CN113568568A - Hardware encryption method, system and device based on distributed storage - Google Patents
Hardware encryption method, system and device based on distributed storage Download PDFInfo
- Publication number
- CN113568568A CN113568568A CN202110670841.3A CN202110670841A CN113568568A CN 113568568 A CN113568568 A CN 113568568A CN 202110670841 A CN202110670841 A CN 202110670841A CN 113568568 A CN113568568 A CN 113568568A
- Authority
- CN
- China
- Prior art keywords
- user
- encryption
- key
- data
- storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000012795 verification Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 3
- 238000002955 isolation Methods 0.000 abstract description 3
- 230000009286 beneficial effect Effects 0.000 abstract 1
- 238000007726 management method Methods 0.000 description 34
- 239000012634 fragment Substances 0.000 description 4
- 238000013500 data storage Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002194 synthesizing effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/067—Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/0671—In-line storage system
- G06F3/0683—Plurality of storage devices
- G06F3/0689—Disk arrays, e.g. RAID, JBOD
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Human Computer Interaction (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a hardware encryption method, a system and a device based on distributed storage, which belong to the field of data security. By adopting the technical scheme of the invention, data leakage caused by the fact that the hard disk is stolen can be avoided due to the fact that the ciphertext data exists on the magnetic disk, and meanwhile, the logic isolation and the encryption isolation of the user data are provided by adopting different strategies of different user passwords, which is beneficial to establishing a safer encryption mechanism.
Description
Technical Field
The invention relates to a hardware encryption method, a system and a device based on distributed storage, and belongs to the technical field of data security.
Background
With the rapid construction and development of various information systems and data centers, the generated sensitive service data volume is more and more, and the distributed storage system solves the storage concentration, capacity, throughput and the like, but the storage is more and more concentrated and the value is more and more important, the internal and external security threat factors are more and more, the security risk is higher and higher, the data leakage event is endless, and the security problem of data storage is more and more prominent.
The security of the storage system comprises confidentiality and integrity, and the root of threatening the security of the stored data is that the data in the storage medium is stored in a plaintext way, so that an intruder can easily and illegally acquire or modify the data.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the problems and the defects in the prior art, the invention provides a hardware encryption method, a system and a device based on distributed storage.
The technical scheme is as follows: a hardware encryption method based on distributed storage comprises a password registration process, a file writing process to a disk process and a data reading process from the disk.
The password registration process comprises the following steps:
setting a password for a user, and calling an encryption card API to generate a secret key;
selecting three storage nodes by using a distributed algorithm, and storing the secret key to an encryption card on the nodes in a form of three copies; after the three key copies are successfully stored, returning a registration success message; storing the position of the encryption card of the user; the three copies include one master copy and two slave copies.
The file writing to disk process comprises the following steps:
reading and acquiring a user key through an encryption card API according to the position of an encryption card of a user;
slicing the user data, and calling an encryption card API to encrypt the data slices according to the user key;
the distributed storage system writes the encrypted data slice into a master copy and then synchronizes to two slave copies; and (5) dropping the data ciphertext onto a disk.
The data reading flow from the disk comprises the following steps:
reading and acquiring a user key through an encryption card API according to the position of an encryption card of a user; and reading the ciphertext data from the corresponding physical disk through the distributed file system, and decrypting the ciphertext data by using the corresponding key.
In the password registration process, the encryption card API and the encryption key are stored in the encryption card, the encryption card API and the encryption key belong to hardware encryption, an FPGA chip is used for encryption and storage, and software is difficult to crack.
In the process of storing the key, a distributed algorithm is adopted to select three servers in the distributed cluster as three storage nodes, and the encryption cards on the three servers are used as media for storing the three-copy key, so that the key can be uniformly distributed, and the reliability of the key can be ensured.
A hardware encryption system based on distributed storage comprises a password registration module, a module for writing files to a disk and a module for reading data from the disk.
The password registration module is used for creating a user through an interface of the management platform and setting a password for the user; calling an encryption card API to generate a secret key; selecting three storage nodes by using a distributed algorithm, wherein keys are respectively stored in the encryption cards on the nodes in a form of three copies, the three copies comprise a master copy and two slave copies, one key is stored on one node as the master copy, and the other two same keys are respectively stored on the other two nodes as the slave copies; the key is successfully stored in the primary copy, and a successful message is sent back to the management platform; the key is automatically stored to the encryption card from two copies; all three key copies are successfully stored, and a registration success message is returned to the management platform; and writing the position of the encryption card where the user is located into a management platform database.
Writing the file to a disk module, and reading and acquiring a user key through an encryption card API according to the position of an encryption card where a user is located; slicing user data, locally calculating storage positions of three copies, and directly communicating with Primary OSD; calling an encryption card API to encrypt the data slice according to the user key; sending the encrypted data slice to a client, writing a master copy by the client, and then synchronizing the master copy and the two slave copies; the master copy waits for ack messages and application messages of the slave copy; when the primary copy receives the ack message, the writing operation is written in the memory and is completed, and when the application message is received, the writing operation is written to the disk; the result is to drop the data cipher text onto disk.
The data reading module from the disk reads and acquires a user key through an encryption card API according to the position of an encryption card where a user is located; reading the sliced data from the appointed OSD through a distributed file system; and reading the ciphertext data from the corresponding physical disk, and decrypting the ciphertext data by using the corresponding key.
And the user key is stored on the encryption card after being encrypted by the encryption card. The password of the user has no problem of secret leakage. And the password has three copies, so that the reliability of the password is ensured.
The data is landed on the disk through the encryption card, namely, the ciphertext is stored on the disk. The data can be ensured not to be stolen under the condition that the physical medium of the hard disk is ensured to be stolen.
One user corresponds to one key, and the user key is used during data encryption, so that one user is encrypted, and the logical isolation between users is ensured to exist in an encrypted form.
A distributed storage based hardware encryption apparatus comprising a memory, at least one processor, and a computer program stored on the memory and executable on the processor, the processor executing the program to perform a distributed storage based hardware encryption method.
In the invention, the file stored in the hard disk is a ciphertext rather than a plaintext, and the loss of the storage medium can also ensure that the key data is not cracked, so that the loss is reduced to the minimum.
The invention provides the backup of the cipher card key, and the unavailability of user data caused by the problems of encryption and decryption can be avoided when the cipher card is damaged.
In the invention, each storage node adopts 2 or more cipher cards, the same data is respectively encrypted by two or more encryption cards, and then encrypted ciphertexts are compared, if the ciphertexts are the same, the ciphertexts pass, and if the ciphertexts fail, the multi-card verification is utilized, so that the integrity and the reliability of the stored data can be ensured; and the speed of encryption and decryption can be improved by utilizing multi-card parallel operation.
In the invention, the distributed algorithm adopts the distributed algorithm of the distributed storage, the difficulty of the algorithm is not increased, the stability of the original distributed system is not damaged, and meanwhile, the algorithm can be used on most distributed storage systems, thereby ensuring the universality of the algorithm.
Drawings
FIG. 1 is a registration flow diagram of an embodiment of the present invention;
FIG. 2 is a flow chart of writing a file to disk according to an embodiment of the present invention;
FIG. 3 is a flow chart of reading a file according to an embodiment of the present invention.
Detailed Description
The present invention is further illustrated by the following examples, which are intended to be purely exemplary and are not intended to limit the scope of the invention, as various equivalent modifications of the invention will occur to those skilled in the art upon reading the present disclosure and fall within the scope of the appended claims.
As shown in fig. 1 to 3, the embodiment provides a hardware encryption method and system based on distributed storage, which involves a client, a management node, and a storage cluster (including a master storage node and a slave storage node).
The client accesses the hardware of the distributed storage through the interface.
The management node is responsible for monitoring the distributed cluster, maintaining the health state of the cluster and maintaining various Map graphs in the cluster.
The storage cluster comprises all storage nodes for data storage, the hard disk serves as a separate storage space, and the raid card of the storage cluster is only used as a data channel.
Each storage node has 2 or more encryption cards for storing user keys, data encryption and decryption and double-card authentication.
The main storage node and the two slave storage nodes are respectively used as data three-copy storage spaces.
The hardware encryption method based on distributed storage specifically comprises the following steps:
a registration stage:
(1) the management node sets a user password;
(2) the management node calls an encryption card API to encrypt the user name and the password to form a key pair;
(3) the management node selects an encryption card storage key pair on three storage nodes through a distributed algorithm, wherein the three storage nodes are a main storage node and two slave storage nodes respectively;
(4) storing the key pair to an encryption card of the main storage node;
(5) the encryption card on the main storage node performs double-card verification on the key (the same data is respectively encrypted by two encryption cards, and then encrypted ciphertexts are compared, if the same data passes, the encrypted ciphertexts fail;
(6) returning the result of whether the key storage is successful to the management node;
(7) synchronizing the key pair to the encryption card of the slave storage node;
(8) performing double-card verification on storage from an encryption card on a storage node;
(9) returning the result of whether the key storage of the slave storage node is successful to the master storage node;
(10) returning a storage result of the storage key pair to the management node;
(11) the management node updates the key location database, i.e. writes the position of the user's encryption card into the key location database of the management node.
And writing the file to a disk stage:
(1) the client sends a user key taking request to the management node;
(2) the management node inquires a storage node where the user key is located through the key position database;
(3) the management node sends a key pair reading instruction on the encryption card to the storage node;
(4) the storage node returns the key pair to the management node;
(5) the management node returns the key pair to the client;
(6) the client slices the data according to a fixed size (default is 4MB, and the data can be modified in the system);
(7) the client sends a data writing application to the management node;
(8) the management node calls an original distributed algorithm of the system to calculate a storage position;
(9) encrypting the user fragment data by using a user key to realize one-user one-secret, and storing a ciphertext to a disk of a main storage node;
(10) carrying out double-card verification on the encrypted data on the main storage node;
(11) feeding back the result of whether the main storage node successfully stores to the management node;
(12) synchronizing master storage node data to the (two) slave storage nodes;
(13) performing double-card verification on the encrypted data on the secondary storage node (the same data are respectively encrypted by two encryption cards, and then encrypted ciphertexts are compared, if the data are the same, the ciphertexts pass, and if the data are different, the ciphertexts fail);
(14) feeding back the result of whether the slave storage node successfully stores to the master storage node;
(15) feeding back a result of whether the slave storage node successfully stores to the management node;
(16) and feeding back the storage result to the client.
And (3) a file reading stage:
(1) the client sends a user key taking request to the management node;
(2) the management node inquires the user key position through the key position database;
(3) sending a key pair reading instruction on an encryption card to a storage node in a storage cluster according to a user key position management node;
(4) the storage node returns the key pair to the management node;
(5) the management node returns the key pair to the client;
(6) a client sends a file reading request to a management node;
(7) the management node acquires (fragments) data storage positions through a distributed algorithm;
(8) reading fragment data (ciphertext) from a main storage node disk;
(9) decrypting the user sliced data by using the user key;
(10) returning the reading result to the management node;
(11) returning (fragmenting) plaintext data to the client;
(12) and synthesizing the fragment data into data required by the user.
The hardware encryption system based on distributed storage comprises a password registration module, a module for writing files to a disk and a module for reading data from the disk.
The password registration module is used for creating a user through an interface of the management platform and setting a password for the user; meanwhile, binding of the USBKey is supported; calling an encryption card API to generate a secret key; selecting three storage nodes by using a distributed algorithm, wherein keys are respectively stored in the encryption cards on the nodes in a three-copy mode, the three copies comprise a master copy and two slave copies, one key is stored on one node as the master copy, and the other two same keys are respectively stored on the other two nodes as the slave copies; the key is successfully stored in the primary copy, and a successful message is sent back to the management platform; the key is automatically stored to the encryption card from two copies; all three key copies are successfully stored, and a registration success message is returned to the management platform; and writing the position of the encryption card where the user is located into a management platform database.
Writing a file to a disk module, and reading and acquiring a user key through an encryption card API according to the position of an encryption card where a user is located; slicing user data, locally calculating storage positions of three copies, and directly communicating with Primary OSD; calling an encryption card API to encrypt the data slice according to the user key; sending the encrypted data slice to a client, writing a master copy by the client, and then synchronizing the master copy and the two slave copies; the master copy waits for ack messages and application messages of the slave copy; when the master copy receives the ack message, the write operation is described to be completed in the memory; receiving an application message, which indicates that the application message is written to the disk; and as a result, the data cipher text is landed on the disk.
A data reading module from the disk reads and acquires a user key through an encryption card API according to the position of an encryption card where a user is located; reading the sliced data from the appointed OSD through a distributed file system; and reading the ciphertext data from the corresponding physical disk, and decrypting the ciphertext data by using the corresponding key.
The user key is stored on the encryption card after being encrypted by the encryption card. The password of the user has no problem of secret leakage. And the password has three copies, so that the reliability of the password is ensured.
The data is landed on the disk through the encryption card, namely, the ciphertext is stored on the disk. The data can be ensured not to be stolen under the condition that the physical medium of the hard disk is ensured to be stolen.
The hardware encryption device based on the distributed storage comprises a memory, at least one processor and a computer program which is stored on the memory and can run on the processor, wherein the processor executes the program to execute the hardware encryption method based on the distributed storage.
Claims (10)
1. A hardware encryption method based on distributed storage is characterized by comprising a password registration process, a file writing process to a disk process and a data reading process from the disk;
the password registration process comprises the following steps:
setting a password for a user, and calling an encryption card API to generate a secret key;
selecting three storage nodes, and storing the secret key to an encryption card on the nodes in a form of three copies; after the three key copies are successfully stored, returning a registration success message; storing the position of the encryption card of the user; the three copies comprise a master copy and two slave copies;
the file writing to disk process comprises the following steps:
reading and acquiring a user key through an encryption card API according to the position of an encryption card of a user;
slicing the user data, and calling an encryption card API to encrypt the data slices according to the user key;
writing the encrypted data slice into a master copy, and then synchronizing the master copy and the slave copy to two slave copies; finally, the data ciphertext is landed on a magnetic disk;
the data reading flow from the disk comprises the following steps:
reading and acquiring a user key through an encryption card API according to the position of an encryption card of a user; and reading the ciphertext data from the corresponding physical disk, and decrypting the ciphertext data by using the corresponding key.
2. The hardware encryption method based on distributed storage according to claim 1, wherein in the password registration process, a user is created through an interface of a management platform, and a password is set for the user; and selecting three storage nodes from the distributed cluster by using a distributed algorithm.
3. The hardware encryption method based on distributed storage according to claim 1, wherein in the password registration process, the encryption card API and the secret key are both stored in the encryption card, and the user secret key is stored on the encryption card after being encrypted by the encryption card.
4. The hardware encryption method based on distributed storage according to claim 1, wherein in the file-to-disk flow, user data is sliced, and after the storage locations of three copies are calculated locally, the user data is communicated with Primary OSD directly; calling an encryption card API to encrypt the data slice according to the user key; the distributed storage system writes a master copy first and then synchronizes to two slave copies; the master copy waits for ack messages and application messages of the slave copy; when the primary copy receives the ack message, the write operation is completed by writing in the memory, and when the application message is received, the write operation is completed by writing to the disk.
5. A hardware encryption system based on distributed storage is characterized by comprising a password registration module, a file writing module and a data reading module, wherein the file writing module writes files to a disk module;
the password registration module is used for setting a password for a user; calling an encryption card API to generate a secret key; selecting three storage nodes by using a distributed algorithm, wherein keys are respectively stored in the encryption cards on the nodes in a form of three copies, the three copies comprise a master copy and two slave copies, one key is stored on one node as the master copy, and the other two same keys are respectively stored on the other two nodes as the slave copies; the key is successfully stored in the primary copy, and a successful message is sent back to the management platform; the key is automatically stored to the encryption card from two copies; all three key copies are successfully stored, and a registration success message is returned to the management platform; writing the position of the encryption card where the user is located into a management platform database;
writing the file to a disk module, and reading and acquiring a user key through an encryption card API according to the position of a user encryption card; slicing the user data, locally calculating storage positions of the three copies, and calling an encryption card API (application program interface) according to a user key to encrypt the data slices; sending the encrypted data slice to a client, writing a master copy by the client, and then synchronizing the master copy and the two slave copies;
the data reading module from the disk reads and acquires a user key through an encryption card API according to the position of a user encryption card; reading the sliced data from the appointed OSD through a distributed file system; and reading the ciphertext data from the corresponding physical disk, and decrypting the ciphertext data by using the corresponding key.
6. The hardware encryption system based on distributed storage according to claim 5, wherein the encryption card A PI and the encryption key are stored in the encryption card, and are encrypted and stored by the FPGA chip.
7. The hardware encryption system based on distributed storage according to claim 5, wherein one user corresponds to one key, and the user key is used for data encryption to realize one user and one secret.
8. The distributed storage based hardware encryption system of claim 5, wherein the system comprises clients, management nodes, storage clusters; the storage cluster includes a master storage node and a slave storage node.
9. The distributed storage based hardware encryption system of claim 5, wherein each storage node uses 2 or more cryptographic cards, and utilizes multi-card verification.
10. A hardware encryption apparatus based on distributed storage, comprising a memory, at least one processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to perform the hardware encryption method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110670841.3A CN113568568B (en) | 2021-06-15 | 2021-06-15 | Hardware encryption method, system and device based on distributed storage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110670841.3A CN113568568B (en) | 2021-06-15 | 2021-06-15 | Hardware encryption method, system and device based on distributed storage |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113568568A true CN113568568A (en) | 2021-10-29 |
| CN113568568B CN113568568B (en) | 2024-03-22 |
Family
ID=78162174
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110670841.3A Active CN113568568B (en) | 2021-06-15 | 2021-06-15 | Hardware encryption method, system and device based on distributed storage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113568568B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987513A (en) * | 2023-03-17 | 2023-04-18 | 山东浪潮科学研究院有限公司 | Distributed database fragment encryption and decryption methods, devices, equipment and medium |
| CN117319092A (en) * | 2023-11-29 | 2023-12-29 | 杭州海康威视数字技术股份有限公司 | Distributed key management method, device, password card and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917403A (en) * | 2010-07-23 | 2010-12-15 | 华中科技大学 | Distributed key management method for ciphertext storage |
| CN106775459A (en) * | 2016-11-28 | 2017-05-31 | 深圳市中博睿存科技有限公司 | A kind of safe distribution file system framework based on FT 1500A processors |
| CN108964911A (en) * | 2018-09-18 | 2018-12-07 | 苏州米特希赛尔人工智能有限公司 | A kind of stream media service system based on block chain and quantum flow data block technology |
| CN112487445A (en) * | 2020-11-25 | 2021-03-12 | 湖南麒麟信安科技股份有限公司 | Hadoop system with file type entrance guard type storage encryption function and application method thereof |
-
2021
- 2021-06-15 CN CN202110670841.3A patent/CN113568568B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917403A (en) * | 2010-07-23 | 2010-12-15 | 华中科技大学 | Distributed key management method for ciphertext storage |
| CN106775459A (en) * | 2016-11-28 | 2017-05-31 | 深圳市中博睿存科技有限公司 | A kind of safe distribution file system framework based on FT 1500A processors |
| CN108964911A (en) * | 2018-09-18 | 2018-12-07 | 苏州米特希赛尔人工智能有限公司 | A kind of stream media service system based on block chain and quantum flow data block technology |
| CN112487445A (en) * | 2020-11-25 | 2021-03-12 | 湖南麒麟信安科技股份有限公司 | Hadoop system with file type entrance guard type storage encryption function and application method thereof |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115987513A (en) * | 2023-03-17 | 2023-04-18 | 山东浪潮科学研究院有限公司 | Distributed database fragment encryption and decryption methods, devices, equipment and medium |
| CN115987513B (en) * | 2023-03-17 | 2023-06-20 | 山东浪潮科学研究院有限公司 | Distributed database fragment encryption and decryption methods, devices, equipment and media |
| CN117319092A (en) * | 2023-11-29 | 2023-12-29 | 杭州海康威视数字技术股份有限公司 | Distributed key management method, device, password card and system |
| CN117319092B (en) * | 2023-11-29 | 2024-02-09 | 杭州海康威视数字技术股份有限公司 | Distributed key management method, device, password card and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113568568B (en) | 2024-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9785785B2 (en) | Systems and methods for secure data sharing | |
| CN101854392B (en) | Personal data management method based on cloud computing environment | |
| CN103530201B (en) | A kind of secure data De-weight method and system being applicable to standby system | |
| AU2016203740B2 (en) | Simultaneous state-based cryptographic splitting in a secure storage appliance | |
| AU2011289239B2 (en) | Systems and methods for secure remote storage of data | |
| US12041166B2 (en) | Protecting data using controlled corruption in computer networks | |
| US9053130B2 (en) | Binary data store | |
| CN113568568B (en) | Hardware encryption method, system and device based on distributed storage | |
| CN106682521B (en) | File transparent encryption and decryption system and method based on driver layer | |
| CN103413100A (en) | File security protection system | |
| US8402278B2 (en) | Method and system for protecting data | |
| AU2015203172B2 (en) | Systems and methods for secure data sharing | |
| EP4028923A1 (en) | Method and system for securely sharing a digital file | |
| CN106649744B (en) | Log recording method and device | |
| CN115758447A (en) | Information security service processing and cluster generating method, electronic device and storage medium | |
| US8572401B1 (en) | Systems and methods for securing data of volume mirrors | |
| AU2021105507A4 (en) | Platform independent backup and restore for mobile devices using blockchain technology | |
| JP7086163B1 (en) | Data processing system | |
| CN101470643B (en) | Fixed hardware security unit backup and recovery method and system | |
| CN117785557A (en) | Data synchronous backup method and related equipment | |
| RU2481632C1 (en) | System and method of recovering password and encrypted data on mobile devices | |
| EP2648361A1 (en) | Binary data store |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |