CN111666590A - Distributed file secure transmission method, device and system - Google Patents
Distributed file secure transmission method, device and system Download PDFInfo
- Publication number
- CN111666590A CN111666590A CN202010474506.1A CN202010474506A CN111666590A CN 111666590 A CN111666590 A CN 111666590A CN 202010474506 A CN202010474506 A CN 202010474506A CN 111666590 A CN111666590 A CN 111666590A
- Authority
- CN
- China
- Prior art keywords
- file
- information
- distributed
- user
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 98
- 238000000034 method Methods 0.000 title claims abstract description 69
- 238000003860 storage Methods 0.000 claims abstract description 127
- 238000009826 distribution Methods 0.000 claims abstract description 52
- 238000012795 verification Methods 0.000 claims description 128
- 238000004590 computer program Methods 0.000 claims description 15
- 238000012545 processing Methods 0.000 claims description 15
- 238000012546 transfer Methods 0.000 claims description 9
- 238000004891 communication Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 13
- 239000000872 buffer Substances 0.000 description 4
- 230000003993 interaction Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The embodiment of the application provides a method, a device and a system for safe transmission of distributed files, wherein the method comprises the following steps: receiving user information, access directory information and file information sent by a client; performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information; according to the method and the device, the authentication operation in the distributed file transmission system can be effectively decoupled from the operation system of the server, and the transmission efficiency and accuracy in the transmission of the distributed extension are further improved.
Description
Technical Field
The application relates to the technical field of computers, in particular to a distributed file secure transmission method, device and system.
Background
In the computer technology, the traditional mode of file interaction between a client and a server is realized based on a single server, the transmission protocol adopts an SFTP security file transmission protocol, and depends on an open ssh component of an operating system, a login user and a public key (or password) of the transmission protocol all depend on user configuration of the operating system, and although the identity authentication of the login user can be realized in the mode, the file interaction security is ensured by a transmission layer encryption mode, the transmission protocol is coupled with the operating system more tightly. When the operating system is upgraded or the server is migrated, reconfiguration is required, and the system cannot support horizontal capacity expansion and cannot adapt to the distributed trend.
In a file interaction mode in the financial industry, a client can be considered to be credible as long as the client can successfully log in a server and upload files, but different service systems in a distributed system (particularly in the financial industry) can provide independent and independent servers, one client needs to interact with a plurality of different servers, a plurality of sets of log-in users and public keys (or passwords) need to be maintained in the prior art, the complexity of client management is increased, and the requirements of the distributed system cannot be met.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a method, a device and a system for safely transmitting a distributed file, which can effectively decouple the authentication operation in a distributed file transmission system from the operating system of a server, and further improve the transmission efficiency and accuracy in the transmission of a distributed extension.
In order to solve at least one of the above problems, the present application provides the following technical solutions:
in a first aspect, the present application provides a method for secure transmission of a distributed file, where the method includes:
receiving user information, access directory information and file information sent by a client;
and performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
Further, before the file distribution system acquires the file information from the distributed file storage system, the method further includes:
and the file verification server performs file security verification on the file information and informs the file distribution system to distribute the file after the file security verification is passed.
Further, the performing user identity authentication according to the user information and user information pre-stored in a preset user information database includes:
and judging whether the login account and the login password in the user information are matched with the login account and the login password prestored in the preset user information database, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
Further, after the matching is successful, the method further comprises the following steps:
and judging whether the target access directory in the received access directory information is matched with the access directory authority prestored in the preset user information database, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
Further, the file security verification of the file information by the file verification server includes:
determining the current file data volume of the file information acquired from the distributed file storage system;
and performing integrity verification according to the current file data volume and the verification file in the file information, if the integrity verification passes, judging that the file security verification passes, and otherwise, judging that the file security verification fails.
Further, the performing file security verification according to the current file data size and the check file in the file information includes:
and judging whether the data volume of the current file is equal to the actual data volume of the file contained in the check file in the file information or not.
Further, the file security verification of the file information by the file verification server includes:
and performing signature verification according to the signature file acquired from the distributed file storage system and a verification public key corresponding to the signature file, if the signature verification passes, judging that the file security verification passes, and otherwise, judging that the file security verification fails.
Further, the performing signature verification according to the signature file acquired from the distributed file storage system and the verification public key corresponding to the signature file includes:
acquiring a verification public key corresponding to the client from a preset public key database;
and performing signature verification on the signature file according to the verification public key, wherein the signature file is obtained by signing a source file by a signature private key of the client.
Further, the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information, including:
determining the current file data volume of the file information acquired from the distributed file storage system;
and performing integrity verification according to the current file data volume and a check file in the file information, if the integrity verification passes, distributing the file information to the corresponding service system according to the access directory information, and otherwise, not executing the distribution operation of the file information.
Further, after the file distribution system distributes the file information to the corresponding business system, the method further includes:
the service system determines the current file data volume of the file information sent by the file distribution system;
and the service system carries out integrity verification according to the current file data volume and the check file in the file information, if the integrity verification passes, corresponding service processing operation is executed according to the file information, otherwise, the service processing operation is not executed.
In a second aspect, the present application provides a distributed file security transmission apparatus, including:
the information receiving module is used for receiving user information, access directory information and file information sent by the client;
and the identity verification module is used for performing user identity verification according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to the distributed file storage system for storage after the user identity verification is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
In a third aspect, the present application provides a distributed file secure transmission system, including: the system comprises a client, the distributed file safe transmission device, a distributed file storage system, a file distribution system and a service system;
the client is connected with an information receiving module of the distributed file safety transmission device and used for collecting user information, access directory information and file information input by a user and sending the user information, the access directory information and the file information to the information receiving module;
the distributed file security transmission device is connected with the distributed file storage system and a preset user information database, and an identity verification module of the distributed file security transmission device is used for performing user identity verification according to the received user information and user information prestored in the preset user information database, and sending the access directory information and the file information to the distributed file storage system for storage after the user identity verification is passed;
the file distribution system is used for acquiring the file information from the distributed file storage system and distributing the file information to the corresponding service system according to the access directory information.
In a fourth aspect, the present application provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the distributed file secure transmission method when executing the program.
In a fifth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the distributed secure file transfer method described herein.
According to the technical scheme, the application provides a method, a device and a system for safe transmission of distributed files, which receive user information, access directory information and file information sent by a client, perform user identity authentication according to the received user information and user information pre-stored in a preset user information database, and send the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that a file distribution system acquires the file information from the distributed file storage system and distributes the file information to corresponding service systems according to the access directory information, thereby uniformly executing identity authentication operations for a plurality of clients in a distributed architecture, uniformly connecting the subsequent corresponding service systems, and completing safe and reliable file transmission operations of the clients in the distributed architecture, therefore, the identity authentication operation in the distributed file transmission system is effectively decoupled from the operating system of the server side, and the transmission efficiency and accuracy in the transmission of the distributed extension set are improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a distributed file secure transmission system in an embodiment of the present application;
FIG. 2 is a second schematic structural diagram of a distributed document security transmission system according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a method of a distributed file secure transmission method in an embodiment of the present application;
FIG. 4 is a flowchart illustrating an integrity verification method according to an embodiment of the present disclosure;
FIG. 5 is a flowchart illustrating a method for signature verification according to an embodiment of the present application;
FIG. 6 is a second flowchart illustrating an integrity verification method according to an embodiment of the present application;
FIG. 7 is a third flowchart illustrating a method of integrity verification according to an embodiment of the present application;
FIG. 8 is a schematic structural diagram of a distributed document security transmission apparatus according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of an electronic device in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Considering that different service systems in the existing distributed system (especially financial industry) can provide independent and independent service terminals, one client needs to interact with a plurality of different service terminals, a plurality of sets of login users and public keys (or passwords) need to be maintained by adopting the prior art, the complexity of client management is increased, and the problem that the requirements of the distributed system cannot be met is solved, the application provides a distributed file secure transmission method, a device and a system, the user information, the access directory information and the file information sent by the client are received, the user identity authentication is carried out according to the received user information and the user information prestored in a preset user information database, and the access directory information and the file information are sent to a distributed file storage system for storage after the user identity authentication is passed, the file distribution system acquires the file information from the distributed file storage system and distributes the file information to the corresponding service system according to the access directory information, so that the identity verification operation for a plurality of clients is uniformly executed in the distributed architecture, the subsequent corresponding service systems are uniformly connected, the safe and reliable file transmission operation of the clients in the distributed architecture is completed, and the distributed file transmission system is effectively used.
In order to effectively decouple the authentication operation in the distributed file transmission system from the operating system at the server, and further improve the transmission efficiency and accuracy during transmission of the distributed extensions, the present application provides an embodiment of a distributed file secure transmission method, which specifically includes:
step 1: and receiving user information, access directory information and file information sent by the client.
Step 2: and performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
Optionally, the executing subject of the distributed file secure transmission method may be a dedicated server node newly added in the distributed file transmission system, for example, an identity authentication server.
Referring to fig. 1, it is understood that the distributed file transfer system including the authentication server 20 may generally further include: client 10, distributed file storage system 30, file distribution system 40, and business system 50.
The client 10 is connected to the authentication server 20, and the client 10 is configured to collect user information, access directory information, and file information input by a user, and send the user information, the access directory information, and the file information to the authentication server 20.
Alternatively, the authentication server 20 may implement the reception of user information, access directory information, and file information for user input based on Apache sshd (Java-written open source software that is open source for Apache foundation).
Optionally, the user information may include a user login name, a user login password, the access directory information is an address that the user wants to access in the distributed server cluster and/or a file directory that the user wants to access in the distributed file storage system 30, and the file information is a source file that the user wants to send to a target service system 50 in the distributed server cluster and/or wants to write to a target file directory in the distributed file storage system 30.
The authentication server 20 is connected to the distributed file storage system 30 and the preset user information database 21, and the authentication server 20 is configured to perform user authentication according to the received user information and user information pre-stored in the preset user information database 21, and send the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed.
Optionally, the authentication server 20 may be a server in a distributed server cluster for performing unified authentication on each client 10, and on one hand, the authentication server 20 is connected to the client 10 and is configured to receive user information, access directory information, and file information sent by the client 10; on the other hand, the system is connected to the distributed file storage system 30 (which may be the existing distributed file storage system 30), and is configured to send the user information, the access directory information, and the file information to the distributed file storage system 30 for storage after the authentication passes; on the other hand, the system is connected to a preset user information database 21, where the preset user information database 21 stores user information corresponding to the user (or the client 10) in advance, for example, the user information database 21 stores a user login name and a user login password of the user at the time of user registration.
Optionally, the user information database 21 may also control, in real time, information such as authority and directory of the access user (for example, blacklist control) in a form of adding a foreground page, so as to achieve a higher level of monitoring requirement. In addition, distributed storage may be used instead of a database.
Optionally, the authentication server 20 performs user authentication, for example, matching between a user login name and a user login password, according to the received user information and user information pre-stored in the preset user information database 21, and sends the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed.
It can be understood that, by separately providing an authentication server 20 in the distributed architecture, the authentication operations of the unified entries of the different clients 10 are respectively implemented, and thus, the decoupling of the authentication operations of the clients 10 and the server operating system is also implemented (in the prior art, the user information is bound to the server operating system, and the decoupling is strong).
The file distribution system 40 is configured to obtain the file information from the distributed file storage system 30 and distribute the file information to the corresponding service system 50 according to the access directory information.
Optionally, the distributed file storage system 30 ensures that the same service can be obtained when the user accesses any server node in a file sharing manner, thereby completely solving the problem of coupling with the operating system in the conventional mode and realizing a distributed architecture of file services.
It can be understood that, since the authentication server 20 has completed the authentication operation on each client 10, the file information uploaded by the user through the client 10 may not need to perform the authentication operation separately on the corresponding service system 50, but the file distribution system 40 may distribute the file information to the corresponding service system 50 directly according to the access directory information, so as to perform the subsequent operation quickly and accurately.
As can be seen from the above description, the distributed file secure transmission method provided by the embodiment of the present application can receive the user information, the access directory information and the file information sent by the client 10 by setting up an authentication server 20, the authentication server 20 is configured to perform user authentication according to the received user information and the user information pre-stored in the preset user information database 21, and sends the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed, so that the file distribution system 40 acquires the file information from the distributed file storage system 30 and distributes the file information to the corresponding service system 50 according to the access directory information, thereby being performed collectively by the authentication server 20 for a plurality of clients 10 in a distributed architecture.
In order to further improve the reliability of the transmitted file in the distributed file transmission process, in an embodiment of the distributed file secure transmission method of the present application, referring to fig. 2, before the file distribution system obtains the file information from the distributed file storage system, a file verification server 60 may be further disposed in the distributed file transmission system.
Specifically, the file verification server 60 is connected to the distributed file storage system 30 and the file distribution system 40, and the file verification server 60 is configured to perform file security verification on the file information acquired from the distributed file storage system 30, and notify the file distribution system 40 to perform file distribution after the file security verification is passed.
Optionally, the present application may further provide a file verification server 60 in a distributed server cluster (e.g., a distributed file transmission system) for further performing file security verification on file information uploaded by a user through the client 10, so as to improve reliability of file transmission during the distributed file transmission process.
In order to accurately perform the authentication operation of the client 10, in an embodiment of the distributed file secure transmission method according to the present application, the performing the user authentication according to the user information and the user information pre-stored in the preset user information database in step 2 includes:
and judging whether the login account and the login password in the received user information are matched with the login account and the login password prestored in the preset user information database 21, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
It can be understood that the preset user information database 21 stores user information corresponding to the user (or the client 10) in advance, for example, the user information database 21 stores a user login name and a user login password of the user when the user registers; the authentication server 20 performs user authentication, for example, matching between a user login name and a user login password, according to the received user information and the user information pre-stored in the preset user information database 21, and sends the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed.
In order to further verify the access right of the user in the process of authenticating the user, in an embodiment of the distributed file secure transmission method of the present application, after the matching is successful, the method further includes:
and judging whether the target access directory in the received access directory information is matched with the access directory authority prestored in the preset user information database 21, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
Optionally, the user information database 21 may also pre-store an access directory authority corresponding to the user, after the user login name and the user login password of the user are verified, the authentication server 20 may further verify whether the access directory authority of the user matches with the access directory authority pre-stored in the user information database 21, if so, it is determined that the user identity verification is passed, otherwise, it is determined that the user identity verification fails.
In order to ensure that complete file information is obtained before performing file security verification on the file information, in an embodiment of the distributed file security transmission method of the present application, referring to fig. 4, the file security verification server 60 performs file security verification on the file information, and specifically includes the following steps:
step S101: the current file data size of the file information obtained from the distributed file storage system 30 is determined.
Step S102: and performing integrity verification according to the current file data volume and the verification file in the file information, if the integrity verification passes, judging that the file security verification passes, and otherwise, judging that the file security verification fails.
It can be understood that the file information may include a source file that a user wants to upload, a signature file for the source file, and a check file obtained based on the source file (for example, a check file including file data amounts of the source file and the signature file), where the check file may specifically be a json file in a ". check" format, which records file data amounts of the source file and the signature file, and after the file verification server 60 obtains the file information from the distributed file storage system 30, first calculate current file data amounts, for example, 10M, of the source file and the signature file in the file information, then perform numerical comparison with an actual file data amount included in the check file, and if the current file data amounts are equal, it indicates that complete file information has been obtained, that integrity verification is passed.
In order to accurately verify the integrity of the acquired file information, in an embodiment of the distributed file secure transmission method of the present application, the step S102 specifically further includes:
and judging whether the data volume of the current file is equal to the actual data volume of the file contained in the check file in the file information or not.
Optionally, after the file information is obtained from the distributed file storage system 30, the file verification server 60 first calculates the current file data volume of the source file and the signature file in the file information, for example, 10M, and then compares the current file data volume with the actual file data volume contained in the verification file, if the current file data volume and the actual file data volume are equal, it indicates that the complete file information has been obtained, that is, the integrity verification passes.
In order to ensure the reliability of the file information sent by the user, that is, to perform signature verification on the file information, in an embodiment of the distributed file security transmission method of the present application, the file verification server 60 performs file security verification on the file information, and includes:
and performing signature verification according to the signature file acquired from the distributed file storage system 30 and a verification public key corresponding to the signature file, if the signature verification passes, determining that the file security verification passes, and otherwise, determining that the file security verification fails.
Optionally, the file verification server 60 may also perform signature verification on the file information uploaded by the user according to a pre-stored verification public key to verify the authenticity and reliability of the file information.
In order to accurately perform signature verification, in an embodiment of the distributed file secure transmission method according to the present application, referring to fig. 5, the file verification server 60 performs signature verification according to a signature file acquired from the distributed file storage system 30 and a verification public key corresponding to the signature file, and specifically includes the following steps:
step S201: and acquiring a verification public key corresponding to the client 10 from a preset public key database.
Step S202: and performing signature verification on the signature file according to the verification public key, wherein the signature file is obtained by signing the source file by using a signature private key of the client 10.
Optionally, when the user finishes the registration, the verification public key corresponding to the signature private key of the client 10 itself may be stored in a preset public key database, and the file verification server 60 may obtain the verification public key corresponding to the client 10 from the preset public key database, and perform signature verification on the signature file according to the verification public key, where it is understood that the signature file is obtained by signing the source file with the signature private key of the client 10.
Optionally, the private signature key may be different from the private key used for user login, and is only the private key for the source file.
It can be understood that, by setting the authentication server 20 to authenticate the user login name and the user login password, and then setting the file authentication server 60 to sign and authenticate the authenticity of the source file uploaded by the user, the two-layer security authentication operation strengthens the verification of the user/client 10, and reduces the security risk.
In order to ensure that the obtained file information is complete before performing a file distribution operation, in an embodiment of the distributed file secure transmission method of the present application, referring to fig. 6, the file distribution system 40 obtains the file information from the distributed file storage system 30 and distributes the file information to the corresponding service system 50 according to the access directory information, and specifically includes the following steps:
step S301: the current file data size of the file information obtained from the distributed file storage system 30 is determined.
Step S302: and performing integrity verification according to the current file data volume and the check file in the file information, if the integrity verification passes, distributing the file information to the corresponding service system 50 according to the access directory information, otherwise, not executing the distribution operation of the file information.
It can be understood that the file information may include a source file that a user wants to upload, a signature file for the source file, and a check file obtained based on the source file (for example, a check file including file data amounts of the source file and the signature file), where the check file may specifically be a json file in a ". check" format, which records file data amounts of the source file and the signature file, after the file distribution system 40 acquires the file information from the distributed file storage system 30, first calculate current file data amounts, for example, 10M, of the source file and the signature file in the file information, then perform numerical comparison with an actual file data amount included in the check file, and if the current file data amounts are equal, it indicates that complete file information has been acquired, that integrity verification is passed, and then perform a file distribution operation.
In order to ensure that complete file information can be obtained when corresponding service processing operation is executed according to file information sent by a user, referring to fig. 7, in an embodiment of the distributed file secure transmission method of the present application, the method specifically includes the following steps:
step S401: the business system 50 determines the current file data amount of the file information transmitted by the file distribution system 40.
Step S402: and the service system 50 performs integrity verification according to the current file data volume and the check file in the file information, if the integrity verification passes, executes corresponding service processing operation according to the file information, otherwise, does not execute the service processing operation.
It can be understood that the file information may include a source file that a user wants to upload, a signature file for the source file, and a check file obtained based on the source file (for example, a check file including file data amounts of the source file and the signature file), where the check file may specifically be a json file in a ". check" format, which records file data amounts of the source file and the signature file, and after receiving the file information distributed by the file distribution system 40, the service system 50 first calculates current file data amounts, for example, 10M, of the source file and the signature file in the file information, and then performs a numerical comparison with an actual file data amount included in the check file, and if the current file data amounts are equal, it indicates that complete file information has been obtained, that is, integrity verification passes, and then performs a subsequent service processing operation.
In order to effectively decouple the authentication operation in the distributed file transmission system from the operating system at the server, and further improve the transmission efficiency and accuracy when transmitting the distributed extension set, the present application provides an embodiment of a distributed file security transmission apparatus for implementing all or part of the contents of the distributed file security transmission method, and referring to fig. 8, the distributed file security transmission apparatus specifically includes the following contents:
and the information receiving module 22 is configured to receive the user information, the access directory information, and the file information sent by the client.
And the identity verification module 23 is configured to perform user identity verification according to the user information and user information pre-stored in a preset user information database, and send the access directory information and the file information to the distributed file storage system for storage after the user identity verification is passed, so that the file distribution system obtains the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
As can be seen from the above description, the distributed file secure transmission apparatus provided in this embodiment of the present application can receive user information, access directory information, and file information sent by a client, perform user authentication according to the received user information and user information pre-stored in a preset user information database, and send the access directory information and the file information to a distributed file storage system for storage after the user authentication is passed, so that a file distribution system obtains the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information, thereby performing authentication operations for a plurality of clients uniformly in a distributed architecture, and uniformly interfacing with a subsequent corresponding service system to complete a secure and reliable file transmission operation of the client in the distributed architecture, thereby effectively transferring files in a distributed file transfer system.
In order to effectively decouple the authentication operation in the distributed file transmission system from the operating system at the server side, and further improve the transmission efficiency and accuracy during transmission of the distributed extensions, the present application provides an embodiment of a distributed file security transmission system, and referring to fig. 1, the distributed file security transmission system specifically includes: the system comprises a client 10, the above-mentioned distributed file secure transmission device 20 (hereinafter also referred to as an authentication server 20), a distributed file storage system 30, a file distribution system 40 and a business system 50.
The client 10 is connected to the authentication server 20, and the client 10 is configured to collect user information, access directory information, and file information input by a user, and send the user information, the access directory information, and the file information to the authentication server 20.
Alternatively, the authentication server 20 may implement the reception of user information, access directory information, and file information for user input based on Apache sshd (Java-written open source software that is open source for Apache foundation).
Optionally, the user information may include a user login name, a user login password, the access directory information is an address that the user wants to access in the distributed server cluster and/or a file directory that the user wants to access in the distributed file storage system 30, and the file information is a source file that the user wants to send to a target service system 50 in the distributed server cluster and/or wants to write to a target file directory in the distributed file storage system 30.
The authentication server 20 is connected to the distributed file storage system 30 and the preset user information database 21, and the authentication module 23 of the authentication server 20 is configured to perform user authentication according to the received user information and user information pre-stored in the preset user information database 21, and send the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed.
Optionally, the authentication server 20 may be a server in a distributed server cluster for performing unified authentication on each client 10, and on one hand, the authentication server 20 is connected to the client 10 and is configured to receive user information, access directory information, and file information sent by the client 10; on the other hand, the system is connected to the distributed file storage system 30 (which may be the existing distributed file storage system 30), and is configured to send the user information, the access directory information, and the file information to the distributed file storage system 30 for storage after the authentication passes; on the other hand, the system is connected to a preset user information database 21, where the preset user information database 21 stores user information corresponding to the user (or the client 10) in advance, for example, the user information database 21 stores a user login name and a user login password of the user at the time of user registration.
Optionally, the user information database 21 may also control, in real time, information such as authority and directory of the access user (for example, blacklist control) in a form of adding a foreground page, so as to achieve a higher level of monitoring requirement. In addition, distributed storage may be used instead of a database.
Optionally, the authentication server 20 performs user authentication, for example, matching between a user login name and a user login password, according to the received user information and user information pre-stored in the preset user information database 21, and sends the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed.
It can be understood that, by separately providing an authentication server 20 in the distributed architecture, the authentication operations of the unified entries of the different clients 10 are respectively implemented, and thus, the decoupling of the authentication operations of the clients 10 and the server operating system is also implemented (in the prior art, the user information is bound to the server operating system, and the decoupling is strong).
The file distribution system 40 is configured to obtain the file information from the distributed file storage system 30 and distribute the file information to the corresponding service system 50 according to the access directory information.
Optionally, the distributed file storage system 30 ensures that the same service can be obtained when the user accesses any server node in a file sharing manner, thereby completely solving the problem of coupling with the operating system in the conventional mode and realizing a distributed architecture of file services.
It can be understood that, since the authentication server 20 has completed the authentication operation on each client 10, the file information uploaded by the user through the client 10 may not need to perform the authentication operation separately on the corresponding service system 50, but the file distribution system 40 may distribute the file information to the corresponding service system 50 directly according to the access directory information, so as to perform the subsequent operation quickly and accurately.
As can be seen from the above description, the distributed file secure transmission system provided in the embodiment of the present application can collect user information, access directory information, and file information input by a user at the client 10, and set an authentication server 20 to receive the user information, the access directory information, and the file information sent by the client 10, where the authentication server 20 is configured to perform user authentication according to the received user information and user information pre-stored in the preset user information database 21, and send the access directory information and the file information to the distributed file storage system 30 for storage after the user authentication is passed, so that the file distribution system 40 obtains the file information from the distributed file storage system 30 and distributes the file information to the corresponding service system 50 according to the access directory information, thereby being performed collectively by the authentication server 20 for a plurality of clients 10 in a distributed architecture.
In order to further improve the reliability of the file transmission in the process of transmitting the distributed file, in an embodiment of the distributed file secure transmission system of the present application, referring to fig. 2, the method may further include: the file verification server 60 is connected with the distributed file storage system 30 and the file distribution system 40, and the file verification server 60 is configured to perform file security verification on the file information acquired from the distributed file storage system 30, and notify the file distribution system 40 to perform file distribution after the file security verification is passed.
Optionally, a file verification server 60 may be further disposed in the distributed server cluster, and is used to further perform file security verification on file information uploaded by the user through the client 10, so as to improve reliability of file transmission in the distributed file transmission process.
In order to effectively decouple the authentication operation in the distributed file transmission system from the operating system at the server and further improve the transmission efficiency and accuracy when transmitting the distributed extension, the application provides an embodiment of an electronic device for implementing all or part of the contents in the distributed file secure transmission method, where the electronic device specifically includes the following contents:
a processor (processor), a memory (memory), a communication Interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete mutual communication through the bus; the communication interface is used for realizing information transmission between the distributed file security transmission device and relevant equipment such as a core service system, a user terminal, a relevant database and the like; the logic controller may be a desktop computer, a tablet computer, a mobile terminal, and the like, but the embodiment is not limited thereto. In this embodiment, the logic controller may be implemented with reference to the embodiments of the distributed file secure transmission method and the embodiments of the distributed file secure transmission apparatus in the embodiments, and the contents thereof are incorporated herein, and repeated descriptions are omitted.
It is understood that the user terminal may include a smart phone, a tablet electronic device, a network set-top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), an in-vehicle device, a smart wearable device, and the like. Wherein, intelligence wearing equipment can include intelligent glasses, intelligent wrist-watch, intelligent bracelet etc..
In practical applications, part of the distributed file secure transmission method may be executed on the electronic device side as described in the above, or all operations may be completed in the client device. The selection may be specifically performed according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This is not a limitation of the present application. The client device may further include a processor if all operations are performed in the client device.
The client device may have a communication module (i.e., a communication unit), and may be communicatively connected to a remote server to implement data transmission with the server. The server may include a server on the task scheduling center side, and in other implementation scenarios, the server may also include a server on an intermediate platform, for example, a server on a third-party server platform that is communicatively linked to the task scheduling center server. The server may include a single computer device, or may include a server cluster formed by a plurality of servers, or a server structure of a distributed apparatus.
Fig. 9 is a schematic block diagram of a system configuration of an electronic device 9600 according to an embodiment of the present application. As shown in fig. 9, the electronic device 9600 can include a central processor 9100 and a memory 9140; the memory 9140 is coupled to the central processor 9100. Notably, this fig. 9 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.
In one embodiment, the distributed file secure transfer method function may be integrated into the central processor 9100. The central processor 9100 may be configured to control as follows:
step S1: and receiving user information, access directory information and file information sent by the client.
Step S2: and performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
As can be seen from the above description, in the electronic device provided in the embodiment of the present application, by receiving user information, access directory information, and file information sent by a client, performing user authentication according to the received user information and user information pre-stored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user authentication is passed, a file distribution system obtains the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information, so as to uniformly perform authentication operations for a plurality of clients in a distributed architecture, and uniformly interface with subsequent corresponding service systems, thereby completing a safe and reliable file transmission operation of the client in the distributed architecture, thereby effectively transferring files in a distributed file transfer system.
In another embodiment, the distributed file secure transmission apparatus may be configured separately from the central processor 9100, for example, the distributed file secure transmission apparatus may be configured as a chip connected to the central processor 9100, and the functions of the distributed file secure transmission method may be implemented by the control of the central processor.
As shown in fig. 9, the electronic device 9600 may further include: a communication module 9110, an input unit 9120, an audio processor 9130, a display 9160, and a power supply 9170. It is noted that the electronic device 9600 also does not necessarily include all of the components shown in fig. 9; in addition, the electronic device 9600 may further include components not shown in fig. 9, which may be referred to in the prior art.
As shown in fig. 9, a central processor 9100, sometimes referred to as a controller or operational control, can include a microprocessor or other processor device and/or logic device, which central processor 9100 receives input and controls the operation of the various components of the electronic device 9600.
The memory 9140 can be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And the central processing unit 9100 can execute the program stored in the memory 9140 to realize information storage or processing, or the like.
The input unit 9120 provides input to the central processor 9100. The input unit 9120 is, for example, a key or a touch input device. Power supply 9170 is used to provide power to electronic device 9600. The display 9160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
The memory 9140 can be a solid state memory, e.g., Read Only Memory (ROM), Random Access Memory (RAM), a SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 9140 could also be some other type of device. Memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). The memory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 being used for storing application programs and function programs or for executing a flow of operations of the electronic device 9600 by the central processor 9100.
The memory 9140 can also include a data store 9143, the data store 9143 being used to store data, such as contacts, digital data, pictures, sounds, and/or any other data used by an electronic device. The driver storage portion 9144 of the memory 9140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, contact book applications, etc.).
The communication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via an antenna 9111. The communication module (transmitter/receiver) 9110 is coupled to the central processor 9100 to provide input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be provided in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to a speaker 9131 and a microphone 9132 via an audio processor 9130 to provide audio output via the speaker 9131 and receive audio input from the microphone 9132, thereby implementing ordinary telecommunications functions. The audio processor 9130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 9130 is also coupled to the central processor 9100, thereby enabling recording locally through the microphone 9132 and enabling locally stored sounds to be played through the speaker 9131.
An embodiment of the present application further provides a computer-readable storage medium capable of implementing all the steps in the distributed file secure transmission method with the execution subject being the server or the client in the foregoing embodiments, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements all the steps in the distributed file secure transmission method with the execution subject being the server or the client in the foregoing embodiments, for example, when the processor executes the computer program, the processor implements the following steps:
step S1: and receiving user information, access directory information and file information sent by the client.
Step S2: and performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
As can be seen from the above description, the computer-readable storage medium provided in this embodiment of the present application receives user information, access directory information, and file information sent by a client, performs user authentication according to the received user information and user information pre-stored in a preset user information database, and sends the access directory information and the file information to a distributed file storage system for storage after the user authentication passes, so that a file distribution system obtains the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information, thereby performing authentication operations for multiple clients in a distributed architecture uniformly, and interfacing with subsequent corresponding service systems uniformly, thereby completing safe and reliable file transmission operations of the clients in the distributed architecture, thereby effectively transferring files in a distributed file transfer system.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (14)
1. A method for secure transmission of a distributed file, the method comprising:
receiving user information, access directory information and file information sent by a client;
and performing user identity authentication according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to a distributed file storage system for storage after the user identity authentication is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
2. The method for securely transmitting the distributed file according to claim 1, further comprising, before the file distribution system obtains the file information from the distributed file storage system:
and the file verification server performs file security verification on the file information and informs the file distribution system to distribute the file after the file security verification is passed.
3. The method for securely transmitting the distributed file according to claim 1, wherein the performing the user authentication according to the user information and the user information pre-stored in the preset user information database includes:
and judging whether the login account and the login password in the user information are matched with the login account and the login password prestored in the preset user information database, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
4. The method for securely transmitting the distributed file according to claim 3, further comprising, after the matching is successful:
and judging whether the target access directory in the received access directory information is matched with the access directory authority prestored in the preset user information database, if so, judging that the user identity authentication is passed, and otherwise, judging that the user identity authentication is failed.
5. The distributed file security transmission method according to claim 2, wherein the file authentication server performs file security authentication on the file information, and the method includes:
determining the current file data volume of the file information acquired from the distributed file storage system;
and performing integrity verification according to the current file data volume and the verification file in the file information, if the integrity verification passes, judging that the file security verification passes, and otherwise, judging that the file security verification fails.
6. The method for securely transmitting the distributed file according to claim 5, wherein the performing file security verification according to the current file data size and the check file in the file information includes:
and judging whether the data volume of the current file is equal to the actual data volume of the file contained in the check file in the file information or not.
7. The distributed file security transmission method according to claim 2, wherein the file authentication server performs file security authentication on the file information, and the method includes:
and performing signature verification according to the signature file acquired from the distributed file storage system and a verification public key corresponding to the signature file, if the signature verification passes, judging that the file security verification passes, and otherwise, judging that the file security verification fails.
8. The method for securely transmitting the distributed file according to claim 7, wherein the performing signature verification according to the signature file acquired from the distributed file storage system and a verification public key corresponding to the signature file includes:
acquiring a verification public key corresponding to the client from a preset public key database;
and performing signature verification on the signature file according to the verification public key, wherein the signature file is obtained by signing a source file by a signature private key of the client.
9. The method for securely transmitting the distributed file according to claim 1, wherein the file distribution system obtains the file information from the distributed file storage system and distributes the file information to the corresponding service system according to the access directory information, and the method includes:
determining the current file data volume of the file information acquired from the distributed file storage system;
and performing integrity verification according to the current file data volume and a check file in the file information, if the integrity verification passes, distributing the file information to the corresponding service system according to the access directory information, and otherwise, not executing the distribution operation of the file information.
10. The method for securely transmitting the distributed file according to claim 1, wherein after the file distribution system distributes the file information to the corresponding business system, the method further comprises:
the service system determines the current file data volume of the file information sent by the file distribution system;
and the service system carries out integrity verification according to the current file data volume and the check file in the file information, if the integrity verification passes, corresponding service processing operation is executed according to the file information, otherwise, the service processing operation is not executed.
11. A distributed file secure transmission device, comprising:
the information receiving module is used for receiving user information, access directory information and file information sent by the client;
and the identity verification module is used for performing user identity verification according to the user information and user information prestored in a preset user information database, and sending the access directory information and the file information to the distributed file storage system for storage after the user identity verification is passed, so that the file distribution system acquires the file information from the distributed file storage system and distributes the file information to a corresponding service system according to the access directory information.
12. A distributed secure file transfer system, comprising: a client, a distributed file secure transfer apparatus, a distributed file storage system, a file distribution system, and a business system according to claim 11;
the client is connected with an information receiving module of the distributed file safety transmission device and used for collecting user information, access directory information and file information input by a user and sending the user information, the access directory information and the file information to the information receiving module;
the distributed file security transmission device is connected with the distributed file storage system and a preset user information database, and an identity verification module of the distributed file security transmission device is used for performing user identity verification according to the received user information and user information prestored in the preset user information database, and sending the access directory information and the file information to the distributed file storage system for storage after the user identity verification is passed;
the file distribution system is used for acquiring the file information from the distributed file storage system and distributing the file information to the corresponding service system according to the access directory information.
13. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the distributed secure file transfer method of any one of claims 1 to 10 when executing the program.
14. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method for the secure transmission of a distributed file according to any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010474506.1A CN111666590A (en) | 2020-05-29 | 2020-05-29 | Distributed file secure transmission method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010474506.1A CN111666590A (en) | 2020-05-29 | 2020-05-29 | Distributed file secure transmission method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111666590A true CN111666590A (en) | 2020-09-15 |
Family
ID=72385026
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010474506.1A Pending CN111666590A (en) | 2020-05-29 | 2020-05-29 | Distributed file secure transmission method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111666590A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112766972A (en) * | 2020-12-31 | 2021-05-07 | 未鲲(上海)科技服务有限公司 | User identity authentication method and system |
| CN116488931A (en) * | 2023-05-26 | 2023-07-25 | 深圳鹏程未来技术有限公司 | Information interaction method and device based on distributed networking equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105893865A (en) * | 2015-12-31 | 2016-08-24 | 乐视移动智能信息技术(北京)有限公司 | File processing method and device |
| CN107577420A (en) * | 2017-07-26 | 2018-01-12 | 阿里巴巴集团控股有限公司 | Document handling method and device, server |
| US10614241B1 (en) * | 2018-12-27 | 2020-04-07 | Qumulo, Inc. | Access verification for distributed file systems |
| CN111198848A (en) * | 2020-01-03 | 2020-05-26 | 南京领行科技股份有限公司 | Distributed file access method, system, server and storage medium |
-
2020
- 2020-05-29 CN CN202010474506.1A patent/CN111666590A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105893865A (en) * | 2015-12-31 | 2016-08-24 | 乐视移动智能信息技术(北京)有限公司 | File processing method and device |
| CN107577420A (en) * | 2017-07-26 | 2018-01-12 | 阿里巴巴集团控股有限公司 | Document handling method and device, server |
| US10614241B1 (en) * | 2018-12-27 | 2020-04-07 | Qumulo, Inc. | Access verification for distributed file systems |
| CN111198848A (en) * | 2020-01-03 | 2020-05-26 | 南京领行科技股份有限公司 | Distributed file access method, system, server and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112766972A (en) * | 2020-12-31 | 2021-05-07 | 未鲲(上海)科技服务有限公司 | User identity authentication method and system |
| CN116488931A (en) * | 2023-05-26 | 2023-07-25 | 深圳鹏程未来技术有限公司 | Information interaction method and device based on distributed networking equipment |
| CN116488931B (en) * | 2023-05-26 | 2024-02-06 | 深圳鹏程未来技术有限公司 | Information interaction method and device based on distributed networking equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3726804A2 (en) | Device authentication method, service access control method, device, and non-transitory computer-readable recording medium | |
| EP3065435A1 (en) | Method for generating a digital identity for a user of a mobile device, digital user identity, and authentication method using said digital user identity | |
| CN104160653A (en) | Multi-factor certificate authority | |
| US9600671B2 (en) | Systems and methods for account recovery using a platform attestation credential | |
| CN111464295B (en) | Bank card making method and device | |
| US10694381B1 (en) | System and method for authentication and sharing of subscriber data | |
| US11182464B2 (en) | Mobile key via mobile device audio channel | |
| CN111275555A (en) | Block chain transaction processing method, transaction node and block chain system | |
| CN112235294B (en) | Block chain cooperative authority control method and device | |
| CN111949959B (en) | Authorization authentication method and device in Oauth protocol | |
| CN111949958A (en) | Authorization authentication method and device in Oauth protocol | |
| CN115174558B (en) | Cloud network end integrated identity authentication method, device, equipment and storage medium | |
| CN111931209A (en) | Contract information verification method and device based on zero knowledge certification | |
| CN111666590A (en) | Distributed file secure transmission method, device and system | |
| CN106656507B (en) | A kind of digital certificate method and device based on mobile terminal | |
| CN113191169A (en) | Terminal code scanning login method, device and system | |
| CN108228280A (en) | The configuration method and device of browser parameters, storage medium, electronic equipment | |
| CN109474929B (en) | Power consumption mode adjusting method and device, electronic equipment and computer readable storage medium | |
| CN111147358A (en) | Security authentication method and device based on instant messaging software | |
| CN115099930A (en) | Financial business data processing method and device | |
| CN111937013A (en) | Electronic device management | |
| CN113158259A (en) | Block chain integrity verification method and device | |
| CN114549206A (en) | Transaction anti-repudiation method, system, electronic equipment and readable storage medium | |
| CN114285657A (en) | Firewall security policy change verification method and device | |
| CN113395326A (en) | Network service-based login method, device and computer-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200915 |