CN115562573A

CN115562573A - Data storage method, communication system, electronic equipment and storage medium

Info

Publication number: CN115562573A
Application number: CN202211049462.3A
Authority: CN
Inventors: 施磊
Original assignee: Honor Device Co Ltd
Current assignee: Honor Device Co Ltd
Priority date: 2022-08-30
Filing date: 2022-08-30
Publication date: 2023-01-03

Abstract

The application discloses a method for storing data, a communication system, electronic equipment and a storage medium, which relate to the field of data storage. The second device receives the first request, generates a first key, and then sends the first key to the first device. After receiving the first key from the second device, the first device encrypts target data by using the first key; the first device then stores the encrypted target data to the third device. The method and the device can realize the unloading, encryption and decryption management of the user on the private data in the electronic equipment, are convenient to operate, ensure the safe storage of the user data, and realize the intelligent management of the secret key.

Description

Data storage method, communication system, electronic equipment and storage medium

Technical Field

The present application relates to the field of data storage, and in particular, to a method for storing data, a communication system, an electronic device, and a storage medium.

Background

At present, mobile terminals such as mobile phones and tablet computers have become common tools in daily life of people, and the mobile terminals can be used for shooting, instant chatting, browsing websites, watching videos, mobile phone payment and the like, and can be provided with various application programs to realize different functions. Therefore, many information such as contact information, call records, account passwords, photos, short messages, files, etc. are stored in the mobile terminal. With the increase of information stored in mobile terminals such as mobile phones and tablet computers, the storage space of the mobile terminals is more and more tense.

Disclosure of Invention

The application provides a method for storing data, a communication system, electronic equipment and a storage medium, which can relieve the problem that the storage space of a mobile terminal is increasingly tense. The technical scheme is as follows:

in a first aspect, an embodiment of the present application provides a method for storing data, where the method is applied to a first device, and the method includes:

after receiving a first instruction, sending a first request to a second device, wherein the first instruction is used for indicating that target data are encrypted and stored, and the first request is used for requesting the second device to generate a first key;

receiving a first secret key from the second device, and encrypting the target data through the first secret key;

and storing the encrypted target data to the third equipment, and deleting the locally encrypted target data.

According to the method provided by the embodiment of the application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, so that the storage space of the first device is indirectly expanded, and the problem that the storage space is more and more tense is solved. The first device encrypts the target data according to the first secret key, the safety of the target data is guaranteed, the first device only stores the encrypted target data to the third device, the first secret key is not stored to the third device, the first secret key and the target data are separately stored, the risk that the target data are decrypted after the third device is lost can be reduced, the safety of data storage is improved, the third device is a user private device, and the risk that the target data are leaked on the internet can be avoided. In addition, the first key is generated by the second device, and the user does not need to manage the key, so that the user experience is improved.

With reference to the first aspect, in certain implementations of the first aspect, the first request includes a first identification of the target data and a second identification of the target data. In this implementation manner, the first identifier is a content identifier of the target data, the second identifier is an identifier of a user corresponding to the target data, the content of the target data is different, the first key generated by encrypting the data each time is different, the first identifier and the second identifier that are the same as those used in encrypting need to be used in decryption, and other users cannot decrypt the data of the user, so that the security of stored data is improved.

With reference to the first aspect, in certain implementations of the first aspect, storing the encrypted target data to the third device includes: and storing the encrypted target data and the first identifier of the target data in the third device.

In some implementations, the first device may compress and store the encrypted target data and the first identifier of the target data in the third device, so as to save a storage space of the third device, facilitate searching for the first identifier of the target data, and facilitate decryption of the encrypted target data.

With reference to the first aspect, in certain implementations of the first aspect, the method further includes: after receiving a second instruction, sending a second request to the second device, wherein the second instruction instructs to decrypt the encrypted target data, and the second request is used for requesting to acquire the first key; receiving a first key from a second device; acquiring encrypted target data in third equipment; and decrypting the encrypted target data through the first key.

With reference to the first aspect, in certain implementations of the first aspect, the second request includes a first identification of the target data and a second identification of the target data. That is, information required when the first key is acquired corresponds to information used when the first key is generated, thereby improving the security of the stored data.

If the first request includes the first identifier of the target data, for example, the first identifier of the target data is an MD5 value, the second device generates the first key according to the MD5 value, and correspondingly, the second request includes the MD5 value, and the cloud server queries the first key according to the MD5 value.

If the first request comprises the second identifier of the target data, the second device generates a first key according to the second identifier of the target data, correspondingly, the second request comprises the second identifier of the target data, and the cloud server queries the first key according to the second identifier of the target data.

With reference to the first aspect, in some implementations of the first aspect, the first instruction or the second instruction is an instruction from a fourth device, and the target data is sent to the first device by the fourth device.

In this implementation, the storage space of the fourth device is tight, the user selects to transfer part of the data stored in the fourth device to the third device for storage, and the fourth device determines the part of the data selected by the user as the target data and sends the target data to the first device. In this implementation manner, the fourth device implements data unloading through the first device, and alleviates the storage space of the fourth device. The first device belongs to the transfer device, and in the process of transferring the data by the fourth device, other devices can transfer the data to the third device through the first device, so that the data in the multiple devices can be transferred to the third device in the same time period, and the efficiency of storing the data can be improved.

With reference to the first aspect, in some implementation manners of the first aspect, the first instruction is sent to the first device by the fourth device after detecting a first operation from the first interface, the first operation is an operation of instructing to encrypt and store target data, and the first interface is an interface for managing data to be encrypted.

With reference to the first aspect, in some implementations of the first aspect, the second instruction is sent by the fourth device to the first device after detecting a second operation from the second interface, the second operation is an operation instructing to decrypt encrypted target data, and the second interface is an interface for managing encrypted data.

In this implementation manner, the fourth device displays the first interface and the second interface, and provides a channel for managing data through the first device for a user, so that the user operation is facilitated, and the user experience is improved.

With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the progress information of encrypting the target data is sent to the fourth device, or the progress information of decrypting the encrypted target data is sent to the fourth device, so that the user can know the current progress of encryption or decryption in real time, the completion time can be predicted, and when the time is longer, the user can process other things in advance, thereby improving the user experience.

In a second aspect, an embodiment of the present application provides a method for storing data, which is applied to a second device, and the method includes:

receiving a first request from a first device, wherein the first request is used for requesting a second device to generate a first key, the first key is used for encrypting target data, and the target data is data stored in the first device;

generating a first key according to the first request;

the first key is sent to the first device.

According to the method provided by the embodiment of the application, the first secret key generated by the second device can reduce the calculation amount of other devices and improve the efficiency of data storage, and the second device can generate secret keys for a plurality of devices, so that the universality of the method is improved. The second equipment generates and stores the first key, and then the first key is obtained from the second equipment during decryption, so that the key can be intelligently managed without the need of managing the key by the user, and the user experience is improved.

With reference to the second aspect, in some implementations of the second aspect, the first request includes a first identification of the target data and a second identification of the target data, and generating the first key includes: and generating a first key according to the first identifier of the target data and the second identifier of the target data.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: and storing the first key and the corresponding relation between the first key and the first identifier of the target data and the second identifier of the target data, so that the second equipment can conveniently search the first key, and during decryption, whether the first identifier of the target data and the second identifier of the target data are correct is determined, so that the safety of stored data is improved.

With reference to the second aspect, in some implementations of the second aspect, the method further includes: receiving a second request from the first device, wherein the second request is used for requesting to acquire the first key; querying the first key according to the second request; the first key is sent to the first device.

With reference to the second aspect, in some implementations of the second aspect, the second request includes a first identification of the target data and a second identification of the target data, and querying the first key includes: and inquiring the first key according to the first identifier of the target data and the second identifier of the target data. That is, the information required when querying the first key corresponds to the information used when generating the first key, thereby ensuring the security of the data.

In a third aspect, an embodiment of the present application provides a storage data communication system, where the communication system includes a first device, a second device, and a third device, where the first device has established a connection with the second device and the third device.

When some data stored in the first device needs to be transferred, a user can perform a first operation on an interface displayed by the first device to input a first instruction to the first device, and after receiving the first instruction, the first device sends a first request to the second device in response to the first operation, wherein the first instruction is used for instructing to encrypt and store target data, the first request is used for requesting the second device to generate a first key, and the first key is used for encrypting the target data.

The second device receives a first request from the first device, generates a first key in response to the first request, and then transmits the first key to the first device.

After receiving the first key from the second device, the first device encrypts target data by using the first key; and then the first device stores the encrypted target data to the third device and deletes the locally encrypted target data.

The first key may be stored on the first device or the second device. If the first key is stored in the first device, when the user needs to view the encrypted target data, the user may perform a second operation on the first device to input a second instruction to the first device, and after receiving the second instruction, the first device searches for the first key inside the device, and decrypts the encrypted target data using the first key.

If the first key is stored in the second device, the first device sends a second request to the second device after receiving the second instruction, wherein the second request is used for requesting to acquire the first key. The second device receives a second request from the first device, and in response to the second request, the second device looks up the first key within the device and then sends the first key to the first device. And after receiving the first key, the first device decrypts the encrypted target data by using the first key.

In the embodiment of the application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, so that the storage space of the first device is indirectly expanded, and the problem that the storage space is more and more tense is solved.

The first device encrypts the target data according to the first secret key, the safety of the target data is guaranteed, the first device only stores the encrypted target data to the third device, the first secret key is not stored to the third device, the first secret key and the target data are separately stored, the risk that the target data are decrypted after the third device is lost can be reduced, the safety of data storage is improved, the third device is a user private device, and the risk that the target data are leaked on the internet can be avoided. In addition, the first key is generated by the second device, and the user does not need to manage the key, so that the user experience is improved.

In some implementations, the first device may be a mobile phone or a tablet computer, the second device may be a cloud server, and the third device may be a mobile hard disk.

In some implementations, the first device may be a mobile phone or a tablet computer, the second device may be a router, and the third device may be a usb disk.

In some implementations, the communication system includes four devices: the mobile phone is connected with the router through Wi-Fi, the router is in communication with the cloud server, and the mobile hard disk is connected to the router through a USB interface. The mobile phone can control the router and the mobile hard disk, a user selects target data to be transferred on the mobile phone through a first interface displayed on the mobile phone, such as local photos, videos and documents, the target data are determined to be encrypted, and the mobile phone sends a first instruction and the target data to the router in response to user operation. The router stores the target data after receiving the target data, and sends a first request to the cloud server after receiving the first instruction. After receiving the first request from the router, the cloud server generates a first key and sends the first key to the router. And the router encrypts the target data according to the first secret key and stores the encrypted target data to the mobile hard disk.

After storing the encrypted target data to the removable hard disk, the router may delete the associated record of the target data and the first key. The cloud server generates the first key and then stores the first key, namely the first key is stored by the cloud server, so that the possible problems of the mobile phone and the router are avoided, and the risk of losing the first key is reduced.

In this implementation manner, the first device (router) belongs to a transfer device, and in the process of transferring data by using the mobile phone, other devices may also transfer data to the mobile hard disk through the router, so that data in multiple devices can be transferred to the third device within the same time period, and the cloud server has a strong computing capability, and the cloud server is used to generate the first key, so that the efficiency of storing data can be improved.

It will be appreciated that the system for storing data may also include more or fewer devices in actual implementation.

In a fourth aspect, the present application provides an apparatus for storing data, the apparatus comprising means for performing the method of the first or second aspect. The apparatus may correspond to performing the method described in the first aspect or the second aspect, and for the description of the units in the apparatus, reference is made to the description of the first aspect or the second aspect, which is not repeated herein for brevity.

The method described in the first aspect or the second aspect may be implemented by hardware, or may be implemented by hardware executing corresponding software. The hardware or software includes one or more modules or units corresponding to the above-described functions. Such as a processing module or unit, a display module or unit, a communication module or unit, etc.

In a fifth aspect, an embodiment of the present application provides an electronic device, including: one or more processors; one or more memories; the memory stores one or more programs that, when executed by the processor, cause the electronic device to perform any of the possible methods of the first and second aspects.

In a sixth aspect, an embodiment of the present application provides an electronic device, including: one or more processors; one or more memories; the memory stores one or more programs that, when executed by the processor, cause the electronic device to perform any of the second and possible methods of the second aspects.

In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, on which computer program instructions are stored. The computer program instructions, when executed by the electronic device, cause the electronic device to implement the method of storing data as described in the first aspect or any one of the possible implementations of the first aspect; alternatively, the computer program instructions, when executed by the electronic device, cause the electronic device to implement the method of storing data as described in the second aspect or any of its possible implementations.

In an eighth aspect, the present application provides an apparatus (for example, the apparatus may be a system on a chip), which includes a processor configured to enable a first device to implement the functions recited in the first aspect; or for enabling the second device to carry out the functions referred to in the second aspect above. When the device is a chip system, the device may be formed by a chip, and may also include a chip and other discrete devices. Optionally, the chip system further comprises a memory, and the memory is connected with the processor through a circuit or a wire.

In a ninth aspect, embodiments of the present application provide a computer program product, which includes computer readable code, when run in an electronic device, causes the electronic device to implement the method for storing data as described in the first aspect or any one of the possible implementation manners of the first aspect; alternatively, the computer readable code, when executed in an electronic device, causes the electronic device to implement a method of storing data as described in the second aspect or any one of the possible implementations of the second aspect.

The technical effects obtained by the second aspect to the ninth aspect are similar to the technical effects obtained by the corresponding technical means in the first aspect, and are not described herein again.

Drawings

Fig. 1 is a schematic diagram of a system applied in a method for storing data according to an embodiment of the present application;

FIG. 2 is a schematic diagram of a system to which another method for storing data provided by an embodiment of the present application is applied;

fig. 3 shows a schematic structural diagram of a fourth device (the mobile phone 100) provided in the embodiment of the present application;

fig. 4 shows a schematic structural diagram of a first device (router 200) provided in an embodiment of the present application;

fig. 5 shows a schematic structural diagram of a second device (cloud server 300) provided in an embodiment of the present application;

FIG. 6 is a flowchart illustrating a method for storing data according to an embodiment of the present application;

FIG. 7 is a schematic diagram illustrating one of the interfaces for storing data provided by the embodiments of the present application;

fig. 8 illustrates a second interface schematic diagram for storing data according to an embodiment of the present application;

fig. 9 is a third schematic diagram illustrating an interface for storing data according to an embodiment of the present application;

fig. 10 is a schematic flowchart illustrating an encryption process in a method for storing data according to an embodiment of the present application;

FIG. 11 is a fourth schematic diagram illustrating an interface for storing data according to an embodiment of the present disclosure;

FIG. 12 is a diagram illustrating a fifth example of an interface for storing data according to an embodiment of the present disclosure;

fig. 13 is a schematic flowchart illustrating a decryption process in a method for storing data according to an embodiment of the present application;

FIG. 14 shows a sixth schematic view of an interface for storing data according to an embodiment of the present application;

fig. 15 shows a schematic structural diagram of an apparatus provided in an embodiment of the present application.

Fig. 16 is a schematic structural diagram of another apparatus provided in the embodiment of the present application.

Fig. 17 shows a software structure diagram of an electronic device provided in an embodiment of the present application.

Detailed Description

To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings. In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the present embodiment, the meaning of "a plurality" is two or more unless otherwise specified.

At present, mobile terminals such as mobile phones and tablet computers have become common tools in daily life of people, and the mobile terminals can be used for shooting, instant chatting, browsing websites, watching videos, mobile phone payment and the like, and can be provided with various application programs to realize different functions, so that a lot of information such as contact information, call records, account passwords, photos, short messages, data and the like can be stored in the mobile terminals. With the increase of information stored in mobile terminals such as mobile phones and tablet computers, the storage space of the mobile terminals is more and more tense.

In general, a user may delete part of data to release a storage space, but for some precious data such as photos and videos, the user may not want to delete the data, and if the user does not want to delete the data, the data may be uploaded to a cloud space to be stored, but the capacity of the cloud space that can be used for free is small, and if the user wants to expand the capacity of the cloud space, an extra fee needs to be paid, and the cloud space is vulnerable to malicious attacks. Or, the user can copy the data to the mobile hard disk for storage, but the operation of copying the data to the mobile hard disk is complicated, and in addition, the mobile hard disk is generally stored in a plaintext, so that if the mobile hard disk is lost, the risk of data leakage exists, and the safety cannot be guaranteed; in order to improve security, a user can encrypt data stored in the mobile hard disk by himself, in this case, the user needs to record a key for encryption, and if the user forgets the key or loses the key, the data stored in the mobile hard disk is difficult to decrypt.

In view of this, embodiments of the present application provide a method for storing data and a system for storing data, through the scheme of the present application, when a storage space of a first device or other devices is in shortage, a user may select to encrypt some data and then transfer the encrypted data to a third device, where a key used for encryption is generated by a second device, and the key and the data are stored on different devices, respectively, so as to alleviate the problem that the storage space of a mobile terminal is in shortage more and more, and implement safe, reliable, long-term, and easy-to-operate transfer data.

The key is a parameter that must be input during the process of converting plaintext into ciphertext or converting ciphertext into plaintext. The process of encoding a plaintext into a ciphertext using an encryption algorithm is referred to as encryption, and correspondingly, the process of decoding a ciphertext into a plaintext using a decryption algorithm is referred to as decryption.

The system, the device and the method provided by the embodiment of the application are sequentially introduced below.

Fig. 1 is a schematic diagram illustrating an example of a system for storing data according to an embodiment of the present application. As shown in fig. 1, the communication system for storing data may include a first device, a second device, and a third device.

The first device may establish a wireless connection with the second device through wireless communication techniques including, but not limited to: including global system for mobile communications (GSM), general Packet Radio Service (GPRS), code Division Multiple Access (CDMA), wideband Code Division Multiple Access (WCDMA), time division code division multiple access (time-division multiple access, TD-SCDMA), long Term Evolution (LTE), fifth generation mobile communication technology (english: 5 generation mobile communication or 5th generation communication systems, abbreviated as 5G), global navigation satellite system (global navigation system, GNSS), wireless local area network (wireless local area network, area), wireless fidelity (WLAN, wireless fidelity), wireless frequency modulation (FM, bluetooth communication, etc.), wireless radio network (Bluetooth communication, NFC), short-range communication (rf communication, bluetooth communication, etc.). The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).

The first device may be communicatively connected to the third device by a wired connection. For example, the first device may be connected to the third device through a Universal Serial Bus (USB) interface. After the third device is connected with the first device, the first device may display data in the third device.

The first device may be a mobile terminal or a non-mobile terminal. Exemplary first devices may be mobile phones, wearable devices (e.g., smart watches, smart bracelets), tablet computers, handheld computers, notebook computers, ultra-mobile personal computers (UMPCs), netbooks, and devices with processing and memory capabilities such as cellular phones, personal Digital Assistants (PDAs), augmented Reality (AR) \\ Virtual Reality (VR) devices, routers, and the like.

The second device may be a router, desktop computer, edge server, cloud server, or other device having processing and storage capabilities.

The third device may be a storage medium such as a usb disk or a mobile hard disk, or may be another device with storage capability.

The embodiment of the present application does not limit the device types of the first device, the second device, and the third device. For example, in some implementations, as shown in fig. 1, the first device may be a mobile phone or a tablet computer, etc., the second device may be a cloud server, and the third device may be a mobile hard disk.

When some data stored in the first device needs to be transferred, a user can perform a first operation on the first device to input a first instruction to the first device, the first device sends a first request to the second device after receiving the first instruction, namely, in response to the first operation, the first instruction is used for indicating that target data is stored in an encrypted manner, the first request is used for requesting the second device to generate a first key, and the first key is used for encrypting the target data.

The first key may be stored on the first device or the second device. If the first key is stored on the first device, when the user needs to view the encrypted target data, the user may perform a second operation on the first device to input a second instruction to the first device, and after the first device receives the second instruction, the first key is searched inside the device, and the first key is used to decrypt the encrypted target data.

If the first key is stored on the second device, the first device sends a second request to the second device after detecting the second instruction, and the second request is used for requesting to acquire the first key. The second device receives a second request from the first device, and in response to the second request, the second device looks up the first key internally to the device and then sends the first key to the first device. And after receiving the first key, the first device decrypts the encrypted target data by using the first key.

In some implementations, the first device may also be wirelessly connected to the third device, and the second device may be communicatively connected to the third device by a wired connection. For example, the first device may be a mobile phone, the second device may be a router, the third device may be a USB disk, the USB disk is connected to the router through a USB interface, after the mobile phone encrypts the target data using the first key, the mobile phone sends the encrypted target data to the router, and the router stores the encrypted target data in the USB disk.

According to the method provided by the embodiment of the application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, so that the storage space of the first device is indirectly expanded, and the problem that the storage space is more and more tense is relieved.

In the embodiment of the application, the first device encrypts the target data according to the first secret key, so that the safety of the target data is guaranteed, the first device only stores the encrypted target data to the third device, the first secret key is not stored to the third device, the separate storage of the first secret key and the target data is realized, the risk that the target data is decrypted after the third device is lost can be reduced, the safety of data storage is improved, and the third device is a user private device, so that the risk that the target data is leaked on the network can be avoided. In addition, the first key is generated by the second device, and the user does not need to manage the key, so that the user experience is improved.

It should be noted that, the communication system for storing data is exemplified by including three devices, which does not limit the embodiments of the present application. It will be appreciated that the system for storing data may also include more or fewer devices in actual implementation. For example, in some implementations, a system to store data includes two devices: the device comprises a first device and a third device, wherein the first device is connected with the third device in a wired mode. For example, the first device is a mobile phone, the third device is a mobile hard disk, the user performs a first operation on the first device to input a first instruction to the first device, the first device generates a first key in response to the first operation after detecting the first instruction, then encrypts target data by using the first key, and stores the target data encrypted by the first key to the third device.

For example, in some implementations, a communication system storing data may include four devices: the mobile terminal comprises a first device, a second device, a third device and a fourth device, wherein the fourth device can be a mobile phone, a wearable device (such as a smart watch and a smart bracelet), a tablet computer, a handheld computer, a notebook computer, an ultra-mobile personal computer (UMPC), a netbook, a cellular phone, a Personal Digital Assistant (PDA), an Augmented Reality (AR) \\ Virtual Reality (VR) device and the like.

For example, fig. 2 shows a schematic diagram of a user (fourth device) in a close-range scenario with a first device, where the first device may establish a wireless connection with a second device and the fourth device, and the first device may be in a communication connection with a third device in a wired manner.

As shown in fig. 2, the first device is a router, the second device is a cloud server, the third device is a mobile hard disk, the fourth device is a mobile phone, the mobile phone is connected to the router through Wi-Fi, the router communicates with the cloud server, and the mobile hard disk is connected to the router through a USB interface. The user uses the mobile phone to control the router, target data needing to be transferred and stored, such as local photos, videos and documents, are selected on the mobile phone, encryption of the target data is determined, and the mobile phone sends a first instruction and the target data to the router in response to user operation.

The router stores the target data after receiving the target data, and sends a first request to the cloud server after receiving the first instruction. The cloud server generates a first key after receiving the first request from the router, and sends the first key to the router. And the router encrypts the target data according to the first secret key and stores the encrypted target data to the mobile hard disk.

After the encrypted target data is stored in the mobile hard disk, the router can delete the relevant records of the target data and the first key, and the cloud server generates the first key and then stores the first key, namely the first key is stored by the cloud server, so that the possible problems of the mobile phone and the router are avoided, and the risk of losing the first key is reduced.

In the implementation manner shown in fig. 2, the fourth device realizes data unloading through the first device, and relieves the storage space of the fourth device. The first device (router) belongs to a transfer device, in the process of transferring data by the mobile phone, other devices can transfer the data to the mobile hard disk through the router, the data in the multiple devices can be transferred to the third device within the same time period, the computing capacity of the cloud server is strong, the cloud server is used for generating the first key, and the efficiency of data storage can be improved.

The following describes a hardware structure diagram of the first device, the second device, and the fourth device with reference to the drawings.

Taking a fourth device as an example of a mobile phone, fig. 3 shows a schematic structural diagram of the mobile phone 100 provided in the embodiment of the present application.

The mobile phone 100 may include a processor 110, an external memory interface 120, an internal memory 121, a usb interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, a button 190, a motor 191, an indicator 192, a camera 193, a display screen 194, and a Second Identification Module (SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.

Processor 110 may include one or more processing units, such as: the processor 110 may include an Application Processor (AP), a modem processor, a Graphics Processor (GPU), an Image Signal Processor (ISP), a controller, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), among others. Wherein, the different processing units may be independent devices or may be integrated in one or more processors.

