CN115794758A - Extension control method and system for data file sharing - Google Patents
Extension control method and system for data file sharing Download PDFInfo
- Publication number
- CN115794758A CN115794758A CN202310044568.2A CN202310044568A CN115794758A CN 115794758 A CN115794758 A CN 115794758A CN 202310044568 A CN202310044568 A CN 202310044568A CN 115794758 A CN115794758 A CN 115794758A
- Authority
- CN
- China
- Prior art keywords
- data file
- access
- data
- component information
- constraint
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 67
- 230000004048 modification Effects 0.000 claims description 47
- 238000012986 modification Methods 0.000 claims description 47
- 230000006399 behavior Effects 0.000 claims description 31
- 230000008569 process Effects 0.000 claims description 23
- 238000004422 calculation algorithm Methods 0.000 claims description 20
- 230000009471 action Effects 0.000 claims description 8
- 238000004806 packaging method and process Methods 0.000 claims description 2
- 230000015654 memory Effects 0.000 description 19
- 238000004590 computer program Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 11
- 230000003287 optical effect Effects 0.000 description 6
- 238000012795 verification Methods 0.000 description 5
- 230000002159 abnormal effect Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004886 process control Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Abstract
The invention discloses an extension control method and system for data file sharing, wherein the method comprises the following steps: receiving component information of data file receiving equipment, and determining an access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; wherein the component information of the data file receiving device is sent by a data receiver; acquiring a data file access requirement, and generating an access constraint condition based on the data file access requirement; and acquiring a data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared to generate a data file packet, and sending the data file packet to a data receiving party. The method realizes effective control of the shared file, realizes extended access control of the sharing of the data file among different units and different main bodies, and prevents the security risks of disordered copying, sharing, leakage and the like of the data file.
Description
Technical Field
The invention relates to the technical field of data security, in particular to an extension control method and system for data file sharing.
Background
The construction of a novel electric power system and the digital transformation of electric power are promoted, a business main body is more served, business application is more open, data is used as a key production element and is integrated into the fields of production, management and the like of electric power, energy, government affairs and the like, and the data security risk is increasingly prominent. As business entities increase, power data is being shared increasingly frequently across industries and across enterprises. After the electric power data are shared with government affairs, finance or other third-party units, the electric power data are separated from the production environment of a company, the use right of the data is transferred along with the electric power data, and the data security is difficult to control. Meanwhile, the data can exist indefinitely in a sharing unit, can be continuously copied and randomly shared, and the risk of data leakage is greatly increased.
In order to strengthen the safety protection after data offline sharing and reduce the safety risk brought by data sharing, the industry mainly adopts a digital watermark mode at present, an explicit or invisible watermark is added in a distributed data file and distributed to a data receiver, once data is leaked, the leakage source can be traced based on the watermark so as to locate the data safety responsibility. The digital watermarking provides an important method for data sharing protection, but the method belongs to post measures, lacks of operation process control on distributed data files, is difficult to avoid problems of data copying, sharing, indefinite existence and the like, and is difficult to achieve extended control on the data files.
Therefore, in order to deal with the security risk after data offline sharing, how to effectively manage and control the operation of the data receiving party, an effective extended protection measure after data file sharing is provided, and a problem to be solved by the technical staff in the field is urgently needed.
Disclosure of Invention
Therefore, the technical problem to be solved by the present invention is to overcome the defects that the operation process of distributing data files is not managed and controlled and the data files are difficult to be extended and controlled in the prior art, thereby providing an extended management and control method and system for sharing data files.
In a first aspect of the present application, an embodiment of the present invention provides an extension management and control method for data file sharing, which is applied to a data provider, and includes:
receiving component information of data file receiving equipment, and determining an access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; wherein the component information of the data file receiving device is sent by a data receiver;
acquiring a data file access requirement, and generating an access constraint condition based on the data file access requirement;
and acquiring a data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared to generate a data file packet, and sending the data file packet to a data receiving party.
The invention provides an extended control method for sharing data files, which determines access identification of data receiving equipment through component information of the data file receiving equipment sent by a data receiver, determines access constraint conditions based on access requirements, and associates the access identification of the data receiving equipment, the access constraint conditions and the data files to be shared, thereby realizing effective control of the shared files, realizing extended access control of sharing the data files among different units and different main bodies, and preventing safety risks such as disordered copying, sharing, leakage and the like of the data files.
Optionally, the determining an access identifier of the data receiving device based on the component information of the data file receiving device includes:
determining a plurality of initial hash values based on component information of the data file receiving device;
determining an access identifier of the data receiving device by using a digest algorithm based on the plurality of initial hash values;
and storing the access identification of the data receiving equipment by using a binary hash tree.
Optionally, the access constraint includes:
access times constraints, access duration constraints, data file modification constraints, and data file printing constraints.
Optionally, the associating the access identifier of the data receiving device, the access constraint condition, and the data file to be shared to generate a data file packet, and sending the data file packet to a data receiving party includes:
and packaging the data file to be shared, associating the packaged data file to be shared with the access time constraint, the access duration constraint, the data file modification constraint and the data file printing constraint to generate a data file packet, and sending the data file packet to a data receiver.
In a second aspect of the present application, a method for extending management and control of data file sharing is further provided, which is applied to a data receiving party, and includes:
collecting component information of data file receiving equipment, and sending the component information of the data file receiving equipment to a data provider;
receiving a data file package, and determining data file access authority based on the component information of the data file receiving equipment and the data file package; wherein the data file package is determined by a data provider based on component information of the data file receiving device;
acquiring data file access behaviors, determining access constraint conditions based on the data file package, and comparing the data file access behaviors with the access constraint conditions;
and when the data file access behavior does not accord with the access constraint condition, closing the data file access authority to stop sharing the data file packet.
According to the extended control method for data file sharing, the data file access behavior of the data receiver is effectively controlled through the access constraint condition, the security risk after data offline sharing is effectively prevented, and extended access control of sharing of the data file among different units and different main bodies is realized.
Optionally, the determining the data file access right based on the component information of the data file receiving device and the data file package includes:
determining a first access identifier based on component information of the data file receiving device;
determining an access identifier of data receiving equipment based on the data file packet, and taking the access identifier of the data receiving equipment as a second access identifier;
and comparing the first access identifier with the second access identifier, and determining the data file access authority based on the comparison result.
Optionally, the determining an access constraint based on the data file package, and comparing the data file access behavior with the access constraint includes:
determining an access time constraint, an access duration constraint, a data file modification constraint and a data file printing constraint based on the data file package;
determining total access times, access time, file modification actions and file printing processes based on the data file access behaviors;
comparing the access times constraint, the access duration constraint, the data file modification constraint and the data file printing constraint with the total access times, the access time, the file modification action and the file printing process respectively.
Optionally, the determining the data file access right based on the component information of the data file receiving device and the data file package further includes:
acquiring access recording time when the data file packet is opened, and determining access deadline time based on the access recording time and the access duration constraint;
regularly acquiring current access time, and when the current access time is between the access recording time and the access deadline time, updating the access recording time and continuing to access the data file packet; the current access time is internet time or local time;
or deleting the data file packet and generating an invalid file covering sector when the current access time is after the access deadline.
In a third aspect of the present application, a system for extending and managing data file sharing is further provided, which is applied to a data provider, and includes:
the determining module is used for receiving the component information of the data file receiving equipment and determining the access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; wherein the component information of the data file receiving device is sent by a data receiver;
the generating module is used for acquiring the access requirement of the data file and generating an access constraint condition based on the access requirement of the data file;
and the association module is used for acquiring the data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared, generating a data file packet and sending the data file packet to a data receiving party.
In a fourth aspect of the present application, a system for extending management and control of data file sharing is further provided, which is applied to a data receiving party, and includes:
the acquisition module is used for acquiring the component information of the data file receiving equipment and sending the component information of the data file receiving equipment to a data provider;
the receiving module is used for receiving a data file package and determining data file access permission based on the component information of the data file receiving equipment and the data file package; wherein the data file package is determined by a data provider based on component information of the data file receiving device;
the comparison module is used for acquiring the data file access behavior, determining an access constraint condition based on the data file packet, and comparing the data file access behavior with the access constraint condition;
and the closing module is used for closing the data file access authority to stop sharing the data file package when the data file access behavior does not accord with the access constraint condition.
In a fifth aspect of the present application, a computer device is also presented, comprising a processor and a memory, wherein the memory is used for storing a computer program, the computer program comprising a program, and the processor is configured to invoke the computer program to perform the method of the first or second aspect.
In a sixth aspect of the present application, the present invention provides a computer-readable storage medium, which stores a computer program, wherein the computer program is executed by a processor to implement the method of the first aspect or the second aspect.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of an extended management and control method for data file sharing applied to a data provider in embodiment 1 of the present invention;
fig. 2 is a schematic diagram of sharing a data file between a data provider and a data receiver in embodiment 1 of the present invention;
FIG. 3 is a flowchart of step S101 in embodiment 1 of the present invention;
fig. 4 is a flowchart of an application of the method for extended management and control of data file sharing to a data receiving side in embodiment 2 of the present invention;
FIG. 5 is a flowchart of step S202 in embodiment 2 of the present invention;
FIG. 6 is a flowchart of step S203 in embodiment 2 of the present invention;
fig. 7 is a schematic block diagram of an extended management and control system for sharing data files applied to a data provider in embodiment 3 of the present invention;
fig. 8 is a schematic block diagram of an application of the extended management and control system for data file sharing to a data receiving side in embodiment 4 of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
Example 1
The embodiment provides an extended management and control method for data file sharing, which is applied to a data provider, and as shown in fig. 1-2, the method includes:
s101, receiving component information of data file receiving equipment, and determining an access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; the component information of the data file receiving equipment is sent by a data receiving party.
Specifically, the data provider requests component information required by the data file receiving device from the data receiver, including but not limited to processor information, network card information, hard disk information, memory information, and optical disk drive information; and the data provider acquires the component information of the data file receiving equipment of the data receiver and processes the component information.
S102, acquiring data file access requirements, and generating access constraint conditions based on the data file access requirements.
Specifically, the access constraint condition includes: access times constraints, access duration constraints, data file modification constraints, and data file printing constraints.
Further, the data provider obtains the access requirements of the data file of the data receiver, including but not limited to access duration, access times, data file modification, data file printing and data file copying.
Further, the data provider generates an access constraint condition based on the access requirement of the data file, and is matched with an access abnormity detection measure; aiming at the access times of the data files, establishing a data file access time counting mode, taking double-click of a mouse or opening of a right button as one access behavior, and recording the data access times; for limiting the access duration of the data, timing by limiting the mode that the data file reaches a specific date and losing the access right after the specific date is expired; aiming at limiting the modification of the data file, the data file starts a modification forbidding mode to avoid the modification of the file; for limiting the printing of the data file, the printing process of the data file is forbidden to avoid the printing of the data file; aiming at limiting the screen capture of the data file, when the file is accessed, the file is prevented from being copied by screen capture by forbidding the calling of the related screen capture tool.
S103, acquiring a data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared, generating a data file packet, and sending the data file packet to a data receiving party.
Specifically, the data file to be shared is encapsulated, the encapsulated data file to be shared is associated with the access time constraint, the access duration constraint, the data file modification constraint and the data file printing constraint, so as to generate the data file packet, and the data file packet is sent to a data receiving party.
Further, the data file to be shared is packaged into a shared data packet, wherein the shared data packet is an executable program and can call corresponding reading software according to the packaged data file format; for example, when the shared data package monitors that the encapsulated data file is of a doc (a file extension) or a docx (a file extension) file type, the office software of the receiving device is automatically searched (the office software is a set of office software developed by microsoft corporation), and an office program (document program) is automatically called when the data file is accessed; when the type of a pdf (portable file format) file is monitored, pdf common reading software of receiving equipment can be automatically searched, and a related program can be automatically called according to a set priority when the data file is accessed; if the data file package monitors the type of the packaged data file, when the receiving device does not have a reading program, the fact that the file cannot be opened is prompted.
Further, the access identifier of the data receiving equipment is associated with the shared data packet, the access identifier is placed in the shared data packet, and the shared data packet is embedded with the information capacity of the receiving equipment assembly; for example, the data provider records the receiving device component information of the data receiver into a shared data packet, calculates a binary Merkle tree of the receiving device component information, stores the binary Merkle tree into the shared data packet as an access identifier for data file access, and checks device information prompting that the receiving device is inconsistent with the provided information when the access is abnormal; meanwhile, the shared data packet automatically detects the component information of the receiving equipment, and calculates the Hash value of the corresponding component information of the receiving equipment by adopting an algorithm consistent with that when the access identifier is calculated.
Furthermore, limited access times are added into the shared data package, the access times are associated with the data files in the shared data package, and the data file package has the capability of opening the data files and counting the times; for example, the data provider records the required access times provided by the data receiver into a shared data packet, records the initial access times as 0, associates the required access times with the data file by the shared data packet, and controls the opening times of the data file by the shared data packet.
Furthermore, access duration is limited in the shared data packet, the access duration is associated with the data file, and the capabilities of reading and recording date and time are embedded in the shared data packet; for example, the data provider calculates the deadline of data file access according to the required access time provided by the data receiver, the shared data package records the current internet record as the first recording time, and associates the data file access deadline with the data file, and the shared data package controls the data file access duration.
Further, the shared data packet is embedded to limit the data file modification and printing capacity; for example, the data provider configures capabilities such as modification restriction and printing restriction into a shared data package according to modification and printing requirements provided by the data receiver, and associates the capabilities with the data file, and the shared data package controls operations such as modification and printing of the data file.
And further, associating the shared data packet with the access constraint condition to generate a data file packet, and sending the data file packet to a data file receiver, wherein the data file receiver accesses the data file through the designated receiving equipment.
According to the extended control method for data file sharing, the access identifier of the data receiving equipment is determined through the component information of the data file receiving equipment sent by the data receiving party, the access constraint condition is determined based on the access requirement, and the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared are associated, so that effective control over the shared file is realized, extended access control over sharing of the data file among different units and different main bodies is realized, and safety risks such as disordered copying, sharing and leakage of the data file are prevented.
As an optional embodiment of the present invention, as shown in fig. 3, the determining, in step S101, the access identifier of the data receiving device based on the component information of the data file receiving device includes:
s1011, determining a plurality of initial hash values based on the component information of the data file receiving device.
Specifically, the data provider calculates an initial Hash value by using a digest algorithm on component information of the data file receiving device provided by the data receiver; for example, an SM3 digest algorithm of the cipher in China is adopted to obtain initial Hash values of processor information, network card information, hard disk information, memory information and optical disk drive information respectively; the SM3 algorithm is a cipher hash algorithm, is suitable for digital signature and verification, generation and verification of message authentication codes and generation of random numbers in commercial cipher application, and can meet the safety requirements of various cipher applications.
And S1012, determining the access identifier of the data receiving equipment by using a digest algorithm based on the initial hash values.
Specifically, initial Hash values of all component information of the receiving device are linked, and a two-by-two Hash operation is repeatedly executed by adopting a digest algorithm until a final Hash value is generated, wherein the Hash value is used as an access identifier of the data receiving device.
For example, a processor information Hash value is linked with a network card information Hash value, a hard disk information Hash value is linked with a memory information Hash value, and two groups of Hash values are respectively calculated by respectively adopting a SM3 cryptographic algorithm; and further connecting the two groups of Hash values, and calculating by adopting a SM3 cryptographic abstract algorithm to obtain a final Hash value, namely the access identifier of the data receiving equipment.
And S1013, storing the access identification of the data receiving equipment by using a binary hash tree.
Specifically, the whole Hash calculation process is stored based on a binary Merkle tree (i.e. binary Hash tree), so that when the device accesses a data file, component information inconsistent with the access identifier can be quickly located.
In the above embodiment, the access identifier is generated based on the processor information, the network card information, the hard disk information, the memory information, and the like by processing the component information of the data file receiving device of the data receiving party, so that the access right of the shared data file can be controlled.
Example 2
The embodiment provides an extended management and control method for data file sharing, which is applied to a data receiving party, and as shown in fig. 4, the method includes:
s201, collecting component information of the data file receiving device, and sending the component information of the data file receiving device to a data provider.
Specifically, the data receiver collects component information of the data file receiving device according to the component information of the data file receiving device required by the data provider, and provides the component information to the data provider.
Further, as shown in fig. 2, after receiving the data file provided by the data provider, the data receiver accesses the data file package through the receiving device containing all the information provided to the data provider component, and the data receiver accesses the data file content through the data file package.
Further, the data file receiving device may be a mobile terminal, a PC terminal (computer terminal), or a tablet computer.
S202, receiving a data file package, and determining data file access authority based on the component information of the data file receiving equipment and the data file package; the data file package is determined by a data provider based on the component information of the data file receiving device.
Specifically, before accessing the data file, the data file package reads the receiving device component information, calculates the access identifier, and determines the receiving device access authority.
S203, acquiring a data file access behavior, determining an access constraint condition based on the data file packet, and comparing the data file access behavior with the access constraint condition.
And S204, when the data file access behavior does not accord with the access constraint condition, closing the data file access authority to stop sharing the data file packet.
Specifically, when the total number of access times does not meet the access time constraint in the access constraint condition, or the access time does not meet the access duration constraint in the access constraint condition, the data file packet is deleted, and an invalid file covering sector is generated.
Further, based on the comparison result, the data file package continuously monitors the use duration and the opening times of the data file, and corresponding processing is performed on the data file package aiming at the data file package which does not meet the continuous access condition.
According to the extended control method for data file sharing, the data file access behavior of the data receiver is effectively controlled through the access constraint conditions, the security risk after data offline sharing is effectively prevented, and extended access control of sharing of the data file among different units and different main bodies is realized.
As an optional embodiment of the present invention, as shown in fig. 5, the determining, in step S202, a data file access right based on the component information of the data file receiving apparatus and the data file package includes:
s2021, determining a first access identifier based on the component information of the data file receiving device.
Specifically, the data file package reads receiving device component information collected by the data receiver, including but not limited to processor information, network card information, hard disk information, and memory information, and performs Hash operation item by item and after linking according to the same sequence as that of access identifiers generated by the data provider, so as to obtain a final Hash value, that is, a first access identifier.
S2022, determining an access identifier of the data receiving device based on the data file packet, and using the access identifier of the data receiving device as a second access identifier.
S2023, comparing the first access identifier with the second access identifier, and determining the access right of the data file based on the comparison result.
Specifically, the first access identifier is compared with the second access identifier, if the first access identifier is consistent with the second access identifier, the data receiver can access the data file through the data file packet, and if the first access identifier is inconsistent with the second access identifier, the data receiver does not have the authority of opening the data file.
In the above embodiment, the access identifier of the data receiver is generated based on the binary Merkle tree, and the device information that does not satisfy the access condition can be quickly located.
As an alternative embodiment of the present invention, as shown in fig. 6, the step S203 of determining an access constraint condition based on the data file package, and comparing the data file access behavior with the access constraint condition includes:
s2031, determining access times constraint, access duration constraint, data file modification constraint and data file printing constraint based on the data file package.
S2032, determining total access times, access time, file modification actions and file printing processes based on the data file access behaviors.
S2033, comparing the access times constraint, the access duration constraint, the data file modification constraint and the data file printing constraint with the total access times, the access time, the file modification action and the file printing process respectively.
Specifically, when the data file package opens the data file within the access duration access, the current access time is recorded, the first recording time or the last access time is replaced, and comparison is performed when the data file is accessed next time, so that abnormal access of the equipment in set time or other modes is avoided.
Specifically, the receiving device accesses the data file, counts the number of times of the data file packet, and judges that the access time constraint of the receiving device is effective; based on the access times of the data files, after a data receiver has the access authority of the data files and opens the data files, the data file package increases the access times of the data files by 1 to obtain and record the total access times of the current data files, compares the total access times with the limited access times in the access times, if the total access times are within the limited access times, the data files can be continuously accessed, and otherwise, the data files are processed.
Further, the processing aiming at the limitation of the access times of the data file is as follows: and if the access times exceed the limited access times, deleting the data file and generating an invalid file covering sector.
Specifically, the data file package starts file protection measures to limit the receiving device to modify or print the data file; the method comprises the steps that based on the data file package embedded, the data file modification and printing capabilities are limited, after a data receiver opens a data file, when the data file is modified, the data file package executes file redirection to encrypt the data file for read-only storage, and an application process is forbidden to carry out operations such as file editing and modification; when the data file is printed, the data file package captures the printing process, and when the data file is prohibited from printing, the data file package prohibits the linkage disposal of the printing process.
In the above embodiment, for the method for effectively detecting the access duration after the data file is shared, by means of access time recording and comparing, access control on the data file based on the access duration of the data file can be performed, and by means of access extension constraint modes for limiting the access duration, limiting the access times, limiting the modification of printing and other conditions, fine control can be performed on the access process and the used shared data file.
As an optional implementation manner of the present invention, the determining, in step S203, an access constraint condition based on the data file package, and comparing the data file access behavior with the access constraint condition, further includes:
and acquiring the access recording time when the data file packet is opened, and determining the access deadline time based on the access recording time and the access duration constraint.
Periodically acquiring current access time, updating the access recording time when the current access time is between the current time and the access deadline time, and continuing to access the data file package; and the current access time is internet time or local time.
Specifically, receiving equipment of a data receiving party accesses data files in a data file package, the data file package reads and records access time, and the constraint of the access time of the receiving equipment is judged to be effective; the method comprises the steps that access deadline is determined based on data file access duration constraint, and after a data receiver has data file access authority and opens a data file, a data file packet is checked and current time is recorded; if the receiving equipment is connected with the Internet, the data file packet reads the Internet time and compares the Internet time with the first recording time and the data file access deadline, if the Internet time is after the first recording time and before the data file access deadline, the data file can be continuously accessed, and if the Internet time is not before the data file access deadline, the data file can be processed; secondly, if the receiving device is not connected with the internet, the data file package reads the local time and compares the local time with the first recording time and the data file access deadline, if the local time is after the first recording time and before the data file access deadline, the data file can be continuously accessed, otherwise, the data file is processed.
Or, when the current access time is after the access deadline, deleting the data file packet to generate an invalid file covered sector.
Specifically, access time handling is restricted for data files: the method comprises the steps that the time check is carried out on the requirement of connecting the internet for access time before the last access time, if the access time exceeds the limited access time (namely the access deadline), a data file is deleted, and an invalid file covering sector is generated; and if the access time does not exceed the limited access time, prompting the user to access after updating the local time.
Example 3
The present embodiment provides an extended management and control system for sharing data files, which is applied to a data provider, and as shown in fig. 7, includes:
a determining module 71, configured to receive component information of a data file receiving device, and determine an access identifier of the data file receiving device based on the component information of the data file receiving device; the component information of the data file receiving equipment is sent by a data receiving party.
Specifically, the data provider requests component information required by the data file receiving device from the data receiver, including but not limited to processor information, network card information, hard disk information, memory information, and optical disk drive information; and the data provider acquires the component information of the data file receiving equipment of the data receiver and processes the component information.
The generating module 72 is configured to obtain a data file access requirement, and generate an access constraint condition based on the data file access requirement.
Specifically, the access constraint includes: access times constraints, access duration constraints, data file modification constraints, and data file printing constraints.
Further, the data provider obtains the access requirements of the data file of the data receiver, including but not limited to access duration, access times, data file modification, data file printing and data file copying.
Further, the data provider generates an access constraint condition based on the access requirement of the data file, and is matched with an access abnormity detection measure; aiming at the access times of the data files, establishing a data file access time counting mode, taking double-click of a mouse or opening of a right button as one access behavior, and recording the data access times; for limiting the access duration of the data, timing by limiting the mode that the data file reaches a specific date and losing the access right after the specific date is expired; aiming at limiting the modification of the data file, the data file starts a modification prohibition mode to avoid the modification of the file; for limiting the printing of the data file, the printing process of the data file is forbidden to avoid the printing of the data file; aiming at limiting the screen capture of the data file, when the file is accessed, the file is prevented from being copied by screen capture by forbidding the calling of the related screen capture tool.
The association module 73 is configured to acquire a data file to be shared, associate the access identifier of the data receiving device, the access constraint condition, and the data file to be shared, generate a data file packet, and send the data file packet to a data receiving party.
Specifically, the data file to be shared is encapsulated, the encapsulated data file to be shared is associated with the access time constraint, the access duration constraint, the data file modification constraint and the data file printing constraint, so as to generate the data file packet, and the data file packet is sent to a data receiving party.
Further, the data file to be shared is packaged into a shared data packet, wherein the shared data packet is an executable program and can call corresponding reading software according to the packaged data file format; for example, when the shared data package monitors that the encapsulated data file is a doc (a file extension) or a docx (a file extension) file type, the office software of the receiving device is automatically searched (the office software is a set of office software suite developed by microsoft corporation), and an office word program (document program) is automatically called when the data file is accessed; when the type of a pdf (portable file format) file is monitored, pdf common reading software of receiving equipment can be automatically searched, and a related program can be automatically called according to a set priority when the data file is accessed; if the data file package monitors the type of the packaged data file, when the receiving device does not have a reading program, the receiving device can prompt that the file cannot be opened.
Further, the access identifier of the data receiving equipment is associated with the shared data packet, the access identifier is placed in the shared data packet, and the shared data packet is embedded with the information capacity of the receiving equipment assembly; for example, the data provider records the receiving device component information of the data receiver into a shared data packet, calculates a binary Merkle tree of the receiving device component information, stores the binary Merkle tree into the shared data packet as an access identifier for data file access, and checks device information prompting that the receiving device is inconsistent with the provided information when the access is abnormal; meanwhile, the shared data packet automatically detects the component information of the receiving equipment, and calculates the Hash value of the corresponding component information of the receiving equipment by adopting an algorithm consistent with that when the access identifier is calculated.
Furthermore, limited access times are added into the shared data package, the access times are associated with the data files in the shared data package, and the data file package has the capability of opening the data files and counting the times; for example, the data provider records the required access times provided by the data receiver into a shared data packet, records the initial access times as 0, associates the required access times with the data file by the shared data packet, and controls the opening times of the data file by the shared data packet.
Furthermore, access duration is limited in the shared data packet, the access duration is associated with the data file, and the capabilities of reading and recording date and time are embedded in the shared data packet; for example, the data provider calculates the deadline of data file access according to the required access time provided by the data receiver, the shared data package records the current internet record as the first recording time, and associates the data file access deadline with the data file, and the shared data package controls the data file access duration.
Further, the shared data packet is embedded to limit the data file modification and printing capacity; for example, the data provider configures capabilities such as modification restriction, printing restriction and the like into a shared data package according to modification and printing requirements provided by the data receiver, associates the capabilities with the data file, and controls operations such as modification, printing and the like of the data file through the shared data package.
And further, associating the shared data packet with the access constraint condition to generate a data file packet, and sending the data file packet to a data file receiver, wherein the data file receiver accesses the data file through the designated receiving equipment.
According to the extended control system for data file sharing, the access identifier of the data receiving equipment is determined through the component information of the data file receiving equipment sent by the data receiving party, the access constraint condition is determined based on the access requirement, and the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared are associated, so that effective control over the shared file is realized, extended access control over sharing of the data file among different units and different subjects is realized, and security risks such as unordered copying, sharing and leakage of the data file are prevented.
As an optional embodiment of the present invention, the determining module 71 includes:
and the first determining submodule is used for determining a plurality of initial hash values based on the component information of the data file receiving equipment.
Specifically, the data provider calculates an initial Hash value by using a digest algorithm on component information of the data file receiving device provided by the data receiver; for example, the initial Hash values of the processor information, the network card information, the hard disk information, the memory information and the optical disk drive information are respectively obtained by adopting a SM3 cryptographic algorithm; the SM3 algorithm is a cipher hash algorithm, is suitable for digital signature and verification, generation and verification of message authentication codes and generation of random numbers in commercial cipher application, and can meet the safety requirements of various cipher applications.
And the second determining submodule is used for determining the access identifier of the data receiving equipment by using a digest algorithm based on the plurality of initial hash values.
Specifically, initial Hash values of all component information of the receiving device are linked, and a two-by-two Hash operation is repeatedly executed by adopting a digest algorithm until a final Hash value is generated, wherein the Hash value is used as an access identifier of the data receiving device.
For example, the processor information Hash value and the network card information Hash value are linked, the hard disk information Hash value and the memory information Hash value are linked, and the two groups of Hash values are respectively calculated by adopting a SM3 cryptographic algorithm; and further connecting the two groups of Hash values, and calculating by adopting a SM3 cryptographic abstract algorithm to obtain a final Hash value, namely the access identifier of the data receiving equipment.
And the storage submodule is used for storing the access identification of the data receiving equipment by utilizing a binary hash tree.
Specifically, the whole Hash calculation process is stored based on a binary Merkle tree (i.e. binary Hash tree), so that when the device accesses a data file, component information inconsistent with the access identifier can be quickly located.
Example 4
The embodiment provides an extended management and control system for data file sharing, which is applied to a data receiving party, and as shown in fig. 8, the extended management and control system includes:
and the acquisition module 81 is configured to acquire component information of the data file receiving device, and send the component information of the data file receiving device to a data provider.
Specifically, the data receiver collects component information of the data file receiving device according to the component information of the data file receiving device required by the data provider, and provides the component information to the data provider.
Further, as shown in fig. 2, after receiving the data file provided by the data provider, the data receiver accesses the data file package through the receiving device containing all the information provided to the data provider component, and the data receiver accesses the data file content through the data file package.
Further, the data file receiving device may be a mobile terminal, a PC terminal (computer terminal), or a tablet computer.
A receiving module 82, configured to receive a data file package, and determine a data file access right based on the component information of the data file receiving device and the data file package; the data file package is determined by a data provider based on the component information of the data file receiving device.
Specifically, before accessing the data file, the data file package reads the receiving device component information, calculates the access identifier, and determines the receiving device access right.
And the comparing module 83 is configured to obtain a data file access behavior, determine an access constraint condition based on the data file package, and compare the data file access behavior with the access constraint condition.
A closing module 84, configured to close the data file access right to stop sharing the data file package when the data file access behavior does not meet the access constraint.
Specifically, when the total number of access times does not meet the access time constraint in the access constraint condition, or the access time does not meet the access duration constraint in the access constraint condition, the data file packet is deleted, and an invalid file covering sector is generated.
Further, based on the comparison result, the data file package continuously monitors the use duration and the opening times of the data file, and corresponding processing is performed on the data file package aiming at the data file package which does not meet the continuous access condition.
According to the extended control system for data file sharing, the data file access behavior of the data receiver is effectively controlled through the access constraint conditions, the security risk after data offline sharing is effectively prevented, and extended access control of sharing of the data file among different units and different main bodies is realized.
As an optional embodiment of the present invention, the receiving module 82 includes:
and the third determining submodule is used for determining the first access identifier based on the component information of the data file receiving equipment.
Specifically, the data file packet reads receiving device component information collected by the data receiving party, including but not limited to processor information, network card information, hard disk information, and memory information, and performs Hash operation item by item and after linking according to the same sequence as the access identifier generated by the data providing party to obtain a final Hash value, i.e., a first access identifier.
And the fourth determining submodule is used for determining the access identifier of the data receiving equipment based on the data file packet and taking the access identifier of the data receiving equipment as a second access identifier.
And the first comparison submodule is used for comparing the first access identifier with the second access identifier and determining the access authority of the data file based on the comparison result.
Specifically, the first access identifier is compared with the second access identifier, if the first access identifier is consistent with the second access identifier, the data receiver can access the data file through the data file packet, and if the first access identifier is inconsistent with the second access identifier, the data receiver does not have the authority of opening the data file.
As an optional embodiment of the present invention, the comparing module 83 includes:
and the fifth determining submodule is used for determining access time constraint, access duration constraint, data file modification constraint and data file printing constraint based on the data file packet.
And the sixth determining submodule is used for determining the total access times, the access time, the file modification action and the file printing process based on the data file access behaviors.
And the second comparison submodule is used for respectively comparing the access times constraint, the access duration constraint, the data file modification constraint and the data file printing constraint with the total access times, the access time, the file modification action and the file printing process.
Specifically, when the data file package opens the data file within the access duration, the current access time is recorded, the first recording time or the last access time is replaced, and comparison is performed when the data file is accessed next time, so that abnormal access of the data file in set time of equipment or other modes is avoided.
Further, aiming at the limitation of the access times of the data file, the processing comprises the following steps: and if the access times exceed the limited access times, deleting the data file and generating an invalid file covering sector.
Specifically, the receiving device accesses the data file, counts the number of times of the data file packet, and judges that the access number constraint of the receiving device takes effect; based on the access times of the data files, after a data receiver has the access authority of the data files and opens the data files, the data file package increases the access times of the data files by 1 to obtain and record the total access times of the current data files, compares the total access times with the limited access times in the access times, if the total access times are within the limited access times, the data files can be continuously accessed, and otherwise, the data files are processed.
Specifically, the data file package starts file protection measures to limit the receiving device to modify or print the data file; the method comprises the following steps that based on the data file packet embedded, the data file modification and printing capacity is limited, when a data receiver opens a data file and modifies the data file, the data file packet executes file redirection to encrypt and store the data file only, and an application process is prohibited from performing operations such as file editing and modification; when the data file is printed, the data file package captures the printing process, and when the data file is prohibited from printing, the data file package prohibits the linkage disposal of the printing process.
As an optional embodiment of the present invention, the comparing module 83 further includes:
and the acquisition submodule is used for acquiring the access recording time when the data file packet is opened and determining the access deadline time based on the access recording time and the access duration constraint.
The updating submodule is used for periodically acquiring the current access time, updating the access recording time when the current access time is between the current time and the access deadline time, and continuing to access the data file packet; wherein, the current time is internet time or local time.
Specifically, receiving equipment of a data receiving party accesses data files in a data file package, the data file package reads and records access time, and the constraint of the access time of the receiving equipment is judged to be effective; the method comprises the steps that access deadline is determined based on data file access duration constraint, and after a data receiver has data file access authority and opens a data file, a data file packet is checked and current time is recorded; if the receiving equipment is connected with the Internet, the data file packet reads the Internet time and compares the Internet time with the first recording time and the data file access deadline, if the Internet time is after the first recording time and before the data file access deadline, the data file can be continuously accessed, and if the Internet time is not before the data file access deadline, the data file packet is processed; secondly, if the receiving device is not connected with the internet, the data file package reads the local time and compares the local time with the first recording time and the data file access deadline, if the local time is after the first recording time and before the data file access deadline, the data file can be continuously accessed, otherwise, the data file is processed.
And the deleting submodule is used for deleting the data file packet and generating an invalid file coverage sector when the current access time is after the access deadline.
Specifically, access time handling is restricted for data files: the method comprises the steps that before last access time, the access time is required to be connected with the Internet for time verification, if the access time exceeds the limited access time (namely, access deadline), data files are deleted, and invalid file coverage sectors are generated; and if the access time does not exceed the limited access time, prompting the user to access after updating the local time.
Example 5
The present embodiment provides a computer device, including a memory and a processor, where the processor is configured to read instructions stored in the memory to execute an extended management and control method for data file sharing in any of the above method embodiments.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Example 6
The present embodiment provides a computer-readable storage medium, where computer-executable instructions are stored, where the computer-executable instructions may execute an extended management and control method for data file sharing in any of the above method embodiments. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It should be understood that the above examples are only for clarity of illustration and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications therefrom are within the scope of the invention.
Claims (10)
1. An extension management and control method for data file sharing is applied to a data provider and is characterized by comprising the following steps:
receiving component information of data file receiving equipment, and determining an access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; wherein the component information of the data file receiving device is sent by a data receiver;
acquiring a data file access requirement, and generating an access constraint condition based on the data file access requirement;
and acquiring a data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared to generate a data file packet, and sending the data file packet to a data receiving party.
2. The method according to claim 1, wherein the determining an access identifier of a data receiving device based on component information of the data file receiving device includes:
determining a plurality of initial hash values based on component information of the data file receiving device;
determining an access identifier of the data receiving device by using a digest algorithm based on the plurality of initial hash values;
and storing the access identification of the data receiving equipment by using a binary hash tree.
3. The method according to claim 1, wherein the access constraint condition includes:
access times constraints, access duration constraints, data file modification constraints, and data file printing constraints.
4. The method according to claim 3, wherein associating the access identifier of the data receiving device, the access constraint condition, and the data file to be shared to generate a data file package, and sending the data file package to a data receiving party includes:
and packaging the data file to be shared, associating the packaged data file to be shared with the access time constraint, the access duration constraint, the data file modification constraint and the data file printing constraint to generate a data file packet, and sending the data file packet to a data receiver.
5. An extended management and control method for data file sharing is applied to a data receiving party and is characterized by comprising the following steps:
collecting component information of data file receiving equipment, and sending the component information of the data file receiving equipment to a data provider;
receiving a data file package, and determining data file access authority based on the component information of the data file receiving equipment and the data file package; wherein the data file package is determined by a data provider based on component information of the data file receiving device;
acquiring data file access behaviors, determining access constraint conditions based on the data file package, and comparing the data file access behaviors with the access constraint conditions;
and when the data file access behavior does not accord with the access constraint condition, closing the data file access authority to stop sharing the data file packet.
6. The method according to claim 5, wherein the determining the data file access right based on the component information of the data file receiving device and the data file package comprises:
determining a first access identifier based on component information of the data file receiving device;
determining an access identifier of data receiving equipment based on the data file packet, and taking the access identifier of the data receiving equipment as a second access identifier;
and comparing the first access identifier with the second access identifier, and determining the data file access authority based on the comparison result.
7. The method according to claim 5, wherein the determining access constraints based on the data file package, and comparing the data file access behavior with the access constraints comprise:
determining an access time constraint, an access duration constraint, a data file modification constraint and a data file printing constraint based on the data file package;
determining total access times, access time, file modification actions and file printing processes based on the data file access behaviors;
comparing the access times constraint, the access duration constraint, the data file modification constraint and the data file printing constraint with the total access times, the access time, the file modification action and the file printing process respectively.
8. The method according to claim 7, wherein the determining of the data file access right based on the component information of the data file receiving device and the data file package further comprises:
acquiring access recording time when the data file packet is opened, and determining access deadline time based on the access recording time and the access duration constraint;
regularly acquiring current access time, updating the access recording time when the current access time is between the access recording time and the access deadline time, and continuing to access the data file packet; the current access time is internet time or local time;
or, when the current access time is after the access deadline, deleting the data file packet to generate an invalid file coverage sector.
9. An extension management and control system for data file sharing is applied to a data provider and is characterized by comprising the following components:
the determining module is used for receiving the component information of the data file receiving equipment and determining the access identifier of the data file receiving equipment based on the component information of the data file receiving equipment; wherein the component information of the data file receiving device is sent by a data receiver;
the generating module is used for acquiring the access requirement of the data file and generating an access constraint condition based on the access requirement of the data file;
and the association module is used for acquiring the data file to be shared, associating the access identifier of the data receiving equipment, the access constraint condition and the data file to be shared, generating a data file packet and sending the data file packet to a data receiving party.
10. The utility model provides an extension management and control system of data file sharing, is applied to the data receiver, its characterized in that includes:
the acquisition module is used for acquiring the component information of the data file receiving equipment and sending the component information of the data file receiving equipment to a data provider;
the receiving module is used for receiving a data file package and determining data file access permission based on the component information of the data file receiving equipment and the data file package; wherein the data file package is determined by a data provider based on component information of the data file receiving device;
the comparison module is used for acquiring the data file access behavior, determining an access constraint condition based on the data file packet, and comparing the data file access behavior with the access constraint condition;
and the closing module is used for closing the data file access authority to stop sharing the data file package when the data file access behavior does not accord with the access constraint condition.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310044568.2A CN115794758A (en) | 2023-01-30 | 2023-01-30 | Extension control method and system for data file sharing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310044568.2A CN115794758A (en) | 2023-01-30 | 2023-01-30 | Extension control method and system for data file sharing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115794758A true CN115794758A (en) | 2023-03-14 |
Family
ID=85429149
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310044568.2A Pending CN115794758A (en) | 2023-01-30 | 2023-01-30 | Extension control method and system for data file sharing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115794758A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7484245B1 (en) * | 1999-10-01 | 2009-01-27 | Gigatrust | System and method for providing data security |
| CN106960162A (en) * | 2017-03-24 | 2017-07-18 | 北京深思数盾科技股份有限公司 | A kind of data sharing method, apparatus and system |
| US20180307855A1 (en) * | 2015-10-14 | 2018-10-25 | Finalcode, Inc. | Access management system, file access system, encrypting apparatus and program |
| CN110889131A (en) * | 2018-09-11 | 2020-03-17 | 北京金山办公软件股份有限公司 | File sharing system |
| CN111131216A (en) * | 2019-12-17 | 2020-05-08 | 云城(北京)数据科技有限公司 | File encryption and decryption method and device |
| CN114362974A (en) * | 2020-09-27 | 2022-04-15 | 中国电信股份有限公司 | Data resource authorization and authentication method, device and system based on Hash tree |
| CN115589316A (en) * | 2022-09-30 | 2023-01-10 | 北京海泰方圆科技股份有限公司 | Data encryption transmission method and device, electronic equipment and storage medium |
-
2023
- 2023-01-30 CN CN202310044568.2A patent/CN115794758A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7484245B1 (en) * | 1999-10-01 | 2009-01-27 | Gigatrust | System and method for providing data security |
| US20180307855A1 (en) * | 2015-10-14 | 2018-10-25 | Finalcode, Inc. | Access management system, file access system, encrypting apparatus and program |
| CN106960162A (en) * | 2017-03-24 | 2017-07-18 | 北京深思数盾科技股份有限公司 | A kind of data sharing method, apparatus and system |
| CN110889131A (en) * | 2018-09-11 | 2020-03-17 | 北京金山办公软件股份有限公司 | File sharing system |
| CN111131216A (en) * | 2019-12-17 | 2020-05-08 | 云城(北京)数据科技有限公司 | File encryption and decryption method and device |
| CN114362974A (en) * | 2020-09-27 | 2022-04-15 | 中国电信股份有限公司 | Data resource authorization and authentication method, device and system based on Hash tree |
| CN115589316A (en) * | 2022-09-30 | 2023-01-10 | 北京海泰方圆科技股份有限公司 | Data encryption transmission method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7249251B2 (en) | Methods and apparatus for secure modification of a retention period for data in a storage system | |
| US11372994B2 (en) | Security application for data security formatting, tagging and control | |
| CN110826111B (en) | Test supervision method, device, equipment and storage medium | |
| CN112217835B (en) | Message data processing method and device, server and terminal equipment | |
| US7580961B2 (en) | Methods and apparatus for modifying a retention period for data in a storage system | |
| US20070276823A1 (en) | Data management systems and methods for distributed data storage and management using content signatures | |
| US20070260643A1 (en) | Information source agent systems and methods for distributed data storage and management using content signatures | |
| US9064097B2 (en) | System and method of automatically detecting outliers in usage patterns | |
| US20080028215A1 (en) | Portable personal identity information | |
| CN101556608B (en) | File system operation intercepting method based on event monitoring mechanism | |
| US20210124730A1 (en) | Blockchain based distributed file systems | |
| US20040103284A1 (en) | System and method for archiving authenticated research and development records | |
| Catuogno et al. | A trusted versioning file system for passive mobile storage devices | |
| US20120158657A1 (en) | Role-specific access control to sections of artifact content within a configuration management (cm) system | |
| WO2020086134A1 (en) | Object storage for guaranteed content for backup and retention | |
| US11868339B2 (en) | Blockchain based distributed file systems | |
| Pieterse et al. | Smartphone data evaluation model: Identifying authentic smartphone data | |
| KR102124049B1 (en) | Apparatus for processing security event using block chain and smart contract and method therefor | |
| CN109145536A (en) | A kind of webpage integrity assurance and device | |
| CN115794758A (en) | Extension control method and system for data file sharing | |
| JP4807289B2 (en) | Information processing apparatus, file processing method, and program | |
| US7801920B2 (en) | Methods and apparatus for indirectly identifying a retention period for data in a storage system | |
| Ritzdorf et al. | Assisted deletion of related content | |
| US11853451B2 (en) | Controlled data access | |
| CN114201370A (en) | Webpage file monitoring method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20230314 |