CN114282189A - Data security storage method, system, client and server - Google Patents
Data security storage method, system, client and server Download PDFInfo
- Publication number
- CN114282189A CN114282189A CN202111627887.3A CN202111627887A CN114282189A CN 114282189 A CN114282189 A CN 114282189A CN 202111627887 A CN202111627887 A CN 202111627887A CN 114282189 A CN114282189 A CN 114282189A
- Authority
- CN
- China
- Prior art keywords
- client
- server
- hash value
- data
- authentication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The present disclosure provides a data security storage method, system, client and server, wherein the storage method comprises the following steps: the client acquires identity authentication information, extracts a hash value of the identity authentication information and transmits the hash value to the server; the server verifies the hash value of the identity authentication information sent by the client; when the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext. According to the method, the data are encrypted at a software level, the key verification and the data encryption and decryption operations are all performed at the client side, all network transmission is ciphertext, the server stores the ciphertext, and the data can be safely stored in a relatively unreliable server environment, so that the safety of core data is ensured.
Description
Technical Field
The disclosure relates to the technical field of big data storage, in particular to a method, a system, a client and a server for safely storing data.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
With the gradual popularization of the application of the internet and the internet of things, the data volume is growing faster and faster, and the cloud storage of enterprise data also becomes a trend, so that how to safely store the data becomes a relatively important subject, although the infrastructure of cloud computing provides a certain degree of safety guarantee, if the system data is stolen, huge loss is undoubtedly brought.
The cloud storage is an important service type provided by a cloud service provider for a user, and as the user stores data in the cloud, the transparency of the cloud service enables the user to lose management and control of the data, and meanwhile, the credibility of the cloud service provider is not easy to evaluate and guarantee, a safety mechanism of the cloud storage service needs to be established to ensure the safety of the user data when the user widely uses the cloud storage service. At present, data leakage events on the internet emerge endlessly, and under the current technical environment, a set of transparent and reliable safety guarantee mechanism does not exist, so that the safety of data storage is ensured, the trust crisis between a user and a service provider is caused, and the development of big data and the internet of things is restricted.
Disclosure of Invention
In order to solve the above problems, the present disclosure provides a method, a system, a client, and a server for secure storage of data, where data may be securely stored in a relatively unreliable server environment by software-level encryption, so as to ensure security of core data.
In order to achieve the purpose, the following technical scheme is adopted in the disclosure:
one or more embodiments provide a data secure storage method, including the steps of:
the client acquires identity authentication information, extracts a hash value of the identity authentication information and transmits the hash value to the server;
the server verifies the hash value of the identity authentication information sent by the client;
when the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
One or more embodiments provide a data security storage system, characterized by: the data interaction method between the server and the client adopts the data security storage method.
One or more embodiments provide a data secure storage method, including the steps of:
the server acquires a hash value which is sent by the client and extracted according to the identity authentication information;
the server verifies the hash value of the identity authentication information sent by the client;
when the verification is passed, if the data sent by the client side is received, the server stores the data; and if the data query request is received, the server searches data according to the query request and sends the searched data to the client.
One or more embodiments provide a data secure storage method, including the steps of:
the client acquires the identity authentication information, extracts the hash value of the identity authentication information and transmits the hash value to the server so that the server can verify the hash value according to the identity authentication information;
if the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
One or more embodiments provide a server that performs a data security storage method as described above.
One or more embodiments provide a client that performs a data security storage method as described above.
Compared with the prior art, the beneficial effect of this disclosure is:
according to the data security storage method, the system, the client and the server, key verification and data encryption and decryption operations are performed locally at the client, all network transmission is ciphertext, and the server stores the ciphertext. Even if the server data is acquired by unauthorized people, an attacker can only take the one-way hash result of the ciphertext and the key, the key cannot be leaked, and the data is safe. In addition, even if the communication certificate is tampered under a special condition, the data cannot be decrypted by a man-in-the-middle without the secret key at the moment, and the safety of data storage is improved.
Advantages of the present disclosure, as well as advantages of additional aspects, will be described in detail in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure and not to limit the disclosure.
Fig. 1 is a schematic flow chart of a data storage method according to embodiment 1 of the present disclosure;
FIG. 2 is a flow chart of a data storage method according to embodiment 1 of the disclosure;
FIG. 3 is a schematic flow chart of a data storage method according to embodiment 2 of the present disclosure;
fig. 4 is a schematic flow chart of a data storage method according to embodiment 3 of the present disclosure.
The specific implementation mode is as follows:
the present disclosure is further described with reference to the following drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise. It should be noted that, in the case of no conflict, the embodiments and features in the embodiments in the present disclosure may be combined with each other. The embodiments will be described in detail below with reference to the accompanying drawings.
Explanation of technical terms
Sha-256: sha is a standard algorithm of secure hash, sha-2 is an upgraded version of sha, sha-256 is a type of sha2, 256-bit hash value 32B can be generated, and the method is mainly used for normalizing the password length and does not relate to the secure part of the core.
Argon 2: belong to a class of key derivation functions, based on AES implementation, including three classes, Argon2d, Argon2i, Argon2id, where Argon2d can maximally resist GPU cracking attack, Argon2i is specially optimized to resist side channel attack, Argon2id is a mixed version, following the Argon2i method when the first half passes through memory, and following the Argon2d method in subsequent traversal, both advantages. The present disclosure employs the Argon2id method to enable secure storage of keys.
AES is called advanced encryption standard, is a replacement version of DES, belongs to a mainstream algorithm in symmetric encryption, mainly considers the high efficiency performance of encrypting a large amount of data, and is divided into: in the disclosure, AES-GCM is selected as a data encryption algorithm, and 256 bits with longer key length are selected to improve the security.
HTTPS: the full-name hypertext transfer security protocol (HTTPS), also known as http over TLS, is a transport protocol for secure communication over a computer network, and HTTPS provides identity authentication for a web server to protect privacy and integrity of exchanged data.
The content comprises two parts, namely user information verification and data storage safety, on one hand, the data resources can be accessed only after permission verification is passed, on the other hand, the data resources are encrypted by adopting a user key, and can be automatically decrypted only after the permission verification is passed, even if system data is leaked, other people cannot decrypt the data, and the data are still safe. The following examples are given by way of illustration.
Example 1
As shown in fig. 1 and 2, a data security storage system of this embodiment includes at least one server and one client, and the server and the client perform network communication to implement mutual data transmission.
In one or more embodiments, as shown in fig. 1, a data secure storage method is used for implementing data interaction between a server and a client in a system and implementing secure storage of data, and includes the following steps:
step 1, a client acquires identity authentication information, extracts a hash value of the identity authentication information and transmits the hash value to a server;
step 2, the server verifies the hash value of the identity authentication information sent by the received client;
step 3, when the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
In this embodiment, all the key verification and data encryption and decryption operations are performed locally at the client, all network transmission is ciphertext, and server storage is also ciphertext. Even if the server data is acquired by unauthorized people, an attacker can only take the one-way hash result of the ciphertext and the key, the key cannot be leaked, and the data is safe. In addition, even if the communication certificate is tampered under a special condition, the data cannot be decrypted by a man-in-the-middle without the secret key at the moment, and the safety of data storage is improved.
Further comprising the step for information initialization:
step 41, the client binds the client and the user information and receives the identity setting information input by the user;
step 42, the client generates a random (salt) salt value string according to the input identity setting information and verifies the identity of the user;
the method for verifying the user identity may specifically be verification through a short message service or a mailbox.
Step 43, after the verification is passed, the client side generates a one-way secret key by using the acquired identity setting information through a sha-256 algorithm;
step 44, the client calculates the final authorized Hash value, namely the Auth Hash value, by using the key (key) and the salt (salt) through an Argon2 key derivation algorithm;
and step 45, the client sends the obtained salt value (salt) and the authorized Hash value (Auth Hash value) to the server for storage.
The specific process may be as follows: when a user uses the equipment for the first time, the user can register an account and bind the equipment through mailbox information and mobile phone information, and simultaneously set a user name and a password, the program automatically generates a random (salt) salt value string locally, the identity of the user is confirmed to be correct through a mailbox or a mobile phone verification code, the input of the user generates a one-way key through a sha-256 algorithm, then a final Auth Hash value is calculated through the key and the salt (salt) by adopting an Argon2 key derivation algorithm, and the salt and the Auth Hash are safely transmitted to a server for storage through an HTTPS protocol. If the original account is used by the replacement equipment, the service side can issue the salt value after the identity (such as a mailbox and a mobile phone number) is still required to be verified.
Optionally, in step 1, the method for acquiring the identity authentication information and extracting the hash value of the identity authentication information by the client specifically includes:
step 11, calculating to obtain a secret key by a secure hash standard algorithm aiming at the identity authentication information;
specifically, the secure hash standard algorithm may adopt a sha-256 algorithm;
the key is used for authentication of the user and encryption and decryption operations of data.
And step 12, obtaining a generated Hash value by adopting a Hash algorithm aiming at the obtained key. The Hash value is the Hash value.
Alternatively, the hash algorithm may use a key derivation function, and specifically, may use an Argon2 algorithm.
The identity authentication information may be a user name and password information input by a client to be authorized.
In step 2, the server verifies the hash value of the received identity authentication information sent by the client, and the method comprises the following steps:
and step 21, the client acquires the identity setting information, extracts the authorized hash value of the identity setting information, and transmits the authorized hash value to the server for storage.
The identity setting information may include a user name and a password initially set by the client.
And step 22, the server compares the hash value of the identity authentication information with a pre-stored authorized hash value, if the hash value is consistent with the pre-stored authorized hash value, the authentication is passed, otherwise, the authentication is not passed, and the server refuses to access.
Optionally, the client and the server use an HTTPS protocol for data transmission.
In this embodiment, the specific process of authorization in steps 1 and 2 is as follows: the user inputs a user name and password information at the client, a key (key) is calculated at the client through a sha-256 algorithm, and the key is used for authentication of the user and encryption and decryption operation of data. And then, the key calculates a Hash value for authentication through a local pre-stored salt value (salt) by an Argon2 key derivation algorithm, and finally, the Hash value is safely transmitted to the server through an HTTPS protocol and is compared with Auth Hash stored by the server, if the comparison is passed, authorization is passed, otherwise, authorization fails and access is denied.
If the user does not locally have the pre-stored salt value, the initialization is carried out again to obtain the salt value from the server. The account is generated locally and stored to the server when it is registered for the first time. The salt value can be changed, in order to improve the security, the data can be supported to be encrypted again, the salt value is generated again at the moment, and the salt value can be executed by the user regularly or when the password is modified.
In step 3, the method is a method for storing or/and inquiring data.
Optionally, the client encrypts the data to obtain the ciphertext, and may encrypt the plaintext data by using a sha-256 key through an AES-GCM-256 algorithm to generate the ciphertext. Specifically, the following is:
key=sha256(password)
ciphertext=AES-GCM-256-Seal(plaintext,key,salt)
wherein password is the password, key is the key, play is the plaintext, salt is the salt, and cipertext is the ciphertext.
And after verification, the server authorizes the client, an authorized user can acquire the ciphertext through the server, the ciphertext is transmitted to the client through https, and the client can decrypt the ciphertext by using the encrypted sha-256 key, so that the original data plaintext can be seen.
The method for decrypting the ciphertext stored by the server side is used for decrypting the ciphertext by the AES-GCM-256 algorithm to generate the plaintext, and is the reverse process of the encryption process, and comprises the following steps:
and finally obtaining a plaintext according to the key, the salt value and the ciphertext:
Plaintext=AES-GCM-256-Open(ciphertext,key,salt)
example 2
Based on embodiment 1, this embodiment provides a data secure storage method, which can be implemented in a server, as shown in fig. 3, and includes the following steps:
step 1, a server acquires a hash value which is sent by a client and extracted according to identity authentication information;
step 2, the server verifies the hash value of the identity authentication information sent by the received client;
step 3, when the verification is passed, if the data sent by the client side is received, the server stores the data; and if the data query request is received, the server searches data according to the query request and sends the searched data to the client.
In step 1, the method for extracting the hash value according to the identity authentication information includes the following steps:
step 11, calculating to obtain a secret key by a secure hash standard algorithm aiming at the identity authentication information;
specifically, the secure hash standard algorithm may adopt a sha-256 algorithm;
the key is used for authentication of the user and encryption and decryption operations of data.
And step 12, obtaining a generated Hash value by adopting a Hash algorithm aiming at the obtained key. The Hash value is the Hash value.
Alternatively, the hash algorithm may use a key derivation function, and specifically, may use an Argon2 algorithm.
The identity authentication information may be a user name and password information input by a client to be authorized.
The method for verifying the hash value of the identity authentication information sent by the client comprises the following steps: comparing the hash value of the identity authentication information with a pre-stored authorized hash value, if the identity authentication information is consistent with the pre-stored authorized hash value, passing the authentication, and otherwise, not passing the authentication, and refusing the access of the server;
the authorized hash value is obtained according to identity setting information which is initially stored by a client for the first time, and can be obtained at a client and transmitted to a server for storage, and the method comprises the following steps:
step 21, generating a random (salt) salt value string according to the input identity setting information;
step 22, generating a one-way key by the obtained identity setting information through a sha-256 algorithm;
and step 23, calculating a final authorized Hash value, namely an Auth Hash value, of the key (key) and the salt (salt) by adopting an Argon2 key derivation algorithm.
Example 3
Based on embodiment 1, this embodiment provides a data secure storage method, which can be implemented in a client, as shown in fig. 4, and includes the following steps:
step 1, a client acquires identity authentication information, extracts a hash value of the identity authentication information, and transmits the hash value to a server so that the server can verify according to the hash value of the identity authentication information;
step 2, if the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
Further comprising the step for information initialization:
step 31, the client binds the client and the user information and receives the identity setting information input by the user;
step 32, the client generates a random (salt) salt value string according to the input identity setting information and verifies the identity of the user;
the method for verifying the user identity may specifically be verification through a short message service or a mailbox.
Step 33, after the user identity authentication is passed, the client side generates a one-way secret key by using the acquired identity setting information through the sha-256 algorithm;
step 34, the client calculates a final authorized Hash value, namely an Auth Hash value, by using the key (key) and the salt (salt) through an Argon2 key derivation algorithm;
and step 35, the client sends the obtained salt value (salt) and the authorized Hash value (Auth Hash value) to the server for storage.
Optionally, in step 1, the method for acquiring the identity authentication information and extracting the hash value of the identity authentication information by the client specifically includes:
step 11, calculating to obtain a secret key by a secure hash standard algorithm aiming at the identity authentication information;
specifically, the secure hash standard algorithm may adopt a sha-256 algorithm;
the key is used for authentication of the user and encryption and decryption operations of data.
And step 12, obtaining a generated Hash value by adopting a Hash algorithm aiming at the obtained key. The Hash value is the Hash value.
Alternatively, the hash algorithm may use a key derivation function, and specifically, may use an Argon2 algorithm.
The identity authentication information may be a user name and password information input by a client to be authorized.
In step 2, the method is a method for storing or/and inquiring data.
Optionally, the client encrypts the data to obtain the ciphertext, and may encrypt the plaintext data by using a sha-256 key through an AES-GCM-256 algorithm to generate the ciphertext. Specifically, the following is:
key=sha256(password)
ciphertext=AES-GCM-256-Seal(plaintext,key,salt)
wherein password is the password, key is the key, play is the plaintext, salt is the salt, and cipertext is the ciphertext.
And after verification, the server authorizes the client, an authorized user can acquire the ciphertext through the server, the ciphertext is transmitted to the client through https, and the client can decrypt the ciphertext by using the encrypted sha-256 key, so that the original data plaintext can be seen.
The method for decrypting the ciphertext stored by the server side is used for decrypting the ciphertext through the AES-GCM-256 algorithm to generate the plaintext, and is the reverse process of the encryption process, and comprises the following steps:
and finally obtaining a plaintext according to the key, the salt value and the ciphertext:
Plaintext=AES-GCM-256-Open(ciphertext,key,salt)
example 4
Based on embodiment 2, this embodiment provides a server, and the server executes the method described in embodiment 2.
Example 5
Based on embodiment 3, this embodiment provides a client, and the client executes the method described in embodiment 3
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Although the present disclosure has been described with reference to specific embodiments, it should be understood that the scope of the present disclosure is not limited thereto, and those skilled in the art will appreciate that various modifications and changes can be made without departing from the spirit and scope of the present disclosure.
Claims (10)
1. A data security storage method is characterized by comprising the following steps:
the client acquires identity authentication information, extracts a hash value of the identity authentication information and transmits the hash value to the server;
the server verifies the hash value of the identity authentication information sent by the client;
when the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
2. A method of securely storing data as claimed in claim 1, wherein:
further comprising the step for information initialization:
the client binds the client and the user information and receives the identity setting information input by the user;
the client generates a random salt value string according to the input identity setting information and verifies the identity of the user;
after the authentication is passed, the client side generates a one-way secret key by the obtained identity setting information through a sha-256 algorithm;
the client calculates the final authorized hash value by adopting an Argon2 key derivation algorithm for the key and the salt value;
and the client sends the obtained salt value and the authorized hash value to the server for storage.
3. A method of securely storing data as claimed in claim 1, wherein:
the method for the client to acquire the identity authentication information and extract the hash value of the identity authentication information comprises the following steps:
calculating by a secure hash standard algorithm aiming at the identity authentication information to obtain a secret key;
obtaining a generated hash value by adopting a hash algorithm aiming at the obtained key;
or, the server verifies the hash value of the received identity authentication information sent by the client, and the method comprises the following steps:
the client acquires the identity setting information, extracts the authorized hash value of the identity setting information, and transmits the authorized hash value to the server for storage;
the server compares the hash value of the identity authentication information with a pre-stored authorized hash value, if the identity authentication information is consistent with the pre-stored authorized hash value, the authentication is passed, otherwise, the authentication is not passed, and the server refuses to access;
or, the method for the client to encrypt the data to obtain the ciphertext comprises the following steps: encrypting plaintext data by using a sha-256 key through an AES-GCM-256 algorithm to generate a ciphertext;
or the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext through the AES-GCM-256 algorithm to generate the plaintext.
4. A data security storage system is characterized in that: the method comprises at least one server and a client, wherein the data interaction method between the server and the client adopts a data security storage method as claimed in any one of claims 1-3.
5. A data security storage method is characterized by comprising the following steps:
the server acquires a hash value which is sent by the client and extracted according to the identity authentication information;
the server verifies the hash value of the identity authentication information sent by the client;
when the verification is passed, if the data sent by the client side is received, the server stores the data; and if the data query request is received, the server searches data according to the query request and sends the searched data to the client.
6. A method of securely storing data as claimed in claim 5, wherein:
the method for extracting the hash value according to the identity authentication information comprises the following steps:
calculating by a secure hash standard algorithm aiming at the identity authentication information to obtain a secret key;
obtaining a generated hash value by adopting a hash algorithm aiming at the obtained key;
or, the authorized hash value is obtained according to identity setting information initially stored by the client for the first time, and the method comprises the following steps:
generating a random salt value string according to the input identity setting information;
generating a one-way key by using the obtained identity setting information through a sha-256 algorithm;
the key (key) and the salt string are used to compute the final authorized hash value using the Argon2 key derivation algorithm.
7. A data security storage method is characterized by comprising the following steps:
the client acquires the identity authentication information, extracts the hash value of the identity authentication information and transmits the hash value to the server so that the server can verify the hash value according to the identity authentication information;
if the verification is passed, the client sends the encrypted data cipher text to the server for storage; or/and the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext.
8. A method of securely storing data as claimed in claim 7, wherein:
further comprising the step for information initialization:
the client binds the client and the user information and receives the identity setting information input by the user;
the client generates a random salt value string according to the input identity setting information and verifies the identity of the user;
the client side generates the obtained identity setting information into a one-way secret key through a sha-256 algorithm after the user identity passes the authentication;
the client calculates the final authorized hash value by adopting an Argon2 key derivation algorithm for the key and the salt value;
the client sends the obtained salt value and the authorized hash value to a server for storage;
or, the method for the client to obtain the identity authentication information and extract the hash value of the identity authentication information specifically comprises the following steps:
calculating by a secure hash standard algorithm aiming at the identity authentication information to obtain a secret key;
obtaining a generated hash value by adopting a hash algorithm aiming at the obtained key;
or, the method for the client to encrypt the data to obtain the ciphertext comprises the following steps: encrypting plaintext data by using a sha-256 key through an AES-GCM-256 algorithm to generate a ciphertext;
or the client side obtains the ciphertext stored by the server side and then decrypts the ciphertext through the AES-GCM-256 algorithm to generate the plaintext.
9. A server, characterized by: the server executes a data secure storage method of claim 5 or 6.
10. A client, characterized by: the client executes a data secure storage method of claim 7 or 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111627887.3A CN114282189A (en) | 2021-12-28 | 2021-12-28 | Data security storage method, system, client and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111627887.3A CN114282189A (en) | 2021-12-28 | 2021-12-28 | Data security storage method, system, client and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114282189A true CN114282189A (en) | 2022-04-05 |
Family
ID=80877103
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111627887.3A Pending CN114282189A (en) | 2021-12-28 | 2021-12-28 | Data security storage method, system, client and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114282189A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116090024A (en) * | 2023-02-06 | 2023-05-09 | 山东昱鑫信息科技有限公司 | Reliable data storage device, system and method |
-
2021
- 2021-12-28 CN CN202111627887.3A patent/CN114282189A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116090024A (en) * | 2023-02-06 | 2023-05-09 | 山东昱鑫信息科技有限公司 | Reliable data storage device, system and method |
| CN116090024B (en) * | 2023-02-06 | 2024-01-30 | 上海泰锟医药技术有限公司 | Reliable data storage device, system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9847882B2 (en) | Multiple factor authentication in an identity certificate service | |
| WO2019020051A1 (en) | Method and apparatus for security authentication | |
| CN111464301B (en) | Key management method and system | |
| CA2913444C (en) | System and method for user authentication | |
| US20130145447A1 (en) | Cloud-based data backup and sync with secure local storage of access keys | |
| US8321924B2 (en) | Method for protecting software accessible over a network using a key device | |
| CN108809633B (en) | Identity authentication method, device and system | |
| CN103248479A (en) | Cloud storage safety system, data protection method and data sharing method | |
| CN108418691A (en) | Dynamic network identity identifying method based on SGX | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| KR100860573B1 (en) | Method for User Authentication | |
| WO2016054905A1 (en) | Method for processing data | |
| CN109525565B (en) | Defense method and system for short message interception attack | |
| CN110677382A (en) | Data security processing method, device, computer system and storage medium | |
| JP6627043B2 (en) | SSL communication system, client, server, SSL communication method, computer program | |
| CN115632880B (en) | Reliable data transmission and storage method and system based on state cryptographic algorithm | |
| WO2008053279A1 (en) | Logging on a user device to a server | |
| CN110572392A (en) | Identity authentication method based on HyperLegger network | |
| CN114282189A (en) | Data security storage method, system, client and server | |
| CN109412799B (en) | System and method for generating local key | |
| CN116244750A (en) | Secret-related information maintenance method, device, equipment and storage medium | |
| CN102098282B (en) | Secure encryption method for database | |
| KR20090024482A (en) | Key management system for using content and method thereof | |
| CN112637169A (en) | Passive NFC cloud lock encryption method | |
| CN111447060A (en) | Electronic document distribution method based on proxy re-encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |