CN112491544A - Method and system for dynamically encrypting platform data - Google Patents

Method and system for dynamically encrypting platform data Download PDF

Info

Publication number
CN112491544A
CN112491544A CN202011347593.0A CN202011347593A CN112491544A CN 112491544 A CN112491544 A CN 112491544A CN 202011347593 A CN202011347593 A CN 202011347593A CN 112491544 A CN112491544 A CN 112491544A
Authority
CN
China
Prior art keywords
key
file
client
user
command
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011347593.0A
Other languages
Chinese (zh)
Inventor
周铭兴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suntech Guangzhou Information Technology Service Co ltd
Original Assignee
Suntech Guangzhou Information Technology Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suntech Guangzhou Information Technology Service Co ltd filed Critical Suntech Guangzhou Information Technology Service Co ltd
Priority to CN202011347593.0A priority Critical patent/CN112491544A/en
Publication of CN112491544A publication Critical patent/CN112491544A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation

Abstract

The invention relates to the technical field of data processing, in particular to a method and a system for dynamically encrypting platform data, wherein a request for generating a dynamic key is sent to a key authentication center through a client; after the dynamic key is obtained, the file storage server records the file and the time of the encryption key into a file table; when the user loads platform data, the user is authenticated, and after the authentication is passed, the file is taken out according to the requested file path and returned to the client; after receiving the encrypted file, the client sends a get Unlock command to the key authentication center to request the key to decrypt the file; after the key verification center receives the command, the key table is inquired to obtain the key and a return Unlock command is returned to the client, and the client decrypts the platform data for the user to use after receiving the key. The invention realizes the double guarantee of safe storage, sharing and transmission of the user files by separating encryption and storage and dynamically distributing the key, and promotes the development of platform data encryption technology.

Description

Method and system for dynamically encrypting platform data
Technical Field
The invention relates to the technical field of data processing, in particular to a method and a system for dynamically encrypting platform data.
Background
With the progress of the era, informatization and networking have become the main trends of the development of the internet. The explosion of big data has led many current computer applications to move their storage from traditional computer storage systems to cloud storage systems. The cloud storage system is based on cloud computing, and provides a high-performance storage platform which is convenient, fast, low in cost and high in expansibility for users by means of technologies such as cluster service, a distributed file system and virtualization.
However, when a user places a large amount of data on the cloud storage platform, problems of data leakage and data loss are also accompanied, and the problem becomes the most worried problem for the cloud storage user. Cloud storage service providers such as amazon and google have different levels of security problems in the operation process, and even have some serious irretrievable consequences. Therefore, whether cloud storage can be established in the current network era depends to a great extent on whether the security performance of the cloud storage can meet the requirements of users.
Therefore, it becomes important how to provide a method and system for dynamically encrypting platform data.
Disclosure of Invention
Aiming at the defects of the prior art, the invention discloses a method and a system for dynamically encrypting platform data, which are used for solving the problems in the background technology.
The invention is realized by the following technical scheme:
in a first aspect, the present invention discloses a method for dynamically encrypting platform data, which is characterized in that the method comprises the following steps:
s1, erecting a key authentication center at the platform to generate a client management table and a key table;
s2 sending request for generating dynamic key to key authentication center through client;
s3, the key authentication center searches the user table to verify whether the user at the client side is legal; if the local file is legal, the client side encrypts the local file after obtaining the key and uploads the local file to the file storage server;
s4 the file storage server receives the file and looks up the user table to verify whether the user at the client is legal, if so, the file storage server records the time of the file and the encryption key into the file table;
s5, when loading platform data, the user firstly sends a download command to the file storage server, after receiving the command, the storage server authenticates the user, after passing the authentication, the user takes out the file according to the requested file path and returns the file to the client;
s6 client end receives the encrypted file, sends get Unlock command to key authentication center to request key to decrypt file;
and after receiving the command, the key verification center of S7 inquires the key table to obtain the key and returns a return Unlock command to the client, and the client decrypts the platform data for the user to use after receiving the key.
Further, in the method, the format command for the client and the server to communicate includes:
the get Key command is used for requesting a Key from a Key authentication center by a client to encrypt a file and upload the file to a storage server;
a return Key command used for a command when the Key verification center sends the Key;
an execute command used for a command used when the client uploads the encrypted file to the storage server;
a download command, which is a command used when a client requests a file from a storage server;
a return Data command for a command used by the storage server to return the encrypted file to the client;
get Unlock command, which is used for the client to request the key authentication center to decrypt the file;
return Unlock command, a command used by the key authentication center to return keys to the client.
Further, in the method, the dynamic password obtaining includes the following steps:
after the T1 key authentication center receives the client getKey command, the key authentication center searches the user table to verify whether the client user is legal;
if the T2 is legal, the step S3 is carried out, otherwise, error information is returned to the client;
t3 the key authentication center obtains the current time datenowo of the system, and the key authentication center searches the maximum time datemaxc of the field datemime in the key table;
the T4 key authentication center calculates the difference delta h between datenow and datemax, and compares the delta h with the fixed change key period T;
if Δ h is less than T or equal to T, T5 directly returns the key privateKey and datemax corresponding to datemax in the key table to the client;
t6 if Δ h > T, the key authentication center generates a random key privateKey and datenow and returns the key privateKey and datenow to the client, and meanwhile, the generated key privateKey and time datenow are stored in the key table for the user to decrypt the file.
Furthermore, when generating the key, two prime numbers i and j with similar sizes are randomly generated, and the formula for calculating the encryption key range is as follows:
Figure BDA0002800400490000031
randomly selecting an integer a as an encryption key, then 1 < a < eta, so that gcd (a, eta) is 1, calculating a decryption key k according to the encryption key, and satisfying k.a ═ 1mod eta, wherein (a, e) is used as a public key, k is used as a private key to be stored, the public key is sent to a receiving party, and the private key is reserved for a sending party.
Furthermore, the user table is stored in the key authentication center and the storage server and used for verifying the legality of the user and jointly using the common management key in the key authentication center and the key table, and jointly using the common management file in the storage server and the file table; the user table comprises id, username and password fields.
Furthermore, the key table is stored in the key authentication center and used for managing the encrypted file key of each user; the Key table comprises id, date Time and private Key; the file table is stored in a storage server and used for managing files of each user; the file table contains id, date Time, and file Data.
In a second aspect, the present invention discloses a system for dynamically encrypting platform data, where the system is configured to perform the method for dynamically encrypting platform data according to the first aspect, and includes a storage service, a processor, and a memory storing execution instructions, where when the processor executes the execution instructions stored in the memory, the processor hardware performs the method for dynamically encrypting platform data according to the first aspect.
The invention has the beneficial effects that:
according to the invention, the key authentication center and the file storage server are isolated, and the specific positions of the two parties are not known mutually, so that the security of the file is not influenced even if any party has a security leakage problem, and the separation of encryption and storage is realized.
The key of the invention is dynamically changed, even if an attacker intercepts a section of key, the attacker cannot determine which file of which user is encrypted, and therefore cannot decrypt.
The invention realizes the double guarantee of safe storage, sharing and transmission of the user files by separating encryption and storage and dynamically distributing the key, and promotes the development of platform data encryption technology.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic step diagram of a method for dynamically encrypting platform data.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment discloses a method for dynamically encrypting platform data as shown in fig. 1, which is characterized by comprising the following steps:
s1, erecting a key authentication center at the platform to generate a client management table and a key table;
s2 sending request for generating dynamic key to key authentication center through client;
s3, the key authentication center searches the user table to verify whether the user at the client side is legal; if the local file is legal, the client side encrypts the local file after obtaining the key and uploads the local file to the file storage server;
s4 the file storage server receives the file and looks up the user table to verify whether the user at the client is legal, if so, the file storage server records the time of the file and the encryption key into the file table;
s5, when loading platform data, the user firstly sends a download command to the file storage server, after receiving the command, the storage server authenticates the user, after passing the authentication, the user takes out the file according to the requested file path and returns the file to the client;
s6 client end receives the encrypted file, sends get Unlock command to key authentication center to request key to decrypt file;
and after receiving the command, the key verification center of S7 inquires the key table to obtain the key and returns a return Unlock command to the client, and the client decrypts the platform data for the user to use after receiving the key.
In the embodiment, the dynamic key is generated by erecting the key authentication center, the client encrypts the local file after obtaining the key and uploads the local file to the file storage server, the encrypted file in the storage server can only request the key from the key authentication center through the client, and the client decrypts the file after obtaining the decryption key. The key authentication center maintains a user table and a key table, and the storage server maintains the user table and a file table.
In the embodiment, the user table is stored in the key authentication center and the storage server and used for verifying the legality of the user, a common management key is jointly used with the key table in the key authentication center, and a common management file is jointly used with the file table in the storage server; the user table contains id, username and password fields.
In the embodiment, the key table is stored in the key authentication center and used for managing the encrypted file key of each user; the Key table contains id, date Time, and private Key. The file table is stored in the storage server and used for managing files of each user, and the file table comprises id, date Time and file Data.
Example 2
In this embodiment, the packet format command for the communication between the client and the server mainly has the following 7 types:
the get Key command is used for requesting a Key from a Key authentication center by a client to encrypt a file and uploading the file to a storage server, and the parameters contained in the get Key command comprise a command type command, a user name and a login password.
The return Key command is used for a command when the Key verification center sends the Key, and the return Key contains parameters including a command type command, a generated Key privatekey and a system Time date Time when the Key is generated.
The execute command is used for a command used when the client uploads the encrypted file to the storage server, and parameters contained in the upload command include a command type command, a user name username, a login password, encrypted file Data and date Time returned by the key verification center.
The download command is used for a command used when the client requests a file from the storage server, and the parameters contained in the download command include a command type com-command, a user Name, a login password and a Name of the file to be requested.
The return Data command is used for a command used when the storage server returns the encrypted file to the client, and parameters contained in the return Data include a command type command, encrypted file Data and a date Time corresponding to the encrypted file.
The get Unlock command is a command used when the client requests the key authentication center to decrypt a file,
the get Unlock command comprises parameters including command type command, user name, login password and date Time corresponding to the encrypted file.
The return Unlock command is used for a command used when the key authentication center returns a key to the client.
The return Unlock command contains parameters of command type command and decryption key privatekey.
Example 3
In the embodiment, when a user uploads a file to a file storage server, a get Key command is sent to a Key authentication center firstly, the Key authentication center verifies whether the user is legal or not firstly, after the user passes the verification, the Key authentication center calls a Key generation algorithm to obtain a Key and returns a return Key command to a client, the client encrypts the file after receiving the Key and uploads the file to the storage server, after the storage server receives an upload command, the user is also verified before, the file is stored in a database after the verification, and if the user is verified to be illegal, error information is returned.
In the embodiment, when a user loads a file, a download command is sent to a file storage server, the storage server authenticates the user after receiving the command, the file is taken out according to a requested file path and returned to a client after passing the verification, the client sends a get Unlock command to a key authentication center to request a key decryption file after receiving the encrypted file, the key authentication center obtains a key by querying a key table and returns a return Unlock command to the client after receiving the command, and the client decrypts the file for the user after receiving the key.
Example 4
The embodiment discloses a dynamic password obtaining step:
after the T1 key authentication center receives the client getKey command, the key authentication center searches the user table to verify whether the client user is legal;
if the T2 is legal, the step S3 is carried out, otherwise, error information is returned to the client;
t3 the key authentication center obtains the current time datenowo of the system, and the key authentication center searches the maximum time datemaxc of the field datemime in the key table;
the T4 key authentication center calculates the difference delta h between datenow and datemax, and compares the delta h with the fixed change key period T;
if Δ h is less than T or equal to T, T5 directly returns the key privateKey and datemax corresponding to datemax in the key table to the client;
t6 if Δ h > T, the key authentication center generates a random key privateKey and datenow and returns the key privateKey and datenow to the client, and meanwhile, the generated key privateKey and time datenow are stored in the key table for the user to decrypt the file.
Furthermore, when the key is generated, two prime numbers i and j with similar sizes are randomly generated, and the formula for calculating the range of the encryption key is as follows:
Figure BDA0002800400490000081
randomly selecting an integer a as an encryption key, then 1 < a < eta, so that gcd (a, eta) is 1, calculating a decryption key k according to the encryption key, and satisfying k.a ═ 1mod eta, wherein (a, e) is used as a public key, k is used as a private key to be stored, the public key is sent to a receiving party, and the private key is reserved for a sending party.
Example 5
The embodiment discloses a platform data dynamic encryption system, which is used for executing a method for completing platform data dynamic encryption and comprises a storage service, a processor and a memory, wherein execution instructions are stored in the memory, and when the processor executes the execution instructions stored in the memory, the processor hardware executes the method for platform data dynamic encryption.
In summary, the invention isolates the key authentication center and the file storage server, and the two do not know the specific position of the other, so that even if any party has the problem of security disclosure, the security of the file is not affected, and the separation of encryption and storage is realized.
The key of the invention is dynamically changed, even if an attacker intercepts a section of key, the attacker cannot determine which file of which user is encrypted, and therefore cannot decrypt.
The invention realizes the double guarantee of safe storage, sharing and transmission of the user files by separating encryption and storage and dynamically distributing the key, and promotes the development of platform data encryption technology.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (7)

1. A method for dynamically encrypting platform data, the method comprising the steps of:
s1, erecting a key authentication center at the platform to generate a client management table and a key table;
s2 sending request for generating dynamic key to key authentication center through client;
s3, the key authentication center searches the user table to verify whether the user at the client side is legal; if the local file is legal, the client side encrypts the local file after obtaining the key and uploads the local file to the file storage server;
s4 the file storage server receives the file and looks up the user table to verify whether the user at the client is legal, if so, the file storage server records the time of the file and the encryption key into the file table;
s5, when loading platform data, the user firstly sends a download command to the file storage server, after receiving the command, the storage server authenticates the user, after passing the authentication, the user takes out the file according to the requested file path and returns the file to the client;
s6 client end receives the encrypted file, sends get Unlock command to key authentication center to request key to decrypt file;
and after receiving the command, the key verification center of S7 inquires the key table to obtain the key and returns a return Unlock command to the client, and the client decrypts the platform data for the user to use after receiving the key.
2. The method for dynamically encrypting platform data according to claim 1, wherein format commands for communication between the client and the server comprise:
the get Key command is used for requesting a Key from a Key authentication center by a client to encrypt a file and upload the file to a storage server;
a return Key command used for a command when the Key verification center sends the Key;
an execute command used for a command used when the client uploads the encrypted file to the storage server;
a download command, which is a command used when a client requests a file from a storage server;
a return Data command for a command used by the storage server to return the encrypted file to the client;
get Unlock command, which is used for the client to request the key authentication center to decrypt the file;
return Unlock command, a command used by the key authentication center to return keys to the client.
3. The method for dynamically encrypting platform data according to claim 1, wherein the dynamic password obtaining comprises the following steps:
after the T1 key authentication center receives the client getKey command, the key authentication center searches the user table to verify whether the client user is legal;
if the T2 is legal, the step S3 is carried out, otherwise, error information is returned to the client;
t3 the key authentication center obtains the current time datenowo of the system, and the key authentication center searches the maximum time datemaxc of the field datemime in the key table;
the T4 key authentication center calculates the difference delta h between datenow and datemax, and compares the delta h with the fixed change key period T;
if Δ h is less than T or equal to T, T5 directly returns the key privateKey and datemax corresponding to datemax in the key table to the client;
t6 if Δ h > T, the key authentication center generates a random key privateKey and datenow and returns the key privateKey and datenow to the client, and meanwhile, the generated key privateKey and time datenow are stored in the key table for the user to decrypt the file.
4. The method as claimed in claim 1, wherein when generating the key, two prime numbers i and j with similar sizes are first generated randomly, and the formula for calculating the range of the encryption key is as follows:
Figure FDA0002800400480000021
randomly selecting an integer a as an encryption key, then 1 < a < eta, so that gcd (a, eta) is 1, calculating a decryption key k according to the encryption key, and satisfying k.a ═ 1mod eta, wherein (a, e) is used as a public key, k is used as a private key to be stored, the public key is sent to a receiving party, and the private key is reserved for a sending party.
5. The method for dynamically encrypting platform data according to claim 1, wherein the user table is stored in a key authentication center and a storage server, and is used for verifying the validity of the user and using a common management key in the key authentication center in combination with the key table, and using a common management file in the storage server in combination with the file table; the user table comprises id, username and password fields.
6. The method for dynamically encrypting platform data according to claim 1, wherein the key table is stored in a key certification center for managing an encrypted file key of each user; the Key table comprises id, date Time and private Key; the file table is stored in a storage server and used for managing files of each user; the file table contains id, date Time, and file Data.
7. A platform data dynamic encryption system, the system being configured to perform the method for performing platform data dynamic encryption according to any one of claims 1-6, and comprising a storage service, a processor, and a memory storing execution instructions, wherein when the processor executes the execution instructions stored in the memory, the processor hardware performs the method for performing platform data dynamic encryption according to any one of claims 1-6.
CN202011347593.0A 2020-11-26 2020-11-26 Method and system for dynamically encrypting platform data Pending CN112491544A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011347593.0A CN112491544A (en) 2020-11-26 2020-11-26 Method and system for dynamically encrypting platform data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011347593.0A CN112491544A (en) 2020-11-26 2020-11-26 Method and system for dynamically encrypting platform data

Publications (1)

Publication Number Publication Date
CN112491544A true CN112491544A (en) 2021-03-12

Family

ID=74935424

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011347593.0A Pending CN112491544A (en) 2020-11-26 2020-11-26 Method and system for dynamically encrypting platform data

Country Status (1)

Country Link
CN (1) CN112491544A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113127930A (en) * 2021-05-17 2021-07-16 阳光电源股份有限公司 Charging data processing method, device and computer readable storage medium
CN114978949A (en) * 2022-05-26 2022-08-30 延锋伟世通汽车电子有限公司 Secret key writing test method and system based on Ethernet and CAN communication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1246940A (en) * 1997-12-10 2000-03-08 精工爱普生株式会社 Information processing system, enciphering/deciphering system, system LSI and electronic apparatus
CN106685919A (en) * 2016-11-19 2017-05-17 徐州医科大学 Secure cloud storage method with passive dynamic key distribution mechanism
CN108234662A (en) * 2018-01-09 2018-06-29 江苏徐工信息技术股份有限公司 A kind of secure cloud storage method with active dynamic key distribution mechanisms

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1246940A (en) * 1997-12-10 2000-03-08 精工爱普生株式会社 Information processing system, enciphering/deciphering system, system LSI and electronic apparatus
CN106685919A (en) * 2016-11-19 2017-05-17 徐州医科大学 Secure cloud storage method with passive dynamic key distribution mechanism
CN108234662A (en) * 2018-01-09 2018-06-29 江苏徐工信息技术股份有限公司 A kind of secure cloud storage method with active dynamic key distribution mechanisms

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113127930A (en) * 2021-05-17 2021-07-16 阳光电源股份有限公司 Charging data processing method, device and computer readable storage medium
CN114978949A (en) * 2022-05-26 2022-08-30 延锋伟世通汽车电子有限公司 Secret key writing test method and system based on Ethernet and CAN communication
CN114978949B (en) * 2022-05-26 2024-02-09 延锋伟世通汽车电子有限公司 Key writing test method and system based on Ethernet and CAN communication

Similar Documents

Publication Publication Date Title
EP3610624B1 (en) Retrieving access data for blockchain networks using highly available trusted execution environments
US10790980B2 (en) Establishing trust in an attribute authentication system
CN106209749B (en) Single sign-on method and device, and related equipment and application processing method and device
US20190057115A1 (en) Method and system for distributing digital content on peer-to-peer network
EP3720093A1 (en) Resource acquisition method and apparatus, resource distribution method and apparatus, and resource downloading method and apparatus, and device and storage medium
US20200204530A1 (en) Self-encrypting key management system
US9026805B2 (en) Key management using trusted platform modules
US8977857B1 (en) System and method for granting access to protected information on a remote server
US20230370265A1 (en) Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control
US20200296089A1 (en) Validating containers on a microservice framework
CN114826652A (en) Traceable access control method based on double block chains
CN112491544A (en) Method and system for dynamically encrypting platform data
Sayler et al. Custos: Increasing security with secret storage as a service
US11750397B2 (en) Attribute-based encryption keys as key material for key-hash message authentication code user authentication and authorization
Majumder et al. Trust relationship establishment among multiple cloud service provider
Kaur et al. Enhancement in homomorphic encryption scheme for cloud data security
Ramane et al. A metadata verification scheme for data auditing in cloud environment
Raja et al. An enhanced study on cloud data services using security technologies
CN108449358A (en) The safe computational methods of low delay based on cloud
Tyagi et al. An enhanced access control and data security framework for cloud application
Guiyuan et al. The Improvement of HDFS Authentication Model Based on Token Push Mechanism
Li et al. Searchable Proxy Re-Encryption Data Sharing Scheme Based on Consortium Chain
Krishna et al. SSH-DAuth: secret sharing based decentralized OAuth using decentralized identifier
Anitha Privacy Preserving Ranked Keyword Search Over Cloud Computing
WO2019127913A1 (en) Rapid access control system based on cloud security platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210312

RJ01 Rejection of invention patent application after publication