SG11202000571RA - Key management method, apparatus, and device - Google Patents

Key management method, apparatus, and device

Info

Publication number
SG11202000571RA
SG11202000571RA SG11202000571RA SG11202000571RA SG11202000571RA SG 11202000571R A SG11202000571R A SG 11202000571RA SG 11202000571R A SG11202000571R A SG 11202000571RA SG 11202000571R A SG11202000571R A SG 11202000571RA SG 11202000571R A SG11202000571R A SG 11202000571RA
Authority
SG
Singapore
Prior art keywords
management method
key management
key
management
Prior art date
Application number
SG11202000571RA
Inventor
Huabing Du
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Publication of SG11202000571RA publication Critical patent/SG11202000571RA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2246Trees, e.g. B+trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
SG11202000571RA 2017-11-21 2018-09-26 Key management method, apparatus, and device SG11202000571RA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201711168249.3A CN108063756B (en) 2017-11-21 2017-11-21 Key management method, device and equipment
PCT/CN2018/107501 WO2019100845A1 (en) 2017-11-21 2018-09-26 Key management method and apparatus and device

Publications (1)

Publication Number Publication Date
SG11202000571RA true SG11202000571RA (en) 2020-02-27

Family

ID=62134929

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202000571RA SG11202000571RA (en) 2017-11-21 2018-09-26 Key management method, apparatus, and device

Country Status (6)

Country Link
US (1) US10931651B2 (en)
EP (1) EP3644574B1 (en)
CN (1) CN108063756B (en)
SG (1) SG11202000571RA (en)
TW (1) TWI686071B (en)
WO (1) WO2019100845A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108063756B (en) 2017-11-21 2020-07-03 阿里巴巴集团控股有限公司 Key management method, device and equipment
CN109289199B (en) * 2018-08-10 2020-07-10 杭州复杂美科技有限公司 Multiplayer game method, device and storage medium
CN109543443A (en) * 2018-10-17 2019-03-29 平安科技(深圳)有限公司 User data management, device, equipment and storage medium based on block chain
CN110457912B (en) * 2019-07-01 2020-08-14 阿里巴巴集团控股有限公司 Data processing method and device and electronic equipment
CN110611668A (en) * 2019-09-09 2019-12-24 江西航天鄱湖云科技有限公司 Freely-configurable Internet of things monitoring method and device, storage medium and equipment
GB201915443D0 (en) * 2019-10-24 2019-12-11 Nchain Holdings Ltd Data Structure for efficiently verifying data
JP7331714B2 (en) * 2020-01-27 2023-08-23 富士通株式会社 Information processing device, information processing method and program
US11804949B2 (en) * 2021-03-19 2023-10-31 Raytheon Bbn Technologies Corp. Subscriber revocation in a publish-subscribe network using attribute-based encryption
US11558185B2 (en) 2021-03-19 2023-01-17 Raytheon Bbn Technologies Corp. Stream-based key management
CN113434885B (en) * 2021-06-30 2022-12-09 湖南国科微电子股份有限公司 Key derivation method, device, equipment and storage medium
CN114662135A (en) * 2022-05-19 2022-06-24 深圳市航顺芯片技术研发有限公司 Data access method, computer device and readable storage medium
CN116436846B (en) * 2023-06-12 2023-09-19 广东电网有限责任公司 Smart grid asset data management method and system based on node search

Family Cites Families (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6307936B1 (en) * 1997-09-16 2001-10-23 Safenet, Inc. Cryptographic key management scheme
US6240188B1 (en) 1999-07-06 2001-05-29 Matsushita Electric Industrial Co., Ltd. Distributed group key management scheme for secure many-to-many communication
KR100840823B1 (en) * 2000-06-15 2008-06-23 소니 가부시끼 가이샤 System and method for processing information using encryption key block
JP2001358707A (en) * 2000-06-15 2001-12-26 Sony Corp Information processing system and method using cryptographic key block and program providing medium
JP4581246B2 (en) * 2000-12-26 2010-11-17 ソニー株式会社 Information processing system, information processing method, and program recording medium
US7007040B1 (en) * 2001-12-04 2006-02-28 General Dynamics C4 Systems, Inc. Method and apparatus for storing and updating information in a multi-cast system
WO2003084166A1 (en) 2002-03-27 2003-10-09 British Telecommunications Public Limited Company Key management protocol
WO2003096616A1 (en) * 2002-05-09 2003-11-20 Matsushita Electric Industrial Co., Ltd. Public key certificate revocation list generation apparatus, revocation judgement apparatus, and authentication system
JP3864867B2 (en) * 2002-07-23 2007-01-10 ソニー株式会社 Information processing apparatus, information processing method, and computer program
US7069272B2 (en) * 2002-10-09 2006-06-27 Blackrock Financial Management, Inc. System and method for implementing dynamic set operations on data stored in a sorted array
JP4424465B2 (en) * 2003-06-09 2010-03-03 ソニー株式会社 Information device, information server, and information processing program
EP1650893A4 (en) 2003-07-11 2011-07-06 Canon Kk Key information processing method, device thereof, and program
JP2005286959A (en) * 2004-03-31 2005-10-13 Sony Corp Information processing method, decoding processing method, information processor and computer program
US8266234B1 (en) * 2004-06-11 2012-09-11 Seisint, Inc. System and method for enhancing system reliability using multiple channels and multicast
JP4599194B2 (en) 2005-03-08 2010-12-15 株式会社東芝 Decoding device, decoding method, and program
WO2007031955A2 (en) * 2005-09-16 2007-03-22 Koninklijke Philips Electronics, N.V. Cryptographic role-based access control
US8832466B1 (en) * 2006-01-27 2014-09-09 Trustwave Holdings, Inc. Methods for augmentation and interpretation of data objects
GB0612433D0 (en) * 2006-06-23 2006-08-02 Ibm Method and system for defining a hierarchical structure
KR101377455B1 (en) * 2006-10-09 2014-04-02 삼성전자주식회사 Method and apparatus of generating encryption key for broadcast encryption
JP4823015B2 (en) * 2006-10-26 2011-11-24 富士通株式会社 Remote control program, portable terminal device and gateway device
FR2916317B1 (en) * 2007-05-15 2009-08-07 Sagem Defense Securite PROTECTION OF EXECUTION OF A CRYPTOGRAPHIC CALCULATION
CN100586062C (en) * 2008-03-28 2010-01-27 清华大学 Method for updating distributed cipher key based on AVL tree
US8595504B2 (en) * 2008-08-12 2013-11-26 Industrial Technology Research Institute Light weight authentication and secret retrieval
US8812874B1 (en) * 2009-03-31 2014-08-19 Symantec Corporation Content deduplication in enterprise rights management
WO2011068996A1 (en) * 2009-12-04 2011-06-09 Cryptography Research, Inc. Verifiable, leak-resistant encryption and decryption
US8788505B2 (en) * 2011-04-27 2014-07-22 Verisign, Inc Systems and methods for a cache-sensitive index using partial keys
CN102867286A (en) * 2011-07-08 2013-01-09 索尼公司 Method and device for generating, embedding and detecting digital watermarks
US9052824B2 (en) * 2012-01-26 2015-06-09 Upthere, Inc. Content addressable stores based on sibling groups
CN102546151A (en) * 2012-03-22 2012-07-04 山东泰信电子有限公司 Data encryption and decryption method
US9215076B1 (en) * 2012-03-27 2015-12-15 Amazon Technologies, Inc. Key generation for hierarchical data access
US8892865B1 (en) * 2012-03-27 2014-11-18 Amazon Technologies, Inc. Multiple authority key derivation
US8707035B2 (en) * 2012-03-30 2014-04-22 Decho Corporation High privacy of file synchronization with sharing functionality
CN104040935B (en) * 2012-12-14 2017-06-20 华为技术有限公司 A kind of data encryption, the method and apparatus of decryption
CN103905187B (en) * 2012-12-26 2018-04-03 厦门雅迅网络股份有限公司 A kind of network service encryption method based on content
US9465947B2 (en) * 2013-08-05 2016-10-11 Samsung Sds America, Inc. System and method for encryption and key management in cloud storage
US9633210B2 (en) 2013-09-13 2017-04-25 Microsoft Technology Licensing, Llc Keying infrastructure
US9432192B1 (en) * 2014-03-28 2016-08-30 Emc Corporation Content aware hierarchical encryption for secure storage systems
US9553722B2 (en) * 2014-07-08 2017-01-24 Cryptography Research, Inc. Generating a key based on a combination of keys
CN104113408B (en) * 2014-07-11 2017-12-08 西安电子科技大学 It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method
US9720926B2 (en) * 2014-08-04 2017-08-01 Cohesity, Inc. Read operations in a tree-based distributed file system
US11042488B2 (en) * 2015-06-01 2021-06-22 Cryptography Research, Inc. Diversifying a base symmetric key based on a public key
CN105187202B (en) * 2015-07-13 2018-12-21 重庆涔信科技有限公司 Voidable encryption attribute method based on complete binary tree
CN105071937B (en) * 2015-07-14 2019-01-11 河海大学 Ciphertext policy ABE base encryption method with the revocation of efficient attribute
WO2017079652A1 (en) * 2015-11-05 2017-05-11 Pulsifer Allen Cryptographic transactions system
CN105825142A (en) * 2016-02-22 2016-08-03 北京启迪思创科技有限公司 Method and device for encrypting and decrypting documents in mobile terminal
CN106059768B (en) * 2016-05-30 2019-06-21 西安电子科技大学 Encryption system and method can be revoked in the attribute for resisting re-encrypted private key leakage
CN106230588B (en) * 2016-09-19 2019-06-18 中国传媒大学 A kind of digital publishing rights key management method and system
US10218511B2 (en) * 2016-12-23 2019-02-26 Amazon Technologies, Inc. Signature delegation
US10725988B2 (en) * 2017-02-09 2020-07-28 Micron Technology, Inc. KVS tree
US10291404B2 (en) * 2017-03-08 2019-05-14 International Business Machines Corporation Supplies of deficiency of a key in information on a set of keys
CN107124271B (en) * 2017-04-28 2020-12-04 成都梆梆信息技术咨询服务有限公司 Data encryption and decryption method and equipment
US10783186B2 (en) * 2017-08-31 2020-09-22 Micron Technology, Inc. Heterogenous key-value sets in tree database
CN108063756B (en) * 2017-11-21 2020-07-03 阿里巴巴集团控股有限公司 Key management method, device and equipment
US11362805B2 (en) * 2018-11-01 2022-06-14 International Business Machines Corporation Database encryption layer

Also Published As

Publication number Publication date
WO2019100845A1 (en) 2019-05-31
EP3644574A1 (en) 2020-04-29
EP3644574B1 (en) 2021-08-11
US10931651B2 (en) 2021-02-23
CN108063756A (en) 2018-05-22
EP3644574A4 (en) 2020-07-01
CN108063756B (en) 2020-07-03
TWI686071B (en) 2020-02-21
TW201926941A (en) 2019-07-01
US20200204529A1 (en) 2020-06-25

Similar Documents

Publication Publication Date Title
SG11202000571RA (en) Key management method, apparatus, and device
ZA201904656B (en) Key establishment and data sending method and apparatus
EP3654192A4 (en) Configuration management method, apparatus and device
GB201803122D0 (en) Device, system and method
PL3622663T3 (en) Key agreement devices and method
EP3800909C0 (en) Remote management method, and device
EP3611949A4 (en) Key configuration method, apparatus and system
EP3634078C0 (en) Session management method and device
EP3637853A4 (en) Session management method and apparatus, device, and system
SG11202000396QA (en) Service authorization method, apparatus, and device
SG10202107782UA (en) Device configuration method, apparatus and system
EP3474472A4 (en) Encoding method, device, and apparatus
EP3373653A4 (en) Rrc connection management method, apparatus, and device
EP3252584A4 (en) Method, apparatus and device for activating task management interface
EP3598649A4 (en) Encoding method, apparatus and device
SG11202005033UA (en) Tool, task management device, task management method, and task management system
EP3637647A4 (en) Encoding method, device and apparatus
EP3439315A4 (en) Management system, management method, apparatus, and management device
EP3557815A4 (en) Key management method and apparatus
PL3309997T3 (en) Network monitoring apparatus, and remote encryption and remote activation method, device and system therefor
EP3484234A4 (en) User equipment context management method, device, and apparatus
SG11201803687YA (en) Management system, management apparatus, device, information management method, and program
SG11202006391WA (en) Verification-processing device, logic-generating device, and verification-processing method
GB201807821D0 (en) System, device, apparatus and method
EP2981148A4 (en) Device management method, apparatus and system