The controller can generate an operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetching and instruction execution.

A memory may also be provided in processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 110. If the processor 110 needs to use the instruction or data again, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 110, thereby increasing the efficiency of the system.

In some embodiments, processor 110 may include one or more interfaces. The interface may include an integrated circuit (I2C) interface, an integrated circuit built-in audio (I2S) interface, a Pulse Code Modulation (PCM) interface, a universal asynchronous receiver/transmitter (UART) interface, a mobile industry processor interface (mobile industry processor interface, MIPI), a general-purpose-input/output (GPIO) interface, a Second Identification Module (SIM) interface, and/or a Universal Serial Bus (USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus including a serial data line (SDA) and a Serial Clock Line (SCL). In some embodiments, processor 110 may include multiple sets of I2C buses. The processor 110 may be coupled to the touch sensor 180K, the charger, the flash, the camera 193, etc. through different I2C bus interfaces, respectively. For example: the processor 110 may be coupled to the touch sensor 180K through an I2C interface, so that the processor 110 and the touch sensor 180K communicate through an I2C bus interface to implement a touch function of the electronic device 100.

The UART interface is a universal serial data bus used for asynchronous communications. The bus may be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is generally used to connect the processor 110 with the wireless communication module 160. For example: the processor 110 communicates with a bluetooth module in the wireless communication module 160 through a UART interface to implement a bluetooth function.

The USB interface 130 is an interface conforming to the USB standard specification, and may be a Mini USB interface, a Micro USB interface, a USB Type C interface, or the like. The USB interface 130 may be used to connect a charger to charge the mobile phone 100, and may also be used to transmit data between the mobile phone 100 and peripheral devices. And the earphone can also be used for connecting an earphone and playing audio through the earphone. The interface may also be used to connect other electronic devices, such as AR devices and the like.

It should be understood that the connection relationship between the modules according to the embodiment of the present invention is only illustrative and is not limited to the structure of the electronic device 100. In other embodiments of the present application, the electronic device 100 may also adopt different interface connection manners or a combination of multiple interface connection manners in the above embodiments.

The wireless communication function of the mobile phone 100 can be realized by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modem processor, the baseband processor, and the like. The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals.

The mobile communication module 150 may provide a solution including wireless communication of 2G/3G/4G/5G, etc. applied to the handset 100. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 150 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the electromagnetic wave to the modem processor for demodulation. The mobile communication module 150 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be provided in the same device as at least some of the modules of the processor 110.

The modem processor may include a modulator and a demodulator. The modulator is used for modulating a low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then passes the demodulated low frequency baseband signal to a baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then passed to the application processor. The application processor outputs a sound signal through an audio device (not limited to the speaker 170A, the receiver 170B, etc.) or displays an image or video through the display screen 194. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be provided in the same device as the mobile communication module 150 or other functional modules, independent of the processor 110.

The wireless communication module 160 may provide solutions for wireless communication applied to the mobile phone 100, including Wireless Local Area Networks (WLANs) (e.g., wireless fidelity (Wi-Fi) networks), bluetooth (BT), global Navigation Satellite System (GNSS), frequency Modulation (FM), near Field Communication (NFC), infrared (IR), and the like. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, performs frequency modulation and filtering on electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves through the antenna 2 to radiate the electromagnetic waves.

In some embodiments, the antenna 1 of the handset 100 is coupled to the mobile communication module 150 and the antenna 2 is coupled to the wireless communication module 160 so that the handset 100 can communicate with networks and other devices through wireless communication techniques.

The mobile phone 100 implements the display function through the GPU, the display screen 194, and the application processor. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or alter display information. The display screen 194 is used to display images, video, and the like.

The external memory interface 120 may be used to connect an external memory card, such as a Micro SD card, to extend the memory capability of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to implement a data storage function. For example, files such as music, video, etc. are saved in an external memory card.

The internal memory 121 may be used to store computer-executable program code, which includes instructions. The internal memory 121 may include a program storage area and a data storage area. The storage program area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like. The data storage area may store data (e.g., audio data, a phonebook, etc.) created during use of the handset 100, and the like. In addition, the internal memory 121 may include a high speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, a Universal Flash Storage (UFS), and the like. The processor 110 executes various functional applications and data processing of the mobile phone 100 by executing instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.

The pressure sensor 180A is used for sensing a pressure signal, and can convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194. The pressure sensor 180A can be of a wide variety, such as a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, and the like. The capacitive pressure sensor may be a sensor comprising at least two parallel plates having an electrically conductive material. When a force acts on the pressure sensor 180A, the capacitance between the electrodes changes. The cellular phone 100 determines the intensity of the pressure according to the change of the capacitance. When a touch operation is applied to the display screen 194, the mobile phone 100 detects the intensity of the touch operation according to the pressure sensor 180A. The cellular phone 100 may also calculate the touched position from the detection signal of the pressure sensor 180A. In some embodiments, the touch operations that are applied to the same touch position but different touch operation intensities may correspond to different operation instructions. For example: and when the touch operation with the touch operation intensity smaller than the first pressure threshold value acts on the short message application icon, executing an instruction for viewing the short message. And when the touch operation with the touch operation intensity larger than or equal to the first pressure threshold value acts on the short message application icon, executing an instruction of newly building the short message.

The touch sensor 180K is also called a "touch device". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is used to detect a touch operation applied thereto or nearby. The touch sensor may communicate the detected touch operation to the application processor to determine the touch event type. Visual output associated with the touch operation may be provided through the display screen 194. In other embodiments, the touch sensor 180K may be disposed on the surface of the mobile phone 100, different from the position of the display screen 194.

Taking the first device as an example of a router, fig. 4 shows a schematic structural diagram of a router 200 provided in the embodiment of the present application.

As shown in fig. 4, router 200 may include: a processor 210, a wireless communication module 220, a memory 230, a power module 240, a communication interface 250, a switch 260, and an antenna.

Processor 210 may include one or more processing units, such as: the processor 210 may include a CPU, GPU, DSP, ISP, AP, NPU, modem processor, controller, video codec, baseband processor, etc. In some embodiments, the different processing units may be stand-alone devices or may be integrated into one or more processors. The CPU is a final execution unit for information processing and program running, and its main work includes processing instructions, executing operations, controlling time, processing data, and the like. The CPU may include a controller, an arithmetic unit, a cache memory, and a bus for connecting these components.

The wireless communication module 220 may provide wireless communication such as Wi-Fi, frequency Modulation (FM), bluetooth, or NFC. The wireless communication module 220 may be one or more devices integrating at least one communication processing module. The wireless communication module 220 receives electromagnetic waves via an antenna, performs frequency modulation and filtering on electromagnetic wave signals, and transmits the processed signals to the processor 210. The wireless communication module 220 may also receive a signal to be transmitted from the processor 210, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves via an antenna to radiate the electromagnetic waves.

Memory 230 may be used to store computer executable program code, including computer instructions. The processor 210 performs various functions and data processing by executing instructions stored in the memory 230. The memory 230 may include a program storage area and a data storage area. Wherein the storage program area may store an application program required for at least one function (such as generating a key, sending a request, etc.). The storage data area may store target data, keys, etc. received from other devices. Further, the memory 230 may include a high-speed random access memory, and may also include a nonvolatile memory or the like.

Power module 240 may be used to receive power inputs, store power, and provide power to processor 210, wireless communication module 220, memory 230, and the like.

The communication interface 250 may be used for communication with external devices such as an electronic device, a portable hard disk, and a usb disk. The communication interface 250 may be any possible interface such as a network port or a Universal Serial Bus (USB) interface.

The switch 260 is used to trigger the router to turn on or off.

Taking the second device as a cloud server as an example, fig. 5 shows a schematic structural diagram of a cloud server 300 provided in the embodiment of the present application.

As shown in fig. 5, the cloud server 300 may include a processor 310, a memory 320, and a communication module 330.

The processor 310 may be used to read and execute computer readable instructions. In particular, the processor 310 may include a controller, an operator, and a register. The controller is mainly responsible for instruction decoding and sending out control signals for operations corresponding to the instructions. The arithmetic unit is mainly responsible for storing register operands, intermediate operation results and the like temporarily stored in the instruction execution process. In a specific implementation, the hardware architecture of the processor 310 may be an Application Specific Integrated Circuit (ASIC) architecture, an MIPS (micro processor with interleaved pipeline) architecture, an ARM (advanced risc processors) architecture, or a Network Processor (NP) architecture.

A memory 320 is coupled to the processor 310 for storing various software programs and/or sets of instructions. In particular implementations, memory 320 may include high-speed random access memory and may also include non-volatile memory, such as one or more magnetic disk storage devices, flash memory devices, or other non-volatile solid-state storage devices. The memory 320 may store an operating system, such as an embedded operating system like uCOS, vxWorks, RTLinux, etc.

The communication module 330 may be used to establish a communication connection between the cloud server 300 and other communication terminals through a network, and to transceive data through the network.

It is to be understood that the illustrated structure of the present embodiment does not specifically limit the handset 100, the router 200, and the cloud server 300. In other embodiments, the handset 100, router 200, cloud server 300 may include more or fewer components than shown, or combine certain components, or split certain components, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

The following describes a method for storing data provided in an embodiment of the present application.

Fig. 6 is a schematic flowchart of a method for storing data according to an embodiment of the present application. Continuing to take the example that the first device is a router, the second device is a cloud server, the third device is a mobile hard disk, and the fourth device is a mobile phone as an example, as shown in fig. 6, a user may first forward target data to the mobile hard disk, and the method includes the following steps S601 to S606.

S601, the mobile phone is connected with the router.

The embodiment of the application does not limit the connection mode of the first device and the fourth device. The mobile phone and the router can be connected through a wire, for example, the connection can be established through a USB mode, and USB communication can be carried out between the mobile phone and the router. And wireless connection can be established between the mobile phone and the route, wherein the wireless connection can be established through a Bluetooth protocol or a Wi Fi protocol.

When the mobile phone is in wireless connection with the router, the router monitors information from the mobile phone through a port, such as an 80http web port.

S602, the mobile hard disk is connected with the router.

The router is provided with a USB interface, and the mobile hard disk can be inserted into the router through the USB interface so as to establish connection.

S603, the mobile phone detects the unloading operation from the user.

In the embodiment of the application, the mobile phone can display a plurality of preset interfaces for managing data, a user can select the data to be transferred, encrypted data and decrypted data through the preset interfaces, and when the data to be transferred is selected through the preset interfaces, the mobile phone can send different types of data to the router in batches.

Exemplarily, fig. 7 shows an interface schematic diagram for managing data according to an embodiment of the present application. In the embodiment of the present application, a developer may create a public number in advance, where the public number may implement many functions, as shown in (a) in fig. 7, after a user enters the public number, a mobile phone displays a main public number interface, where the main public number interface includes articles published by the public number, and some controls for user interaction, such as a device management control 71. As shown in fig. 7 (b), after clicking the device management control 71, the user enters a device management interface, the mobile phone displays devices that have currently established a connection with the mobile phone, for example, the connected devices include a router 72, a computer 73, a watch 74, a usb disk 75, etc., the mobile phone displays icons of the connected devices, and the user can also search for other connectable devices through the search control 76.

The user may select one of the connected devices for storing data. For example, as shown in (c) of fig. 7, after the user clicks the icon of the router 72, the mobile phone enters a router login interface, and the router login interface includes the router icon, an input box for inputting an account number and a password, and a control for triggering login. After a user inputs a login account and a password of the router in the input box, the user clicks login, and after verification is passed, the mobile phone displays a router management interface. As shown in fig. 7 (d), the user may set a password, an internet access setting, a WIFI setting, and the like of the router, and the user may click the control 77 in the router management interface to enter the dump function of the router, and then the mobile phone displays the interface shown in fig. 8 (a).

As shown in fig. 8 (a), the dump function of the router may include two parts: the step of transferring to the hard disk and the step of checking the hard disk refers to transferring data stored in the mobile phone to the mobile hard disk for storage through the router, and the step of checking the hard disk refers to acquiring the data stored in the mobile hard disk through the router, checking the data in the mobile hard disk, modifying the data in the mobile hard disk and the like.

After the user clicks the "transfer to hard disk" and authorizes the mobile phone to read the local data, as shown in (b) of fig. 8, the mobile phone displays data such as photos, videos, and documents stored locally, the user may select one or more files at the same time, after the data to be transferred to the mobile hard disk for storage is selected, the user may click the "storage", the mobile phone determines the data selected by the user as the target data, and then starts to transmit the data.

S604, responding to the unloading operation of the user, the mobile phone sends the target data to the router.

The mobile phone may send the target data to the router using a hypertext Transfer Protocol (HTTP).

S605, the router receives the target data through a port, such as an 80http web port.

S606, the router stores the target data in the mobile hard disk.

After the router receives the target data, the target data can be directly stored in the mobile hard disk, and when the target data is stored in the mobile hard disk, the router can create a new folder 1 in the mobile hard disk according to the date and store the target data received this time into the new folder 1.

After S606, the router may send a notification to the handset that the data transmission is complete, and after confirming that the router receives the target data, the handset may delete the target data from the storage space of the handset.

After the router stores the target data in the mobile hard disk, the user can choose to encrypt the target data in the mobile hard disk. For example, after the mobile phone displays the interface shown in (a) of fig. 9 and the user clicks "view hard disk", the mobile phone may obtain the data stored in the mobile hard disk, arrange the data in the format of name, date, type, etc., and display the data to the user, as shown in (b) of fig. 9, the mobile phone displays the data of file 1, document 2, compressed package 2022-22-23, etc., the user finds the folder 1 storing the target data, and clicks "encrypt" button to request to encrypt the target data in the folder 1. It is to be understood that the display manner shown in (b) of fig. 9 is merely an example, and different devices may adaptively display different formats.

Fig. 10 is a flowchart illustrating a method for storing data according to an embodiment of the present application. As shown in fig. 10, the process of encryption includes the following S1001-S1007.

S1001, the mobile phone detects an encryption operation from a user and sends a first instruction to the router, and the first instruction indicates that target data are encrypted.

For example, the encryption operation (first operation) may be an operation of clicking an "encryption" button, or may be an operation of clicking an "encrypted storage" button.

S1002, the router receives the first instruction and acquires the information used for encryption.

After receiving the first instruction, the router analyzes the first instruction to obtain an instruction that the target data needs to be encrypted, acquires information used for encryption, and then sends a first request to the cloud server, wherein the first request is used for requesting the cloud server to generate a first key.

S1003, the router sends the first request to the cloud server.

In some implementations, the first request can include a first identification of the target data that uniquely corresponds to the data to be encrypted. The first identifier is a content identifier of the target data, for example, the first identifier of the target data may be an information Digest MD5 value (Message Digest Algorithm MD 5), and after receiving the first instruction, the router reads the content of the target data in the folder 1 and calculates the MD5 value according to the content of all data.

In other implementation manners, the first request may include a second identifier of the target data, where the second identifier is an identifier of a user corresponding to the target data, for example, the public number is a micro-signal public number, the second identifier may be a micro-beacon identifier, the mobile phone obtains the micro-beacon identifier appid after detecting the encryption operation, one appid uniquely corresponds to one micro-signal account, and when sending the first instruction to the router, the mobile phone may carry the micro-beacon identifier appid in the first instruction, so that the router may obtain the micro-beacon identifier appid after analyzing the first instruction. For example, the second Identifier may also be a Mobile Equipment Identifier (MEID), and the MEID is a unique Identifier of the Mobile phone.

In other implementations, the first request may include a first identification of the target data and a second identification of the target data.

S1004, the cloud server receives the first request, and generates a first key.

In this implementation manner, the contents of the target data are different, the first key generated by encrypting the data each time is different, and a device or a Wechat that is the same as a second identifier used in Encryption needs to be used in decryption, so that other users cannot decrypt the data of the user, thereby improving the security of stored data.

After the cloud server generates the first key, the cloud server stores the first key and a first identifier or a second identifier of the target data used when the first key is generated, or the first identifier and the second identifier of the target data.

S1005, the cloud server sends the first key to the router.

S1006, the router receives the first key from the cloud server, and encrypts the target data according to the first key.

And S1007, the router sends information containing the encryption progress to the mobile phone.

In the encryption process, the router may send information including an encryption progress to the mobile phone, and the mobile phone displays the current encryption progress to the user, as shown in (a) of fig. 11, when the encryption progress of the router is 80%, the mobile phone may display the encryption progress as 80%. As shown in fig. 11 (b), after the encryption is completed, the mobile phone displays to the user that the encryption is completed.

In some implementations, after the encryption is completed, the router may directly compress and store the encrypted target data, so as to save the storage space. For example, as shown in (a) of fig. 12, the router compresses the encrypted target data into a compressed packet 2, where the compressed packet 2 may be in a zip format, and the compressed packet 2 may be named 2022-08-26 according to the current date.

In some implementations, the router compresses the encrypted folder 1 and the first identifier of the target data into the compressed packet 2 at the same time, as shown in (b) in fig. 12, so that the first identifier of the target data can be obtained from the compressed packet when the data is decrypted, and the first identifier of the target data is conveniently searched.

In other implementations, the router may also store the second identification in the compressed packet as well. In this way, when the user views the content in the mobile hard disk, the router displays to the user which user the compressed packet comes from, thereby facilitating the user to search the encrypted target data. During decryption, the router can compare the identifier of the user obtained this time with the second identifier in the compressed packet, and when the identifier of the user obtained this time is not matched with the second identifier in the compressed packet, the router cannot operate the encrypted data.

In some implementations, the first key may also be stored by the router, or the router sends the first key to the handset, and the handset stores the first key.

In the embodiment, the mobile phone determines some selected files of the user as target data, the target data is sent to the router firstly, the router stores the target data in the mobile hard disk, and then the first instruction is sent to the router according to the instruction of the user. That is, when unencrypted data is already stored in the mobile hard disk, the user can view the data in the mobile hard disk, and the mobile phone can also determine that the unencrypted data in the mobile hard disk is the target data according to the user selection and send the first instruction to the router. And then after determining the target data needing to be encrypted, the router sends a first request to the cloud server.

In some implementations, in the interface shown in fig. 8 (b), after the user selects the target data, the user may click "encrypted storage", and after detecting the unloading operation from the user in step S603, the mobile phone sends, in response to the unloading operation of the user, a first instruction and the target data to the router, where the target data may be carried in the first instruction, and after receiving the first instruction, the router performs steps S1002 and later. The mobile phone may also send the target data to the router first and then send the first instruction, or the mobile phone may also send the first instruction to the router first and then send the target data. After the router receives the target data, the router may first temporarily store the target data in a memory of the router, encrypt the target data, and then store the encrypted target data in the portable hard disk. And after the encrypted target data is stored in the mobile hard disk, the router deletes the local target data.

According to the method provided by the embodiment of the application, the encrypted target data is transferred to the mobile hard disk, and then the target data in the mobile phone can be deleted, so that the storage space of the mobile phone is indirectly expanded, and the problem that the storage space of the mobile phone is more and more tense is solved.

In the embodiment of the application, the router encrypts the target data according to the first secret key, the safety of the target data is guaranteed, the router only stores the target data encrypted by the first secret key to the mobile hard disk, the first secret key is not stored to the mobile hard disk, the first secret key and the target data are stored separately, the risk that the target data are decrypted after the mobile hard disk is lost can be reduced, the mobile hard disk is a user private device, the risk that the target data are leaked on the network can be avoided, and the safety of data storage is improved.

In addition, in the process of transferring data by the mobile phone, other devices, such as a tablet computer, may also be used to transfer data to the mobile hard disk through the router, so that data in multiple devices may be transferred to a third device in the same time period. In addition, the method provided by the embodiment of the application uses the cloud server to generate the first key, so that the efficiency of data storage can be improved. The first secret key is generated by the cloud server, and a user does not need to manage the secret key, so that the user experience is improved.

The method provided by the application can also be used for decrypting the encrypted target data. Fig. 13 is a flowchart illustrating a method for storing data according to an embodiment of the present application. As shown in fig. 13, the process of encryption includes the following S1301-S1307.

S1301, the mobile phone detects a decryption operation (a second operation) from the user, and sends a second instruction to the router, where the second instruction instructs to decrypt the encrypted target data.

For example, when the mobile phone displays the interface shown in fig. 12 (a), the user may select the compression package 2 and click the "decrypt" button to request decryption of the data in the compression package 2.

S1302, the router acquires the information for decryption after receiving the second instruction.

Wherein the information for decryption corresponds to the information for encryption.

For example, taking the example that the first key is generated by the second identifier and the MD5 value, after receiving the second instruction, the router decompresses the compressed packet 2, extracts the MD5 value in the compressed packet 2, and acquires the second identifier. The second identifier may be carried in a second instruction and sent to the router, and the router analyzes the second instruction to obtain the second identifier. Or, after receiving the second instruction, the router may send a request for obtaining the second identifier to the mobile phone, and the mobile phone sends the second identifier to the router.

S1303, the router sends a second request to the cloud server, wherein the second request is used for requesting to acquire the first key.

The second request includes the MD5 value and the second identification, i.e. the information needed to obtain the first key corresponds to the information used when generating the first key.

S1304, after receiving the second request, the cloud server queries the first key from the cloud server.

The cloud server queries the first key according to the information in the second request, i.e., according to the MD5 value and the second identifier.

It is to be understood that in case the first key is generated by an MD5 value, the second request comprises an MD5 value, and correspondingly, the cloud server queries the first key according to the MD5 value. And in the case that the first key is generated by the second identifier, the second request includes the second identifier, and correspondingly, the cloud server queries the first key according to the second identifier.

S1305, the cloud server sends the first key to the router.

S1306, the router decrypts the target data encrypted by the first key according to the first key.

I.e. the router decompresses the compressed packet 2, and then obtains the encrypted folder 1. After acquiring the first key, the router decrypts the folder 1 according to the first key. After decryption is complete, the router may delete compressed packet 2.

S1307, the router sends information containing decryption progress to the handset.

In the decryption process, the router may send information including a decryption progress to the mobile phone, and the mobile phone displays the current decryption progress to the user after receiving the progress information, as shown in (a) in fig. 14, when the decryption progress of the router is 50%, the mobile phone may display the decryption progress to be 50%. As shown in fig. 14 (b), after the decryption is completed, the handset displays information to the user that the decryption is completed, and then displays an interface as shown in fig. 9 (b).

In other implementations, the mobile phone (fourth device) and the router (first device) are in a long-distance scenario, the distance between the mobile phone and the router exceeds the coverage of the router, and the router is connected to the mobile hard disk (third device).

In this scenario, when the mobile phone enters the interface shown in (b) in fig. 7, the bound router may also be displayed, where the bound router is a router that has logged in using the mobile phone, the user clicks an icon of the bound router to log in the bound router, and the mobile phone may implement remote management of data through the bound router.

For example, when a user selects to encrypt unencrypted data already stored in a mobile hard disk, the mobile phone sends a first instruction, a second identifier and an identifier of a bound router to the cloud server in response to an encryption operation of the user, wherein the identifier of the bound router uniquely corresponds to the bound router, and the cloud server determines the bound router and establishes communication with the bound router.

And after receiving the first instruction, the cloud server issues the first instruction to the bound router. After the bound router receives the first instruction, an MD5 value corresponding to the target data is generated, and then the MD5 value is sent to the cloud server. After receiving the MD5 value, the cloud server generates a first key according to the MD5 value and the second identifier, and then sends the first key to the bound router. After the bound router receives the first key, the target data is encrypted by using the first key. According to different information used in the generation of the first key, in some implementation manners, after receiving the first instruction, the cloud server generates the first key, and issues the first key and the first instruction to the bound router. After the bound router receives the first instruction, the target data is encrypted by using the first key.

For some data with low security requirement and data with small data size in the mobile phone, remote unloading of the data can also be realized through the bound router.

For example, the mobile phone sends a first instruction to the cloud server, where the first instruction includes the target data, the second identifier, and the identifier of the bound router. After receiving the first instruction, the cloud server generates an MD5 value corresponding to the target data according to the content of the target data, generates a first key according to the MD5 value and the second identifier, and encrypts the target data by using the first key. And the cloud server sends the encrypted target data and the MD5 value to the bound router, and deletes the target data on the cloud server. And after receiving the encrypted target data and the MD5 value, the bound router compresses the encrypted target data and the MD5 value and stores the compressed target data and the MD5 value into the mobile hard disk.

During decryption, the mobile phone sends a second instruction, a second identifier and the identifier of the bound router to the cloud server, and after receiving the second instruction, the cloud server issues the second instruction to the bound router. And after receiving the second instruction, the bound router acquires an MD5 value corresponding to the target data, and then sends the MD5 value to the cloud server. After receiving the MD5 value, the cloud server queries the first key according to the MD5 value and the second identifier, and then sends the queried first key to the bound router. And after receiving the first key, the bound router decrypts the encrypted target data by using the first key.

The embodiment of the application provides a method for storing data, a USB interface of a router is inserted into external storage media such as a U disk and a mobile hard disk, and the transfer, encryption and decryption management of private data in a mobile phone by a user is realized through interaction among the mobile phone, the router and a cloud server, so that the operation is convenient, the safe storage of user data is ensured, and the intelligent management of a secret key is realized.

In addition to the above method, in some other implementations, the key may be generated locally by the mobile phone, or may be generated by the router, for example, in an interface shown in (b) in fig. 7, the user may click on an icon of any connected device, such as an icon of the usb disk 75, then the mobile phone displays an interface similar to that shown in (d) in fig. 7 to manage data of the usb disk 75, when the user selects to transfer data in the mobile phone to the usb disk 75, the mobile phone generates an MD5 value of the target data in response to the user operation, and generates the first key according to the MD5 value of the target data, and the mobile phone encrypts the target data using the first key, stores the encrypted target data in the usb disk 75, and stores the first key in the mobile phone.

According to the method provided by the embodiment of the application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, so that the storage space of the first device is indirectly expanded, and the problem that the storage space is more and more tense is solved.

The first device encrypts the target data according to the first secret key, the safety of the target data is guaranteed, the first device only stores the target data encrypted by the first secret key to the third device, the first secret key is not stored to the third device, the first secret key and the target data are separately stored, the risk that the target data are decrypted after the third device is lost can be reduced, the safety of data storage is improved, the third device is a user private device, and the risk that the target data are leaked on the internet can be avoided. In addition, the first key is generated by the second device, and the user does not need to manage the key, so that the user experience is improved.

When the first device belongs to the transfer device, the data in the plurality of devices can be transferred to the third device in the same time period. The embodiment of the application also provides a public number which is convenient for the user to operate, and the method is convenient for the user to manage data, convenient to operate and specific in universality. In short, the method provided by the embodiment of the application can manage data in the electronic device safely, reliably, for a long time and easily under the condition that the storage space of the electronic device is insufficient.

The various implementations described herein may be stand-alone solutions or combined in accordance with inherent logic and fall within the scope of the present application.

It is to be understood that the methods and operations implemented by the electronic device in the above method embodiments may also be implemented by components (e.g., chips or circuits) that can be used in the electronic device.

According to the method example, the electronic device may be divided into the functional modules, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, the division of the modules in the embodiment of the present application is schematic, and is only one logical function division, and other feasible division manners may be available in actual implementation. The following description will be given taking the example of dividing each functional module corresponding to each function.

Fig. 15 is a schematic block diagram of an apparatus 1500 provided in an embodiment of the present application. The apparatus 1500 may be used to perform the actions performed by the first device in the above method embodiments. The apparatus 1500 comprises a receiving unit 1510, a transmitting unit 1520 and a processing unit 1530.

The receiving unit 1510 is configured to receive a first instruction from the fourth device, where the first instruction indicates that the target data is stored in an encrypted manner.

A sending unit 1520, configured to send a first request to the second device, where the first request is used to request the second device to generate a first key, and the first key is used to encrypt the target data. In some implementations, the first request includes an identification of the target data and a corresponding second identification of the target data.

The receiving unit 1510 is further configured to receive the first key from the second device.

A processing unit 1530 for encrypting the target data according to the first key from the second device.

The processing unit 1530 is further configured to store the encrypted target data to the third device.

In some implementations, the processing unit 1530 compresses the encrypted target data and the first identifier of the target data, and stores the compressed target data and first identifier of the target data in the third device.

The receiving unit 1510 is further configured to receive a second instruction from the fourth device, where the second instruction instructs to decrypt the target data encrypted by the first key.

The processing unit 1520 is further configured to obtain the encrypted target data in the third device.

The sending unit 1520 is further configured to send a second request to the second device, where the second request is used to request to obtain the first key. In some implementations, the second request includes a first identification of the target data and a second identification of the target data.

The processing unit 1520 is further configured to decrypt the target data encrypted by the first key.

The sending unit 1520 is further configured to send, to the fourth device, progress information for encrypting the target data, or send, to the fourth device, progress information for decrypting the target data encrypted by the first key.

The apparatus 1500 further comprises a communication unit configured to enable the apparatus 1500 to establish a connection with the second device, the third device, and the fourth device.

In other possible implementation manners, the receiving unit 1510 is configured to receive a first operation of a user, where the first operation is used to instruct to perform encrypted storage on target data.

The receiving unit 1510 is further configured to receive a second operation of the user, where the second operation is used to instruct an operation of decrypting the encrypted target data.

The apparatus 1500 further comprises a display unit for displaying a first interface to receive a first operation of a user. The display unit is further used for displaying a second interface so as to receive a second operation of the user.

The display unit is also used for displaying the progress of encrypting the target data. The display unit is also used for displaying the progress of decrypting the target data encrypted by the first secret key.

According to the scheme, after the encrypted target data are transferred to the third device, the target data in the first device can be deleted, so that the storage space of the first device is indirectly expanded, and the problem that the storage space is more and more tense is relieved.

The first device encrypts the target data according to the first secret key, the safety of the target data is guaranteed, the first device only stores the target data encrypted by the first secret key to the third device, the first secret key is not stored to the third device, the first secret key and the target data are stored separately, the risk that the target data are decrypted after the third device is lost can be reduced, the safety of data storage is improved, the third device is a user private device, and the risk that the target data are leaked on the internet can be avoided. In addition, the first key is generated by the second device, and the user does not need to manage the key, so that the user experience is improved.

The apparatus 1500 according to the embodiment of the present application may correspond to performing the method described in the embodiment of the present application, and the above and other operations and/or functions of the units in the apparatus 1500 are respectively for realizing the corresponding flows of the method, and are not described herein again for brevity.

The embodiment of the present application further provides an apparatus 1600, where the apparatus 1500 may be used to execute the actions performed by the second device in the foregoing method embodiments. Fig. 16 is a schematic block diagram of an apparatus 1600 provided in an embodiment of the present application. The apparatus 1600 includes a receiving unit 1610, a transmitting unit 1620 and a processing unit 1630.

The receiving unit 1610 is configured to receive a first request from a first device. In some implementations, the first request includes a first identification of the target data and a second identification of the target data.

The processing unit 1630 is configured to generate a first key according to the first request.

A sending unit 1620, configured to send the first key to the first device.

The receiving unit 1610 is further configured to receive a second request from the first device. In some implementations, the second request includes a first identification of the target data and a second identification of the target data.

The processing unit 1630 is further configured to query the first key according to the second request.

Furthermore, the apparatus 1600 comprises a storage unit for storing the first key.

The apparatus 1600 further comprises a communication unit for establishing a connection with a first device.

According to the scheme, the first secret key generated by the second equipment can reduce the calculation amount of other equipment and improve the efficiency of data storage, and the second equipment can generate the secret key for a plurality of equipment, so that the universality of the scheme is improved. The second device generates and stores the first key, and the first key is obtained from the second device during decryption, so that the key is not required to be managed by the user, the intelligent management of the key is realized, and the user experience is improved.

In addition, embodiments of the present application also provide an apparatus, which may be specifically a chip, a component or a module, and may include a processor and a memory connected to each other; the memory is used for storing computer execution instructions, and when the device runs, the processor can execute the computer execution instructions stored in the memory, so that the chip can execute the method in the above method embodiments.

It should be noted that the chip may be implemented by using the following circuits or devices: one or more Field Programmable Gate Arrays (FPGAs), programmable Logic Devices (PLDs), controllers, state machines, gate logic, discrete hardware components, any other suitable circuitry, or any combination of circuitry capable of performing the various functions described throughout this application.

Optionally, in some embodiments, the present application provides an electronic device comprising a chip for reading and executing a computer program or instructions stored by a memory, such that the methods in the embodiments are performed.

The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned method embodiments.

Embodiments of the present application provide a computer program product, which when running on a mobile terminal, enables an electronic device to implement the steps in the above method embodiments when executed.

In an embodiment of the application, an electronic device includes a hardware layer, an operating system layer running on top of the hardware layer, and an application layer running on top of the operating system layer. The hardware layer may include hardware such as a Central Processing Unit (CPU), a Memory Management Unit (MMU), and a memory (also referred to as a main memory). The operating system of the operating system layer may be any one or more computer operating systems that implement business processing through processes (processes), such as a Linux operating system, a Unix operating system, an Android operating system, an iOS operating system, or a windows operating system. When the operating system is an Android operating system, the electronic device may have a software structure as shown in fig. 17.

The layered architecture divides the software into several layers, each layer having a clear role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, an application layer, an application framework layer, an Android runtime (Android runtime) and system library, and a kernel layer from top to bottom.

The application layer may include a series of application packages.

As shown in fig. 17, the application package may include camera, gallery, calendar, phone call, map, navigation, WLAN, bluetooth, music, video, short message, etc. applications.

The application framework layer provides an Application Programming Interface (API) and a programming framework for the application program of the application layer. The application framework layer includes a number of predefined functions.

As shown in FIG. 17, the application framework layers may include a window manager, content provider, view system, phone manager, resource manager, notification manager, and the like.

The window manager is used for managing window programs. The window manager can obtain the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.

The content provider is used to store and retrieve data and make it accessible to applications. The data may include video, images, audio, calls made and answered, browsing history and bookmarks, phone books, etc.

The view system includes visual controls such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.

The telephone manager is used for providing a communication function of the electronic equipment. Such as management of call status (including on, off, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and the like.

The notification manager enables the application to display notification information in the status bar, can be used to convey notification-type messages, can disappear automatically after a short dwell, and does not require user interaction. Such as a notification manager used to notify download completion, message alerts, etc. The notification manager may also be a notification that appears in the form of a chart or scrollbar text in a status bar at the top of the system, such as a notification of a running application in the background, or a notification that appears on the screen in the form of a dialog window. For example, prompting text information in the status bar, sounding a prompt tone, vibrating the electronic device, flashing an indicator light, etc.

The Android Runtime comprises a core library and a virtual machine. The Android runtime is responsible for scheduling and managing an Android system.

The core library comprises two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.

The application layer and the application framework layer run in a virtual machine. And executing java files of the application program layer and the application program framework layer into a binary file by the virtual machine. The virtual machine is used for performing the functions of object life cycle management, stack management, thread management, safety and exception management, garbage collection and the like.

The system library may include a plurality of functional modules. For example: surface managers (surface managers), media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., openGL ES), 2D graphics engines (e.g., SGL), and the like.

The surface manager is used to manage the display subsystem and provide a fusion of the 2D and 3D layers for multiple applications.

The media library supports a variety of commonly used audio, video format playback and recording, and still image files, among others. The media library may support a variety of audio-video encoding formats such as MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, etc.

The three-dimensional graphic processing library is used for realizing three-dimensional graphic drawing, image rendering, synthesis, layer processing and the like.

The 2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is a layer between hardware and software. The inner core layer at least comprises a display driver, a camera driver, an audio driver and a sensor driver.

The electronic device, the computer-readable storage medium, the computer program product, and the chip provided in the embodiments of the present application are all configured to execute the method provided above, and therefore, for the beneficial effects that can be achieved by the electronic device, the computer-readable storage medium, the computer program product, and the chip, reference may be made to the beneficial effects corresponding to the method provided above, and details of the beneficial effects are not repeated here.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus/electronic device and method may be implemented in other ways. For example, the above-described apparatus/electronic device embodiments are merely illustrative, and for example, the division of the modules or units is only one type of logical function division, and other division manners may exist in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in an electrical, mechanical or other form.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow in the method of the embodiments described above can be implemented by a computer program, which can be stored in a computer readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include at least: any entity or apparatus capable of carrying computer program code to a terminal device, including a recording medium, computer memory, read-only memory (ROM), random Access Memory (RAM), electrical carrier signals, telecommunications signals, and software distribution media. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In some jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and proprietary practices.

Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In the description above, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.

It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It should also be understood that reference to "a plurality" in the specification and the appended claims means two or more. In the description of this application, "/" indicates an inclusive meaning, for example, A/B may indicate either A or B; "and/or" herein is merely an association describing an associated object, and refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone.

As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".

In addition, for the convenience of clearly describing the technical solutions of the present application, the terms "first", "second", and the like are used to distinguish the same items or similar items having substantially the same functions and actions. Those skilled in the art will appreciate that the terms first, second, etc. do not denote any order or importance, but rather the terms first, second, etc. are used to distinguish one element from another.

Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather mean "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.

The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims

1. A method of storing data, the method being applied to a first device, the method comprising:

after receiving a first instruction, sending a first request to a second device, wherein the first instruction is used for indicating that target data stored by the first device is stored in an encrypted manner, and the first request is used for requesting the second device to generate a first key;

receiving the first key from the second device, and encrypting the target data through the first key;

and storing the encrypted target data to a third device, and deleting the local encrypted target data.

2. The method of claim 1, wherein the first request comprises a first identifier of the target data and a second identifier of the target data, wherein the first identifier is used for identifying the content of the target data, and wherein the second identifier is used for identifying a user corresponding to the target data.

3. The method of claim 2, wherein the first device records the first request, and wherein the storing the encrypted target data to a third device comprises:

storing the encrypted target data and the first identifier of the target data in the first request to the third device.

4. The method according to any one of claims 1 to 3, further comprising:

after receiving a second instruction, sending a second request to the second device, where the second instruction is used to instruct to decrypt the encrypted target data, and the second request is used to request to obtain the first key;

receiving the first key from the second device;

acquiring the encrypted target data in the third device;

and decrypting the encrypted target data through the first key.

5. The method of claim 4, wherein the second request comprises a first identification of the target data and a second identification of the target data.

6. The method of claim 4 or 5, wherein the first instruction or the second instruction is an instruction from a fourth device, and wherein the target data is sent by the fourth device to the first device.

7. The method according to claim 6, wherein the first instruction is sent by the fourth device to the first device after detecting a first operation from a first interface, the first operation is an operation indicating encrypted storage of target data, and the first interface is an interface for managing data to be encrypted.

8. The method according to claim 6, wherein the second instruction is sent by the fourth device to the first device after detecting a second operation from a second interface, the second operation is an operation instructing decryption of the encrypted target data, and the second interface is an interface for managing encrypted data.

9. The method according to any one of claims 6 to 8, further comprising:

and sending progress information for encrypting the target data to the fourth device, or sending progress information for decrypting the encrypted target data to the fourth device.

10. A method of storing data, the method being applied to a second device, the method comprising:

receiving a first request from a first device, wherein the first request is used for requesting the second device to generate a first secret key, the first secret key is used for encrypting target data, and the target data is data stored in the first device;

generating the first key according to the first request;

sending the first key to the first device.

11. The method of claim 10, wherein the first request includes a first identification of the target data and a second identification of the target data, and wherein generating the first key based on the first request comprises:

and generating the first key according to the first identifier of the target data and the second identifier of the target data.

12. The method of claim 11, further comprising:

and storing the first key and the corresponding relation between the first key and the first identifier of the target data and the second identifier of the target data.

13. The method according to any one of claims 10 to 12, further comprising:

receiving a second request from the first device, wherein the second request is used for requesting to acquire the first secret key;

querying the first key according to the second request;

sending the first key to the first device.

14. The method of claim 13, wherein the second request includes a first identifier of the target data and a second identifier of the target data, and wherein querying the first key based on the second request comprises:

and inquiring the first key according to the first identifier of the target data and the second identifier of the target data.

15. An electronic device, comprising: one or more processors; one or more memories; the memory stores one or more programs that, when executed by the processor, cause the electronic device to perform the method of any of claims 1-9.

16. An electronic device, comprising: one or more processors; one or more memories; the memory stores one or more programs that, when executed by the processor, cause the electronic device to perform the method of any of claims 10-14.

17. A communication system for storing data, the communication system comprising: a first device as claimed in claim 15, a second device as claimed in claim 16, and a third device in communication with the first device.

18. A computer-readable storage medium having stored therein instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1 to 9; or, when run on a computer, cause the computer to perform the method of any one of claims 10 to 14.