CN111274579B - Enterprise document encryption protection system based on computer - Google Patents

Enterprise document encryption protection system based on computer Download PDF

Info

Publication number
CN111274579B
CN111274579B CN202010043268.9A CN202010043268A CN111274579B CN 111274579 B CN111274579 B CN 111274579B CN 202010043268 A CN202010043268 A CN 202010043268A CN 111274579 B CN111274579 B CN 111274579B
Authority
CN
China
Prior art keywords
document
encryption
user
virtual
acquiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010043268.9A
Other languages
Chinese (zh)
Other versions
CN111274579A (en
Inventor
李哲
陈衎
张天凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei Engineering University
Original Assignee
Hubei Engineering University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei Engineering University filed Critical Hubei Engineering University
Priority to CN202010043268.9A priority Critical patent/CN111274579B/en
Publication of CN111274579A publication Critical patent/CN111274579A/en
Application granted granted Critical
Publication of CN111274579B publication Critical patent/CN111274579B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Virology (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a computer-based enterprise document encryption protection system, which comprises a document acquisition unit, a document detection module, a repair unit, an access request unit, a controller, a display unit, a waste record unit, a verification unit, a rule base, a document encryption module, a document storage library and a document virtual library, wherein the document acquisition unit is used for acquiring a document; the document acquisition unit acquires a document to be stored by an enterprise, transmits the document to the document detection module, is pre-opened by the document detection module to detect whether a suffix name of the document is damaged or not, and is checked according to a corresponding rule to obtain an original suffix name of the document, the original damaged suffix name is replaced by the complete suffix name, the detection is completed after the document is normally opened, and if the document cannot be repaired, the document can be returned to remind a user to check the document; and then marking the repaired normal document as a document to be encrypted, transmitting the document to be encrypted to a document encryption module, and giving a corresponding rule to the document for encryption by virtue of the corresponding rule of the document encryption.

Description

Enterprise document encryption protection system based on computer
Technical Field
The invention belongs to the field of document encryption, relates to an enterprise document protection technology, and particularly relates to a computer-based enterprise document encryption protection system.
Background
Patent publication No. CN105245336A discloses a document encryption management system, which can effectively prevent document information leakage, and has the advantages of automatic completion and no need of human intervention. In the document encryption management system, firewall equipment, an IOCP server and a client are connected, the firewall equipment is connected with the IOCP server, the IOCP server is connected with the client, the client subscribes a system intrusion message to the IOCP server, and the IOCP server adds the system intrusion message subscribed by the client into an access list; the firewall equipment detects whether the document encryption management system is attacked by network intrusion in real time, and when the firewall equipment detects the network intrusion attack, the firewall equipment sends alarm information to the IOCP server; the IOCP server regenerates the encryption key for the client and sends a key change instruction to the client, and the client uses the updated encryption key to re-encrypt the document stored in the storage device managed by the client.
However, although the patent discloses a document encryption management system, the encryption concept of the document encryption management system is mainly performed according to the concept of the conventional encryption key, which has a certain value, on the other hand, the protection effect is limited, because when the document is attacked or a person who is not allowed to have authority accesses the document, the user access failure can be intuitively reflected in an inaccessible form, which can remind the user who has forced access of the access failure to some extent, and the reminder needs to be cracked in other ways; there is a lack of a document protection system that can confuse intruders, and based on this, a solution is now provided.
Disclosure of Invention
The invention aims to provide a computer-based enterprise document encryption protection system.
The technical problem to be solved by the invention is as follows:
(1) how to determine whether the document is unreadable due to the damage of the suffix name;
(2) how to encrypt the document which the user needs to access according to whether the authentication of the user is correct or not.
The purpose of the invention can be realized by the following technical scheme:
a computer-based enterprise document encryption protection system comprises a document acquisition unit, a document detection module, a repair unit, an access request unit, a controller, a display unit, a waste recording unit, a verification unit, a rule base, a document encryption module, a document storage base and a document virtual base;
the file acquisition unit is used for acquiring files required to be stored by an enterprise and marking the files as files to be encrypted, the file acquisition unit is used for transmitting the files to be encrypted to the file detection module, the file detection module receives the files to be encrypted transmitted by the file acquisition unit and transmits the files to the repair unit, and the repair unit stores suffix names of all the files and marks the suffixes as standard suffix names; the repairing unit receives the document to be encrypted transmitted by the document detecting module and performs repairing processing on the document to be encrypted to obtain a post-encrypted document;
the file detection module receives the post-encryption file transmitted by the repair unit and transmits the post-encryption file to the controller;
the controller receives the post-encryption document transmitted by the document detection module and transmits the post-encryption document to the document encryption module, and the document encryption module is used for encrypting the post-encryption document by combining with the rule base to obtain a storage document;
the document encryption module is used for transmitting the storage document to a document repository, and the document repository receives the storage document transmitted by the document encryption module and stores the storage document;
the access request unit is used for a user to initiate request information, the request information comprises request content, a user name and a user password, and the request content is a target document accessed by the corresponding user; the access request unit is used for transmitting request information to the controller, the controller is used for transmitting the request information to the verification unit, and a correct user name and a corresponding user password are stored in the verification unit; the verification unit is used for generating an identity correct signal if the user name and the user password in the request information are correct, or generating an error signal if the user name and the user password are not correct;
the verification unit is used for transmitting the identity correct signal and the identity error signal and request content in the request information to a document repository when generating the identity correct signal and the identity error signal; the document virtual library stores a plurality of virtual conversion documents;
the document repository receives the request content, the identity correct signal and the identity error signal transmitted by the verification unit, and performs differential processing on the request content, the identity correct signal and the identity error signal by combining the document virtual repository, wherein the differential processing specifically comprises the following steps:
SS 010: when an identity correct signal transmitted by a verification unit is acquired, directly acquiring a storage document corresponding to the request content, and directly accessing the document;
and (2) SS 020: if a transfer signal is generated at the moment when an error signal transmitted by the verification unit is received, acquiring a characteristic value Q according to virtual visit analysis at the moment;
SS 030: acquiring corresponding characteristic values Wi of a plurality of virtual-to-virtual documents in a document virtual library storage by using the same principle of virtual visit analysis, wherein i is 1.. j; j is a positive integer;
SS 040: then acquiring the time when the last calling time of all virtual document conversion is within the distance, wherein the last calling time refers to the time for selecting the virtual document conversion during virtual document conversion analysis; mark this time as the time span Ki, i 1.. j; and Ki and Wi are in one-to-one correspondence;
SS 050: calculating the selected value Ui of all the virtual documents according to a formula, wherein Ui is 0.387 Ki-0.613 Wi-Q |; ui corresponds to Ki and Wi one by one;
wherein | Wi-Q | represents the absolute value of the difference between Wi and Q;
SS 060: marking the virtual-to-virtual document corresponding to the maximum value of the Ui as a target turning document;
SS 070: acquiring a target turning document, and automatically replacing a storage document which needs to be accessed by a user with the target turning document when a transfer signal is generated;
the document storage library is used for returning the acquired storage document or target turning document to the controller.
Further, the specific processing steps of the repair processing are as follows:
the method comprises the following steps: acquiring a document to be encrypted;
step two: opening the document to be encrypted, and if the document to be encrypted cannot be opened, generating a repairing signal; otherwise, not processing;
step three: when the document to be encrypted generates a repairing signal, the document to be encrypted is modified into a damaged document, and the damaged document is subjected to repairing operation, wherein the specific repairing operation is as follows:
s01: acquiring a suffix name of a damaged document, and marking the suffix name as an error suffix name;
s02: acquiring the number of characters of the wrong suffix name, and marking the number of characters as Z1;
s03: comparing the error suffix name with the standard suffix name to obtain the number of the characters with the same number as the standard suffix name and the proportion of the characters with the same number in Z1 to obtain the similarity ratio of all the standard suffix names;
s04: replacing the error suffix name with the standard suffix name with the highest similarity ratio, and modifying the suffix name of the error document;
s05: opening the modified error document, and if the error document can be correctly opened and the content has no messy codes, re-marking the error document at the moment as a post-encryption document;
s06: if the wrong document cannot be correctly opened or the content messy codes of the later document are opened, acquiring the standard suffix name of the last name after the similarity ratio ranking, replacing the error suffix name with the standard suffix name, and modifying the suffix name of the wrong document;
s07: steps S04-S07 are repeated until the error document is relabeled as a post-encrypted document.
Further, the encryption processing specifically comprises the following steps:
s010: acquiring a post-encryption document;
s020: adding a transfer encryption rule to the post-encrypted document, wherein the transfer encryption rule is as follows:
s021: detecting the identity correct signal, and generating an access permission signal if the identity correct signal appears;
s022: if no identity correct signal exists, generating a data transfer signal;
s030: and obtaining the post-encryption document added with the transfer encryption rule, and marking the post-encryption document as a storage document.
Further, the virtual visit analysis in step SS020 comprises the following specific steps:
SS 021: firstly, acquiring a storage document of a user target file, and acquiring the storage date and the file size of the storage document;
SS 022: the storage date is obtained in a month, day and hour format, the hour is calculated in 24 hours, and each position data is correspondingly represented by X1-X6, so that Xi, i is 1.. 6;
SS 023: acquiring the size of a file, and marking the size of the file as D;
SS 024: calculating a characteristic value Q according to a formula
Figure BDA0002368486580000051
In the formula, 0.52 and 0.48 are user preset values;
SS 025: the characteristic value Q is obtained.
Further, the controller transmits the stored document transmitted by the document repository to the display unit for real-time display when receiving the stored document.
Further, the controller transmits the target turning document transmitted by the document repository to the display unit for real-time display when receiving the target turning document.
Further, the waste recording unit is used for a user to enter converted virtual documents, the converted virtual documents are document files discarded by the user, at least X9 converted virtual documents are entered, and X9 is a user preset value.
Further, the verification unit is further configured to perform security analysis on the user name and the user password in the received request message, where the specific analysis steps are as follows:
the method comprises the following steps: acquiring a received user name and a received user password;
step two: acquiring the access times of the corresponding user name and the user password in the current X7 days; x7 for a preset number of days;
step three: if the access times are more than X8, not processing, otherwise, reminding the user to change the password; and X8 is a preset value.
The invention has the beneficial effects that:
the document acquisition unit acquires a document to be stored by an enterprise, transmits the document to the document detection module, is pre-opened by the document detection module to detect whether a suffix name of the document is damaged or not, and is checked according to a corresponding rule to obtain an original suffix name of the document, the original damaged suffix name is replaced by the complete suffix name, the detection is completed after the document is normally opened, and if the document cannot be repaired, the document can be returned to remind a user to check the document;
then marking the repaired normal document as a document to be encrypted, transmitting the document to be encrypted to a document encryption module, and endowing the document with a corresponding rule by virtue of the corresponding rule of document encryption; when a user needs to access a corresponding storage document, the identity of the user needs to be verified through identity verification, if the identity verification is passed, the corresponding document can be normally accessed, otherwise, the target document which the user needs to access is calculated by the aid of corresponding rules to obtain a target transfer document in a document virtual library, and the target transfer document is opened to replace the target document which the original user needs to access, so that the user who does not have corresponding authority or maliciously infringement is deceived, the user considers that the target document is normally opened, and only the internal content is already replaced by the target transfer document; the target transfer document is a virtual transfer document in the document virtual library, and the virtual transfer document is a document pre-input by a user.
Drawings
In order to facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
As shown in fig. 1, a computer-based enterprise document encryption protection system includes a document acquisition unit, a document detection module, a repair unit, an access request unit, a controller, a display unit, a waste recording unit, a verification unit, a rule base, a document encryption module, a document repository, and a document virtual repository;
the file acquisition unit is used for acquiring files required to be stored by an enterprise and marking the files as files to be encrypted, the file acquisition unit is used for transmitting the files to be encrypted to the file detection module, the file detection module receives the files to be encrypted transmitted by the file acquisition unit and transmits the files to the repair unit, and the repair unit stores suffix names of all the files and marks the suffixes as standard suffix names; the repairing unit receives the document to be encrypted transmitted by the document detecting module and repairs the document to be encrypted, and the concrete processing steps are as follows:
the method comprises the following steps: acquiring a document to be encrypted;
step two: opening the document to be encrypted, and if the document to be encrypted cannot be opened, generating a repairing signal; otherwise, not processing;
step three: when the document to be encrypted generates a repairing signal, the document to be encrypted is modified into a damaged document, and the damaged document is subjected to repairing operation, wherein the specific repairing operation is as follows:
s01: acquiring a suffix name of a damaged document, and marking the suffix name as an error suffix name;
s02: acquiring the number of characters of an incorrect suffix name, and marking the number of characters as Z1;
s03: comparing the error suffix name with the standard suffix name to obtain the number of the characters with the same number as the standard suffix name and the proportion of the characters with the same number in Z1 to obtain the similarity ratio of all the standard suffix names;
s04: replacing the error suffix name with the standard suffix name with the highest similarity ratio, and modifying the suffix name of the error document;
s05: opening the modified error document, and if the error document can be correctly opened and the content has no messy codes, re-marking the error document at the moment as a post-encryption document;
s06: if the wrong document cannot be correctly opened or the content messy codes of the later document are opened, acquiring the standard suffix name of the last name after the similarity ratio ranking, replacing the error suffix name with the standard suffix name, and modifying the suffix name of the wrong document;
s07: repeating steps S04-S07 until the error document is relabeled as a post-encrypted document;
the file detection module receives the post-encryption file transmitted by the repair unit and transmits the post-encryption file to the controller;
the controller receives the post-encryption document transmitted by the document detection module and transmits the post-encryption document to the document encryption module, the document encryption module is used for encrypting the post-encryption document by combining the rule base, and the encryption processing specifically comprises the following steps:
s010: acquiring a post-encryption document;
s020: adding a transfer encryption rule to the post-encrypted document, wherein the transfer encryption rule is as follows:
s021: detecting the identity correct signal, and generating an access permission signal if the identity correct signal appears;
s022: if no identity correct signal exists, generating a data transfer signal;
s030: obtaining a post-encryption document added with the transfer encryption rule, and marking the post-encryption document as a storage document;
the document encryption module is used for transmitting the storage document to a document repository, and the document repository receives the storage document transmitted by the document encryption module and stores the storage document;
the access request unit is used for a user to initiate request information, the request information comprises request content, a user name and a user password, and the request content is a target document accessed by the corresponding user; the access request unit is used for transmitting request information to the controller, the controller is used for transmitting the request information to the verification unit, and a correct user name and a corresponding user password are stored in the verification unit; the verification unit is used for generating an identity correct signal if the user name and the user password in the request information are correct, or generating an error signal if the user name and the user password are not correct;
the verification unit is used for transmitting the identity correct signal and the identity error signal and request content in the request information to a document repository when generating the identity correct signal and the identity error signal; the document virtual storage stores a plurality of virtual conversion documents;
the document repository receives the request content, the identity correct signal and the identity error signal transmitted by the verification unit, and performs differential processing on the request content, the identity correct signal and the identity error signal by combining the document virtual repository, wherein the differential processing specifically comprises the following steps:
SS 010: when an identity correct signal transmitted by a verification unit is acquired, directly acquiring a storage document corresponding to the request content, and directly accessing the document;
and (2) SS 020: if a transfer signal is generated at the moment when an error signal transmitted by the verification unit is received, obtaining a virtual transfer document according to virtual visit analysis at the moment; the virtual visit analysis comprises the following specific steps:
SS 021: firstly, acquiring a storage document of a user target file, and acquiring the storage date and the file size of the storage document;
SS 022: the storage date is obtained in a month, day and hour format, and the hour is calculated in 24 hours, specifically, 12 months, 25 days and 15 days, each position is correspondingly represented by X1-X6, so as to obtain Xi, i is 1.. 6;
SS 023: acquiring the size of a file, wherein the size of the file adopts a specified dimension, such as kb, but the dimension is not counted by accounting, only the numerical value of the corresponding dimension is acquired, and the numerical value is marked as D;
SS 024: calculating the characteristic value Q according to the formula
Figure BDA0002368486580000091
In the formula, 0.52 and 0.48 are user preset values which can be modified according to the user requirements;
SS 025: obtaining a characteristic value Q;
SS 030: acquiring corresponding characteristic values Wi of a plurality of virtual-to-virtual documents in a document virtual library storage by using the same principle of virtual visit analysis, wherein i is 1. j is a positive integer;
SS 040: then acquiring the time when the last calling time of all virtual document conversion is within the distance, wherein the last calling time refers to the time for selecting the virtual document conversion during virtual document conversion analysis; mark this time as the time span Ki, i 1.. j; and Ki and Wi are in one-to-one correspondence;
SS 050: calculating the selected value Ui of all the virtual documents according to a formula, wherein Ui is 0.387 Ki-0.613 Wi-Q |; ui corresponds to Ki and Wi one by one;
wherein | Wi-Q | represents the absolute value of the difference between Wi and Q; 0.387 and 0.613 are the corresponding weight values, and because the final influence result of the weight values is different, the weight values are added;
SS 060: marking the virtual-to-virtual document corresponding to the maximum value of the Ui as a target turning document;
SS 070: acquiring a target turning document, and automatically replacing a storage document which needs to be accessed by a user with the target turning document when a transfer signal is generated;
the document storage library is used for returning the acquired storage document or target turning document to the controller;
when receiving the stored document transmitted by the document repository, the controller transmits the stored document to the display unit for real-time display;
when receiving a target turning document transmitted by the document repository, the controller transmits the target turning document to the display unit for real-time display;
the waste recording unit is used for a user to enter converted virtual documents, the converted virtual documents are document files discarded by the user, at least X9 converted virtual documents are entered, X9 is a user preset value, and the value can be 100;
the verification unit is further configured to perform security analysis on the user name and the user password in the received request message, and the specific analysis steps include:
the method comprises the following steps: acquiring a received user name and a received user password;
step two: acquiring the access times of the corresponding user name and the user password in the current X7 days; x7 is preset days, specifically 30 days;
step three: if the access times are more than X8, not processing, otherwise, reminding the user to change the password; x8 is a preset value; specifically, X8 can be taken to be 10.
A computer-based enterprise document encryption protection system is characterized in that when the system works, a document needing to be stored by an enterprise is obtained through a document obtaining unit and transmitted to a document detection module, the document detection module is opened in advance to detect whether a document suffix name is damaged or not, the document suffix name is checked through a corresponding rule to obtain an original suffix name of the document, the original damaged suffix name is replaced by a complete suffix name, detection is completed after the document is normally opened, and if the document cannot be repaired, the document can be returned to remind a user to check the document;
then marking the repaired normal document as a document to be encrypted, transmitting the document to be encrypted to a document encryption module, and endowing the document with a corresponding rule by virtue of the corresponding rule of document encryption; when a user needs to access a corresponding storage document, the identity of the user needs to be verified through identity verification, if the identity verification is passed, the corresponding document can be normally accessed, otherwise, the target document which the user needs to access is calculated by the aid of corresponding rules to obtain a target transfer document in a document virtual library, and the target transfer document is opened to replace the target document which the original user needs to access, so that the user who does not have corresponding authority or maliciously infringement is deceived, the user considers that the target document is normally opened, and only the internal content is already replaced by the target transfer document; the target transfer document is a virtual transfer document in the document virtual library, and the virtual transfer document is a document pre-input by a user.
The foregoing is merely exemplary and illustrative of the present invention and various modifications, additions and substitutions may be made by those skilled in the art to the specific embodiments described without departing from the scope of the invention as defined in the following claims.

Claims (7)

1. A computer-based enterprise document encryption protection system is characterized by comprising a document acquisition unit, a document detection module, a repair unit, an access request unit, a controller, a display unit, a waste recording unit, a verification unit, a rule base, a document encryption module, a document storage base and a document virtual base;
the file acquisition unit is used for acquiring files required to be stored by an enterprise and marking the files as files to be encrypted, the file acquisition unit is used for transmitting the files to be encrypted to the file detection module, the file detection module receives the files to be encrypted transmitted by the file acquisition unit and transmits the files to the repair unit, and the repair unit stores suffix names of all the files and marks the suffixes as standard suffix names; the repairing unit receives the document to be encrypted transmitted by the document detecting module and performs repairing processing on the document to be encrypted to obtain a post-encrypted document;
the file detection module receives the post-encryption file transmitted by the repair unit and transmits the post-encryption file to the controller;
the controller receives the post-encryption document transmitted by the document detection module and transmits the post-encryption document to the document encryption module, and the document encryption module is used for encrypting the post-encryption document by combining with the rule base to obtain a storage document;
the document encryption module is used for transmitting the storage document to a document repository, and the document repository receives the storage document transmitted by the document encryption module and stores the storage document;
the access request unit is used for a user to initiate request information, the request information comprises request content, a user name and a user password, and the request content is a target document accessed by the corresponding user; the access request unit is used for transmitting request information to the controller, the controller is used for transmitting the request information to the verification unit, and a correct user name and a corresponding user password are stored in the verification unit; the verification unit is used for verifying the user name and the user password in the request information, if the user name and the user password are correct, an identity correct signal is generated, and otherwise, an error signal is generated;
the verification unit is used for transmitting the identity correct signal and the identity error signal and the request content in the request information to a document repository when generating the identity correct signal and the identity error signal; the document virtual storage stores a plurality of virtual conversion documents;
the document repository receives the request content, the identity correct signal and the identity error signal transmitted by the verification unit, and performs differential processing on the request content, the identity correct signal and the identity error signal by combining the document virtual repository, wherein the differential processing specifically comprises the following steps:
SS 010: when an identity correct signal transmitted by a verification unit is acquired, directly acquiring a storage document corresponding to the request content, and directly accessing the document;
and (2) SS 020: if a transfer signal is generated at the moment when an error signal transmitted by the verification unit is received, acquiring a characteristic value Q according to virtual visit analysis at the moment;
SS 030: acquiring corresponding characteristic values Wi of a plurality of virtual-to-virtual documents in a document virtual library storage by using the same principle of virtual visit analysis, wherein i =1.. j; j is a positive integer;
SS 040: then acquiring the time when the last calling time of all virtual document conversion is within the distance, wherein the last calling time refers to the time for selecting the virtual document conversion during virtual document conversion analysis; time-stamping the time as time spanning Ki, i =1.. j; and Ki and Wi are in one-to-one correspondence;
SS 050: calculating the selection value Ui of all the virtual documents according to a formula, wherein Ui =0.387 Ki-0.613 | Wi-Q |; ui corresponds to Ki and Wi one by one;
wherein | Wi-Q | represents the absolute value of the difference between Wi and Q;
SS 060: marking the virtual-to-virtual document corresponding to the maximum value of the Ui as a target turning document;
SS 070: acquiring a target turning document, and automatically replacing a storage document which needs to be accessed by a user with the target turning document when a transfer signal is generated;
the document storage library is used for returning the acquired storage document or target turning document to the controller;
the virtual visit analysis in the step SS020 comprises the following specific steps:
SS 021: firstly, acquiring a storage document of a user target file, and acquiring the storage date and the file size of the storage document;
SS 022: the storage date is obtained in a format of month, day and time, the hour is calculated in 24 hours, and each position data is correspondingly represented by X1-X6, so that Xi, i =1.. 6 is obtained;
SS 023: acquiring the size of a file, and marking the size of the file as D;
SS 024: calculating the characteristic value Q according to the formula
Figure DEST_PATH_IMAGE001
In the formula, 0.52 and 0.48 are user preset values;
SS 025: the characteristic value Q is obtained.
2. The computer-based enterprise document encryption protection system according to claim 1, wherein the specific processing steps of the repair processing are as follows:
the method comprises the following steps: acquiring a document to be encrypted;
step two: opening the document to be encrypted, and if the document to be encrypted cannot be opened, generating a repairing signal; otherwise, not processing;
step three: when the document to be encrypted generates a repairing signal, the document to be encrypted is modified into a damaged document, and the damaged document is subjected to repairing operation, wherein the specific repairing operation is as follows:
s01: acquiring a suffix name of a damaged document, and marking the suffix name as an error suffix name;
s02: acquiring the number of characters of the wrong suffix name, and marking the number of characters as Z1;
s03: comparing the error suffix name with the standard suffix name to obtain the number of the characters with the same number as the standard suffix name and the proportion of the characters with the same number in Z1 to obtain the similarity ratio of all the standard suffix names;
s04: replacing the error suffix name with the standard suffix name with the highest similarity ratio, and modifying the suffix name of the error document;
s05: opening the modified error document, and if the error document can be correctly opened and the content has no messy codes, re-marking the error document at the moment as a post-encryption document;
s06: if the wrong document cannot be correctly opened or the content messy codes of the later document are opened, acquiring the standard suffix name of the last name after the similarity ratio ranking, replacing the error suffix name with the standard suffix name, and modifying the suffix name of the wrong document;
s07: steps S04-S07 are repeated until the error document is relabeled as a post-encrypted document.
3. The computer-based enterprise document encryption protection system according to claim 1, wherein the encryption processing specifically comprises the steps of:
s010: acquiring a post-encryption document;
s020: adding a transfer encryption rule to the post-encrypted document, wherein the transfer encryption rule is as follows:
s021: detecting the identity correct signal, and generating an access permission signal if the identity correct signal appears;
s022: if no identity correct signal exists, generating a data transfer signal;
s030: and obtaining the post-encryption document added with the transfer encryption rule, and marking the post-encryption document as a storage document.
4. The computer-based enterprise document encryption protection system of claim 1, wherein said controller transmits the stored document transmitted from the document repository to the display unit for real-time display upon receipt.
5. The computer-based enterprise document encryption protection system of claim 1, wherein said controller transmits the target diverted document to the display unit for real-time display upon receiving the target diverted document transmitted from the document repository.
6. The computer-based enterprise document encryption protection system of claim 1, wherein the garbage collection unit is configured to allow a user to enter garbage-converted documents, the garbage-converted documents are document files discarded by the user, at least X9 garbage-converted documents are entered, and X9 is a user preset value.
7. The computer-based enterprise document encryption protection system of claim 1, wherein the verification unit is further configured to perform security analysis on a user name and a user password in the received request message, and the specific analysis steps are as follows:
the method comprises the following steps: acquiring a received user name and a received user password;
step two: acquiring the access times of the corresponding user name and the user password in the current X7 days; x7 is preset number of days;
step three: if the access times are more than X8, not processing, otherwise, reminding the user to change the password; and X8 is a preset value.
CN202010043268.9A 2020-01-15 2020-01-15 Enterprise document encryption protection system based on computer Active CN111274579B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010043268.9A CN111274579B (en) 2020-01-15 2020-01-15 Enterprise document encryption protection system based on computer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010043268.9A CN111274579B (en) 2020-01-15 2020-01-15 Enterprise document encryption protection system based on computer

Publications (2)

Publication Number Publication Date
CN111274579A CN111274579A (en) 2020-06-12
CN111274579B true CN111274579B (en) 2022-07-01

Family

ID=71001625

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010043268.9A Active CN111274579B (en) 2020-01-15 2020-01-15 Enterprise document encryption protection system based on computer

Country Status (1)

Country Link
CN (1) CN111274579B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117094022B (en) * 2023-10-20 2024-01-09 山东友恺通信科技有限公司 Encryption system based on computer software development

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103763313A (en) * 2014-01-03 2014-04-30 深圳市大成天下信息技术有限公司 File protection method and system
CN103996008A (en) * 2013-02-18 2014-08-20 中国移动通信集团浙江有限公司 Document safety control device and method
CN104361294A (en) * 2014-10-28 2015-02-18 深圳市大成天下信息技术有限公司 Document protection method, device and system
AU2017232228A1 (en) * 2017-03-17 2018-10-04 Fuji Xerox Co., Ltd. Document management system and processing apparatus
CN109614375A (en) * 2018-12-03 2019-04-12 安徽机电职业技术学院 A kind of data-storage system based on personal computer
CN109960917A (en) * 2019-03-12 2019-07-02 深圳市趣创科技有限公司 A kind of time slot scrambling and device of document

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1710545A (en) * 2005-07-07 2005-12-21 上海交通大学 Injured word file restoring method
EP2509026A1 (en) * 2011-04-06 2012-10-10 Tata Consultancy Services Limited System for enterprise digital rights management
CN108509799A (en) * 2017-02-23 2018-09-07 珠海金山办公软件有限公司 A kind of template document acquisition methods, apparatus and system
JP6536609B2 (en) * 2017-03-17 2019-07-03 富士ゼロックス株式会社 Management device and document management system
CN109829329B (en) * 2018-12-28 2021-09-14 航天信息股份有限公司 Method and device for decrypting electronic signature document, storage medium and electronic equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103996008A (en) * 2013-02-18 2014-08-20 中国移动通信集团浙江有限公司 Document safety control device and method
CN103763313A (en) * 2014-01-03 2014-04-30 深圳市大成天下信息技术有限公司 File protection method and system
CN104361294A (en) * 2014-10-28 2015-02-18 深圳市大成天下信息技术有限公司 Document protection method, device and system
AU2017232228A1 (en) * 2017-03-17 2018-10-04 Fuji Xerox Co., Ltd. Document management system and processing apparatus
CN109614375A (en) * 2018-12-03 2019-04-12 安徽机电职业技术学院 A kind of data-storage system based on personal computer
CN109960917A (en) * 2019-03-12 2019-07-02 深圳市趣创科技有限公司 A kind of time slot scrambling and device of document

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
eSign: an enterprise portal for secure document management;J. Shi 等;《IRI -2005 IEEE International Conference on Information Reuse and Integration, Conf, 2005》;20050912;481-486 *
利用文档加密技术防止企业知识资产的外泄;陈远 等;《图书情报知识》;20100310(第02期);106-110 *
基于文档保护的数字权限管理系统设计与实现;刘功坚;《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》;20090115(第01期);I138-341 *
电子文档安全管理技术研究与系统实现;张燕;《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》;20150315(第03期);I138-341 *

Also Published As

Publication number Publication date
CN111274579A (en) 2020-06-12

Similar Documents

Publication Publication Date Title
US10659218B2 (en) System and method for detecting anomalies in examinations
CN109784870B (en) Contract management method, contract management device, computer equipment and computer readable storage medium
CN111881481B (en) Medical data processing method, device, equipment and storage medium based on blockchain
CN111797430B (en) Data verification method, device, server and storage medium
US20100205660A1 (en) System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
CN112801827A (en) Intellectual property management system based on block chain
US20220191048A1 (en) Cryptographically Verifiable, Portable Certificate
RU2759210C1 (en) System and method for protecting electronic documents containing confidential information from unauthorised access
Iwaya et al. mhealth: A privacy threat analysis for public health surveillance systems
WO2018220541A1 (en) Protocol-based system and method for establishing a multi-party contract
CN112258376A (en) Encrypted document processing method and system
CN117313122A (en) Data sharing and exchanging management system based on block chain
CN112398920A (en) Medical privacy data protection method based on block chain technology
CN111274579B (en) Enterprise document encryption protection system based on computer
CN112084474A (en) Enterprise archive management method, system, storage medium and electronic equipment
CN110192212B (en) Digital asset platform
CN117056899A (en) Electronic certificate generation method and device
CN115640591B (en) Contract management system and method for supply chain
CN101226568A (en) Juggling-proof electric medical record system
CN109949889B (en) Electronic medical record nursing system
CN111611459B (en) File data protection method based on block chain
CN113032744A (en) Digital watermark all-in-one system
CN117195256B (en) Financial data processing method and system
CN117786756B (en) Method and system for realizing safe sharing of user patient data based on skin database
CN114401096B (en) Block chain data uplink control method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant