CN114844637B - Innovative application method based on quantum encryption technology in cloud network fusion - Google Patents

Innovative application method based on quantum encryption technology in cloud network fusion Download PDF

Info

Publication number
CN114844637B
CN114844637B CN202210758661.5A CN202210758661A CN114844637B CN 114844637 B CN114844637 B CN 114844637B CN 202210758661 A CN202210758661 A CN 202210758661A CN 114844637 B CN114844637 B CN 114844637B
Authority
CN
China
Prior art keywords
data
risk
coefficient
quantum
intrusion
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210758661.5A
Other languages
Chinese (zh)
Other versions
CN114844637A (en
Inventor
吴杰
李德聪
陈乃杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Suanxun Technology Co ltd
Original Assignee
Beijing Suanxun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Suanxun Technology Co ltd filed Critical Beijing Suanxun Technology Co ltd
Priority to CN202210758661.5A priority Critical patent/CN114844637B/en
Publication of CN114844637A publication Critical patent/CN114844637A/en
Application granted granted Critical
Publication of CN114844637B publication Critical patent/CN114844637B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Electromagnetism (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an innovative application method in cloud network fusion based on a quantum encryption technology, which comprises the following steps of establishing communication connection between a cloud server and a terminal server; the cloud server sends a quantum encryption communication connection request to the terminal server; thirdly, the terminal server responds to the encrypted communication connection request of the cloud server and sends information agreeing to establish quantum encrypted communication connection to the cloud server; the cloud server encrypts plaintext data to be transmitted through the quantum key to obtain ciphertext data, and sends the ciphertext data to the terminal server; and sixthly, in the quantum encryption communication transmission process, the identification module analyzes and identifies the request data and judges the security level of the intrusion data.

Description

Innovative application method based on quantum encryption technology in cloud network fusion
Technical Field
The invention relates to the technical field of cloud network fusion, in particular to an innovative application method based on a quantum encryption technology in cloud network fusion.
Background
The cloud Network convergence architecture system is an architecture system which is used for decoupling a logic Network and a physical Network by combining an SDN (Software Defined Network) technology and an Overlay Network to realize Network function virtualization and Network control centralization, and specifically, the decoupling process is to perform layout configuration on a virtual Network Software layer through SDN Software without performing complicated physical configuration on a bottom layer.
In the prior art, a quantum encryption transmission system comprises audio acquisition terminals, communication gateways, a data communication network, a classic network server based on a cloud platform and a quantum key network server, wherein the classic network server based on the cloud platform and the quantum key network server are connected with a plurality of communication gateways through the data communication network, the communication gateways are connected with at least one audio acquisition terminal, and the system neglects the threat of third-party interference and lacks a related third-party interference judgment structure when quantum encryption is transmitted.
Disclosure of Invention
The invention aims to solve the problems of the background technology and provides an innovative application method based on a quantum encryption technology in cloud network fusion.
The purpose of the invention can be realized by the following technical scheme:
an innovative application method based on quantum encryption technology in cloud network fusion comprises the following steps:
step one, a cloud server and a terminal server establish communication connection; the cloud server sends a quantum encryption communication connection request to the terminal server;
the terminal server responds to the encrypted communication connection request of the cloud server and sends information agreeing to establish quantum encrypted communication connection to the cloud server;
the cloud server encrypts plaintext data to be transmitted through the quantum key to obtain ciphertext data, and sends the ciphertext data to the terminal server;
and step four, in the quantum encryption communication transmission process, the identification module analyzes and identifies the request data and judges the security level of the request data.
As a further scheme of the invention: in the fourth step, a module is identified; and acquiring request data within preset time, analyzing according to the request data, and judging whether third party interception or stealing occurs.
As a further scheme of the invention: the identification module comprises a data acquisition unit, the data acquisition unit is used for acquiring index information of the request data, the index information comprises an account name of a user A1, registration time A2, registration IP A3 and an identification code of a registered mobile phone A4; and data feature extraction is carried out on the collected index information.
As a further scheme of the invention: the identification module also comprises a data processing unit which obtains the characteristic value of the account name of
Figure 592367DEST_PATH_IMAGE001
1. Feature of registration timeHas a value of
Figure 681545DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 335381DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 826405DEST_PATH_IMAGE001
And 4, analyzing, sending the data to a database for storage, and obtaining a corresponding signal according to the analyzed data.
As a further scheme of the invention: the identification module also comprises a data analysis unit, and the data analysis unit judges that the request data is in a high risk state when the acquired high risk intrusion data coefficient is acquired, and judges that the request data is in a low risk state when the acquired low risk intrusion data coefficient is acquired; then, respectively collecting the characteristic values of the corresponding account names as
Figure 274704DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 851178DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 544590DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 155700DEST_PATH_IMAGE001
4, performing each analysis to generate a complexity signal of the risk intrusion data.
As a further scheme of the invention: the identification module also comprises a data early warning unit for receiving the risk coefficient analyzed by the data processing unit
Figure 40480DEST_PATH_IMAGE002
And the data complexity signals obtained by the corresponding data analysis units are in one-to-one correspondence to carry out intrusionAnd early warning is carried out, and the early warning is sent to a corresponding network security computer for targeted analysis.
As a further scheme of the invention: the data feature extraction method specifically comprises the following steps:
step 1: recording the average value of the abnormal node characteristics of the index information data as
Figure 104250DEST_PATH_IMAGE003
Wherein m is the total number of the average values of the data abnormal node characteristics, and T is a transposition matrix;
step 2: according to
Figure 601353DEST_PATH_IMAGE004
Forming a data feature matrix
Figure 66970DEST_PATH_IMAGE005
Wherein F is the degree of correlation of matrix elements, and is obtained by
Figure 122650DEST_PATH_IMAGE006
]As elements in a matrix; comparing normal data according to the data characteristics, wherein the corresponding relation is as follows:
Figure 142559DEST_PATH_IMAGE007
(ii) a In the formula: g T Is a normal data feature matrix;
and step 3: according to the calculation result, the difference of the extracted abnormal node features is as follows:
Figure 207467DEST_PATH_IMAGE008
and 4, step 4: by combining the above formulas, the data characteristics are as follows:
Figure 262011DEST_PATH_IMAGE009
(ii) a In the formula: k is a matrix element at any position in the data characteristic matrix;
Figure 724478DEST_PATH_IMAGE010
for data exception sectionA weighted value of the point feature;
and 5: the method for extracting the data features can sequentially calculate the characteristic value of the account name as
Figure 762841DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 100282DEST_PATH_IMAGE001
2. Characteristic value of the registered IP is
Figure 71649DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 970597DEST_PATH_IMAGE001
4。
As a further scheme of the invention: the specific analysis process of the data processing unit is as follows:
step 1: according to the formula
Figure 230677DEST_PATH_IMAGE011
Calculating a risk factor of the requested data
Figure 106229DEST_PATH_IMAGE012
A1, a2, a3 and a4 are proportionality coefficients,
Figure 400944DEST_PATH_IMAGE013
the value of the error correction factor is 1.16;
step 2: risk coefficient to be obtained
Figure 703750DEST_PATH_IMAGE014
Comparing with a risk factor threshold: if risk factor
Figure 716705DEST_PATH_IMAGE015
If the risk coefficient is more than or equal to the threshold value of the risk coefficient, judging the request data as high-risk intrusion data, and determining the risk coefficient
Figure 897413DEST_PATH_IMAGE015
Marking the high-risk intrusion data coefficients, and sending the high-risk intrusion data coefficients to a processor; if risk factor
Figure 46634DEST_PATH_IMAGE014
If the risk coefficient threshold value is less than the threshold value, the request data is judged to be low risk intrusion data, and the corresponding risk coefficient is determined
Figure 785920DEST_PATH_IMAGE012
Marking as a low-risk intrusion data coefficient, and sending the low-risk intrusion data coefficient to a processor;
and step 3: and after receiving the high-risk intrusion data coefficient or the low-risk intrusion data coefficient, the processor generates a data characteristic analysis signal and sends the data characteristic analysis signal to the data analysis unit.
As a further scheme of the invention: the specific analysis process of the data analysis unit is as follows:
step 1: collecting a characteristic value of normal safety data as a training data set Y, and calculating a clustering center of Y by adopting a clustering algorithm aiming at the selected data set Y;
step 2: acquiring a characteristic value Z to be detected, calculating the distance from Z to each clustering center of Y, and arranging calculation results of distances H in a sequence from small to large to obtain a minimum distance H, so as to obtain a closest class C corresponding to the minimum distance H;
and step 3: determining cluster radius R of the nearest class; calculating the distance from C to each cluster center of Y, and the mean b and standard deviation d of the distances;
and 4, step 4: determine if H is greater than b + Rd, which
Figure 755013DEST_PATH_IMAGE016
(ii) a If H is larger than b + Rd, the complexity of the risk intrusion data is high, and if H is smaller than b + Rd, the complexity of the risk intrusion data is low, and a data complexity signal is correspondingly generated.
The invention has the beneficial effects that:
(1) according to the invention, the quantum secret communication technology is adopted to encrypt the cloud network fusion data transmission process, and the protective layer of the key is destroyed by detecting eavesdropping in the communication process according to the information interference theory and the Heisenberg uncertainty principle, so that the two transmission parties can know the existence of the eavesdropper and the quantity of the information intercepted by the eavesdropper, and the security of the cloud network fusion data transmission is ensured;
(2) the invention also provides an identification module which is used for carrying out high-efficiency analysis on the invaded data by acquiring, processing, analyzing and early warning the request data, judging the danger and the complexity of the invaded data and providing a safety analysis function for the application of the quantum encryption technology in the cloud network fusion.
Drawings
The invention will be further described with reference to the accompanying drawings.
FIG. 1 is a system block diagram of the innovative application system of the present invention;
FIG. 2 is a system block diagram of the identification module of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
Referring to fig. 1 and 2, the present invention is an innovative application system based on quantum cryptography in cloud network convergence, including a cloud server, a quantum cryptography module, an identification module, and a terminal server;
the cloud server is in communication connection with the terminal server through the quantum encryption module, and an identification module is arranged between the cloud server and the terminal server;
the quantum encryption module carries out quantum encryption processing on the transmission data of the cloud server; the quantum encryption module adopts a quantum secret communication technology, the quantum secret communication technology is a brand-new safe communication system provided based on the close combination of quantum mechanics and cryptography, and the quantum secret communication system mainly utilizes the physical characteristics of quantum state irreproducibility, single quantum inseparable and the like to provide theoretically unconditional safe communication for two communication parties. It enables both parties of communication to produce and share a randomly generated security key to encrypt and decrypt information; according to the quantum unclonable principle, the known quantum state cannot be accurately copied, namely, an eavesdropper cannot copy the same 'secret key' to correspondingly decode the encrypted information; according to the information interference theory and the Heisebarg uncertainty principle, any eavesdropping in the communication process can destroy the protective layer of the secret key, so that the two transmission parties can know the existence of the eavesdropper and the quantity of information intercepted by the eavesdropper;
an identification module; acquiring request data within preset time, analyzing according to the request data, and judging whether third party interception or stealing occurs;
the identification module specifically comprises a data acquisition unit, a data processing unit, a data analysis unit and a data early warning unit;
the data acquisition unit is used for acquiring index information of the request data, and the index information can comprise an account name of a user recorded as A1, registration time recorded as A2, registration IP recorded as A3 and an identification code of a registered mobile phone recorded as A4; data feature extraction is carried out on the collected index information;
the data feature extraction method specifically comprises the following steps:
step 1: recording the average value of the abnormal node characteristics of the index information data as
Figure 237947DEST_PATH_IMAGE003
Wherein m is the total number of the average values of the data abnormal node characteristics, and T is a transposition matrix;
step 2: according to
Figure 731421DEST_PATH_IMAGE017
Forming a data feature matrix
Figure 641609DEST_PATH_IMAGE005
Wherein F is the degree of correlation of matrix elements, and is obtained by
Figure 363577DEST_PATH_IMAGE018
]As elements in a matrix; comparing normal data according to the data characteristics, wherein the corresponding relation is as follows:
Figure 384623DEST_PATH_IMAGE019
in the formula: g T Is a normal data feature matrix;
and 3, step 3: according to the calculation result, the difference of the extracted abnormal node features is as follows:
Figure 508436DEST_PATH_IMAGE008
and 4, step 4: by combining the two formulas, the data characteristics are as follows:
Figure 589525DEST_PATH_IMAGE020
(ii) a In the formula: k is a matrix element at any position in the data characteristic matrix;
Figure 769096DEST_PATH_IMAGE010
weighted value of data abnormal node characteristic;
and 5: the method for extracting the data features can sequentially calculate the characteristic value of the account name as
Figure 593832DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 572153DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 558563DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 255124DEST_PATH_IMAGE001
4;
The data processing unit obtains the characteristic value of the account name of
Figure 617972DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 686684DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 109575DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 27853DEST_PATH_IMAGE001
4, analyzing, sending the data to a database for storage, and obtaining a corresponding signal according to the analyzed data;
the specific analysis process of the data processing unit is as follows:
step 1: according to the formula
Figure 194392DEST_PATH_IMAGE011
Calculating a risk factor of the requested data
Figure 147304DEST_PATH_IMAGE012
A1, a2, a3 and a4 are proportionality coefficients,
Figure 475518DEST_PATH_IMAGE013
the value of the error correction factor is 1.16;
step 2: risk coefficient to be obtained
Figure 382556DEST_PATH_IMAGE014
Comparing to a risk factor threshold: if risk factor
Figure 87207DEST_PATH_IMAGE015
If the risk coefficient is more than or equal to the threshold value of the risk coefficient, judging the request data as high-risk intrusion data, and determining the risk coefficient
Figure 629047DEST_PATH_IMAGE015
Marking as a high-risk intrusion data coefficient, and sending the high-risk intrusion data coefficient to a processor; if risk factor
Figure 393740DEST_PATH_IMAGE014
If the risk coefficient threshold value is less than the threshold value, the request data is judged to be low risk intrusion data, and the corresponding risk coefficient is determined
Figure 286610DEST_PATH_IMAGE012
Marking as a low-risk intrusion data coefficient, and sending the low-risk intrusion data coefficient to a processor;
and 3, step 3: after receiving the high-risk intrusion data coefficient or the low-risk intrusion data coefficient, the processor generates a data characteristic analysis signal and sends the data characteristic analysis signal to the data analysis unit;
the data analysis unit is used for judging that the request data is in a high risk state when the acquired high risk intrusion data coefficient is acquired, and judging that the request data is in a low risk state when the acquired low risk intrusion data coefficient is acquired; then, respectively collecting the characteristic values of the corresponding account names as
Figure 296417DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 223921DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 893937DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 8524DEST_PATH_IMAGE001
4, performing each analysis to generate a complexity signal of the risk intrusion data;
the specific analysis process is as follows:
step 1: collecting a characteristic value of normal safety data as a training data set Y, and calculating a clustering center of Y by adopting a clustering algorithm aiming at the selected data set Y;
step 2: acquiring a characteristic value Z to be detected, calculating the distance from Z to each clustering center of Y, and arranging calculation results of distances H in a sequence from small to large to obtain a minimum distance H, so as to obtain a closest class C corresponding to the minimum distance H;
and step 3: determining cluster radius R of the nearest class; calculating the distance from C to each cluster center of Y, and the mean b and standard deviation d of the distances;
and 4, step 4: judging whether H is greater than b + Rd, which
Figure 320556DEST_PATH_IMAGE016
(ii) a If H is larger than b + Rd, the complexity of the risk intrusion data is high, if H is smaller than b + Rd, the complexity of the risk intrusion data is low, and a data complexity signal is correspondingly generated;
by the method, the characteristic value according to the account name is
Figure 102567DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 710528DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 46832DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 896976DEST_PATH_IMAGE001
4; respectively and correspondingly obtaining a complexity signal of an account name, a complexity signal of registration time, a complexity signal of registration IP and an identification code complexity signal of a registered mobile phone;
a data early warning unit for receiving the risk coefficient analyzed by the data processing unit
Figure 533494DEST_PATH_IMAGE015
And the data complexity signals obtained by the corresponding data analysis units are in one-to-one correspondence to carry out intrusionAnd early warning is carried out, and the early warning is sent to a corresponding network security computer for targeted analysis.
Example 2
The invention relates to an innovative application method in cloud network fusion based on a quantum encryption technology, which comprises the following steps:
step one, a cloud server and a terminal server establish communication connection; the cloud server sends a quantum encryption communication connection request to the terminal server;
thirdly, the terminal server responds to the encrypted communication connection request of the cloud server and sends information agreeing to establish quantum encrypted communication connection to the cloud server;
the cloud server encrypts plaintext data to be transmitted through the quantum key to obtain ciphertext data, and sends the ciphertext data to the terminal server;
and step six, in the quantum encryption communication transmission process, the identification module analyzes and identifies the request data and judges the security level of the intrusion data.
Example 3
The method for analyzing and identifying the request data and judging the security level of the intrusion data by the identification module comprises the following steps:
step 61: the data acquisition unit is used for acquiring index information of the request data, and the index information can comprise an account name of a user recorded as A1, registration time recorded as A2, registration IP recorded as A3 and an identification code of a registered mobile phone recorded as A4; data feature extraction is carried out on the collected index information;
step 62: the data processing unit obtains the characteristic value of the account name of
Figure 810892DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 900070DEST_PATH_IMAGE001
2. Characteristic value of the registered IP is
Figure 789791DEST_PATH_IMAGE001
3. For registering mobile phoneThe characteristic value of the identification code being
Figure 546395DEST_PATH_IMAGE001
4, analyzing, sending the data to a database for storage, and obtaining corresponding signals according to the analyzed data;
and step 63: the data analysis unit is used for judging that the request data is in a high risk state when the acquired high risk intrusion data coefficient is obtained, and judging that the request data is in a low risk state when the acquired low risk intrusion data coefficient is obtained; then, respectively collecting the characteristic values of the corresponding account names as
Figure 994693DEST_PATH_IMAGE001
1. The characteristic value of the registration time is
Figure 305589DEST_PATH_IMAGE001
2. Characteristic value of registered IP is
Figure 497536DEST_PATH_IMAGE001
3. The identification code of the registered mobile phone has a characteristic value of
Figure 108646DEST_PATH_IMAGE001
4, performing each analysis to generate a complexity signal of the risk intrusion data;
step 64: receiving the risk coefficient analyzed by the data processing unit
Figure 229311DEST_PATH_IMAGE015
And the data complexity signals obtained by the corresponding data analysis units are in one-to-one correspondence to early warn invasion and are sent to the corresponding network security computer for targeted analysis.
While one embodiment of the present invention has been described in detail, the description is only a preferred embodiment of the present invention and should not be taken as limiting the scope of the invention. All equivalent changes and modifications made within the scope of the present invention shall fall within the scope of the present invention.

Claims (5)

1. An innovative application method based on quantum encryption technology in cloud network fusion is characterized by comprising the following steps:
step one, a cloud server and a terminal server establish communication connection; the cloud server sends a quantum encryption communication connection request to the terminal server;
the terminal server responds to the encrypted communication connection request of the cloud server and sends information agreeing to establish quantum encrypted communication connection to the cloud server;
encrypting plaintext data to be transmitted by the cloud server through a quantum key to obtain ciphertext data, and sending the ciphertext data to the terminal server;
in the quantum encryption communication transmission process, the identification module analyzes and identifies the request data and judges the security level of the request data;
step four, the identification module acquires request data within preset time, analyzes the request data and judges whether third party interception or stealing occurs or not;
the identification module comprises a data acquisition unit, the data acquisition unit is used for acquiring index information of the request data, the index information comprises an account name of a user A1, registration time A2, registration IP A3 and an identification code of a registered mobile phone A4; and data feature extraction is carried out on the collected index information.
2. The innovative application method in cloud network fusion based on quantum cryptography according to claim 1, characterized in that the identification module further comprises a data processing unit, and the obtained characteristic value of the account name is
Figure DEST_PATH_IMAGE002
The characteristic value of the registration time is
Figure DEST_PATH_IMAGE004
The characteristic value of the registered IP is
Figure DEST_PATH_IMAGE006
The characteristic value of the identification code of the registered mobile phone is
Figure DEST_PATH_IMAGE008
And analyzing, sending the data to a database for storage, and obtaining a corresponding signal according to the analyzed data.
3. The innovative application method based on quantum cryptography in cloud network fusion according to claim 2, characterized in that the specific analysis process of the data processing unit is as follows:
step S1: according to the formula
Figure DEST_PATH_IMAGE010
Calculating a risk factor of the requested data
Figure DEST_PATH_IMAGE012
A1, a2, a3 and a4 are proportionality coefficients,
Figure DEST_PATH_IMAGE014
the value of the error correction factor is 1.16;
step S2: risk coefficient to be obtained
Figure 323422DEST_PATH_IMAGE012
Comparing to a risk factor threshold: if risk factor
Figure 568458DEST_PATH_IMAGE012
If the risk coefficient is more than or equal to the threshold value of the risk coefficient, judging the request data as high-risk intrusion data, and determining the risk coefficient
Figure 817037DEST_PATH_IMAGE012
Marking the high-risk intrusion data coefficients, and sending the high-risk intrusion data coefficients to a processor; if risk factor
Figure 556454DEST_PATH_IMAGE012
If the risk coefficient threshold value is less than the threshold value, the request data is judged to be low risk intrusion data, and the corresponding risk coefficient is determined
Figure 839668DEST_PATH_IMAGE012
Marking as a low-risk intrusion data coefficient, and sending the low-risk intrusion data coefficient to a processor;
step S3: and after receiving the high-risk intrusion data coefficient or the low-risk intrusion data coefficient, the processor generates a data characteristic analysis signal and sends the data characteristic analysis signal to the data analysis unit.
4. The innovative application method in cloud network fusion based on quantum cryptography according to claim 3, characterized in that the identification module further comprises a data analysis unit, which judges that the requested data is in a high risk state when the obtained high risk intrusion data coefficient is obtained, and judges that the requested data is in a low risk state when the obtained low risk intrusion data coefficient is obtained; then, respectively collecting the characteristic values of the corresponding account names as
Figure 255606DEST_PATH_IMAGE002
The characteristic value of the registration time is
Figure 991480DEST_PATH_IMAGE004
The characteristic value of the registered IP is
Figure DEST_PATH_IMAGE015
The characteristic value of the identification code of the registered mobile phone is
Figure DEST_PATH_IMAGE016
And performing each analysis to generate a complexity signal of the risk intrusion data.
5. The method for innovative application of quantum-based encryption technology in cloud network convergence according to claim 4,the identification module also comprises a data early warning unit for receiving the risk coefficient analyzed by the data processing unit
Figure 596905DEST_PATH_IMAGE012
And the data complexity signals obtained by the corresponding data analysis units are in one-to-one correspondence to early warn invasion and are sent to the corresponding network security computer for targeted analysis.
CN202210758661.5A 2022-06-30 2022-06-30 Innovative application method based on quantum encryption technology in cloud network fusion Active CN114844637B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210758661.5A CN114844637B (en) 2022-06-30 2022-06-30 Innovative application method based on quantum encryption technology in cloud network fusion

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210758661.5A CN114844637B (en) 2022-06-30 2022-06-30 Innovative application method based on quantum encryption technology in cloud network fusion

Publications (2)

Publication Number Publication Date
CN114844637A CN114844637A (en) 2022-08-02
CN114844637B true CN114844637B (en) 2022-09-13

Family

ID=82574748

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210758661.5A Active CN114844637B (en) 2022-06-30 2022-06-30 Innovative application method based on quantum encryption technology in cloud network fusion

Country Status (1)

Country Link
CN (1) CN114844637B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111490875A (en) * 2020-04-23 2020-08-04 成都信息工程大学 Cloud data semi-quantum secure sharing method and system based on proxy re-encryption
CN111680312A (en) * 2020-06-05 2020-09-18 宗陈星 Information processing method based on big data and block chain and network security cloud server

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170104590A1 (en) * 2015-10-12 2017-04-13 Yongge Wang Method and Apparatus for Error Correcting Code Based Public Key Encryption Schemes
CN109150835B (en) * 2018-07-20 2021-05-04 国科量子通信网络有限公司 Cloud data access method, device, equipment and computer readable storage medium
CN112134695B (en) * 2020-08-14 2022-09-06 江苏亨通问天量子信息研究院有限公司 Cloud platform management method and system based on quantum key distribution technology
CN114172638B (en) * 2020-09-11 2024-04-30 军事科学院系统工程研究院网络信息研究所 Quantum encryption communication method and system based on multi-model data fusion
CN113596386A (en) * 2021-08-07 2021-11-02 施航 Video monitoring quantum encryption system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111490875A (en) * 2020-04-23 2020-08-04 成都信息工程大学 Cloud data semi-quantum secure sharing method and system based on proxy re-encryption
CN111680312A (en) * 2020-06-05 2020-09-18 宗陈星 Information processing method based on big data and block chain and network security cloud server

Also Published As

Publication number Publication date
CN114844637A (en) 2022-08-02

Similar Documents

Publication Publication Date Title
CN111931253B (en) Data processing method, system, device and medium based on node group
CN107147652B (en) A kind of safety fusion authentication method of the polymorphic identity of user based on block chain
JP2016131335A (en) Information processing method, information processing program and information processing device
CN110677234B (en) Privacy protection method and system based on homomorphic encryption blockchain
CN108173871A (en) Based on radio-frequency fingerprint and biological fingerprint wireless network access authentication system and method
CN111882233A (en) Storage risk early warning method, system and device based on block chain and storage medium
CN116132989A (en) Industrial Internet security situation awareness system and method
Yousefnezhad et al. Medi: Measurement-based device identification framework for internet of things
CN115694932A (en) Method and equipment for realizing community sensitive data protection based on block chain technology
CN109547443B (en) Network storage type hidden channel detection method
CN114065169A (en) Privacy protection biometric authentication method and device and electronic equipment
CN114844637B (en) Innovative application method based on quantum encryption technology in cloud network fusion
CN113239401A (en) Big data analysis system and method based on power Internet of things and computer storage medium
CN117131490A (en) Power distribution network wireless terminal equipment identity authentication method based on equipment hardware fingerprint
CN117454442A (en) Anonymous security and traceable distributed digital evidence obtaining method and system
CN108269610A (en) Data reliability verifying method based on cloud computing
CN116232770A (en) Enterprise network safety protection system and method based on SDN controller
CN114189359B (en) Internet of things equipment capable of avoiding data tampering, data safety transmission method and system
CN109803255B (en) Mobile data information safety communication system and method for digital workshop
CN110059630B (en) Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection
US20210194860A1 (en) Central trust hub for interconnectivity device registration and data provenance
CN116708040B (en) Data security management and control method and system based on symmetric homomorphic encryption
CN116305071B (en) Account password security system based on artificial intelligence
CN116232769B (en) Safe interaction method and platform
GB2570292A (en) Data protection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant