CN116346339B - Data protection method, system and electronic equipment - Google Patents

Data protection method, system and electronic equipment Download PDF

Info

Publication number
CN116346339B
CN116346339B CN202310304745.6A CN202310304745A CN116346339B CN 116346339 B CN116346339 B CN 116346339B CN 202310304745 A CN202310304745 A CN 202310304745A CN 116346339 B CN116346339 B CN 116346339B
Authority
CN
China
Prior art keywords
electronic device
ring
account
trust ring
trust
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310304745.6A
Other languages
Chinese (zh)
Other versions
CN116346339A (en
Inventor
丁金岩
窦伟明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Honor Device Co Ltd
Original Assignee
Honor Device Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Honor Device Co Ltd filed Critical Honor Device Co Ltd
Priority to CN202310304745.6A priority Critical patent/CN116346339B/en
Publication of CN116346339A publication Critical patent/CN116346339A/en
Application granted granted Critical
Publication of CN116346339B publication Critical patent/CN116346339B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration

Abstract

The embodiment of the application provides a data protection method, a system and electronic equipment, wherein in the process of joining a trust ring, when authentication of ring equipment based on user personalized information of the ring equipment fails, a server deletes the trust ring or pauses the ring joining process of the equipment, so that unsafe equipment is prevented from joining the trust ring to acquire user data from a cloud side, and the safety of the user data is improved.

Description

Data protection method, system and electronic equipment
Technical Field
The embodiment of the application relates to the field of terminal equipment, in particular to a data protection method, a data protection system and electronic equipment.
Background
Currently, the terminal device may store the data of the user in the cloud end so that the user can upload and download the data in real time. The user's data typically corresponds to a particular user account. However, the security of user data is entirely dependent on account security, which data can be obtained from the cloud side as long as the device is able to pass account verification. If any one of the account number and the cloud side server is attacked, the user data is leaked. In addition, the cloud side server may decrypt the user data, and the cloud side cannot self-verify. Thus, the known solutions are less secure and do not provide support for user data protection with higher security requirements.
Disclosure of Invention
The application provides a data protection method, a system and electronic equipment, wherein in the process of joining a trust ring, when authentication of ring equipment based on user personalized information of the ring equipment fails, a server deletes the trust ring or pauses the ring joining process of the equipment, so that unsafe equipment is prevented from joining the trust ring to acquire user data from a cloud side, and the security of the user data is improved.
In a first aspect, the present application provides a data protection method. The method is applied to the second electronic equipment and comprises the following steps: and receiving a second screen locking code of the second electronic device input by the user, wherein the second electronic device is logged in to the first account. And then, when the second screen locking code verification is passed, receiving a first screen locking code of the first electronic device input by the user, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account number obtained from the first server. Then, when the number of authentication failures of the first electronic device based on the first screen locking code reaches a preset number, displaying first prompt information, wherein the first prompt information comprises: a first button for indicating deletion of the trust ring. And sending a ring deletion request to the first server under the condition of receiving the operation of selecting the first button, wherein the ring deletion request carries the account identification of the first account. And then, receiving a trust ring deleting message sent by the first server, wherein the trust ring deleting message is sent after the first trust ring under the first account is deleted by the first server. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the trust ring or pauses the ring adding process of the device, thereby preventing the unsafe device from joining the trust ring, protecting cloud side user data and improving the security of user data protection.
The screen locking code in the application may be replaced by other user information, for example, the user information may be a user birthday, a user name, a birthday of a parent or friend, a name, and the like. These pieces of information are pieces of information unique to the user, only the user knows by himself, and the pieces of information differ from user to user. Such user information is easy for the user to memorize and is not known to the cloud side. When the master key is encrypted based on the user information, the cloud side cannot decrypt, and thus the cloud side can be self-certifying. Besides the user, other people can hardly know which user information is used by the user to encrypt the master key, so that the difficulty in cracking the ciphertext of the master key is greatly increased, the security of the master key is improved, and the security of user data protected by using the derivative key of the master key can be improved. Meanwhile, when the 2 nd device and the 2 nd and subsequent devices in the trust ring are registered, the identity of the registered device can be verified based on the user information, interaction with the registered device is not needed, and convenience is provided for the user.
According to the first aspect, the ring deletion request also carries the signature of the second electronic device; the first trust ring is deleted after the second electronic device is authenticated by the first server based on the signature. Therefore, the trust ring can be prevented from being maliciously deleted by unsafe equipment, and cloud side user data can be effectively protected.
According to the first aspect, after receiving the second screen locking code of the second electronic device input by the user, the method further includes: and sending an information acquisition request of the ring equipment to the first server, wherein the information acquisition request of the ring equipment carries an account identifier of the first account. And then, receiving the ring device information of the first trust ring corresponding to the first account returned by the server, wherein the ring device comprises the first electronic device. And then, displaying a screen locking code input interface of the first electronic equipment. Therefore, the identity of the ring device can be verified through the information input on the device requesting to join the trust ring, the credibility of the device requesting to join the trust ring is guaranteed, the situation that the user data of the cloud side is acquired by the non-credible device through joining the trust ring is avoided, and the safety of the user data is improved.
According to a first aspect, before displaying the first prompt information when the number of authentication failures of the first electronic device based on the first screen locking code reaches a preset number, the method further includes: generating a first authentication parameter based on the first screen locking code; and sending the first authentication parameter to the first server so that the first server can carry out identity verification on the first electronic equipment according to the first authentication parameter. Thus, by verifying the identity of the ring device, the credibility of the device requesting to join the trust ring is ensured, the leakage of user data is avoided, and the safety of the user data is improved.
In a second aspect, the present application provides a data protection method. The method is applied to the second electronic equipment and comprises the following steps: and receiving a second screen locking code of the second electronic device input by the user, wherein the second electronic device is logged in to the first account. And then, when the second screen locking code verification is passed, receiving a first screen locking code of the first electronic device input by the user, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account number acquired from the first server. Then, when the number of authentication failures of the first electronic device based on the first screen locking code reaches a preset number, displaying first prompt information, wherein the first prompt information comprises: and a second button for indicating to freeze the second electronic device add-on request. Then, under the condition that the second button selection operation is received, sending a ring adding request to the first server; when the first server receives a loop adding request sent by the second electronic device under the condition that the authentication failure times of the first electronic device reach the preset times, the loop adding request of the second electronic device for the first trust loop corresponding to the first account is frozen, wherein the freezing duration is preset duration. And then, receiving the residual freezing time returned by the first server, and displaying second prompt information under the condition that the residual freezing time is longer than 0, wherein the second prompt information comprises the residual freezing time. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the ring adding process of suspending the device, prevents the unsafe device from joining the trust ring and acquiring the user data from the cloud side, and improves the safety of the user data.
According to a second aspect, further comprising: and receiving a second screen locking code of the second electronic device input by the user. And then, when the second screen locking code passes the verification, receiving the first screen locking code of the first electronic device input by the user. Next, a first authentication parameter is generated based on the first lockscreen code. And then, the first authentication parameter is sent to a first server, and the first server performs identity verification on the first electronic equipment based on the first authentication parameter under the condition that the current residual freezing duration is 0. Then, when the authentication of the first electronic device based on the first authentication parameter passes, a first master key ciphertext of the first electronic device sent by the first server is received. And then, decrypting the first master key ciphertext based on the first screen locking code to obtain a master key. Then, the master key is encrypted based on the second lockscreen code, a second master key ciphertext for the second electronic device is generated, and a second authentication parameter is generated based on the second lockscreen code. Then, a ring addition request is sent to the first server to cause the first server to add the second master key ciphertext and the second authentication parameter to the trust ring data of the first trust ring. Thus, after suspending the device's looping process for a period of time, the device may join the trust ring through the normal looping process.
According to a second aspect, encrypting the master key based on the second lockscreen code to generate a second master key ciphertext for the second electronic device, comprising: and generating a third derivative key according to the second lock screen code, generating a fourth derivative key according to the third derivative key, and encrypting the master key according to the fourth derivative key to obtain a second master key ciphertext of the second electronic device. In this way, the master key is encrypted according to the user personalized information such as the screen locking code, so that the cloud side which does not know the user personalized information cannot decrypt the master key, the user data encrypted by the derivative key of the master key is protected, and the safety of the user data is improved.
According to a second aspect, generating the second authentication parameter based on the second lockscreen code includes: and generating a third derived key according to the second screen locking code, generating a second shared value according to the third derived key, and encrypting the second shared value according to the HSM public key generated by the first server side to obtain a second authentication parameter. Thus, the authentication parameters are generated according to the user personalized information such as the screen locking code, so that the authentication parameters cannot be forged, and the authentication security is ensured.
In a third aspect, the present application provides an electronic device, as a second electronic device, including: and a trust ring service module. Wherein, trust ring service module is used for: and receiving a second screen locking code of the second electronic device input by the user, wherein the second electronic device is logged in to the first account. And then, when the second screen locking code verification is passed, receiving a first screen locking code of the first electronic device input by the user, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account number obtained from the first server. Then, when the number of authentication failures of the first electronic device based on the first screen locking code reaches a preset number, displaying first prompt information, wherein the first prompt information comprises: a first button for indicating deletion of the trust ring. And sending a ring deletion request to the first server under the condition of receiving the operation of selecting the first button, wherein the ring deletion request carries the account identification of the first account. And then, receiving a trust ring deleting message sent by the first server, wherein the trust ring deleting message is sent after the first trust ring under the first account is deleted by the first server. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the trust ring or pauses the ring adding process of the device, thereby preventing the unsafe device from joining the trust ring, protecting cloud side user data and improving the security of user data protection.
According to the third aspect, the ring deletion request also carries the signature of the second electronic device; the first trust ring is deleted after the second electronic device is authenticated by the first server based on the signature. Therefore, the trust ring can be prevented from being maliciously deleted by unsafe equipment, and cloud side user data can be effectively protected.
According to a third aspect, the trust ring service module is further configured to: after receiving the second screen locking code of the second electronic device input by the user, the method further comprises the following steps: and sending an information acquisition request of the ring equipment to the first server, wherein the information acquisition request of the ring equipment carries an account identifier of the first account. And then, receiving the ring device information of the first trust ring corresponding to the first account returned by the server, wherein the ring device comprises the first electronic device. And then, displaying a screen locking code input interface of the first electronic equipment. Therefore, the identity of the ring device can be verified through the information input on the device requesting to join the trust ring, the credibility of the device requesting to join the trust ring is guaranteed, the situation that the user data of the cloud side is acquired by the non-credible device through joining the trust ring is avoided, and the safety of the user data is improved.
According to a third aspect, the trust ring server module is further configured to: before the first prompt information is displayed when the number of times of authentication failure of the first electronic device based on the first screen locking code reaches the preset number of times, the method further comprises the steps of: generating a first authentication parameter based on the first screen locking code; and sending the first authentication parameter to the first server so that the first server can carry out identity verification on the first electronic equipment according to the first authentication parameter. Thus, by verifying the identity of the ring device, the credibility of the device requesting to join the trust ring is ensured, the leakage of user data is avoided, and the safety of the user data is improved.
In a fourth aspect, the present application provides an electronic device. The electronic device, as a second electronic device, includes: the trust ring service module is used for: and receiving a second screen locking code of the second electronic device input by the user, wherein the second electronic device is logged in to the first account. And then, when the second screen locking code verification is passed, receiving a first screen locking code of the first electronic device input by the user, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account number acquired from the first server. Then, when the number of authentication failures of the first electronic device based on the first screen locking code reaches a preset number, displaying first prompt information, wherein the first prompt information comprises: and a second button for indicating to freeze the second electronic device add-on request. Then, under the condition that the second button selection operation is received, sending a ring adding request to the first server; when the first server receives a loop adding request sent by the second electronic device under the condition that the authentication failure times of the first electronic device reach the preset times, the loop adding request of the second electronic device for the first trust loop corresponding to the first account is frozen, wherein the freezing duration is preset duration. And then, receiving the residual freezing time returned by the first server, and displaying second prompt information under the condition that the residual freezing time is longer than 0, wherein the second prompt information comprises the residual freezing time. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the ring adding process of suspending the device, prevents the unsafe device from joining the trust ring and acquiring the user data from the cloud side, and improves the safety of the user data.
According to a fourth aspect, the electronic device further comprises a trust ring module. The trust ring service module is further configured to: and receiving a second screen locking code of the second electronic device input by the user. And then, when the second screen locking code passes the verification, receiving the first screen locking code of the first electronic device input by the user. Next, a first authentication parameter is generated based on the first lockscreen code. And then, the first authentication parameter is sent to a first server, and the first server performs identity verification on the first electronic equipment based on the first authentication parameter under the condition that the current residual freezing duration is 0. And then, when the identity verification of the first electronic equipment based on the first authentication parameter passes, receiving a first master key ciphertext of the first electronic equipment, which is sent by the first server, and sending the first master key ciphertext to the trust ring module. A trust ring module for: and decrypting the first master key ciphertext based on the first screen locking code to obtain a master key. Then, the master key is encrypted based on the second lockscreen code, a second master key ciphertext for the second electronic device is generated, and a second authentication parameter is generated based on the second lockscreen code. Then, a ring addition request is sent to the first server to cause the first server to add the second master key ciphertext and the second authentication parameter to the trust ring data of the first trust ring. Thus, after suspending the device's looping process for a period of time, the device may join the trust ring through the normal looping process.
According to a fourth aspect, the trust ring module encrypts the master key based on the second lock screen code, and is specifically configured to: and generating a third derivative key according to the second lock screen code, generating a fourth derivative key according to the third derivative key, and encrypting the master key according to the fourth derivative key to obtain a second master key ciphertext of the second electronic device. In this way, the master key is encrypted according to the user personalized information such as the screen locking code, so that the cloud side which does not know the user personalized information cannot decrypt the master key, the user data encrypted by the derivative key of the master key is protected, and the safety of the user data is improved.
According to a fourth aspect, when the trust ring service module generates the second authentication parameter based on the second lock screen code, the trust ring service module is specifically configured to: generating the second authentication parameter based on the second screen locking code includes: and generating a third derived key according to the second screen locking code, generating a second shared value according to the third derived key, and encrypting the second shared value according to the HSM public key generated by the first server side to obtain a second authentication parameter. Thus, the authentication parameters are generated according to the user personalized information such as the screen locking code, so that the authentication parameters cannot be forged, and the authentication security is ensured.
In a fifth aspect, the present application provides a data protection system including a second electronic device and a first server. Wherein the second electronic device is configured to: and receiving a second screen locking code of the second electronic device input by the user, wherein the second electronic device is logged in to the first account, and receiving the first screen locking code of the first electronic device input by the user when the second screen locking code is verified, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account acquired from the first server, generates a first authentication parameter based on the first screen locking code, and sends the first authentication parameter to the first server. The first server is used for: and based on the first authentication parameters, authenticating the identity of the first electronic equipment, accumulating the authentication failure times, and sending a prompt instruction to the second electronic equipment when the authentication failure times of the first electronic equipment reach the preset times, wherein the prompt instruction is used for prompting the second electronic equipment to display the first prompt information. The second electronic device is further configured to: when a prompt instruction sent by a first server is received, first prompt information is displayed, wherein the first prompt information comprises: and the first button is used for indicating to delete the trust ring, and sending a deletion ring request to the first server under the condition of receiving the selection operation of the first button, wherein the deletion ring request carries the account identification of the first account. The first server is further configured to: and receiving a ring deleting request sent by the second electronic equipment, deleting the first trust ring under the first account, and sending a trust ring deleting message to the second electronic equipment. The second electronic device is further configured to: and receiving a trust ring deleting message sent by the first server. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the trust ring or pauses the ring adding process of the device, thereby preventing the unsafe device from joining the trust ring, protecting cloud side user data and improving the security of user data protection.
In a sixth aspect, the present application provides a data protection system including a second electronic device and a first server. A second electronic device for: receiving a second screen locking code of a second electronic device input by a user, wherein the second electronic device is logged in to the first account, and when the second screen locking code is verified, receiving a first screen locking code of the first electronic device input by the user, wherein the first electronic device is an on-loop device of a first trust loop corresponding to the first account obtained from a first server; and generating a first authentication parameter based on the first screen locking code, and sending the first authentication parameter to a first server. The first server is used for: carrying out identity verification on the first electronic equipment based on the first authentication parameter, and accumulating the times of identity verification failure; when the number of times of identity verification failure of the first electronic equipment reaches a preset number of times, a prompt instruction is sent to the second electronic equipment; the second electronic device is further configured to: when a prompt instruction sent by a first server is received, first prompt information is displayed, wherein the first prompt information comprises: a second button for indicating to freeze a second electronic device add-on request; and sending a ring adding request to the first server under the condition that the second button selection operation is received. The first server is further configured to: when the number of times of authentication failure of the first electronic equipment reaches a preset number of times, and then a loop adding request sent by the second electronic equipment is received, the loop adding request of the second electronic equipment for the first trust loop corresponding to the first account is frozen, wherein the freezing duration is a preset duration; and receiving a ring adding request sent by the second electronic equipment, judging the residual freezing duration of the ring adding request of the first trust ring corresponding to the first account, and returning the residual freezing duration to the second electronic equipment. The second electronic device is further configured to: receiving the residual freezing duration returned by the first server; and displaying second prompt information under the condition that the residual freezing time length is greater than 0, wherein the second prompt information comprises the residual freezing time length. In this way, when the electronic device fails to verify the identity of the ring device based on the user personalized information of the ring device in the process of joining the trust ring, the server deletes the ring adding process of suspending the device, prevents the unsafe device from joining the trust ring and acquiring the user data from the cloud side, and improves the safety of the user data.
According to a sixth aspect, the second electronic device is further configured to: receiving a second screen locking code of second electronic equipment input by a user; when the second screen locking code passes verification, receiving a first screen locking code of the first electronic device input by a user; generating a first authentication parameter of the first electronic device based on the first screen locking code; and sending the first authentication parameters to the first server. The first server is further configured to: under the condition that the current residual freezing duration is 0, carrying out identity verification on the first electronic equipment based on the first authentication parameter; and after the identity of the first electronic device is verified based on the first authentication parameter, sending a first master key ciphertext of the first electronic device to the second electronic device. The second electronic device is further configured to: receiving a first master key ciphertext of a first electronic device, which is sent by a first server, decrypting the first master key ciphertext based on a first screen locking code to obtain a master key, encrypting the master key based on a second screen locking code to generate a second master key ciphertext of a second electronic device, generating a second authentication parameter based on the second screen locking code, and sending a ring adding request to the first server, wherein the ring adding request carries the second master key ciphertext and the second authentication parameter, and the first server adds the second master key ciphertext and the second authentication parameter to trust ring data of a first trust ring.
In a seventh aspect, the present application provides a computer readable storage medium comprising a computer program which, when run on an electronic device, causes the electronic device to perform any one of the data protection methods of the first or second aspects.
Drawings
Fig. 1 is a schematic structural diagram of an exemplary electronic device 100;
fig. 2 is a software architecture block diagram of an electronic device 100 of an embodiment of the present application, which is exemplarily shown;
FIG. 3 is a schematic diagram illustrating information interaction during creation of a trust ring;
FIG. 4 is a schematic diagram illustrating interaction between a device and a cloud side during creation of a trust ring;
FIG. 5A is a schematic diagram of an interface into a My device application with an exemplary shown logged-in account;
FIG. 5B is a schematic diagram of an interface into a My device application with an unregistered account shown by way of example;
FIG. 6 is a schematic diagram illustrating an interface from a "My devices" application in device A to a "password safe synchronization" application;
FIG. 7A is a schematic diagram illustrating a process for entering a "password safe" interface with device A having set a lock screen code;
FIG. 7B is a schematic diagram illustrating a process for entering a "password safe" interface without a lock screen code being set by device A;
FIG. 8 is a schematic diagram illustrating a process for opening a "password safe sync" switch in a scenario in which a trust ring is created;
FIG. 9 is a schematic diagram illustrating a process of turning on a "synchronize to glory account" switch in a scenario in which a trust ring is created;
FIG. 10 is a schematic flow diagram of an exemplary illustrated creation of a trust ring;
FIG. 11 is a schematic diagram illustrating an exemplary embodiment of a device A synchronizing a service data ciphertext to an account management server after creating a trust ring;
FIG. 12 is a schematic diagram illustrating the interaction of modules of a synchronous traffic data ciphertext;
FIG. 13 is a schematic diagram illustrating an interface of a synchronous service data ciphertext to an account management server;
FIG. 14 is a schematic diagram illustrating information interaction during a device B joining a trust ring;
FIG. 15 is a schematic diagram illustrating an interface from a "My device" application in device B to a "password safe synchronization" application;
FIG. 16A is a schematic diagram illustrating the process of entering the "safe in password" interface and opening the "safe in password" switch with device B having set the lock screen code;
FIG. 16B is a schematic diagram illustrating a process for entering the "safe" interface and opening the "safe sync" switch without the lock screen code set by device B;
FIG. 17 is a schematic diagram illustrating a process of turning on a "synchronize to glory account" switch in the scenario where device B joins a trust ring;
FIG. 18 is a flow chart illustrating the joining of a trust ring by device B;
fig. 19 is a schematic diagram illustrating synchronization of service data ciphertext from an account management server after a device B joins a trust ring;
FIG. 20 is a schematic diagram illustrating an interface for synchronizing business data ciphertext from an account management server;
FIG. 21 is a schematic diagram illustrating information interaction for triggering an anti-riot process during a trust ring joining process by device B;
FIG. 22 is a schematic diagram of an exemplary trigger anti-riot interface;
FIG. 23 is a schematic flow diagram of an exemplary illustrated trigger anti-riot;
FIG. 24 is an interface diagram of an exemplary illustrated deletion process in a trigger anti-riot process;
fig. 25 is a schematic diagram of a deletion flow in an exemplary illustrated anti-riot flow;
FIG. 26 is an interface schematic diagram of a freeze flow in an exemplary illustrated anti-riot flow;
FIG. 27 is another interface schematic of a freeze flow in the exemplary illustrated anti-riot flow;
fig. 28 is a schematic diagram of a freezing flow in an exemplary illustrated anti-riot flow.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
The term "and/or" is herein merely an association relationship describing an associated object, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone.
The terms first and second and the like in the description and in the claims of embodiments of the present application are used for distinguishing between different objects and not necessarily for describing a particular sequential order of objects. For example, the first target object and the second target object, etc., are used to distinguish between different target objects, and are not used to describe a particular order of target objects.
In the embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as examples, illustrations, or descriptions. Any embodiment or design described herein as "exemplary" or "for example" should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present application, unless otherwise indicated, the meaning of "a plurality" means two or more. For example, the plurality of processing units refers to two or more processing units; the plurality of systems means two or more systems.
Fig. 1 is a schematic diagram of an exemplary illustrated electronic device 100. It should be understood that the electronic device 100 shown in fig. 1 is only one example of an electronic device, and that the electronic device 100 may have more or fewer components than shown in the figures, may combine two or more components, or may have a different configuration of components. The various components shown in fig. 1 may be implemented in hardware, software, or a combination of hardware and software, including one or more signal processing and/or application specific integrated circuits.
The electronic device 100 may be a mobile phone, a tablet, etc.
The electronic device 100 may include: processor 110, external memory interface 120, internal memory 121, universal serial bus (universal serial bus, USB) interface 130, charge management module 140, power management module 141, battery 142, antenna 1, antenna 2, mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headset interface 170D, sensor module 180, keys 190, motor 191, indicator 192, camera 193, display 194, and subscriber identity module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.
The software system of the electronic device 100 may employ a layered architecture, an event driven architecture, a microkernel architecture, a microservice architecture, or a cloud architecture. In this embodiment, taking an Android system with a layered architecture as an example, a software structure of the electronic device 100 is illustrated.
The layered architecture of the electronic device 100 divides the software into several layers, each with a distinct role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into three layers, an application layer, an application framework layer, and a kernel layer from top to bottom.
The application layer may include a series of application packages.
As shown in FIG. 2, the application package may include applications such as sensors (which may also be referred to as desktops and wallpapers), HMS core, trust ring, password safe, and the like. For example, the sensor may monitor user sliding, pressing, etc. of the screen, and the HMS core provides a collection of electronic device side, cloud opening capabilities. The trust ring application is used for creating and managing the trust ring for the account number, wherein the management of the trust ring includes but is not limited to: adding devices to the trust ring, deleting devices from the trust ring, deleting the trust ring, freezing the trust ring, updating master key ciphertext under the trust ring, and the like. The password safe is used for managing business data synchronized to an account management server by a user, for example: a login account and a password for a service.
The application framework layer provides an application programming interface (application programming interface, API) and programming framework for application programs of the application layer. The application framework layer includes a number of predefined functions.
As shown in fig. 2, the application framework layer may include a window manager, a view system, an F interface, and a resource manager, among others.
The window manager is used for managing window programs. The window manager can acquire the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen, send interface information display instructions to the view system, and the like.
The view system includes visual controls, such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, a display interface including a text message notification icon may include a view displaying text and a view displaying a picture.
The resource manager provides various resources for the application program, such as localization strings, icons, pictures, layout files, video files, and the like.
The F interface is an external service interface of the trust ring.
The application layer and the application framework layer run in a virtual machine. The virtual machine executes java files of the application program layer and the application program framework layer as binary files. The virtual machine is used for executing the functions of object life cycle management, stack management, thread management, security and exception management, garbage collection and the like.
The system library may include a plurality of functional modules. For example: a two-dimensional graphics engine (e.g., SGL), a key asset trust ring CA, a surface manager, etc.
The surface manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications. The two-dimensional graphics engine is a drawing engine for two-dimensional images.
The key asset trust ring CA may also be referred to as a trust ring service module, and is mainly used for message transparent transmission between an upper layer trust ring application and a lower layer key asset trust ring TA.
The kernel layer is a layer between hardware and software. The kernel layer contains at least a display driver, a sensor driver, a W-iFi driver, and a key asset trust ring TA. The display driver is used to drive the display 194, the wi-Fi driver is used to drive the wireless communication module 160, and the sensor driver is used to drive the sensor module 180.
The key asset trust ring TA may also be referred to as a trust ring module, and is configured to implement core security logic, provide a trusted execution environment, generate a master key in the trusted execution environment, encrypt the master key to generate a master key ciphertext, and so on. For the specific functions of the key asset trust ring CA and the key asset trust ring TA, the related description in the flow description such as ring creation, ring addition, ring deletion, riot prevention, equipment offline in the trust ring, master key updating, master key ciphertext updating and the like is referred to.
It is to be understood that the components contained in the system framework layer and runtime layer shown in fig. 2 do not constitute a particular limitation of the electronic device 100. In other embodiments of the present application, electronic device 100 may include more or fewer components than shown, or certain components may be combined, or certain components may be split, or different arrangements of components.
When using an electronic device, a user typically needs to memorize a lot of password data, such as a password of a mailbox account, a password of a network disk account, a password of a smart home control right, and the like. When such password data is large, if the user is allowed to record the password data of each service independently, great difficulty is caused to the user's memory. Therefore, the user hopes to upload the password data to the cloud side for storage through the data synchronization function, and the password data is directly obtained from the cloud side when in use, and the user does not need to memorize the password data.
However, for such cryptographic data, the user has different security requirements than for general data to be synchronized, e.g. for pictures, address books, short messages, etc. Such cryptographic data, once compromised, would cause significant loss to the user. Therefore, users have high security requirements for such cryptographic data. At this time, the disadvantage that the cloud side cannot self-verify the security of the data synchronized to the cloud side is reduced, and the high security requirement of such password data cannot be satisfied.
The data protection method enables the cloud side to be self-certificated and can provide support for data synchronization of service data with high security requirements such as password data.
The data protection method of the present application will be described in detail with reference to the accompanying drawings.
Creating trust loops
FIG. 3 is a schematic diagram illustrating information interaction during creation of a trust ring. FIG. 4 is a schematic diagram illustrating interaction of a device with the cloud side during creation of a trust ring. Fig. 10 is a schematic flow diagram illustrating creation of a trust ring.
The process of creating a trust ring according to embodiments of the present application is described in detail below in conjunction with fig. 3, 4, and 10.
In the embodiment of the present application, assuming that the glowing account number of the device a is account number 1, taking the process of creating the trust ring by taking the process of creating the trust ring 1 by taking the process of initiating registration to the trust ring cloud by the device a for the first time as an example, the process of creating the trust ring is described. The application that can trigger the creation of the trust ring flow may be any application under the glowing account, and here, the creation of the trust ring flow is illustrated by triggering the "password safe synchronization" application under the glowing account.
Where "registration" herein refers to the process of adding a device to a trust ring. When the first device is registered, because the trust ring is not yet established under the account, the trust ring needs to be established first, and then the device is added into the trust ring, and the process of registering the first device is called establishing the trust ring. The non-head device registration process is referred to herein as joining the trust ring, as it only requires the device to be added to the existing trust ring.
It is assumed herein that account number 1 includes 3 devices, respectively glowing V40 (i.e., device a), glowing V30 (noted device B), and glowing V50 (noted device C).
It should be noted that, the actions performed by the various clouds herein should be understood as actions performed by the servers in the respective clouds. For example, the actions performed by the account management server are performed by the account management server, and the actions performed by the trust ring cloud are performed by the trust ring cloud server.
Referring to fig. 3, in the process of creating a trust ring, a device a sends a request of a login account 1 to an account management server, and after the request of the account management server for the login account 1 is verified, a verification passing message is returned to the device a; after receiving the verification passing message, the device A generates a master key ciphertext EMK11 of the device A and an authentication parameter PAKE11 of the device A, sends the EMK11 and the PAKE11 to the trust ring cloud, and after receiving the EMK11 and the PAKE11 sent by the device A, the trust ring cloud creates a trust ring 1 for the account number 1 and adds the device A into the trust ring 1.
Referring to fig. 10, in an embodiment of the present application, a process of creating a trust ring by a device a may include the following steps:
step S1: device a logs in to account 1.
The device a is described herein as an example of a glory V40 cell phone. It should be understood that device a may be any electronic device that has installed the trust ring creation functionality of the present application, and the present application is not limited.
Device a needs to initiate registration with the trust ring cloud with the logged-in account to create the trust ring. If device A does not have a login account, it needs to first login account.
FIG. 5A is a schematic diagram of an interface into a My device application with an exemplary illustrated logged-in account. FIG. 5B is a schematic illustration of an interface into a My device application with an unregistered account shown exemplary. Fig. 6 is a schematic diagram illustrating an interface from a my device application to a password safe synchronization application in device a.
Referring to fig. 5A and 6, in the case where device a has logged in to account 1 (assuming account 1 is 1581991 ××), the user may click on the "set" application icon in the device a main interface (as shown in fig. 5A (a)), and enter the "set" interface shown in fig. 5A (b). At the "setup" interface, the user clicks on account 1 (i.e., 1581991 ××), and enters the "account center" interface shown in fig. 5A, diagram (b). At the "Account center" interface, the user clicks on "My device" and proceeds to the "My device" interface shown in FIG. 6 (b). Find the current device in the My device interface, i.e., glory V40, click on glory V40 to enter the device info interface shown in FIG. 6 (c). In the "device info" interface, the user continues to click on the "password safe synchronization" application in the interface, and may enter the "password safe" interface. And after the ' password safe ' interface is opened, the ' password safe synchronization ' switch is clicked to be synchronized to the glowing account number ', namely, the process of creating the trust ring is triggered. The processes of entering the "password safe" interface, opening the "password safe synchronization" switch, and opening the "synchronize to glowing account" switch are described later herein.
It should be noted that if a trust ring is already present under account number 1, a "trusted device" will be displayed under the device that has joined the trust ring on the my device interface. The device identified as the "trusted device" is the device that has joined the trust ring, i.e., the registered device, see the interface shown in the subsequent figure 15 (b). If there is no trust ring under account number 1, for example on the "my devices" interface of device a shown in figure 6 (b), none of the 3 glowing devices are trusted devices, indicating that there is no trust ring under account number 1 currently.
Referring to fig. 5A, 5B and 6, in the case that the device a does not log in to the account number 1, after clicking the "set" application icon (as shown in fig. 5A) in the main interface of the device a, the user enters the "set" interface shown in fig. 5B (a). At the "setup" interface, the user clicks "login glowing account", and enters the glowing account login interface shown in fig. 5B (B). In the glory account login interface, the user inputs account 1 (1581991 ××) and a login password (assuming key 1), and device a sends a request for login account 1 to the account management server, with account 1 (1581991 ×) and login password key1.
Referring to fig. 4, a user may send a request for logging in an account 1 to an account management server through an account management module of an application layer of the device a to log in the account 1.
After the device a successfully logs in to the account number 1, the process of creating the trust ring is triggered according to the process under the condition of the logged-in account number, and the process is shown in fig. 5A (c), fig. 5 (d) and fig. 6, which are not repeated here.
Step S2: the account management server returns a verification passing message.
The information of the account number 1 is pre-stored in the account number management server, the information comprises a login password corresponding to the account number 1, and the login password of the account number 1 stored in the account number management server is assumed to be key0. After receiving the request of the login account 1 sent by the equipment A, the account management server verifies the request of the login account 1 according to the information of the account 1 locally stored by the account management server. If the password key1 of the login account 1 carried in the request of the login account 1 is consistent with the login password key0 of the account 1 stored locally by the account management server, the account management server determines that the login verification of the account 1 is passed. At this time, the account management server returns a verification passing message to the device a.
If the password key1 of the login account 1 carried in the request of the login account 1 is inconsistent with the login password key0 of the account 1 stored locally by the account management server, the account management server determines that the login verification of the account 1 fails. At this time, the account management server returns a verification failure message to the device a. At this time, the user needs to reenter the account number and the login password through the diagram (B) of fig. 5B.
Referring to fig. 4 and 10, the device a receives a verification passing message or a verification failure message through the account management module.
S3: and sending a registration opening notification.
Referring to fig. 4 and fig. 10, in the case that the account management module of the device a receives a verification passing message returned by the account management server, the account management module in the device a sends a registration opening notification to the trust ring service module of the application framework layer. The registration initiation notification is used to instruct the trust ring service module to initiate a registration process.
Here, a process of device a entering the "safe in password" interface and turning on the "safe in password" switch in the process of creating the trust ring will be described.
Fig. 7A is a schematic diagram illustrating a process of entering a "password safe" interface with device a having set a lock screen code. Referring to fig. 7A, in the case where the user of the device a has set the screen lock code (may also be referred to as a screen lock code) of the device a, when the user clicks the "safe synchronization for password" application in the "device information" interface (refer to fig. 7A (a)), the device a pops up the "enter screen lock code" interface (refer to fig. 7A (b)). If the user inputs the screen locking code on the screen locking code input interface and the screen locking code is correct, the screen of the device a enters the code safe interface (see fig. 7A (c)). At this time, both the "password safe synchronization" switch and the "synchronize to glowing account" switch on the "password safe" interface are in the off state.
Fig. 7B is a schematic diagram illustrating a process of entering a "password safe" interface without a lock screen code being set by device a. Referring to fig. 7B, in the case where the user of the device a does not set the screen lock code of the device a, when the user clicks the "password safe synchronization" application in the "device information" interface (refer to fig. 7B (a)), the device a pops up the "set digital screen lock password" interface (refer to fig. 7B (B)). After the user inputs the screen locking code on the interface "set digital screen locking code" shown in fig. 7B (B), the device a pops up the interface "set digital screen locking code" for confirming the code (see fig. 7B (c)). The user inputs the screen locking code again on the interface shown in fig. 7B (c), and if the screen locking code input again is identical to the screen locking code input by the user on the interface shown in fig. 7B (B), the screen of the apparatus a enters into the "password safe" interface shown in fig. 7B (d), which is identical to the interface shown in fig. 7A (c).
Fig. 8 is a schematic diagram illustrating a process of turning on a "password safe sync" switch in a scenario of creating a trust ring. Referring to fig. 8, when the user clicks the "safe synchronization" switch on the "safe synchronization" interface (refer to fig. 8 (a)), the device a pops up the alert interface shown in fig. 8 (b) on the screen, and the alert interface is used to alert the user whether to agree to start the safe synchronization service. When the user clicks the "agree" button on the reminder interface (see fig. 8 (b)), the "password safe synchronization" switch on the "password safe" interface is turned on (see fig. 8 (c)).
The trust ring service module, upon receiving the registration initiation notification, cannot determine whether to initiate a process of creating a trust ring or join a process of joining a trust ring, and needs to determine by detecting a registration state.
S4: the trust ring service module in device a detects the registration status of device a.
The registration state includes both unregistered and registered states. The unregistered state is used to indicate that the device is currently unregistered with the trust ring, and the registered state is used to indicate that the device is currently registered with the trust ring.
S5: and when detecting that the registration state of the equipment A is unregistered, the equipment A sends a registration state comparison request to the trust ring cloud.
The registration state comparison request is used for indicating a comparison result of the registration state of the device A detected by the trust ring service module and the registration state of the device A stored in the trust ring cloud.
The registration status comparison request includes the UID (device identifier) of the device a and the UDID (account identifier) of the account to which the device a belongs.
S6: the trust ring cloud returns a first registration state confirmation message to the trust ring service module in device a.
The first registration status confirmation message is used for indicating that no trust ring exists under the account number 1.
After receiving the registration state comparison request of the equipment A, the trust ring cloud compares whether a trust ring exists under the account number 1, and compares whether the equipment A is in the trust ring under the condition that the trust ring exists under the account number 1. When no trust ring exists under the account number 1, the trust ring cloud generates a first registration state confirmation message and sends the first registration state confirmation message to the device A.
Based on the first registration state confirmation message returned by the trust ring cloud, the equipment A determines that the registration execution creates a trust ring flow.
S7: the trust ring service module in device a receives the lockscreen code pw11 of device a entered by the user.
Here, a procedure of turning on a "synchronize to glory account" switch in creating a trust ring will be described.
Fig. 9 is a schematic diagram illustrating a process of turning on a "synchronize to glory account" switch in a scenario of creating a trust ring. Referring to fig. 9, when the user clicks the "synchronize to glowing account" switch on the "password safe" interface where the "password safe synchronization" switch is turned on (see fig. 9 (a)), the "enter screen password" interface pops up on the screen of the device a (see fig. 9 (b)). If the user inputs the screen locking code of the device A on the screen locking code input interface, the trust ring service module in the device A receives the screen locking code of the device A input by the user. If the screen locking password of the device a input by the user is correct, after the device a completes the process of creating the trust ring, the device a enters a "password safe" interface in which both the "password safe synchronization" switch and the "synchronize to glowing account" switch are in an on state (see (c) diagram of fig. 9).
Note that, the user clicks the "synchronize to glowing account" switch on the interface shown in fig. 9 (a) (see fig. 9 (a)) to trigger the device a to execute step S3 in fig. 10 and the step of creating the trust circulation flow after step S3.
The screen locking code of the device a belongs to the secret of the user of the device a, and is unknown to the cloud side.
S8: the trust ring service module of device a verifies the lockscreen code pw11 of device a.
The process of verifying the screen locking code of the device a may be: and the equipment A compares the screen locking code input by the user with the screen locking code stored in the equipment A in advance, if the screen locking code and the screen locking code are consistent, the verification is passed, and otherwise, the verification fails.
Here, the trust ring service module verifies the screen locking code of the device a input by the user on the interface shown in fig. 9 (b), and after the verification is passed, the subsequent step S9 can be continuously performed. If the verification fails, device A will revert back to the interface shown in FIG. 9 (b) and prompt the entered lockscreen code for errors at the interface.
S9: the trust ring service module derives PWUATH11 based on the lock screen code of device a.
Assuming that the screen locking code input by the user at this time is pw11, the trust ring service module derives PWUATH11 based on pw11.
Since pw11 belongs to the user secret of device a, pw11 cannot be obtained by the cloud side, and PWUATH11 derived based on pw11 cannot be obtained by the cloud side.
Since PWUATH11 is generated based on the user secret pw11 unknown to the cloud side, PWUATH11 is unknown to the cloud side.
S10: the trust ring service module of device a sends PWAUTH11 to the trust ring module in the trusted execution environment of device a.
Subsequently, the trust ring module generates the master key ciphertext EMK11 and the parameter PAKE11 based on the PWAUTH11, and the generation manner of the EMK11 and the PAKE11 is detailed in steps S11 to S14 of fig. 10.
S11: the trust ring module generates MK.
The device A generates MK, namely a master key, through the trust ring module, and MK is stored in a trusted execution environment of the device A, so that the device A cannot be stolen even if the device A is attacked by MK, and therefore the security is high.
S12: the trust ring module encrypts MK based on PWAUTH11, generating EMK11.
EMK11 is the first master key ciphertext. The trust ring module derives a key KEK11 based on PWAUTH11 and generates EMK11 based on the KEK11 encrypting MK.
S13: the trust ring module of device a sends EMK11 to the trust ring service module of device a.
After the trust ring module generates the EMK11, the EMK11 is sent to the trust ring service module, and the salt_enc11 is also sent to the trust ring service module while the EMK11 is sent.
S14: the trust ring service module in device a generates a parameter PAKE11 based on PWAUTH 11.
S15: and the device A sends a ring creation request carrying the EMK11 and the parameter PAKE11 to the trust ring cloud through the trust ring service module.
Device A sends a ring creation request to the trust ring cloud through the trust ring service module, and PAKE11 parameter registration and EMK11 hosting can be completed through the request.
In order to improve the security of the EMK11, the trust ring service module performs secondary encryption on the EMK11 based on the public key of the trust ring cloud HSM obtained during login before sending the EMK11 to obtain a two-layer ciphertext of the master key.
S16: the trust ring cloud creates a trust ring 1 for account number 1 in response to the ring creation request and adds device a to the trust ring 1.
The trust ring cloud responds to the ring creation request sent by the device A to create a trust ring 1 for the account number 1, when other devices under the account number 1, such as the device B and the device C, send registration state comparison requests to the trust ring cloud, the trust ring cloud returns confirmation messages which exist in the trust ring 1 but the device B and the device C are not in the trust ring, the device B and the device C execute a process of joining the trust ring, and the specific process of joining the trust ring refers to the following related description.
After the trust ring 1 is created, the trust ring 1 data managed in the trust ring cloud is shown in table 1:
TABLE 1
UID UDID Parameter PAKE Master key ciphertext
Account number 1 Device A PAKE11 EMK11
S17: the trust ring cloud returns a ring creation success message to the trust ring service module of the device A.
After the trust ring cloud creates the trust ring 1 for the account number 1 and adds the device A to the trust ring 1, a ring creation success message is returned to the device A, and after the device A receives the ring creation success message, a switch of synchronizing to the glowing account number in a password safe interface is started, as shown in a (c) diagram of fig. 9. After the switch of synchronizing to the glowing account number is turned on, the user can perceive that the device A has successfully joined the trust ring, and the service data in the password safe can be synchronized to the account management server, so that other devices in the trust ring 1 under the account number 1 can share the service data.
The trust ring creation process ends, and device a completes registration.
After the device A completes registration, the trust ring service module of the device A modifies the registration state of the device A to registered.
Through the trust ring creation process, the account-level master key MK is protected based on the user secret, and the cloud side cannot decrypt the hosted master key ciphertext because the user secret is unknown to the cloud side, so that the risk of master key leakage is reduced, the security of the master key MK is improved, the cloud side can self-prove the security, and support can be provided for data synchronization of service data with high security requirements.
It should be noted that the above procedure should be understood as a schematic example of the process of creating a trust ring in the present application, and is not intended to limit the present application.
Fig. 11 is a schematic diagram schematically illustrating that after a trust ring is created, device a synchronizes a service data ciphertext to an account management server. Fig. 12 is a schematic diagram illustrating the module interaction of the synchronous service data ciphertext. Fig. 13 is a schematic diagram illustrating an interface between the ciphertext of the synchronous service data and the account management server. Referring to fig. 11, 12 and 13, in the case that the trust ring 1 of the account number 1 has been created and the device a has been added to the trust ring 1, the device a may encrypt the sensitive service data with MK to obtain a service data ciphertext, and upload the service data ciphertext to the account number management server.
The process of synchronizing the service data ciphertext to the account management server by the device A after the trust ring is created is as follows:
referring to fig. 12, the cryptographic safe of the application layer in the device a reads the plaintext of the service data, and then stores the plaintext of the service data in the service data storage service module of the application framework layer, where the service data storage service module sends the plaintext of the service data to the key management module in the trusted execution environment. The trust ring module generates a service key dkey according to MK, the key management module reads the dkey from the trust ring module, and encrypts service data by using the dkey to obtain service data ciphertext Edata. The key management module returns the service data ciphertext Edata to the service data storage service module, and the service data storage service module uploads the service data ciphertext Edata to the account management server through the service data synchronization service module and the account management server synchronization framework of the application program layer.
It should be noted that, the service keys dkey corresponding to different services are different, and the device a may generate the service keys of different services according to MK.
For example, referring to fig. 13, when a user uses service 1 on device a, the user needs to input the account number and the password of service 1, as shown in fig. 13 (a). After the account number and password of service 1 are input, device a pops up information indicating whether to synchronize the account number and password of service 1 to the password safe, as shown in fig. 13 (b). If the user agrees, the device a takes the account number and the password of the service 1 as the service data1 of the service 1, and uploads the ciphertext Edata1 of the data1 to the account management server according to the same synchronization process as the service data.
As can be seen from the above, in the embodiment of the present application, the service data ciphertext in the account management server does not depend on the account security completely, but also depends on the security of MK, so that even if the account is stolen, the security of the data on the cloud is not affected.
The service data of the user is encrypted based on the master key with high security, and then the service data ciphertext is synchronized to the account management server, so that the risk of leakage of the service data ciphertext is reduced, and the security of data synchronous backup is improved.
Joining trust loops
On the basis that device a has created the trust ring 1 of account number 1, device B under account number 1 may join the trust ring 1 according to the join trust ring procedure in the following embodiment. Before device B joins trust ring 1, only device a is the ring device in trust ring 1.
Fig. 14 is a schematic diagram illustrating information interaction during joining of a trust ring by a device B. Fig. 18 is a flow chart illustrating joining of the trust ring by the device B.
The process of joining a trust ring in an embodiment of the present application is described in detail below in conjunction with fig. 14 and 18.
Referring to fig. 14, after the device a is registered as the first device, the process of creating the trust ring is completed, the device a has uploaded the master key ciphertext EMK11 of the device a, that is, the first master key ciphertext, and the authentication parameter PAKE11 of the device a to the trust ring cloud, and thereafter, other devices, for example, the device B, are registered by joining the trust ring flow. In the process that the device B joins the trust ring 1, the device B sends an authentication parameter PAKE12 of the device A in the trust ring 1 to the trust ring cloud, and after confirming that the PAKE12 is consistent with the authentication parameter PAKE11 of the device A stored in the trust ring 1, the trust ring cloud returns a master key ciphertext EMK11 of the device A to the device B. Then, the device B decrypts MK from the EMK11, encrypts MK based on the lock screen code of the device B, generates a master key ciphertext EMK21 of the device B, that is, a second master key ciphertext, and an authentication parameter PAKE21 of the device B, and sends the EMK21 and the PAKE21 to the trust ring cloud.
Referring to fig. 18, in an embodiment of the present application, the process of joining a trust ring by a device B may include the following steps:
s1: device B logs in to account 1.
Like device a, device B logs in to account 1 by sending a request to the account management server to log in to account 1. For details of the process of the login account 1 of the device B, please refer to the process description of the login account 1 of the device a, and the details are not repeated here.
And S2, the account management server returns a verification passing message to the equipment B.
The processing procedure of the request of the account management server for the login account 1 of the device B is referred to the processing procedure of the request of the account management server for the login account 1 of the device a, and will not be described herein.
After device B successfully logs into account 1, the user may enter the "account center" interface through the flow indicated in (B) and (c) of fig. 5A, and find the "my device" application.
S3: and sending a registration opening notification.
Referring to fig. 4 and fig. 18, in the case that the account management module of the device B receives the verification passing message returned by the account management server, the account management module in the device B sends a registration opening notification to the trust ring service module of the application framework layer. The registration initiation notification is used to instruct the trust ring service module of device B to initiate a registration procedure.
Here, a process of entering the "safe in password" interface and turning on the "safe in password" switch during the process of joining the trust ring will be described.
Fig. 15 is a schematic diagram illustrating an interface from a my device application to a safe sync application in device B. As can be seen by comparing fig. 6, there is a trusted device glowing V40, device a, on the my device interface of device B during the joining of the trust ring. This illustrates that a trust ring already exists under account 1.
Fig. 16A is a schematic diagram illustrating a process of entering the "safe with lock code" interface and turning on the "safe sync" switch with device B having set the lock code. Referring to fig. 16A, in the case where the user of the device B has set the lock code of the device B, when the user clicks on the "password safe synchronization" application in the "device information" interface (refer to fig. 16A (a)), the device B pops up the "enter lock code" interface (refer to fig. 16A (B)). If the user inputs the screen lock code in the "enter screen lock code" interface and the screen lock code is correct, the screen of device B enters the "code safe" interface (see fig. 16A (c)). At this time, both the "password safe synchronization" switch and the "synchronize to glowing account" switch on the "password safe" interface are in the off state. Unlike device a in creating a trust ring, device B, in joining a trust ring, when the user clicks the "safe sync" switch on the "safe sync" interface shown in fig. 16A (c), the screen of device B switches directly to the interface shown in fig. 16A (d), i.e., the "safe sync" switch is on, while the "sync to glowing account" interface is unopened.
Fig. 16B is a schematic diagram illustrating a process of entering the "safe with lock code" interface and turning on the "safe sync" switch when device B is not set. Referring to fig. 16B, the process of entering the "code safe" interface and opening the "code safe synchronization" switch when the device B does not set the screen locking code is different from the process of entering the "code safe" interface and opening the "code safe synchronization" switch when the device B has set the screen locking code shown in fig. 16A in that the device B needs to set the screen locking code (see fig. 16B) and confirm the screen locking code (see fig. 16B) when the device B does not set the screen locking code, and the rest of the processes are the same as those when the screen locking code has been set, and will not be repeated here.
S4: the trust ring service module in device B detects the registration status of device B.
For the description of this step, please refer to the previous description of step S4 of fig. 10, and the description is omitted here.
S5: and when detecting that the registration state of the equipment B is unregistered, sending a registration state comparison request.
For the description of this step, please refer to the previous description of step S5 of fig. 10, and the description is omitted here.
S6: and returning a second registration state confirmation message.
Wherein the second registration status confirmation message is used to indicate that the trust ring 1 exists under the account number 1, but the device B is not on the trust ring 1.
After receiving the registration state comparison request of the equipment B, the trust ring cloud compares whether a trust ring exists under the account number 1. At this time, since the trust ring has created the trust ring 1 of the account number 1 at the time of device a registration, it is confirmed that the trust ring exists under the account number 1. Then, the trust ring cloud confirms that the device B is not in the trust ring according to the trust ring data of the account number 1 shown in table 1, and at this time, the trust ring cloud generates a second registration state confirmation message and sends the second registration state confirmation message to the device B.
Based on a second registration state confirmation message returned by the trust ring cloud, the equipment B determines that the registration execution joins the trust ring flow.
S7: the trust ring service module in device B receives the lockscreen code pw21 of device B entered by the user.
Fig. 17 is a schematic diagram illustrating a process of turning on a "synchronize to glory account" switch in a scenario in which device B joins a trust ring. Referring to fig. 17, when the user clicks the "synchronize to glowing account" switch on the "password safe" interface where the "password safe synchronization" switch is turned on (see fig. 17 (a)), the "enter screen password" interface pops up on the device B screen (see fig. 17 (B)). If the user inputs the screen locking code of the device B on the screen locking code input interface, the trust ring service module in the device B receives the screen locking code of the device B input by the user.
S8: the trust ring service module of device B verifies the lockscreen code pw21 of device B and derives PWAUTH21 based on the lockscreen code pw21 of device B.
The process of the screen locking code pw21 of the verification device B refers to the process of the screen locking code pw11 of the verification device a, which is not described herein.
S9: the trust ring service module of device B obtains a list of devices in trust ring 1.
The trust ring service module of the device B may send a request for obtaining the device list in the trust ring 1 to the trust ring cloud, and after receiving the request, the trust ring cloud returns the device list in the trust ring 1 to the trust ring service module of the device B.
S10: the trust ring cloud returns the list of devices in the trust ring 1 to the trust ring service module of device B.
Included in the list of devices in the trust ring 1 are all devices that have currently joined in the trust ring 1. In the embodiment of the present application, since the device a is a device that creates the trust ring 1, and the device B is a device that joins the trust ring 1 for the first time, in the process that the device B joins the trust ring 1, the device list in the trust ring 1 returned by the trust ring cloud includes only one device a.
S11: the trust ring service module of the equipment B displays a screen locking code input interface of the equipment A, receives a screen locking code pw12 of the equipment A input by a user, and generates a parameter PAKE12 based on the screen locking code pw 12.
With continued reference to fig. 17, if the screen lock password of the device B input by the user on the interface shown in fig. 17 (B) is correct, the screen of the device B pops up the "input other glory device screen lock password" interface (see fig. 17 (c)), and the "other glory device" in fig. 17 (c) is glory V40, i.e., device a. The user inputs the screen locking code pw12 of the device a on the interface of "input other glowing device screen locking codes", if the screen locking code pw12 of the device a input by the user is correct, the device B enters the "safe synchronization" switch and the "safe synchronization to glowing account number" switch which are both in the on state after the execution of the trust ring joining process (see (d) diagram of fig. 17).
Note that, the user clicks the "synchronize to glowing account" switch on the interface shown in fig. 17 (a) (see fig. 17 (a)) to trigger the device a to execute step S3 in fig. 18 and the join trust loop procedure step after step S3.
The screen locking code of the device B belongs to the secret of the user of the device B, and is unknown to the cloud side.
The generation principle of the parameter PAKE12 is the same as that of the parameter PAKE11, and will not be described herein.
S12: the trust ring service module of device B sends the parameter PAKE12 to the trust ring cloud.
During the joining process of the device B to the trust ring 1, the trust ring cloud needs to verify the identity of the device already in the trust ring 1, and when the verification is passed, the joining process to the trust ring 1 is allowed, otherwise, the trust ring cloud prohibits the joining process of the device B to the trust ring 1.
S13: after the trust ring cloud passes the authentication of the device a based on the parameter PAKE12, the trust ring cloud returns the EMK11 of the device a to the trust ring service module of the device B.
S14, the trust ring service module of the equipment B sends EMK11 and PWAUTH21 to the trust ring module of the equipment B.
The trust ring module is located in a trusted execution environment of the device B, where the device B needs to decrypt the EMK11 to retrieve MK, and encrypt MK based on PWAUTH21 in the trusted execution environment to obtain EMK21.
S15, the trust ring module of the equipment B decrypts the EMK11 to obtain MK, and encrypts the MK based on PWAUTH21 to obtain EMK21.
S16: the trust ring module of device B sends EMK21 to the trust ring service module of device B.
S17: device B generates a parameter PAKE21 based on PWAUTH21.
The process is described in S15, and will not be repeated here.
S18: the trust ring service module of the device B sends a ring adding request carrying the EMK21 and the parameter PAKE21 to the trust ring cloud.
S19: the trust ring cloud joins device B in trust ring 1 in response to the add ring request.
After the device B joins the trust ring 1, the trust ring 1 data managed in the trust ring cloud is shown in table 2:
TABLE 2
UID UDID Parameter PAKE Master key ciphertext
Account number 1 Device A PAKE11 EMK11
Account number 1 Device B PAKE21 EMK21
S20: the trust ring cloud returns a loop adding success message to the trust ring service module of the device B.
After the trust ring cloud adds the device B to the trust ring 1, a loop adding success message is returned to the device B, and after the device B receives the loop adding success message, a switch for synchronizing to the glowing account number in the password safe interface is turned on, as shown in a (d) diagram of fig. 17. After the switch of synchronizing to the glowing account number is turned on, the user can perceive that the device B has successfully joined the trust ring, and the service data in the password safe can be synchronized to the account management server, so that other devices in the trust ring 1 under the account number 1 can share the service data.
To this end, the process of joining the trust ring 1 by the device B is completed, and the device B completes registration.
After the device B completes registration, the trust ring service module of the device B modifies the registration state of the device B to registered.
As can be seen through the trust ring joining process, in the embodiment of the present application, the cloud side sends the managed master key ciphertext of the registered device to the ring adding device, and the ring adding device decrypts the master key ciphertext of the registered device based on the user secret of the registered device to obtain the master key MK.
It should be noted that the above process should be understood as a schematic example of the process of adding a trust ring in the present application, and is not intended to limit the present application.
Fig. 19 is a schematic diagram illustrating synchronization of service data ciphertext from an account management server after a device B joins a trust ring. Fig. 20 is a schematic diagram illustrating an interface for synchronizing a service data ciphertext from an account management server. Referring to fig. 19, 12 and 20, in the case that the trust ring 1 of the account number 1 has been created, the device a has been added to the trust ring 1, and the device a has uploaded the service data ciphertext Edata to the account management server, the device B may synchronize the service data ciphertext Edata from the account management server to the device B, and decrypt with MK locally at the device B, to obtain the service data plaintext data.
The process of synchronizing the service data ciphertext from the account management server by the equipment B after the trust ring is added is as follows:
referring to fig. 12, the service data synchronization service module in the device B obtains the service data ciphertext Edata from the account management server through the account management server synchronization framework of the application layer. Then, the service data synchronization service module in the device B sends the service data ciphertext Edata to the service data storage service module in the device B, and the service data storage service module sends the service data ciphertext Edata to the key management module in the trusted execution environment in the device B. The trust ring module generates a service key dkey according to MK, the key management module reads the dkey from the trust ring module, and the service data ciphertext Edata is decrypted by using the dkey to obtain the service data plaintext data. And then, the key management module returns the service data plaintext data to the service data storage service module, and the service data storage service module stores the service data plaintext data.
For example, referring to fig. 20, when a user uses service 1 on device B, the user needs to input an account number and a password of service 1. In the input interface of the account number and the password of the service 1, as shown in fig. 20 (a), the device B pops up information indicating whether to use the account number and the password of the service 1 synchronized by the password safe. If the user agrees, the device B automatically fills the account number and the password of the service 1 synchronized with the password safe to the interface shown in fig. 20 (a), and after filling, the account number and the password are shown in fig. 20 (B). Therefore, the user does not need to independently record the passwords for each service, and the user experience is improved.
It should be noted that, after the device B joins the trust ring 1, the service data in the device B may be encrypted by the master key MK and then synchronized to the account management server, and the synchronization process please refer to the foregoing description of synchronizing the service data with the account management server by the device a, which is not repeated herein.
Anti-riot
In the process of joining the trust ring by the device B, if the screen locking code of the device A input on the device B is wrong, an anti-riot process is triggered. The antiriot procedure includes two kinds, namely a deletion procedure and a freezing procedure. In practical applications, the deletion process or the freezing process is performed according to the selection of the user.
Fig. 21 is a schematic diagram illustrating information interaction of triggering an anti-riot procedure during a process of joining a trust ring by a device B. Referring to fig. 21, in the process of joining the trust ring by the device B, if the lockscreen code pw12 of the device a input on the device B is wrong, that is, the lockscreen code pw12 is not equal to the correct lockscreen code pw11 of the device a, the authentication parameter PAKE12 of the device a sent by the device B to the trust ring cloud is not equal to the PAKE11 stored in the trust ring cloud, which causes verification failure. When the verification failure times reach the preset times, the trust ring cloud sends a deleting or freezing operation prompt to the equipment B, and the equipment B returns the operation selected by the user to the trust ring cloud.
Fig. 22 is a schematic diagram of an exemplary illustrated trigger anti-riot interface. As shown in fig. 22, when the number of screen locking code errors of the input device a (glowing V40) is smaller than the preset number n on the device B (glowing V30), the device B returns to the interface of the screen locking code of the input device a. When the number of screen locking code errors of the input device A on the device B is equal to the preset number n, a 'safety prompt' prompt box is popped up on the interface of the device B, and the safety prompt comprises two buttons of 'know' and 'delete'. When the user clicks the "know" button, the device B performs the freezing flow shown in fig. 28. When the user clicks the "delete" button, the device B executes the deletion flow shown in fig. 25. It should be noted that, any one of the two buttons "know" and "delete" may also be displayed in the "safety prompt" prompt box, and only one option is provided for the user.
Fig. 23 is a schematic flow diagram of an exemplary illustrated trigger anti-riot. Referring to fig. 23, in the embodiment of the present application, the process of triggering the anti-riot may include the following steps:
s1, a trust ring service module of the equipment B receives a screen locking code pw21 of the equipment B input by a user.
S2, the trust ring service module of the equipment B verifies the screen locking code pw21.
S3, the trust ring service module of the equipment B receives the screen locking code pw12 of the equipment A input by the user, and generates an authentication parameter PAKE12 of the equipment A based on the pw 12.
And S4, the trust ring service module of the equipment B sends PAKE12 to the trust ring cloud.
And S5, the trust ring cloud performs identity verification on the equipment A based on the PAKE12.
And S6, under the condition that the identity authentication fails, the trust ring cloud returns authentication failure information to the trust ring service module of the equipment B.
And S7, the trust ring cloud accumulates the continuous verification failure times.
And S8, when the accumulated verification failure times reach n, the trust ring cloud sends a prompt instruction to a trust ring service module of the equipment B.
S9, responding to the prompt instruction, and displaying a 'safety prompt' prompt box shown in the (c) diagram of fig. 22.
Fig. 24 is an interface diagram of a deletion process in the trigger anti-riot process exemplarily shown. As shown in fig. 24, when the "delete" button in the "safety prompt" prompt box is clicked, the delete flow in the antiriot flow is triggered.
Fig. 25 is a schematic diagram of a deletion flow in an exemplary illustrated anti-riot flow. Referring to fig. 25, in the embodiment of the present application, the deletion process in the anti-riot process may include the following steps:
s1, a trust ring service module of the equipment B receives the selection operation of a user on a delete button in a prompt box.
And S2, the trust ring service module of the equipment B sends a trust ring deleting request carrying the account number 1, the equipment B identifier and the equipment B signature to the trust ring cloud.
And S3, the trust ring cloud performs identity verification on the equipment B based on the signature of the equipment B.
And S4, deleting the trust ring 1 of the account 1 by the trust ring cloud after verification.
And S5, the trust ring cloud sends a trust ring deleting message to the trust ring service module of the equipment B.
It can be seen that the deletion process in the anti-riot process results in that the trust ring corresponding to the account is deleted, and simultaneously, the master key MK in the device is also deleted.
After device B deletes the master key MK, the registration state of device B remains unregistered because device B did not successfully join the trust ring.
Through the deleting process in the anti-riot process, in case of equipment loss, in order to ensure the safety of service data corresponding to the account in the account management server, the user can delete the existing trust ring through an anti-riot mechanism. Then, the user can re-create the trust ring through the process of creating the trust ring, so that the lost equipment cannot synchronize service data from the account management server, leakage of important service data is prevented, and the security of the service data is improved.
Fig. 26 is an interface schematic diagram of a freeze flow in an exemplary illustrated anti-riot flow. Fig. 27 is another interface schematic of a freeze flow in an exemplary illustrated anti-riot flow. Fig. 28 is a schematic diagram of a freezing flow in an exemplary illustrated anti-riot flow.
S1, a trust ring service module of the equipment B receives the selection operation of a user on a button which is 'known' in a prompt box.
And S2, the trust ring service module of the equipment B sends a ring adding request carrying an account number 1, an equipment B identifier and an equipment B signature to the trust ring cloud.
And S3, the trust ring cloud performs identity verification on the equipment B based on the signature of the equipment B.
And S4, setting a preset freezing duration of the account number 1 ring adding request under the condition that the trust ring cloud passes the identity verification of the equipment B.
After setting the preset freezing duration of the ring adding request of the account 1, the trust ring cloud can start a timer, and the timing time of the timer is equal to the preset freezing duration of the ring adding request of the account 1. After the start, the timer counts down, and the time displayed on the timer is the residual freezing duration.
And S5, the trust ring service module of the equipment B responds to the registration opening notification and sends a ring adding request to the trust ring cloud.
S6: the trust ring cloud returns the remaining frozen duration to the trust ring service module of device B.
And S7, displaying prompt information by the trust ring service module of the equipment B under the condition that the residual freezing time length is greater than 0.
Referring to fig. 26, in the case where the freezing duration of the account number 1 ring request does not reach the preset duration, the remaining freezing duration is greater than 0, and at this time, the device applies to join in the trust ring cloud and does not process. In this case, when the user clicks "password safe synchronization", a frozen hint information is displayed on the screen of the device B, in which a frozen period may remain, as shown in fig. 26 (c).
And S8, displaying a screen locking code input interface by the trust ring service module of the equipment B under the condition that the residual freezing duration is equal to 0.
Referring to fig. 27, when the freezing duration of the account 1 join request has reached the preset duration, the remaining freezing duration is equal to 0, and at this time, the device applies to join the trust ring cloud to process the join request of the device according to the normal join trust ring flow, and the specific process is referred to the foregoing description of the join trust ring flow, which is not repeated herein. In the case where the remaining freeze period is equal to 0, when the user clicks "password safe synchronization", an interface for inputting a screen locking password is displayed on the screen of the device B, as shown in fig. 27 (c).
S9: and the trust ring service module of the equipment B sends a ring adding request to the trust ring cloud under the condition that the screen locking code input by the user passes verification.
The specific addition flow is described with reference to the related steps shown in fig. 18, and will not be described herein.
Through the freezing process in the anti-riot process, under the condition that the equipment is lost, in order to ensure the safety of service data corresponding to the account in the account management server, a user can prohibit unsafe equipment, namely lost equipment, from joining a trust ring, so that the lost equipment cannot synchronize the service data from the account management server, prevent the leakage of important service data, and improve the safety of the service data.
The electronic device, the computer storage medium, the computer program product, or the chip provided in this embodiment are used to execute the corresponding methods provided above, so that the beneficial effects thereof can be referred to the beneficial effects in the corresponding methods provided above, and will not be described herein.
It will be appreciated by those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional modules is illustrated, and in practical application, the above-described functional allocation may be performed by different functional modules according to needs, i.e. the internal structure of the apparatus is divided into different functional modules to perform all or part of the functions described above.
In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of modules or units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another apparatus, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and the parts shown as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
Any of the various embodiments of the application, as well as any of the same embodiments, may be freely combined. Any combination of the above is within the scope of the present application.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a readable storage medium. Based on such understanding, the technical solution of the embodiments of the present application may be essentially or a part contributing to the prior art or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including several instructions to cause a device (may be a single-chip microcomputer, a chip or the like) or a processor (processor) to perform all or part of the steps of the methods of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read Only Memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those of ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are also within the protection of the present application.

Claims (13)

1. A data protection method, applied to a second electronic device having logged in a first account, comprising:
displaying first information indicating that a first electronic device is a trusted device of the second electronic device;
responding to the operation of starting the password safe for synchronization, displaying a screen locking code input interface of a first electronic device on the second electronic device, wherein the first electronic device is logged in the first account and starts a password safe synchronization function corresponding to the first account;
receiving a first screen locking code of the first electronic device input by a user;
when the number of authentication failures of the first electronic equipment based on the first screen locking code reaches a preset number, displaying first prompt information, wherein the first prompt information comprises a first button and a second button;
Transmitting a ring deletion request to a first server in response to receiving a selection operation of the first button;
receiving a trust ring deleting message sent by the first server;
after receiving a selection operation of the first button, responding to an operation of starting a first service, displaying a first interface, wherein the first interface comprises an account number input box and a password input box of the first service, and the first interface does not comprise information for indicating the account number and the password of the first service which are stored by using a password safe;
or after receiving the selected operation of the second button, responding to the operation of starting the password safe for synchronization, and displaying second prompt information for indicating that the loop adding request of the second electronic equipment is frozen; wherein the second prompt message includes a remaining freezing duration.
2. The method of claim 1, comprising, prior to displaying a lockscreen code input interface of a first electronic device on the second electronic device:
displaying a screen locking code input interface of the second electronic equipment;
receiving a second screen locking code of second electronic equipment input by a user;
and when the second screen locking code passes the verification, executing the operation of displaying the screen locking code input interface of the first electronic device on the second electronic device.
3. The method as recited in claim 1, further comprising:
the ring deleting request carries an account identifier of the first account;
the trust ring deleting message is used for indicating that the first server has deleted all master key ciphertext and all authentication parameters in a first trust ring corresponding to the first account.
4. The method of claim 3, wherein the erasure request further carries a signature of the second electronic device; the first trust ring is deleted after the second electronic device is authenticated by the first server based on the signature.
5. The method of claim 2, further comprising, after receiving the second lockscreen code of the second electronic device entered by the user:
transmitting an in-loop equipment information acquisition request to a first server, wherein the in-loop equipment information acquisition request carries an account identifier of the first account;
receiving ring equipment information of a first trust ring corresponding to the first account returned by the first server, wherein the ring equipment comprises first electronic equipment;
displaying a screen locking code input interface of the first electronic device on the second electronic device, including: and responding to the operation of selecting the first electronic device from the ring device information by a user, and displaying a screen locking code input interface of the first electronic device on the second electronic device.
6. The method of claim 1, wherein when the number of authentication failures to the first electronic device based on the first screen locking code reaches a preset number, further comprising, before displaying the first prompt message:
generating a first authentication parameter based on the first screen locking code;
and sending the first authentication parameter to the first server so that the first server can conduct identity verification on the first electronic equipment according to the first authentication parameter.
7. The method of claim 1, wherein displaying a second hint information indicating that a loop request of the second electronic device is frozen in response to receiving the selection of the second button comprises:
transmitting a ring adding request to the first server in response to receiving a selected operation of the second button; when receiving a ring adding request sent by the second electronic device, the first server freezes the ring adding request of the second electronic device to the first trust ring corresponding to the first account number under the condition that the authentication failure times of the first electronic device reach preset times, wherein the freezing time is preset time;
Receiving the residual freezing duration returned by the first server;
and displaying second prompt information under the condition that the residual freezing time length is greater than 0, wherein the second prompt information comprises the residual freezing time length.
8. The method of claim 7, wherein the method further comprises:
receiving a second screen locking code of second electronic equipment input by a user;
when the second screen locking code passes the verification, receiving a first screen locking code of the first electronic device input by a user;
generating a first authentication parameter based on the first screen locking code;
transmitting the first authentication parameter to the first server, and performing identity verification on the first electronic equipment based on the first authentication parameter by the first server under the condition that the current residual freezing duration is 0;
when the identity verification of the first electronic device based on the first authentication parameter is passed, receiving a first master key ciphertext of the first electronic device, which is sent by the first server;
decrypting the first master key ciphertext based on the first screen locking code to obtain a master key;
encrypting the master key based on the second screen locking code, generating a second master key ciphertext of the second electronic device, and generating a second authentication parameter based on the second screen locking code;
And sending a ring adding request to a first server so that the first server adds the second master key ciphertext and a second authentication parameter to the trust ring data of the first trust ring.
9. The method of claim 8, wherein encrypting the master key based on the second lockscreen code to generate a second master key ciphertext for the second electronic device comprises:
generating a third derivative key according to the second screen locking code;
generating a fourth derivative key according to the third derivative key;
and encrypting the master key according to the fourth derivative key to obtain a second master key ciphertext of the second electronic device.
10. The method of claim 8, wherein generating a second authentication parameter based on the second lockscreen code comprises:
generating a third derivative key according to the second screen locking code;
generating a second shared value according to the third derivative key;
and encrypting the second shared value according to the HSM public key generated by the first server side to obtain the second authentication parameter.
11. The method of claim 1, wherein after displaying the second hint information indicating that the loop request of the second electronic device is frozen, further comprising: and responding to the operation of starting the password safe box synchronization, and displaying a screen locking code input interface of the first electronic device on the second electronic device.
12. An electronic device, comprising:
a memory and a processor, the memory coupled with the processor;
the memory stores program instructions that, when executed by the processor, cause the electronic device to perform the data protection method of any one of claims 1-11.
13. A computer readable storage medium comprising a computer program which, when run on an electronic device, causes the electronic device to perform the data protection method of any one of claims 1-11.
CN202310304745.6A 2021-11-19 2021-11-19 Data protection method, system and electronic equipment Active CN116346339B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310304745.6A CN116346339B (en) 2021-11-19 2021-11-19 Data protection method, system and electronic equipment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202310304745.6A CN116346339B (en) 2021-11-19 2021-11-19 Data protection method, system and electronic equipment
CN202111400512.3A CN115037453B (en) 2021-11-19 2021-11-19 Data protection method and system and electronic equipment

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN202111400512.3A Division CN115037453B (en) 2021-11-19 2021-11-19 Data protection method and system and electronic equipment

Publications (2)

Publication Number Publication Date
CN116346339A CN116346339A (en) 2023-06-27
CN116346339B true CN116346339B (en) 2024-03-22

Family

ID=83117666

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202111400512.3A Active CN115037453B (en) 2021-11-19 2021-11-19 Data protection method and system and electronic equipment
CN202310304745.6A Active CN116346339B (en) 2021-11-19 2021-11-19 Data protection method, system and electronic equipment

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202111400512.3A Active CN115037453B (en) 2021-11-19 2021-11-19 Data protection method and system and electronic equipment

Country Status (1)

Country Link
CN (2) CN115037453B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117195276B (en) * 2023-11-08 2024-04-16 荣耀终端有限公司 Data protection method and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016101813A1 (en) * 2014-12-23 2016-06-30 阿里巴巴集团控股有限公司 Method and device for unlocking user interface
CN112154435A (en) * 2018-06-03 2020-12-29 苹果公司 Device, method and graphical user interface for managing authentication credentials for a user account
CN113609468A (en) * 2021-07-15 2021-11-05 荣耀终端有限公司 Verification method for screen locking and unlocking and terminal equipment
CN113609497A (en) * 2021-06-30 2021-11-05 荣耀终端有限公司 Data protection method and device
CN113609498A (en) * 2021-07-15 2021-11-05 荣耀终端有限公司 Data protection method and electronic equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008210235A (en) * 2007-02-27 2008-09-11 Sony Corp Electronic apparatus and information processing method
US9258715B2 (en) * 2009-12-14 2016-02-09 Apple Inc. Proactive security for mobile devices
CN101772018B (en) * 2010-01-21 2016-03-30 中兴通讯股份有限公司 The theft preventing method of theft preventing mobile terminal and mobile terminal
CN105786303B (en) * 2014-12-24 2019-06-07 纬创资通(中山)有限公司 The unlocking screen method and electronic device of electronic device
CN107734176A (en) * 2017-10-25 2018-02-23 深圳市金立通信设备有限公司 Loss guard method, terminal and the computer-readable recording medium of mobile terminal
CN110324276B (en) * 2018-03-28 2022-01-07 腾讯科技(深圳)有限公司 Method, system, terminal and electronic device for logging in application
CN109543389B (en) * 2018-12-25 2020-01-21 广州市维腾网络科技有限公司 Information protection method and system
CN112215613B (en) * 2020-10-09 2022-06-24 支付宝(杭州)信息技术有限公司 Password verification method, device, equipment and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016101813A1 (en) * 2014-12-23 2016-06-30 阿里巴巴集团控股有限公司 Method and device for unlocking user interface
CN112154435A (en) * 2018-06-03 2020-12-29 苹果公司 Device, method and graphical user interface for managing authentication credentials for a user account
CN113609497A (en) * 2021-06-30 2021-11-05 荣耀终端有限公司 Data protection method and device
CN113609468A (en) * 2021-07-15 2021-11-05 荣耀终端有限公司 Verification method for screen locking and unlocking and terminal equipment
CN113609498A (en) * 2021-07-15 2021-11-05 荣耀终端有限公司 Data protection method and electronic equipment

Also Published As

Publication number Publication date
CN115037453A (en) 2022-09-09
CN115037453B (en) 2023-04-07
CN116346339A (en) 2023-06-27

Similar Documents

Publication Publication Date Title
US9992176B2 (en) Systems and methods for encrypted communication in a secure network
CN107251035B (en) Account recovery protocol
EP3346660B1 (en) Authentication information update method and device
US20140310793A1 (en) Application login method and apparatus, and mobile terminal therefor
CN107135205B (en) Network access method and system
US10708237B2 (en) System and method for chat messaging in a zero-knowledge vault architecture
CN110247758B (en) Password management method and device and password manager
US20230239294A1 (en) Access processing method and device for remotely controlling terminal and storage medium
CN116346339B (en) Data protection method, system and electronic equipment
CN115021894B (en) Data protection method, system and electronic equipment
CN111405016A (en) User information acquisition method and related equipment
CN115037451B (en) Data protection method and electronic equipment
CN115037456B (en) Data protection method, system and electronic equipment
CN115037452B (en) Data protection method, system and electronic equipment
CN114760112B (en) Wireless local area network-oriented intelligent home equipment networking method, system, equipment and storage medium
CN113904830B (en) SPA authentication method, SPA authentication device, electronic equipment and readable storage medium
CN115037455B (en) Data protection method and system and electronic equipment
CN115021895B (en) Data protection method and system and electronic equipment
CN115037450B (en) Data protection method and electronic equipment
CN115037454B (en) Data protection method and electronic equipment
CN110930546B (en) Information processing method, device and system, storage medium and processor
CN114430343B (en) Data synchronization method and device, electronic equipment and readable storage medium
CN114389802B (en) Information decryption method and device, electronic equipment and readable storage medium
CN115664662A (en) Key processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant