CN110740139A - secret key device and secret key management method, system, equipment and computer medium - Google Patents

secret key device and secret key management method, system, equipment and computer medium Download PDF

Info

Publication number
CN110740139A
CN110740139A CN201911026057.8A CN201911026057A CN110740139A CN 110740139 A CN110740139 A CN 110740139A CN 201911026057 A CN201911026057 A CN 201911026057A CN 110740139 A CN110740139 A CN 110740139A
Authority
CN
China
Prior art keywords
key
load balancing
key management
systems
secret key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911026057.8A
Other languages
Chinese (zh)
Inventor
陈二涛
胡永刚
白学余
翟亚永
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Electronic Information Industry Co Ltd
Original Assignee
Langchao Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Langchao Electronic Information Industry Co Ltd filed Critical Langchao Electronic Information Industry Co Ltd
Priority to CN201911026057.8A priority Critical patent/CN110740139A/en
Publication of CN110740139A publication Critical patent/CN110740139A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/178Techniques for file synchronisation in file systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1036Load balancing of requests to servers for services different from user content provisioning, e.g. load balancing across domain name servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Abstract

The application discloses secret key devices and secret key management methods, systems, equipment and computer media, and the secret key devices and the secret key management methods, the systems, the equipment and the computer media comprise preset number of object storage gateway systems, load balancing systems connected with each object storage gateway system, multiple master database service clusters connected with the load balancing systems, the multiple master database service clusters comprise a second preset number of secret key management systems, each secret key management system comprises an identity verification service module, the identity verification service modules are connected with the load balancing systems and respectively connected with the secret key management service modules and the database clusters, the secret key management service modules are connected with the database clusters, the object storage gateway systems are used for receiving secret key requests sent by clients and transmitting the secret key requests to load balancing systems, the load balancing systems distribute corresponding secret key management systems for the secret key requests, the secret key management systems process the secret key requests, and performance stability of secret key management services is improved.

Description

secret key device and secret key management method, system, equipment and computer medium
Technical Field
The present application relates to the field of data processing technologies, and in particular, to key devices, key management methods, systems, devices, and computer media.
Background
The method comprises the steps that data with high safety and privacy are required to provide better data safety service, and data are encrypted by a common means, wherein server-side encryption which uses Key Management Service (KMS) to manage keys is a common data encryption method, the encryption method introduces the Key management service to perform Key management, a user specifies a link of the keys when needing to encrypt and upload data, the server requests Key content from the Key management service by using the Key link after receiving the request, then encrypts the uploaded data by using the plaintext Key, the encrypted data are stored in the server, the Key link used by local encryption is recorded, and the server decrypts the data by using the Key link used for encryption and returns the data to a client.
However, the existing key management service is prone to single point of failure and has poor performance stability.
In summary, how to improve the performance stability of the key management service is a problem to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide key devices, which can solve the technical problem of how to improve the performance stability of key management service in degree, and key management methods, systems, equipment and computer readable storage media are also provided.
In order to achieve the above purpose, the present application provides the following technical solutions:
secret key devices comprise preset number of object storage gateway systems, a load balancing system connected with each object storage gateway system, and a multi-master database service cluster connected with the load balancing system, wherein the multi-master database service cluster comprises a second preset number of secret key management systems, the secret key management system comprises an identity verification service module, a secret key management service module and a database cluster, the identity verification service module is connected with the load balancing system and is respectively connected with the secret key management service module and the database cluster, and the secret key management service module is connected with the database cluster;
the object storage gateway system is used for receiving a key request sent by a client and transmitting the key request to the th load balancing system, the th load balancing system is used for receiving the key request and distributing a corresponding key management system for the key request, and the key management system is used for processing the key request.
Preferably, the multi-master database service cluster further comprises a second load balancing system, and the second load balancing system is respectively connected with the authentication service module and the key management service module in every key management systems.
Preferably, the key management systems realize data synchronization among the database clusters through a multi-master synchronization mechanism.
A key management method for use in the load balancing system of any of the above , comprising:
receiving a key request transmitted by an object storage gateway system;
determining a key management system for receiving the key request in a multi-master database service cluster according to a load balancing strategy set by the system;
receiving a key processing result obtained after the key management system processes the key request;
and transmitting the key processing result to the object storage gateway system.
Preferably, after receiving the key request transmitted by the object storage gateway system, before determining, in the multi-master database service cluster, the key management system that receives the key request according to the load balancing policy set by the object storage gateway system, the method includes:
setting a domain name corresponding to the object storage gateway system for the key request.
A Key management method for use in a Key management System as described in any above, comprising:
receiving a key request transmitted by the load balancing system;
performing identity authentication on the secret key request, and processing the secret key request after the authentication is passed to obtain a secret key processing result;
transmitting the key processing result to the th load balancing system.
Preferably, the processing the key request includes:
sending the key request and the verified information to a second load balancing system, so that the second load balancing system determines a key management system for performing subsequent processing on the key request based on a load balancing policy set by the second load balancing system;
judging whether the key request transmitted by the second load balancing system is received or not;
and if so, processing the key request.
A key management system applied to A load balancing system comprises:
, a receiving module, for receiving the key request transmitted by the object storage gateway system;
an determining module, configured to determine, in a multi-master database service cluster, a key management system that receives the key request according to a load balancing policy set by the determining module;
a second receiving module, configured to receive a key processing result obtained after the key management system processes the key request;
, a transmission module for transmitting the key processing result to the object storage gateway system.
A key management device, comprising:
a memory for storing a computer program;
a processor arranged to implement the steps of the key management method of any of above when the computer program is executed.
computer readable storage medium having stored therein a computer program which, when executed by a processor, carries out the steps of the key management method of any of as described above.
The key devices provided by the application comprise preset number of object storage gateway systems, load balancing systems connected with each object storage gateway system, and load balancing systems connected with a multi-master database service cluster, wherein the multi-master database service cluster comprises a second preset number of key management systems, and comprises an identity verification service module, a key management service module and a database cluster, the identity verification service module is connected with load balancing systems and respectively connected with the key management service module and the database cluster, and the key management service module is connected with the database cluster, wherein the object storage gateway systems are used for receiving key requests sent by clients and transmitting the key requests to load balancing systems, the load balancing systems are used for receiving key requests and distributing corresponding key management systems for the key requests, the key management systems are used for processing the key requests, and key devices provided by the application systems can be used for processing the key requests, and even if the cluster management systems are composed of the second preset number of key management systems, the cluster management systems can provide a proper key management technology and a method for processing the key management system and can be used for solving the problems of providing a readable key management system, and a stable key management system.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic diagram of a structure of key devices according to an embodiment of the present application;
fig. 2 is a second schematic structural diagram of key devices according to an embodiment of the present disclosure;
fig. 3 is a flowchart of key management methods according to an embodiment of the present invention;
fig. 4 is a second flowchart of key management methods provided in the embodiments of the present application;
fig. 5 is a schematic structural diagram of key management systems according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of kinds of key management devices according to an embodiment of the present application;
fig. 7 is another schematic structural diagram of kinds of key management devices according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application , rather than all embodiments.
Referring to fig. 1, fig. 1 is a schematic view of a structure of key devices according to an embodiment of the present disclosure.
The kinds of key devices provided by the embodiment of the application can comprise object storage gateway systems 11 with preset quantity, a th load balancing system 12 connected with each object storage gateway system, a multi-master database service cluster 13 connected with the th load balancing system, wherein the multi-master database service cluster 13 comprises key management systems 130 with second preset quantity, each key management system comprises an identity verification service module 1301, a key management service module 1302 and a database cluster 1303, the identity verification service module 1301 is connected with the th load balancing system 12 and is respectively connected with the key management service module 1302 and the database cluster 1303, and the key management service module 1302 is connected with the database cluster 1303;
the object storage gateway system 11 is configured to receive a key request sent by a client and transmit the key request to the th load balancing system 12, the th load balancing system 12 is configured to receive the key request and distribute a corresponding key management system 130 for the key request, and the key management system 130 is configured to process the key request.
It should be noted that the key management system 130 provided in the present application has the same function as the existing key management system, wherein the authentication service module 1301 is used for performing authentication on a key request; the key management service module 1302 is configured to provide key management services, including key generation, key query, key acquisition, key deletion, and the like; the database cluster module is used for storing data related to the authentication service module 1301 and the key management service module 1302. In addition, the connection mode between each device in the key device related in the present application may be flexibly determined according to actual needs, and the present application is not specifically limited herein.
The key device provided by the application comprises th preset number of object storage gateway systems, th load balancing systems connected with each object storage gateway system, th load balancing systems connected with the multiple master database service clusters, wherein the multiple master database service clusters comprise a second preset number of key management systems, each key management system comprises an identity verification service module, a key management service module and a database cluster, the identity verification service module is connected with the th load balancing systems and respectively connected with the key management service module and the database cluster, the key management service modules are connected with the database cluster, the object storage gateway systems are used for receiving key requests sent by clients and transmitting the key requests to the th load balancing systems, the th load balancing systems are used for receiving the key requests and distributing corresponding key management systems for the key requests, the key management systems are used for processing the key requests, the key device provided by the application systems and the th cluster management systems can be used for improving the stability of the cluster management systems, and the cluster management systems can be used for flexibly processing the key requests.
Referring to fig. 2, fig. 2 is a second schematic structural diagram of key devices according to an embodiment of the present application.
In the key devices provided in this embodiment of the present application, in order to further improve performance stability of the key management service, the multi-master database service cluster may further include a second load balancing system 14, where the second load balancing system 14 is respectively connected to the authentication service module 1301 and the key management service module 1302 in every key management systems.
In this application, the second load balancing system 14 is configured to redistribute the authenticated key request, that is, redistribute the authenticated key request to a key management system that subsequently performs key request processing.
In the key devices provided by the embodiment of the application, in order to ensure consistency of data among the key management systems, data synchronization among the key management systems among the database clusters can be realized through a multi-master synchronization mechanism.
Referring to fig. 3, fig. 3 is a flowchart of a of key management methods according to an embodiment of the present application.
The key management methods provided in this embodiment of the present application are applied to the load balancing system described in any of the embodiments, and may include the following steps:
step S101: and receiving a key request transmitted by the object storage gateway system.
In practical applications, the th load balancing system may receive a key request transmitted by the object storage gateway system, where the type of the key request may be flexibly determined according to actual needs, for example, the key request may be a key obtaining request, a key querying request, a key deleting request, and the like.
Step S102: and determining a key management system for receiving the key request in the multi-master database service cluster according to a load balancing strategy set by the system.
In practical applications, after the th load balancing system receives the key request, the key management system receiving the key request may be determined in the multi-master database service cluster according to a load balancing policy set by the load balancing system itself, the load balancing policy set by the th load balancing system may be determined according to actual needs, for example, the load balancing policy may be to send the key request to the key management system with the smallest key request to be processed, send the key request to the key management system with the smallest service pressure, and the like.
Step S103: and receiving a key processing result obtained after the key management system processes the key request.
Step S104: and transmitting the key processing result to the object storage gateway system.
In practical applications, after the th load balancing system transmits the key request to the corresponding key management system, the key management system processes the key request and obtains a corresponding key processing result, and then the key management system transmits the key processing result to the th load balancing system, and correspondingly, the th load balancing system transmits the received key processing result to the object storage gateway system.
In the key management methods provided in this embodiment of the application, in order to distinguish different key requests, the load balancing system may further set a domain name corresponding to the object storage gateway system for the key request before determining, in the multi-master database service cluster, the key management system that receives the key request according to a load balancing policy set by the load balancing system itself after receiving the key request transmitted by the object storage gateway system.
Referring to fig. 4, fig. 4 is a second flowchart of key management methods according to an embodiment of the present application.
The key management methods provided by the embodiment of the present application are applied to the key management system described in any embodiment, and may include the following steps:
step S201, receiving a key request transmitted by a load balancing system.
Step S202: and performing identity authentication on the secret key request, and processing the secret key request after the authentication is passed to obtain a secret key processing result.
In step S203, the key processing result is transmitted to th load balancing system.
According to the key management methods provided by the embodiment of the application, when the key management system processes the key request, the key request and the verified information can be sent to the second load balancing system, so that the second load balancing system determines the key management system for performing subsequent processing on the key request based on the load balancing policy set by the second load balancing system, judges whether the key request transmitted by the second load balancing system is received, and if so, processes the key request.
For a description of each step in the key management methods provided in the embodiments of the present application, please refer to the foregoing embodiments, which are not described herein again.
Referring to fig. 5, fig. 5 is a schematic structural diagram of key management systems according to an embodiment of the present disclosure.
The kinds of key management systems provided by the embodiment of the present application are applied to a load balancing system, and may include:
, a receiving module 101, configured to receive a key request transmitted by the object storage gateway system;
, a determining module 102, configured to determine, in a multi-master database service cluster, a key management system that receives a key request according to a load balancing policy set by the determining module;
a second receiving module 103, configured to receive a key processing result obtained after the key management system processes the key request;
, a transmission module 104 for transmitting the key processing result to the object storage gateway system.
The kinds of key management systems provided by the embodiment of the present application are applied to the load balancing system, and may further include:
an setting module, configured to, after the receiving module receives the key request transmitted by the object storage gateway system, set a domain name corresponding to the object storage gateway system for the key request before determining, in the multi-master database service cluster, the key management system that receives the key request according to a load balancing policy set by the determining module.
The kinds of key management systems provided by the embodiment of the present application are applied to a key management system, and may include:
a second receiving module, configured to receive a key request transmitted by the th load balancing system;
, a verification module, configured to perform identity verification on the key request, and after the verification is passed, process the key request to obtain a key processing result;
a second transmission module for transmitting the key processing result to th load balancing system.
The kinds of key management systems provided by the embodiment of the application are applied to the key management system, and the th verification module may include:
an transmission unit, configured to send the key request and the verified information to the second load balancing system, so that the second load balancing system determines, based on a load balancing policy set by the second load balancing system, a key management system that performs subsequent processing on the key request;
and , a determining unit, configured to determine whether a key request transmitted by the second load balancing system is received, and if so, process the key request.
Please refer to fig. 6, and fig. 6 is a schematic structural diagram of key management devices provided in the embodiment of the present application.
The kinds of key management devices provided by the embodiment of the present application include a memory 201 and a processor 202, where the memory 201 stores a computer program, and the computer program is applied to the load balancing system, and when the processor 202 executes the computer program, the following steps are implemented:
receiving a key request transmitted by an object storage gateway system;
determining a key management system for receiving a key request in a multi-master database service cluster according to a load balancing strategy set by the system;
receiving a key processing result obtained after the key management system processes the key request;
and transmitting the key processing result to the object storage gateway system.
The key management devices provided by the embodiment of the application comprise a memory 201 and a processor 202, wherein the memory 201 stores a computer program, the computer program is applied to a load balancing system, and the processor 202 executes the computer program to realize the following steps that after a key request transmitted by an object storage gateway system is received, according to a load balancing strategy set by the processor, in a multi-master database service cluster, before a key management system receiving the key request is determined, a domain name corresponding to the object storage gateway system is set for the key request.
The kinds of key management devices provided by the embodiment of the application comprise a memory 201 and a processor 202, wherein a computer program is stored in the memory 201 and applied to a key management system, and when the processor 202 executes the computer program, the steps of receiving a key request transmitted by a th load balancing system, performing identity verification on the key request, processing the key request after the verification is passed to obtain a key processing result, and transmitting the key processing result to a th load balancing system are realized.
The kinds of key management devices provided by the embodiment of the application comprise a memory 201 and a processor 202, wherein the memory 201 stores a computer program and is applied to a key management system, and the processor 202 realizes the following steps when executing the computer program, namely, the key request and information passing verification are sent to a second load balancing system, so that the second load balancing system determines the key management system for performing subsequent processing on the key request based on a load balancing strategy set by the second load balancing system, whether the key request transmitted by the second load balancing system is received or not is judged, and if yes, the key request is processed.
Referring to fig. 7, another key management devices provided in this embodiment of the present application may further include an input port 203 connected to the processor 202 for transmitting an externally input command to the processor 202, a display unit 204 connected to the processor 202 for displaying a processing result of the processor 202 to the outside, and a communication module 205 connected to the processor 202 for enabling communication between the key management device and the outside, where the display unit 204 may be a display panel, a laser scanning display, or the like, and the communication mode adopted by the communication module 205 includes, but is not limited to, a mobile high definition link (HML), a Universal Serial Bus (USB), a High Definition Multimedia Interface (HDMI), a wireless connection, a wireless fidelity (WiFi), a bluetooth communication technology, a low power consumption bluetooth communication technology, and a communication technology based on ieee802.11 s.
computer readable storage media provided by the embodiments of the present application, in which a computer program is stored, and the computer program is applied to a load balancing system, and when executed by a processor, the computer program implements the following steps:
receiving a key request transmitted by an object storage gateway system;
determining a key management system for receiving a key request in a multi-master database service cluster according to a load balancing strategy set by the system;
receiving a key processing result obtained after the key management system processes the key request;
and transmitting the key processing result to the object storage gateway system.
computer readable storage media provided by the embodiment of the application, wherein a computer program is stored in the computer readable storage media and applied to a load balancing system, and when the computer program is executed by a processor, the method comprises the following steps of setting a domain name corresponding to an object storage gateway system for a key request before determining a key management system for receiving the key request in a multi-master database service cluster according to a load balancing strategy set by the multi-master database service cluster after receiving the key request transmitted by the object storage gateway system.
The computer-readable storage media provided by the embodiment of the application, wherein a computer program is stored in the computer-readable storage media and applied to a key management system, and when the computer program is executed by a processor, the steps of receiving a key request transmitted by a load balancing system, performing identity verification on the key request, processing the key request after the verification is passed to obtain a key processing result, and transmitting the key processing result to a load balancing system are realized.
computer readable storage media provided by the embodiment of the application, wherein a computer program is stored in the computer readable storage media and applied to a key management system, and when the computer program is executed by a processor, the steps of sending a key request and information that passes verification to a second load balancing system so that the second load balancing system determines the key management system for performing subsequent processing on the key request based on a load balancing policy set by the second load balancing system, judging whether the key request transmitted by the second load balancing system is received, and if so, processing the key request are performed.
The computer-readable storage media to which this application relates include Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage media known in the art.
For a description of relevant parts in key management systems, devices, and computer-readable storage media provided in this embodiment of the present application, refer to a detailed description of a corresponding part in key devices provided in this embodiment of the present application, which is not repeated herein.
It should also be noted that, herein, relational terms such as , second, and the like are only used to distinguish entities or operations from another entities or operations without necessarily requiring or implying any actual such relationship or order between such entities or operations, furthermore, the terms "comprise," "include," or any other variation thereof are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a series of elements does not include only those elements but also other elements not expressly listed or inherent to such process, method, article, or apparatus.
Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application.

Claims (10)

  1. The key device is characterized by comprising object storage gateway systems with preset number, load balancing systems connected with each object storage gateway system, and a multi-master database service cluster connected with load balancing systems, wherein the multi-master database service cluster comprises a second preset number of key management systems, the key management systems comprise an identity verification service module, a key management service module and a database cluster, the identity verification service module is connected with the load balancing systems and respectively connected with the key management service module and the database cluster, and the key management service module is connected with the database cluster;
    the object storage gateway system is used for receiving a key request sent by a client and transmitting the key request to the th load balancing system, the th load balancing system is used for receiving the key request and distributing a corresponding key management system for the key request, and the key management system is used for processing the key request.
  2. 2. The key device according to claim 1, wherein the multi-master database service cluster further comprises a second load balancing system, and the second load balancing system is respectively connected to the authentication service module and the key management service module in every key management systems.
  3. 3. The key device according to claim 1 or 2, wherein the key management systems achieve data synchronization between the database clusters through a multi-master synchronization mechanism.
  4. A key management method , applied to a th load balancing system according to of any one of claims 1 to 3, comprising:
    receiving a key request transmitted by an object storage gateway system;
    determining a key management system for receiving the key request in a multi-master database service cluster according to a load balancing strategy set by the system;
    receiving a key processing result obtained after the key management system processes the key request;
    and transmitting the key processing result to the object storage gateway system.
  5. 5. The method according to claim 4, wherein after receiving the key request transmitted by the object storage gateway system, the determining, according to the load balancing policy set by the target storage gateway system, a key management system receiving the key request in the multi-master database service cluster comprises:
    setting a domain name corresponding to the object storage gateway system for the key request.
  6. A key management method of , applied to the key management system of any of claims 1 to 3, comprising:
    receiving a key request transmitted by the load balancing system;
    performing identity authentication on the secret key request, and processing the secret key request after the authentication is passed to obtain a secret key processing result;
    transmitting the key processing result to the th load balancing system.
  7. 7. The method of claim 6, wherein the processing the key request comprises:
    sending the key request and the verified information to a second load balancing system, so that the second load balancing system determines a key management system for performing subsequent processing on the key request based on a load balancing policy set by the second load balancing system;
    judging whether the key request transmitted by the second load balancing system is received or not;
    and if so, processing the key request.
  8. 8, secret key management system, which is applied to load balancing system, comprising:
    , a receiving module, for receiving the key request transmitted by the object storage gateway system;
    an determining module, configured to determine, in a multi-master database service cluster, a key management system that receives the key request according to a load balancing policy set by the determining module;
    a second receiving module, configured to receive a key processing result obtained after the key management system processes the key request;
    , a transmission module for transmitting the key processing result to the object storage gateway system.
  9. A key management apparatus of the type , comprising:
    a memory for storing a computer program;
    a processor arranged to implement the steps of the key management method of when said computer program is executed.
  10. A computer-readable storage medium , wherein a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the key management method according to any of claims 4 to 7 through .
CN201911026057.8A 2019-10-25 2019-10-25 secret key device and secret key management method, system, equipment and computer medium Pending CN110740139A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911026057.8A CN110740139A (en) 2019-10-25 2019-10-25 secret key device and secret key management method, system, equipment and computer medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911026057.8A CN110740139A (en) 2019-10-25 2019-10-25 secret key device and secret key management method, system, equipment and computer medium

Publications (1)

Publication Number Publication Date
CN110740139A true CN110740139A (en) 2020-01-31

Family

ID=69271481

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911026057.8A Pending CN110740139A (en) 2019-10-25 2019-10-25 secret key device and secret key management method, system, equipment and computer medium

Country Status (1)

Country Link
CN (1) CN110740139A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115484131A (en) * 2022-08-31 2022-12-16 江苏奥立信数字科技有限公司 Internet of things gateway and equipment data storage system for same
CN116755842A (en) * 2023-08-15 2023-09-15 中移(苏州)软件技术有限公司 Identity verification system deployment method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102137128A (en) * 2010-01-27 2011-07-27 腾讯科技(深圳)有限公司 Method and device for balancing load of cluster service
CN107040589A (en) * 2017-03-15 2017-08-11 西安电子科技大学 The system and method for cryptographic service is provided by virtualizing encryption device cluster
CN107483185A (en) * 2017-07-25 2017-12-15 贵州眯果创意科技有限公司 A kind of mobile terminal PSAM card paying systems based on safe key
US20180062835A1 (en) * 2016-08-30 2018-03-01 Workday, Inc. Secure storage encryption system
CN108259175A (en) * 2017-12-28 2018-07-06 成都卫士通信息产业股份有限公司 A kind of distribution routing algorithm method of servicing and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102137128A (en) * 2010-01-27 2011-07-27 腾讯科技(深圳)有限公司 Method and device for balancing load of cluster service
US20180062835A1 (en) * 2016-08-30 2018-03-01 Workday, Inc. Secure storage encryption system
CN107040589A (en) * 2017-03-15 2017-08-11 西安电子科技大学 The system and method for cryptographic service is provided by virtualizing encryption device cluster
CN107483185A (en) * 2017-07-25 2017-12-15 贵州眯果创意科技有限公司 A kind of mobile terminal PSAM card paying systems based on safe key
CN108259175A (en) * 2017-12-28 2018-07-06 成都卫士通信息产业股份有限公司 A kind of distribution routing algorithm method of servicing and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115484131A (en) * 2022-08-31 2022-12-16 江苏奥立信数字科技有限公司 Internet of things gateway and equipment data storage system for same
CN115484131B (en) * 2022-08-31 2024-04-12 江苏奥立信数字科技有限公司 Internet of things gateway and equipment data storage system for same
CN116755842A (en) * 2023-08-15 2023-09-15 中移(苏州)软件技术有限公司 Identity verification system deployment method, device, equipment and storage medium
CN116755842B (en) * 2023-08-15 2023-10-31 中移(苏州)软件技术有限公司 Identity verification system deployment method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN107294729B (en) Communication method and device between different nodes in block chain
CN110049016B (en) Data query method, device, system, equipment and storage medium of block chain
EP3609121B1 (en) Method and device for managing digital certificate
US10084790B2 (en) Peer to peer enterprise file sharing
EP3293934A1 (en) Cloud storage method and system
US10764261B2 (en) System and method for enabling a scalable public-key infrastructure on a smart grid network
US20210051024A1 (en) Two-dimensional code generation method, apparatus, data processing method, apparatus, and server
CN107733639B (en) Key management method, device and readable storage medium
CN109905474B (en) Data security sharing method and device based on block chain
CN111654372B (en) Key management method and related device
CN113434905B (en) Data transmission method and device, computer equipment and storage medium
CN110740139A (en) secret key device and secret key management method, system, equipment and computer medium
CN111865897A (en) Cloud service management method and device
CN113312655A (en) File transmission method based on redirection, electronic equipment and readable storage medium
CN116166749A (en) Data sharing method and device, electronic equipment and storage medium
CN113489706B (en) Data processing method, device, system, equipment and storage medium
CN116155491A (en) Symmetric key synchronization method of security chip and security chip device
CN105577609A (en) Method and device for access content control
CN113452513B (en) Key distribution method, device and system
CN101019082A (en) Method and apparatus for delivering keys
CN112468453A (en) Access method, system, electronic device and storage medium of multi-protocol device
CN113132320A (en) Encryption transmission method and device and electronic equipment
CN113452654B (en) Data decryption method
US20220377550A1 (en) Secure and trusted peer-to-peer offline communication systems and methods
KR101215802B1 (en) Method of providing a contents service in a p2p network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200131