and The device used.The more specific example (non-exhaustive list) of computer-readable medium include the following: there is one or more The electrical connection section (electronic device) of wiring, portable computer diskette box (magnetic device), random access memory (RAM) are read-only Memory (ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk Read-only memory (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other Suitable medium, because can then be edited for example by carrying out optical scanner to paper or other media, be interpreted or necessary When handled with other suitable methods electronically to obtain described program, be then stored in computer storage In.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Within mind and principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.

Claims (10)

1. the safe dissemination method of internet individual information, which is characterized in that the described method includes:
1) variation of real-time monitoring Intranet personal information database;
2) changed data-base recording is encrypted, and is converted into recording text;
3) recording text is synchronized in the internet individual information publication database being isolated with intranet security.
2. the method according to claim 1, wherein foundation personal characteristic information or individual are special in step 2 The combination that reference ceases with other fields encrypts changed data-base recording.
3. internet individual information secure publication system, which is characterized in that the system comprises:
Intranet personal information database, for storing the initial data of personal information;
Individuation data library recording of encrypted module, for monitoring the variation of Intranet personal information database, to changed number It is encrypted according to library record, and is converted into recording text;
Data synchronize sending module, for recording text to be synchronized to the synchronous receiving module of the data in internet;
Data synchronize receiving module, for monitor the recording text come from the synchronous sending module transmission of data, and by the record Text is updated into the internet individual information publication database being isolated with intranet security;
Internet individual information publication database, for storing the recording text.
4. system according to claim 3, which is characterized in that the individuation data library recording of encrypted module is according to personal The combination of characteristic information or personal characteristic information and other fields encrypts changed data-base recording.
5. internet individual information safety access method, which is characterized in that the described method includes:
1) internet login personal information delivery system;
2) access request is issued to internet individual information publication database;
3) access request is intercepted, and request content is converted to encryption note in internet individual information publication database The access of record inquires the relative recording in internet individual information publication database according to access request, if there is relative recording, into Row following below scheme;
4) key is generated according to access request, the relative recording is decrypted, and the result after decryption is returned into interconnection Net personal information delivery system.
6. according to the method described in claim 5, it is characterized in that, inquiring interconnection according to the personal characteristic information in access request Relative recording in net personal information publication database and key is generated according to the personal characteristic information in access request.
7. according to the method described in claim 6, visiting it is characterized in that, setting user under certain number same data-base recording The time interval threshold value asked, when user is more than the time between the time interval of same database access under the number of setting When threshold value, extend the response time of user's current accessed session.
8. internet individual information security access system, which is characterized in that the system comprises:
Internet individual information issues application system, logs in for user, issues and visit to internet individual information publication database It asks request and returns to corresponding data-base recording to user;
Internet individual information publication database, for storing recording text;
Database broker for intercepting to the access request, and request content is converted to internet individual information The related note in internet individual information publication database is inquired in the access of scrambled record in publication database according to access request Record, and generate the data-base recording that key pair inquires and be decrypted and decrypted result is returned into internet individual information hair Cloth application.
9. system according to claim 8, which is characterized in that the database broker is used to carry out the access request It intercepts, according to the relative recording in the personal characteristic information inquiry internet individual information publication database in access request, and The data-base recording that inquires of key pair is generated according to the personal characteristic information to be decrypted and return to decrypted result Internet individual information publication application.
10. system according to claim 9, which is characterized in that further include:
Setting module works as user for setting the time interval threshold value that user accesses same data-base recording under certain number When being more than the time interval threshold value to the time interval of same database access under the number of setting, extends user and currently visit Ask the response time of session.
CN201910709611.6A 2019-08-02 2019-08-02 The publication of internet individual information safety, access method and system Pending CN110324359A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910709611.6A CN110324359A (en) 2019-08-02 2019-08-02 The publication of internet individual information safety, access method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910709611.6A CN110324359A (en) 2019-08-02 2019-08-02 The publication of internet individual information safety, access method and system

Publications (1)

Publication Number Publication Date
CN110324359A true CN110324359A (en) 2019-10-11

Family

ID=68125252

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910709611.6A Pending CN110324359A (en) 2019-08-02 2019-08-02 The publication of internet individual information safety, access method and system

Country Status (1)

Country Link
CN (1) CN110324359A (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976321A (en) * 2010-09-21 2011-02-16 北京工业大学 Generated encrypting method based on face feature key
CN102629926A (en) * 2012-04-06 2012-08-08 上海凯卓信息科技有限公司 Encrypting cloud storage method based on intelligent mobile terminal
CN103236933A (en) * 2013-05-13 2013-08-07 陈勇 Online real-name certification system for online medical system and certification method of online real-name certification system
CN103560892A (en) * 2013-11-21 2014-02-05 深圳中兴网信科技有限公司 Secret key generation method and secret key generation device
CN105871902A (en) * 2016-05-25 2016-08-17 安徽问天量子科技股份有限公司 Data encryption and isolation system
CN107370725A (en) * 2017-06-21 2017-11-21 西安电子科技大学 The access method and system of general encrypting database under a kind of cloud environment
CN107959663A (en) * 2016-10-17 2018-04-24 孙建松 One kind utilizes the encrypted internet diagnosis and therapy system of patient identification information and method
US10289830B2 (en) * 2015-10-28 2019-05-14 Min Ni Interception-proof authentication and encryption system and method
CN109936643A (en) * 2019-03-12 2019-06-25 青岛理工大学 A kind of attendance system and method based on IPv6 network

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101976321A (en) * 2010-09-21 2011-02-16 北京工业大学 Generated encrypting method based on face feature key
CN102629926A (en) * 2012-04-06 2012-08-08 上海凯卓信息科技有限公司 Encrypting cloud storage method based on intelligent mobile terminal
CN103236933A (en) * 2013-05-13 2013-08-07 陈勇 Online real-name certification system for online medical system and certification method of online real-name certification system
CN103560892A (en) * 2013-11-21 2014-02-05 深圳中兴网信科技有限公司 Secret key generation method and secret key generation device
US10289830B2 (en) * 2015-10-28 2019-05-14 Min Ni Interception-proof authentication and encryption system and method
CN105871902A (en) * 2016-05-25 2016-08-17 安徽问天量子科技股份有限公司 Data encryption and isolation system
CN107959663A (en) * 2016-10-17 2018-04-24 孙建松 One kind utilizes the encrypted internet diagnosis and therapy system of patient identification information and method
CN107370725A (en) * 2017-06-21 2017-11-21 西安电子科技大学 The access method and system of general encrypting database under a kind of cloud environment
CN109936643A (en) * 2019-03-12 2019-06-25 青岛理工大学 A kind of attendance system and method based on IPv6 network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
曹静: "基于物理隔离的分布式数据库同步", 《计算机工程》 *

Similar Documents

Publication Publication Date Title
US6789195B1 (en) Secure data processing method
CN105453105B (en) System and method for cloud data safety
Vijayakumar et al. RETRACTED ARTICLE: E-Health Cloud Security Using Timing Enabled Proxy Re-Encryption
DE69628789T2 (en) Key distribution and authentication system and method between a host processor and a portable device
CN105593871B (en) Attribute information providing method and attribute information provide system
EP1850233A1 (en) Authentication method, authentication system, and tag device thereof, information reference client, authentication server, and information server
CN102656589A (en) Verifiable trust for data through wrapper composition
JP4167476B2 (en) Data protection / storage method / server
CN107948146A (en) A kind of connection keyword retrieval method based on encryption attribute in mixed cloud
CN110489996A (en) A kind of database data method for managing security and system
US20140156988A1 (en) Medical emergency-response data management mechanism on wide-area distributed medical information network
CN106131225A (en) The security system accessed for medical treatment case information
WO2022206453A1 (en) Method and apparatus for providing cross-chain private data
CN109379345A (en) Sensitive information transmission method and system
EP2988291B1 (en) Method, system and computer program for personal data sharing
CN113889208A (en) Block chain-based method, device and equipment for sharing medical data between uplink and downlink
KR20220125567A (en) System and method for sharing patient's medical data in medical cloud environment
CN110022207A (en) Key management and the method and apparatus for handling data
JP5441726B2 (en) Information processing system, management device, server device, and information processing device
JP4657706B2 (en) Authority management system, authentication server, authority management method, and authority management program
JP2000331101A (en) System and method for managing information related to medical care
CN110324359A (en) The publication of internet individual information safety, access method and system
CN114257436B (en) Access security management method and system suitable for fort machine, electronic equipment and readable storage medium
CN110138792A (en) A kind of public health geodata goes privacy processing method and system
CN115879156A (en) Dynamic desensitization method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191011