CN116233158A - Data storage method, device, equipment and storage medium - Google Patents

Data storage method, device, equipment and storage medium Download PDF

Info

Publication number
CN116233158A
CN116233158A CN202310143119.3A CN202310143119A CN116233158A CN 116233158 A CN116233158 A CN 116233158A CN 202310143119 A CN202310143119 A CN 202310143119A CN 116233158 A CN116233158 A CN 116233158A
Authority
CN
China
Prior art keywords
key
data
user
cloud server
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310143119.3A
Other languages
Chinese (zh)
Inventor
徐径舟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing 58 Information Technology Co Ltd
Original Assignee
Beijing 58 Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing 58 Information Technology Co Ltd filed Critical Beijing 58 Information Technology Co Ltd
Priority to CN202310143119.3A priority Critical patent/CN116233158A/en
Publication of CN116233158A publication Critical patent/CN116233158A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides a data storage method, a data storage device, data storage equipment and a data storage medium. In the method, sensitive data to be encrypted can be acquired, and a first key and a second key are generated; encrypting the sensitive data by using the first key to obtain encrypted data, and encrypting the first key by using a private key in the second key to store ciphertext of the first key; and sending the public key and the encrypted data in the second key to a public cloud server for storage. In this way, the sensitive data can be subjected to double encryption through the generated first key and the second key, the private cloud server and the public cloud server can not view the sensitive data of the plaintext, and the plaintext can not be obtained by independent decryption only by the private cloud server and the public cloud server, so that the security of the sensitive data storage is improved.

Description

Data storage method, device, equipment and storage medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a data storage method, apparatus, device, and storage medium.
Background
At present, with the gradual development of services and the continuous improvement of service requirements, more sensitive data needs to be stored by users. Traditional ways of storing sensitive data locally to users are often limited by local storage space, and cannot meet the data storage requirements of users. In the prior art, a cloud storage technology is generally used for storing the sensitive data, but the storage mode for storing the sensitive data on a cloud server has low security, which may cause the sensitive data to be leaked. Therefore, a solution is needed.
Disclosure of Invention
Aspects of the present application provide a data storage method, apparatus, device, and storage medium for improving security of sensitive data storage.
The embodiment of the application provides a data storage method, which is applied to a private cloud server, and comprises the following steps: acquiring sensitive data to be encrypted, a first key and a second key; encrypting the sensitive data by using the first key to obtain encrypted data; encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key; and sending the public key in the second key and the encrypted data to a public cloud server for storage.
Further optionally, obtaining the second key includes: determining authorized access users of the sensitive data; generating the second key by adopting a key derivation algorithm according to the access information of the authorized access user; or selecting the second key from the key encryption keys of the authorized access users.
Further optionally, the method further comprises: and storing the first key of the ciphertext in a trusted storage space on the private cloud server.
Further optionally, the method further comprises: responding to a data acquisition request of a first user, and acquiring the encrypted data and a public key in the second key from the public cloud server; decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key; and decrypting the encrypted data by using the first key to obtain the sensitive data.
Further optionally, in response to a data acquisition request of the first user, acquiring the encrypted data and the public key in the second key from the public cloud server includes: responding to the data acquisition request of the first user, and acquiring public key acquisition permission; the public key acquisition rights of different users are different; performing authority authentication on the first user; and if the first user passes the authority authentication, acquiring the encrypted data and a public key in the second key from the public cloud server.
Further optionally, the method further comprises: when the first secret key is subjected to ciphertext storage, an access right is added to the first secret key of the ciphertext; the access rights of different users are different; decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key, including: performing authority authentication on the first user; and if the first user passes the authority authentication, decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key.
Further optionally, adding an access right to the first key of the ciphertext includes: determining an organizational structure associated with a second user that generated the sensitive data; identifying a whitelist of users having access to the sensitive data according to the organizational structure; the whitelisted user is set as a user having a first key to access the ciphertext.
The embodiment of the application also provides a data storage device, which comprises: an acquisition module for: acquiring sensitive data to be encrypted, a first key and a second key; a data encryption module for: encrypting the sensitive data by using the first key to obtain encrypted data; a key encryption module for: encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key; a storage module for: and sending the public key in the second key and the encrypted data to a public cloud server for storage.
The embodiment of the application also provides electronic equipment, which comprises: a memory, a processor; wherein the memory is for: store one or more computer instructions; the processor is configured to execute the one or more computer instructions to: steps in the data storage method are performed.
Embodiments of the present application also provide a computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to implement steps in the data storage method.
In this embodiment, sensitive data to be encrypted may be acquired, and a first key and a second key may be generated; encrypting the sensitive data by using the first key to obtain encrypted data, and encrypting the first key by using a private key in the second key to store ciphertext of the first key; and sending the public key and the encrypted data in the second key to a public cloud server for storage. In this way, the sensitive data can be subjected to double encryption through the generated first key and the second key, the private cloud server and the public cloud server can not view the sensitive data of the plaintext, and the plaintext can not be obtained by independent decryption only by the private cloud server and the public cloud server, so that the security of the sensitive data storage is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. In the drawings:
FIG. 1 is a flow chart of a method for storing data according to an exemplary embodiment of the present application;
FIG. 2 is a schematic diagram of a data storage device according to an exemplary embodiment of the present application;
fig. 3 is a schematic diagram of an electronic device according to an exemplary embodiment of the present application.
Detailed Description
For the purposes, technical solutions and advantages of the present application, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present application and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
In the prior art, a cloud storage technology is generally used for storing the sensitive data, but the storage mode for storing the sensitive data on a cloud server has low security, which may cause the sensitive data to be leaked.
In view of the above technical problems, in some embodiments of the present application, a solution is provided. The public cloud server and the private cloud server are utilized to store the sensitive data based on the hybrid cloud technology, the hybrid deployment mode of the public cloud server and the private cloud server is hybrid cloud deployment, and the storage safety of the sensitive data can be remarkably improved by utilizing the hybrid cloud deployment mode.
The following will describe in detail the technical solutions provided in the embodiments of the present application with reference to the accompanying drawings.
Fig. 1 is a flowchart of a data storage method according to an exemplary embodiment of the present application, where the embodiment may be executed by an electronic device. The electronic device may be any type of server, for example, a private cloud server, a local conventional server, or the like, which is not limited in this embodiment.
In the following, an example will be described by taking a private cloud server as an execution subject. As shown in fig. 1, the data storage method includes:
step 11, obtaining sensitive data to be encrypted, a first key and a second key.
And step 12, encrypting the sensitive data by using the first key to obtain encrypted data.
And step 13, encrypting the first key by using a private key in the second key so as to store the ciphertext of the first key.
And step 14, the public key and the encrypted data in the second key are sent to a public cloud server for storage.
The sensitive data to be encrypted is data which needs higher confidentiality, including but not limited to at least one of the following: contract data, user identity data, cell phone numbers, emails, home addresses, location coordinates, personal asset information, and business asset information. The private cloud server may periodically obtain the sensitive data from a terminal device or a server having a business relationship with the private cloud server, or may respond to a storage request sent by a user having a business relationship with the private cloud server to obtain the sensitive data uploaded by the user, which is not limited in this embodiment.
Wherein the first key may be a symmetric key. Based on the first key, the sensitive data may be encrypted using a symmetric encryption algorithm, and the sensitive data of the ciphertext may be decrypted using the first key. The symmetric key encryption algorithm may be implemented as a symmetric key encryption algorithm such as DES (Data Encryption Standard, a block algorithm using key encryption), 3DES (Triple DES, triple data encryption algorithm), IDEA (international data encryption algorithm), RC5 (a block cipher algorithm), or RC6 (a block cipher algorithm). Wherein the second key may be an asymmetric key, which may include: public keys (public keys) and private keys (private keys). Wherein the private cloud server may generate the first key and the second key using a KMS (Key Management Service ).
In some alternative embodiments, the first key may be a data encryption key (Data Encryption Key, DEK) and the second key may be a key encryption key (Key Encryption Key, KEK). Wherein the data encryption key may be used to encrypt and encrypt data, and the key encryption key may be used to encrypt and decrypt the aforementioned data encryption key.
The private cloud server can encrypt the sensitive data by using the generated first key to obtain encrypted data, and encrypt the first key by using the private key in the second key to store the ciphertext of the first key. The first key of the ciphertext may be stored on the private cloud server.
Based on the encryption process, the private cloud server can send the public key and the encrypted data in the second key to the public cloud server for storage. Sensitive data in the clear cannot be viewed whether the cloud server is a public cloud server or a private cloud server. In addition, if an illegal user wants to read the sensitive data, the sensitive data in the clear cannot be obtained by decrypting only the data acquired from any one of the public cloud server or the private cloud server, so that the storage safety of the sensitive data is improved.
In this embodiment, sensitive data to be encrypted may be acquired, and a first key and a second key may be generated; encrypting the sensitive data by using the first key to obtain encrypted data, and encrypting the first key by using a private key in the second key to store ciphertext of the first key; and sending the public key and the encrypted data in the second key to a public cloud server for storage. In this way, the sensitive data can be subjected to double encryption through the generated first key and the second key, the private cloud server and the public cloud server cannot check the sensitive data of the plaintext, and the plaintext of the sensitive data cannot be obtained by independent decryption only by the private cloud server and the public cloud server, so that the security of the sensitive data storage is improved.
In some alternative embodiments, the private cloud server may store the first key of the ciphertext in a trusted storage space on the private cloud server when the first key is cryptographically stored.
The trusted storage space may be implemented based on TEE (Trusted Execution Environment ) technology. Among these, TEE is essentially a hardware-based security isolation technique. On the processor chip of the private cloud server, there are two areas of REE (Rich Execution Environment ) and TEE, and access control of different components can be realized by means of hardware configuration, so that a completely isolated running space is provided.
The processor chip of the private cloud server may provide a set of secure instruction sets, such as SGX (Software Guard Extensions, software protection extension) instruction sets, based on which a secure isolated execution environment can be provided for the application. The SGX can provide a trusted storage space (enclaspe) for the application program, and codes and data stored in the enclaspe have higher security and cannot be revealed or maliciously tampered with.
Therefore, in this embodiment, the first key of the ciphertext is maintained in the trusted storage space on the private cloud server, so that the first key of the ciphertext can be ensured to have higher security.
In some alternative embodiments, the private cloud server may first determine that the user is authorized to access the sensitive data when the private cloud server obtains the second key. The sensitive data can be preset with an authorized access user, and the authorized access user is authorized to access the sensitive data. The authorization relationship can be dynamically updated according to the service requirement.
After determining that the user is authorized to be accessed, the second key may be obtained based on two implementations:
in the first embodiment, a second key is generated by using a key derivation algorithm (Key Derivation Function) based on access information of an authorized access user. The access information of the authorized access user may be account number, department identifier, mobile phone number, user identity data, etc., which is not limited in this embodiment. Wherein the key derivation algorithm is used for: one or more keys are derived based on a password, in particular, a key derivation algorithm may derive one or more keys using a pseudo-random number function (PRF, pseudo Random Function). Based on the above, the private cloud server may extract a key of a preset length from the access information of the authorized access user, and derive the key by using a pseudo-random number function, thereby obtaining the second key.
In the second embodiment, the second key is selected from the key encryption keys of the authorized access users. The private cloud server can be preset with a plurality of key encryption keys of a plurality of authorized access users, so that the key encryption key corresponding to the current authorized access user can be selected from the plurality of key encryption keys to serve as the second key.
In this way, the second key acquired by the private cloud server may correspond to the access information of the authorized access user. When the first secret key of the ciphertext is decrypted by the authorized access user, the public key used for decryption can be generated by adopting the preset algorithm by utilizing the access information of the authorized access user. Under the condition that the access information and the key generation algorithm are the same, the public key and the private key in the generated second key can be matched, so that the first key of the ciphertext can be decrypted more accurately. Under the condition, the authorized access user does not need to acquire the public key of the second key from the public cloud server, so that the transmission times of the public key of the second key on the network are reduced, the risk of attacking the public key of the second key in the transmission process is reduced, and the security of the public key of the second key is further improved.
In some alternative embodiments, a user having a data acquisition requirement may send a data acquisition request to a private cloud server, and the private cloud server may acquire the encrypted data and the public key of the second key from the public cloud server in response to the data acquisition request. Optionally, the private cloud server may obtain public key obtaining rights in response to the data obtaining request of the first user, where the public key obtaining rights of different users are different. For example, some users have public key acquisition rights of "public key acquirable", and some users have public key acquisition rights of "public key unoacquired". The public key obtaining permission can be preset in a memory of the private cloud server, and can also be obtained by the private cloud server from other servers or terminal equipment. The private cloud server can carry out authority authentication on the first user, and if the first user passes the authority authentication, the public key in the encrypted data and the second key is obtained from the public cloud server; if the first user fails the authority authentication, the encrypted data and the public key in the second key cannot be obtained from the public cloud server. Taking an actual scene as an example, a private cloud server of an enterprise can be accessed by a plurality of employees in the enterprise, and different sensitive data of the enterprise opens access rights to different employees. By the mode, only the user with public key obtaining authority in the enterprise can obtain the public key of the second key from the public cloud server, and then the first key of the ciphertext is decrypted; other users in the enterprise without public key obtaining permission cannot obtain the public key of the second key and cannot decrypt the first key of the ciphertext, so that the storage security of the public key of the second key is improved, and the storage security of sensitive data is improved.
After obtaining the encrypted data and the public key in the second key based on the above manner, the private cloud server may decrypt the first key of the ciphertext by using the public key in the second key to obtain the first key. Thus, the encrypted data may be decrypted using the first key to obtain sensitive data.
It should be noted that, on the basis of double encryption of the sensitive data by the first key and the second key, the public key and the private key in the second key correspond, and the public key for decryption is stored on the public cloud server. If the user does not provide the public key of the second key, the private cloud server can only acquire the public key from the public cloud server to decrypt the doubly encrypted sensitive data. In this case, the private cloud server alone cannot decrypt the data to obtain the sensitive data, and the public cloud server transmits the data to decrypt the sensitive data. Thereby improving the security of sensitive data storage.
In other alternative embodiments, the private cloud server may add access rights to the first key of the ciphertext when the first key is cryptographically stored. The access right refers to a right for accessing the first key of the ciphertext. Wherein the access rights of different users are different. The process of adding the access right will be described in detail below.
The private cloud server may store an organization architecture of an enterprise, and may determine an organization architecture associated with a user (i.e., a second user) that generates sensitive data from the organization architecture of the enterprise. Wherein the organization architecture associated with the second user includes at least one of: an organization architecture of a department in which the second user is located, and organization architectures of other departments associated with the department in which the second user is located. Wherein the other departments associated with the departments in which the second user is located may include at least one of: an upstream business department and a downstream business department of the department where the second user is located.
For example, the organization architecture of an enterprise includes an organization architecture of a first department, an organization architecture of a second department, an organization architecture of a third department, and an organization architecture of a fourth department, where the first department is associated with the fourth department, and a user a of the first department (i.e., a second user) uploads sensitive data, so that a private cloud server may obtain, from the organization architecture of the enterprise, the organization architecture of the first department where the user that generates the sensitive data is located, and the organization architecture of the fourth department associated with the first department, as the organization architecture associated with the user a.
The private cloud server may then identify a whitelist user that is able to access the sensitive data according to the organization architecture and set the whitelist user as a user having the first key to access the ciphertext. Wherein the whitelist users who can access the sensitive data can be: other users within the organization architecture specified by the second user may also be: other users within the organization architecture and having a higher hierarchical level than the second user, the present embodiment is not limited.
The foregoing examples are followed for illustration: for example, the private cloud server may determine, according to an organization architecture associated with user a, user B and user C within the first and fourth departments and at a higher level than user a, or user D of the first department specified by user a, as a whitelisted user capable of accessing sensitive data, and set the whitelisted user as a user having a first key to grant access to ciphertext.
In some embodiments, the private cloud server may further expose an organization architecture associated therewith to the second user, the user may select a whitelist user in the organization architecture, the private cloud server may determine the whitelist user and set the whitelist user as a user having permission to access the first key of the ciphertext in response to the selection operation of the user.
Based on the above mode, the security of the first key can be further improved by the mode of authority authentication. Meanwhile, the access authority of the first key can be dynamically set, so that the flexibility of data access is further improved.
Based on the above-mentioned authority setting process, when the private cloud server decrypts the first key of the ciphertext by using the public key in the second key, the authority authentication can be performed on the user (i.e., the first user) who initiates the decryption request. For example, a permission authentication interface is provided for a user to input permission authentication information and to judge whether the permission authentication information passes verification. For example, the private cloud server may obtain a user identifier (e.g., a user account number, a department identifier) input by the user, and determine that the user passes the authority authentication if the user identifier is located on the white list of the first key. If the user passes the authority authentication, the public key in the second key can be utilized to decrypt the first key of the ciphertext to obtain the first key.
Taking an actual scene as an example, a private cloud server of an enterprise can be accessed by a plurality of employees in the enterprise, and different sensitive data of the enterprise opens access rights to different employees. The private cloud server of the enterprise can encrypt the sensitive data of the enterprise by adopting the method described in the foregoing embodiment, and store the public key of the second key and the ciphertext data in the public cloud server. Meanwhile, the private cloud server can set the authority of the first secret key of the ciphertext stored on the private cloud server, so that only users with access authority in the enterprise can acquire the first secret key of the ciphertext, other users without access authority in the enterprise cannot acquire the first secret key of the ciphertext, the storage safety of the first secret key of the ciphertext is improved, and the storage safety of sensitive data is improved.
In addition, in some of the flows described in the above embodiments and the drawings, a plurality of operations appearing in a specific order are included, but it should be clearly understood that the operations may be performed out of the order in which they appear herein or performed in parallel, the sequence numbers of the operations such as 11, 12, etc. are merely used to distinguish between the various operations, and the sequence numbers themselves do not represent any order of execution. In addition, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel.
It should be noted that, the descriptions of "first" and "second" herein are used to distinguish different messages, devices, modules, etc., and do not represent a sequence, and are not limited to the "first" and the "second" being different types.
The embodiment of the application further provides a data storage device, as shown in fig. 2, including: an acquisition module 201, configured to: acquiring sensitive data to be encrypted, a first key and a second key; a data encryption module 202 for: encrypting the sensitive data by using the first key to obtain encrypted data; a key encryption module 203, configured to: encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key; a storage module 204 for: and sending the public key in the second key and the encrypted data to a public cloud server for storage.
Further alternatively, the obtaining module 201 obtains the second key, including: determining authorized access users of the sensitive data; generating the second key by adopting a key derivation algorithm according to the access information of the authorized access user; or selecting the second key from the key encryption keys of the authorized access users.
Further alternatively, the key encryption module 203 is further configured to: and storing the first key of the ciphertext in a trusted storage space on the private cloud server.
Further alternatively, the key encryption module 203 is further configured to: responding to a data acquisition request of a first user, and acquiring the encrypted data and a public key in the second key from the public cloud server; decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key; and decrypting the encrypted data by using the first key to obtain the sensitive data.
Further optionally, when the key encryption module 203 responds to a data acquisition request of the first user and acquires the encrypted data and the public key in the second key from the public cloud server, the key encryption module is specifically configured to: responding to the data acquisition request of the first user, and acquiring public key acquisition permission; the public key acquisition rights of different users are different; performing authority authentication on the first user; and if the first user passes the authority authentication, acquiring the encrypted data and a public key in the second key from the public cloud server.
Further alternatively, the key encryption module 203 is further configured to: when the first secret key is subjected to ciphertext storage, an access right is added to the first secret key of the ciphertext; the access rights of different users are different; the processor 302 decrypts the first key of the ciphertext by using the public key of the second key, and when obtaining the first key, the method is specifically used for: performing authority authentication on the first user; and if the first user passes the authority authentication, decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key.
Further optionally, when the key encryption module 203 adds an access right to the first key of the ciphertext, the method is specifically used for: determining an organizational structure associated with a second user that generated the sensitive data; identifying a whitelist of users having access to the sensitive data according to the organizational structure; the whitelisted user is set as a user having a first key to access the ciphertext.
In this embodiment, sensitive data to be encrypted may be acquired, and a first key and a second key may be generated; encrypting the sensitive data by using the first key to obtain encrypted data, and encrypting the first key by using a private key in the second key to store ciphertext of the first key; and sending the public key and the encrypted data in the second key to a public cloud server for storage. In this way, the sensitive data can be subjected to double encryption through the generated first key and the second key, the private cloud server and the public cloud server can not view the sensitive data of the plaintext, and the plaintext can not be obtained by independent decryption only by the private cloud server and the public cloud server, so that the security of the sensitive data storage is improved.
Fig. 3 is a schematic structural diagram of an electronic device according to an exemplary embodiment of the present application, where the electronic device is suitable for the data storage method provided in the foregoing embodiment, and as shown in fig. 3, the electronic device includes: a memory 301, a processor 302, and a communication component 303.
The memory 301 is used for storing a computer program and may be configured to store other various data to support operations on the terminal device. Examples of such data include instructions for any application or method operating on the terminal device, contact data, phonebook data, messages, pictures, video, etc.
A processor 302 coupled with the memory 301 for executing the computer program in the memory 301 for: acquiring sensitive data to be encrypted, a first key and a second key; encrypting the sensitive data by using the first key to obtain encrypted data; encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key; and sending the public key in the second key and the encrypted data to a public cloud server for storage.
Further alternatively, the processor 302 obtains the second key, including: determining authorized access users of the sensitive data; generating the second key by adopting a key derivation algorithm according to the access information of the authorized access user; or selecting the second key from the key encryption keys of the authorized access users.
Further optionally, the processor 302 is further configured to: and storing the first key of the ciphertext in a trusted storage space on the private cloud server.
Further optionally, the processor 302 is further configured to: responding to a data acquisition request of a first user, and acquiring the encrypted data and a public key in the second key from the public cloud server; decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key; and decrypting the encrypted data by using the first key to obtain the sensitive data.
Further optionally, the processor 302 is configured to, in response to a data acquisition request of the first user, acquire the encrypted data and the public key of the second key from the public cloud server, specifically: responding to the data acquisition request of the first user, and acquiring public key acquisition permission; the public key acquisition rights of different users are different; performing authority authentication on the first user; and if the first user passes the authority authentication, acquiring the encrypted data and a public key in the second key from the public cloud server.
Further optionally, the processor 302 is further configured to: when the first secret key is subjected to ciphertext storage, an access right is added to the first secret key of the ciphertext; the access rights of different users are different; the processor 302 decrypts the first key of the ciphertext by using the public key of the second key, and when obtaining the first key, the method is specifically used for: performing authority authentication on the first user; and if the first user passes the authority authentication, decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key.
Further optionally, when the processor 302 adds an access right to the first key of the ciphertext, the method specifically is used for: determining an organizational structure associated with a second user that generated the sensitive data; identifying a whitelist of users having access to the sensitive data according to the organizational structure; the whitelisted user is set as a user having a first key to access the ciphertext.
Further, as shown in fig. 3, the electronic device further includes: display component 304, and the like. Only some of the components are schematically shown in fig. 3, which does not mean that the electronic device only comprises the components shown in fig. 3.
The memory 301 in FIG. 3 described above may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.
The communication component 303 of fig. 3 is configured to facilitate communication between the device in which the communication component is located and other devices, either in a wired or wireless manner. The device in which the communication component is located may access a wireless network based on a communication standard, such as WiFi,2G, 3G, 4G, or 5G, or a combination thereof. In one exemplary embodiment, the communication component receives a broadcast signal or broadcast-related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component may be implemented based on Near Field Communication (NFC) technology, radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, ultra Wideband (UWB) technology, bluetooth (BT) technology, and other technologies.
The display assembly 304 in fig. 3 described above includes a screen, which may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from a user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may sense not only the boundary of a touch or sliding action, but also the duration and pressure associated with the touch or sliding operation.
Accordingly, the present application further provides a computer readable storage medium storing a computer program, where the computer program is executed to implement the steps executable by the electronic device in the above method embodiments.
In this embodiment, sensitive data to be encrypted may be acquired, and a first key and a second key may be generated; encrypting the sensitive data by using the first key to obtain encrypted data, and encrypting the first key by using a private key in the second key to store ciphertext of the first key; and sending the public key and the encrypted data in the second key to a public cloud server for storage. In this way, the sensitive data can be subjected to double encryption through the generated first key and the second key, the private cloud server and the public cloud server can not view the sensitive data of the plaintext, and the plaintext can not be obtained by independent decryption only by the private cloud server and the public cloud server, so that the security of the sensitive data storage is improved.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims (10)

1. A data storage method, applied to a private cloud server, comprising:
acquiring sensitive data to be encrypted, a first key and a second key;
encrypting the sensitive data by using the first key to obtain encrypted data;
encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key;
and sending the public key in the second key and the encrypted data to a public cloud server for storage.
2. The method of claim 1, wherein obtaining the second key comprises:
determining authorized access users of the sensitive data;
generating the second key by adopting a key derivation algorithm according to the access information of the authorized access user; or selecting the second key from the key encryption keys of the authorized access users.
3. The method as recited in claim 1, further comprising:
and storing the first key of the ciphertext in a trusted storage space on the private cloud server.
4. A method according to any one of claims 1-3, further comprising:
responding to a data acquisition request of a first user, and acquiring the encrypted data and a public key in the second key from the public cloud server;
decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key;
and decrypting the encrypted data by using the first key to obtain the sensitive data.
5. The method of claim 4, wherein obtaining the encrypted data and the public key of the second key from the public cloud server in response to the data obtaining request of the first user comprises:
responding to the data acquisition request of the first user, and acquiring public key acquisition permission; the public key acquisition rights of different users are different;
performing authority authentication on the first user; and if the first user passes the authority authentication, acquiring the encrypted data and a public key in the second key from the public cloud server.
6. The method as recited in claim 4, further comprising:
when the first secret key is subjected to ciphertext storage, an access right is added to the first secret key of the ciphertext; the access rights of different users are different;
decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key, including:
performing authority authentication on the first user;
and if the first user passes the authority authentication, decrypting the first key of the ciphertext by using the public key in the second key to obtain the first key.
7. The method of claim 6, wherein adding access rights to the first key of the ciphertext comprises:
determining an organizational structure associated with a second user that generated the sensitive data;
identifying a whitelist of users having access to the sensitive data according to the organizational structure;
the whitelisted user is set as a user having a first key to access the ciphertext.
8. A data storage device, comprising:
an acquisition module for: acquiring sensitive data to be encrypted, a first key and a second key;
a data encryption module for: encrypting the sensitive data by using the first key to obtain encrypted data;
a key encryption module for: encrypting the first key by utilizing a private key in the second key so as to store ciphertext of the first key;
a storage module for: and sending the public key in the second key and the encrypted data to a public cloud server for storage.
9. An electronic device, comprising: a memory, a processor; wherein the memory is for: store one or more computer instructions; the processor is configured to execute the one or more computer instructions to: performing the steps of the method of any one of claims 1-7.
10. A computer readable storage medium storing a computer program, which, when executed by a processor, causes the processor to carry out the steps of the method according to any one of claims 1-7.
CN202310143119.3A 2023-02-09 2023-02-09 Data storage method, device, equipment and storage medium Pending CN116233158A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310143119.3A CN116233158A (en) 2023-02-09 2023-02-09 Data storage method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310143119.3A CN116233158A (en) 2023-02-09 2023-02-09 Data storage method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116233158A true CN116233158A (en) 2023-06-06

Family

ID=86569061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310143119.3A Pending CN116233158A (en) 2023-02-09 2023-02-09 Data storage method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116233158A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117010000A (en) * 2023-09-28 2023-11-07 之江实验室 Data security service method, device, computer equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117010000A (en) * 2023-09-28 2023-11-07 之江实验室 Data security service method, device, computer equipment and storage medium
CN117010000B (en) * 2023-09-28 2024-03-01 之江实验室 Data security service method, device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
CN112751665B (en) Secure multi-party computing method, device, system and storage medium
CN107743133B (en) Mobile terminal and access control method and system based on trusted security environment
US9813247B2 (en) Authenticator device facilitating file security
CN107113286B (en) Cross-device roaming content erase operation
US11611539B2 (en) Method, computer program product and apparatus for encrypting and decrypting data using multiple authority keys
CN105577379A (en) Information processing method and apparatus thereof
US20140052989A1 (en) Secure data exchange using messaging service
CN111741028B (en) Service processing method, device, equipment and system
KR101809974B1 (en) A system for security certification generating authentication key combinating multi-user element and a method thereof
US11405782B2 (en) Methods and systems for securing and utilizing a personal data store on a mobile device
EP3203407B1 (en) Information processing method and information processing device
CN110708291A (en) Data authorization access method, device, medium and electronic equipment in distributed network
CN107026730B (en) Data processing method, device and system
CN116233158A (en) Data storage method, device, equipment and storage medium
US10699021B2 (en) Method and a device for secure storage of at least one element of digital information, and system comprising such device
CN104751028A (en) Application encrypting and decrypting method and device
KR101473656B1 (en) Method and apparatus for security of mobile data
CN103684740A (en) Encrypting method and system, decrypting method and system, encryption and decryption method and system for photo album of mobile terminal
CN116306519A (en) File signing method, device and storage medium
KR101809976B1 (en) A method for security certification generating authentication key combinating multi-user element
WO2019216847A2 (en) A sim-based data security system
US11438153B2 (en) Method and device for transmitting data
Malik et al. Cloud computing security improvement using Diffie Hellman and AES
EP3598689B1 (en) Managing central secret keys of a plurality of user devices associated with a single public key
KR20160050605A (en) Service server, and operating method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination