TW201329776A - System and method for protection of file content security - Google Patents

System and method for protection of file content security Download PDF

Info

Publication number
TW201329776A
TW201329776A TW101101523A TW101101523A TW201329776A TW 201329776 A TW201329776 A TW 201329776A TW 101101523 A TW101101523 A TW 101101523A TW 101101523 A TW101101523 A TW 101101523A TW 201329776 A TW201329776 A TW 201329776A
Authority
TW
Taiwan
Prior art keywords
file
encryption
download
encrypted
type
Prior art date
Application number
TW101101523A
Other languages
Chinese (zh)
Inventor
Chung-I Lee
Hai-Hong Lin
De-Yi Xie
Hai-Yun Chen
Mi-Hua Zhao
Original Assignee
Hon Hai Prec Ind Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hon Hai Prec Ind Co Ltd filed Critical Hon Hai Prec Ind Co Ltd
Publication of TW201329776A publication Critical patent/TW201329776A/en

Links

Abstract

The present invention provides a method and system for protection of File content security. The methods includes: When you need to upload files, set files encryption type and the authorized users, then upload files; According to the encryption type described, encrypt files uploaded; Stored the files address and the encryption type and the authorized users information in the database configuration table; When users need to download the encrypted files, the authorized users information in the database configuration table will determine whether the users have the permission to download the encrypted files, without the permission, the users will be refused to download the files, Otherwise, users are granted to download the files; The encrypted files are downloaded to the client; Establish an independent storage in the client, decrypt the encrypted file according to the type of encryption in database configuration table, save the files in the independent storage at last.

Description

保護檔案內容安全的方法和系統Method and system for protecting file content security

本發明涉及檔案傳輸過程中保護檔案內容安全的一種方法和系統。The present invention relates to a method and system for securing archive content during file transfer.

隨著網路的發展,網路和我們的日常生活越來越緊密,我們習慣於通過網路傳輸檔案。基於資訊安全的考慮,我們不希望檔案被別人盜用,一般常用的方法是對檔案進行加密,傳統的加密方法包括對稱加密和非對稱加密演算法,但是目前幾乎所有的密碼體制都是可破的,很容易被第三方通過一定的演算法破譯密文,這就必然給用戶傳輸檔案帶來一定的安全隱患,因此有必要提供一種更加安全的檔傳輸保護體制。With the development of the Internet, the Internet and our daily lives are getting closer and closer, and we are used to transferring files over the Internet. Based on information security considerations, we don't want files to be stolen by others. The common method is to encrypt files. Traditional encryption methods include symmetric encryption and asymmetric encryption algorithms, but almost all cryptosystems are now breakable. It is easy for a third party to decipher the ciphertext through a certain algorithm, which will inevitably bring certain security risks to the user to transfer the file. Therefore, it is necessary to provide a more secure file transmission protection system.

鑒於以上內容,有必要提供保護檔案內容安全的方法及系統,以實現檔案傳輸過程中內容的安全。In view of the above, it is necessary to provide a method and system for protecting the security of archive content in order to achieve content security during file transfer.

所述保護檔案內容安全方法,該方法包括以下步驟:上傳步驟:當需要上傳檔案時,設置檔案加密類型及授權用戶,並上傳檔案;加密步驟:根據所述加密類型對上傳檔案進行加密;保存步驟:把檔案上傳位址、加密類型、授權用戶資訊存入資料庫配置表中;判斷步驟:當需要下載加密後的檔案時,根據資料庫配置表資訊判斷用戶是否有許可權下載該加密後的檔案,若無許可權則拒絕下載,若有許可權則準予下載;下載步驟:將該加密後的檔案下載到用戶端;解密步驟:在用戶端建立獨立存儲區,根據資料庫配置表中檔的加密類型解密該加密後的檔案到該獨立存儲區。The method for protecting file content security includes the following steps: uploading step: when uploading a file, setting an file encryption type and an authorized user, and uploading the file; and encrypting: encrypting the uploaded file according to the encryption type; saving Step: storing the file upload address, encryption type, and authorized user information in the database configuration table; determining step: when the encrypted file needs to be downloaded, determining whether the user has permission to download the encrypted file according to the database configuration table information The file, if there is no permission, refuses to download, if there is permission, it is granted to download; download step: download the encrypted file to the user; decryption step: establish an independent storage area on the user side, according to the database configuration table The encryption type of the file decrypts the encrypted file to the independent storage area.

所述保護檔案內容安全系統,該系統包括:上傳模組,用於當需要上傳檔案時,設置加密類型與可下載該檔案的用戶許可權,並上傳檔案;加密模組,用於根據所述加密類型對上傳檔案進行加密;保存模組,用於把檔案上傳位址、加密類型,下載用戶許可權相關資訊存入資料庫配置表;判斷模組,用於當需要下載加密後的檔案時,根據資料庫配置表資訊判斷用戶是否有許可權下載該加密後的檔案,若無許可權則拒絕下載,若有許可權則準予下載;下載模組,用於將該加密後的檔案下載到用戶端;解密模組,用於在用戶端建立獨立存儲區,根據資料庫配置表中檔案的加密類型解密該加密後的檔案到該獨立存儲區。The protection file content security system, the system includes: an uploading module, configured to: when the file needs to be uploaded, set an encryption type and a user permission to download the file, and upload the file; the encryption module is configured to be used according to the The encryption type encrypts the uploaded file; the save module is used to store the file upload address, the encryption type, and the download user permission related information into the database configuration table; the judgment module is used when the encrypted file needs to be downloaded. According to the database configuration table information, it is judged whether the user has the permission to download the encrypted file, and if there is no permission, the download is refused, and if there is permission, the download is granted; and the download module is used to download the encrypted file to the file. The user terminal and the decryption module are configured to establish an independent storage area on the user end, and decrypt the encrypted file into the independent storage area according to the encryption type of the file in the database configuration table.

相較於習知技術,本系統及方法通過對檔案內容進行加密處理與資料庫存取實現對檔案內容進行雙重保護,保證了檔案在傳輸過程中更加的安全。Compared with the prior art, the system and the method realize double protection of the file content by encrypting the file content and obtaining the data inventory, thereby ensuring that the file is more secure in the transmission process.

如圖1所示,係本發明保護檔案內容安全的系統較佳實施例的功能模組圖。本系統用於提供檔案傳輸過程中保護檔案內容安全的服務,本系統包括上傳模組10、加密模組12、保存模組14、判斷模組16、下載模組18、解密模組20。FIG. 1 is a functional block diagram of a preferred embodiment of a system for protecting file content security according to the present invention. The system is used for providing security for protecting file content during file transmission. The system includes an uploading module 10, an encryption module 12, a saving module 14, a determining module 16, a downloading module 18, and a decrypting module 20.

所述上傳模組10用於設置加密類型與可下載該檔案的用戶許可權,並上傳檔案,此處的加密類型可以是對稱加密或者非對稱加密,也可以是其他加密類型。對稱加密是指同一個密匙可以用作資訊的加密和解密,加密解密時使用相同的加密演算法,也稱密匙加密,常用的對稱加密演算法有AES(Advanced Encryption Standard,AES)、DEA(Data Encryption Algorithm)等加密演算法。非對稱加密演算法需要兩個密匙:公開密匙(public key)和私有密匙(private key)。公開密匙與私有密匙是一對,如果用公開密匙對資料進行加密,要用對應的私有密匙才能解密;如果用私有密匙對資料進行加密,那麼要用對應的公開密匙才能解密。因為加密和解密使用的是兩個不同的密匙,所以這種演算法叫作非對稱加密演算法。The uploading module 10 is configured to set an encryption type and a user permission for downloading the file, and upload the file, where the encryption type may be symmetric encryption or asymmetric encryption, or may be other encryption types. Symmetric encryption means that the same key can be used for encryption and decryption of information. The same encryption algorithm is used for encryption and decryption, also known as key encryption. The commonly used symmetric encryption algorithm is AES (Advanced Encryption Standard, AES), DEA. Encryption algorithms such as (Data Encryption Algorithm). An asymmetric encryption algorithm requires two keys: a public key and a private key. The public key is a pair with the private key. If the public key is used to encrypt the data, the corresponding private key can be used to decrypt it. If the private key is used to encrypt the data, the corresponding public key can be used. Decrypt. Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm.

所述加密模組12用於根據用戶選擇的加密類型,對用戶上傳的檔案進行加密。The encryption module 12 is configured to encrypt the file uploaded by the user according to the encryption type selected by the user.

所述加密模組12還可以在加密時設置檔案參數來記錄檔案的大小,以便解密時對比檔案大小,判斷檔案是否有被改動過。我們在加密的過程中定義一個參數來對原文件大小進行位元組轉換,在解密時,也通過這個參數對解密後的檔案大小進行位元組轉換,來判斷前後檔案的大小是否一致。The encryption module 12 can also set the file parameters to record the size of the file when encrypting, so as to compare the file size during decryption and determine whether the file has been modified. In the process of encryption, we define a parameter to perform byte conversion on the original file size. When decrypting, we also use this parameter to perform byte conversion on the decrypted file size to determine whether the size of the files before and after is consistent.

所述加密模組12還可以用於在加密後重新定義檔案類型,以便解密時判斷是否是之前加密過的檔案。加密後的檔案會把原文件的類型去掉,重新給定義成一個新的檔案類型,這樣就隱藏了原檔案類型。The encryption module 12 can also be used to redefine the file type after encryption, so as to determine whether it is a previously encrypted file when decrypting. The encrypted file will be removed from the original file type and re-defined as a new file type, thus hiding the original file type.

所述保存模組14用於把檔案上傳位址、加密類型、下載用戶許可權資訊存入資料庫配置表中,供用戶下載檔案時用。The saving module 14 is configured to store the file upload address, the encryption type, and the download user permission information into the database configuration table for the user to download the file.

所述判斷模組16根據資料庫配置表資訊判斷用戶是否有許可權下載檔案,若無許可權則拒絕下載,若有許可權則準予下載。The judging module 16 judges whether the user has the permission to download the file according to the database configuration table information, and refuses to download if there is no permission, and grants the download if there is permission.

所述下載模組18用於將該加密後的檔案下載到用戶端。The download module 18 is configured to download the encrypted file to the client.

所述解密模組20用於在用戶端建立獨立存儲區,並根據資料庫配置表中檔案的加密類型解密該加密後的檔案到該獨立存儲區,加密類型可以是對稱加密、非對稱加密,也可以是其他加密類型,解密模組20選擇相應的解密演算法解密。The decryption module 20 is configured to establish an independent storage area on the user end, and decrypt the encrypted file to the independent storage area according to the encryption type of the file in the database configuration table, and the encryption type may be symmetric encryption or asymmetric encryption. Other encryption types are also available, and the decryption module 20 selects the corresponding decryption algorithm to decrypt.

所述解密模組20還可以通過比較加密後檔案和下載後需要解密的檔案參數記錄的檔案大小,判斷檔案是否有被改動過。我們在加密的過程中定義一個參數來對原檔案大小進行位元組轉換,在解密時,也通過這個參數對解密後的檔案大小進行位元組轉換,判斷加密前檔案和下載後需要解密的檔案大小是否一致,如果不一致則提示用戶無法解密檔案。The decryption module 20 can also determine whether the file has been modified by comparing the encrypted file and the file size of the file parameter record that needs to be decrypted after downloading. In the process of encryption, we define a parameter to perform byte conversion on the original file size. When decrypting, this parameter also performs byte conversion on the decrypted file size to determine the file before encryption and the decryption after downloading. The file size is the same. If they are inconsistent, the user cannot be decrypted.

所述解密模組20還可以對比加密後檔案新定義的檔案類型和下載後需要解密檔案的檔案類型,判斷是否是之前通過應用程式加密過的檔案,加密後的檔案會把原文件的類型去掉,重新給定義一個新的檔案類型,這樣就隱藏了原檔案類型,我們解密該加密檔案時,可以根據新的檔案類型來判斷下載後需要解密的檔案是否是通過我們應用程式加密後的檔案,如果不是,提示用戶,無法解密檔案。The decryption module 20 can also compare the newly defined file type of the encrypted file with the file type of the file to be decrypted after downloading, and determine whether the file is encrypted by the application before, and the encrypted file will remove the original file type. Re-defining a new file type, this hides the original file type. When we decrypt the encrypted file, we can judge whether the file to be decrypted after downloading is encrypted by our application according to the new file type. If not, the user is prompted to decrypt the file.

該系統還可以包括專用閱讀器22,該閱讀器用來查看解密後的檔案內容,而不能進行其他操作,查看完自動刪除解密檔案。The system may also include a dedicated reader 22 for viewing the decrypted file content without performing other operations, and automatically deleting the decrypted file after viewing.

如圖2所示,係本發明保護檔案內容安全方法的較佳實施例流程圖。2 is a flow chart of a preferred embodiment of the method for securing archive content according to the present invention.

步驟S200:當需要上傳檔案時,上傳模組10接收用戶選擇的加密類型並設置檔案的授權用戶,加密類型可以是對稱加密或者非對稱加密,也可以是其他加密類型。對稱加密是指同一個密匙可以用作資訊的加密和解密,加密解密時使用相同的加密演算法,也稱密匙加密,常用的對稱加密演算法有AES(Advanced Encryption Standard,AES)、DEA(Data Encryption Algorithm)等加密演算法。非對稱加密演算法需要兩個密匙:公開密匙(public key)和私有密匙(private key)。公開密匙與私有密匙是一對,如果用公開密匙對資料進行加密,要用對應的私有密匙才能解密;如果用私有密匙對資料進行加密,那麼要用對應的公開密匙才能解密。因為加密和解密使用的是兩個不同的密匙,所以這種演算法叫作非對稱加密演算法。以上設置用於用戶下載檔案時判斷用戶是否有下載許可權以及根據加密類型選擇對應的解密方式。Step S200: When the file needs to be uploaded, the uploading module 10 receives the encryption type selected by the user and sets an authorized user of the file. The encryption type may be symmetric encryption or asymmetric encryption, or may be other encryption types. Symmetric encryption means that the same key can be used for encryption and decryption of information. The same encryption algorithm is used for encryption and decryption, also known as key encryption. The commonly used symmetric encryption algorithm is AES (Advanced Encryption Standard, AES), DEA. Encryption algorithms such as (Data Encryption Algorithm). An asymmetric encryption algorithm requires two keys: a public key and a private key. The public key is a pair with the private key. If the public key is used to encrypt the data, the corresponding private key can be used to decrypt it. If the private key is used to encrypt the data, the corresponding public key can be used. Decrypt. Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm. The above settings are used to determine whether the user has download permission when downloading the file and select the corresponding decryption method according to the encryption type.

步驟S202:根據用戶選擇的加密類型,加密模組12對用戶上傳的檔案進行加密。Step S202: The encryption module 12 encrypts the file uploaded by the user according to the encryption type selected by the user.

該加密步驟S202還可以包括:加密模組12在加密時設置檔案參數來記錄檔案的大小,以便解密時對比加密後檔案和下載後需要解密檔案的大小,判斷檔案是否有被改動過。在加密的過程中定義一個參數來對原文件大小進行位元組轉換,在解密時,也通過這個參數對下載後需要解密的檔案大小進行位元組轉換,來判斷前後檔案的大小是否一致。The encrypting step S202 may further include: the encryption module 12 sets the file parameter to record the size of the file when encrypting, so as to compare the size of the encrypted file after the encrypted file and the downloaded file, and determine whether the file has been modified. In the process of encryption, a parameter is defined to perform byte conversion on the original file size. When decrypting, the parameter size of the file to be decrypted after downloading is also converted by the parameter to determine whether the size of the file before and after is consistent.

該加密步驟S202還可以包括:加密模組12在加密後對檔案重新定義檔案類型,以便解密時判斷下載後需要解密的檔案是否是之前加密過的檔案。加密後的檔案會把原文件的類型去掉,重新定義成一個新的檔案類型,這樣就隱藏了原檔案類型。The encryption step S202 may further include: the encryption module 12 re-defines the file type after the encryption, so as to determine whether the file to be decrypted after the download is a previously encrypted file. The encrypted file will be removed from the original file type and redefined as a new file type, thus hiding the original file type.

步驟S204:保存模組14把該檔案上傳後存放的檔案伺服器位址、加密類型、授權用戶資訊存入資料庫配置表中。Step S204: The save module 14 stores the file server address, the encryption type, and the authorized user information stored in the file after the file is uploaded into the database configuration table.

步驟S206:當下載該檔案時,根據資料庫配置表資訊判斷模組16判斷用戶是否有許可權下載該檔案,若無許可權則結束操作流程,若有許可權則準予下載,進入步驟S208。Step S206: When downloading the file, the database configuration table information determining module 16 determines whether the user has permission to download the file. If there is no permission, the operation flow is ended, and if there is permission, the download is permitted, and the process proceeds to step S208.

步驟S208:下載模組18將該加密檔案下載到用戶端。Step S208: The download module 18 downloads the encrypted file to the client.

步驟S210:解密模組20在用戶端建立獨立存儲區,相對應該檔案的加密類型解密該檔案到所建立的獨立存儲區。在該步驟中,根據資料庫配置表記錄的該檔案的加密類型對檔案解密,加密類型可以是對稱加密、非對稱加密等其他加密類型,解密模組選擇相應的解密演算法解密。Step S210: The decryption module 20 establishes an independent storage area on the user side, and decrypts the file to the established independent storage area according to the encryption type of the file. In this step, the file is decrypted according to the encryption type of the file recorded in the database configuration table, and the encryption type may be other encryption types such as symmetric encryption and asymmetric encryption, and the decryption module selects the corresponding decryption algorithm to decrypt.

所述解密步驟S210還可以包括:解密模組20依據在步驟S202設置的檔案參數記錄的檔案大小,比較加密後和下載後需要解密的檔案,判斷檔案是否有被改動過。我們在加密的過程中定義一個參數來對原文件大小進行位元組轉換,在解密時,也通過這個參數對下載後需要解密的檔案大小進行位元組轉換,來判斷加密後檔案的大小和下載後需要解密的檔案大小是否一致,如果不一致則提示用戶無法解密檔案。The decrypting step S210 may further include: the decryption module 20 compares the files that need to be decrypted after being encrypted and downloaded according to the file size recorded in the file parameter set in step S202, and determines whether the file has been modified. In the process of encryption, we define a parameter to perform byte conversion on the original file size. When decrypting, we also use this parameter to perform byte conversion on the file size that needs to be decrypted after downloading to determine the size of the encrypted file and The size of the files that need to be decrypted after downloading is consistent. If they are inconsistent, the user cannot be decrypted.

所述解密步驟S210還可以包括:解密模組20通過比較在步驟S202重新定義的新的檔案類型和需要解密的檔案的類型是否一致,判斷是否是之前加密過的檔案。加密後的檔案會把原檔案的類型去掉,重新定義成一個新的檔類型,這樣就隱藏了原文件類型,我們解密該加密檔案時,可以根據需要解密的檔案的檔案類型和重新定義的新的檔案類型是否一致來判斷該需要解密的檔案是否是之前加密後的檔案,如果不是,提示用戶無法解密檔案。The decrypting step S210 may further include: the decryption module 20 determines whether it is a previously encrypted file by comparing whether the new file type redefined in step S202 and the type of the file to be decrypted are consistent. The encrypted file will be removed from the original file type and redefined as a new file type. This hides the original file type. When we decrypt the encrypted file, we can decrypt the file type and redefine the file according to the need. Whether the file type is consistent to determine whether the file to be decrypted is a previously encrypted file, and if not, the user cannot be decrypted.

上述實施方式在步驟S210之後還可以包括步驟S212:利用專用的閱讀器查看解密後的檔案,該閱讀器只能查看檔案內容不能進行其他操作,查看完自動刪除解密檔案。After the step S210, the foregoing embodiment may further include step S212: viewing the decrypted file by using a dedicated reader, the reader can only view the file content and cannot perform other operations, and automatically delete the decrypted file after viewing.

綜上所述,本發明符合發明專利要件,爰依法提出專利申請。惟,以上所述者僅爲本發明之較佳實施例,本發明之範圍並不以上述實施例爲限,舉凡熟悉本案技藝之人士援依本發明之精神所作之等效修飾或變化,皆應涵蓋於以下申請專利範圍內。In summary, the present invention complies with the requirements of the invention patent and submits a patent application according to law. The above is only the preferred embodiment of the present invention, and the scope of the present invention is not limited to the above-described embodiments, and equivalent modifications or variations made by those skilled in the art in light of the spirit of the present invention are It should be covered by the following patent application.

10...上傳模組10. . . Upload module

12...加密模組12. . . Cryptographic module

14...保存模組14. . . Save module

16...判斷模組16. . . Judging module

18...下載模組18. . . Download module

20...解密模組20. . . Decryption module

22...閱讀器twenty two. . . Reader

S200...設置檔案加密類型及授權用戶,並上傳檔案S200. . . Set file encryption type and authorized users, and upload files

S202...對上傳檔案進行加密S202. . . Encrypt the uploaded file

S204...把檔案上傳位址、加密類型、授權用戶資訊存入資料庫配置表中S204. . . Store the file upload address, encryption type, and authorized user information in the database configuration table.

S206...判斷用戶是否有許可權下載該檔案S206. . . Determine if the user has permission to download the file

S208...下載檔案到用戶端S208. . . Download file to client

S210...在用戶端建立獨立存儲區,解密該檔案到所建立的獨立存儲區S210. . . Establish an independent storage area on the user side, decrypt the file to the established independent storage area

S212...利用專用的閱讀器查看解密後的檔案S212. . . View the decrypted file with a dedicated reader

圖 1係本發明保護檔案內容安全的系統的較佳實施例的功能模組圖。1 is a functional block diagram of a preferred embodiment of a system for securing file content according to the present invention.

圖 2係本發明保護檔案內容安全方法的較佳實施例流程圖。2 is a flow chart of a preferred embodiment of the method for securing archive content according to the present invention.

S200...設置檔案加密類型及授權用戶,並上傳檔案S200. . . Set file encryption type and authorized users, and upload files

S202...對上傳檔案進行加密S202. . . Encrypt the uploaded file

S204...把檔案上傳位址、加密類型、授權用戶資訊存入資料庫配置表中S204. . . Store the file upload address, encryption type, and authorized user information in the database configuration table.

S206...判斷用戶是否有許可權下載該檔案S206. . . Determine if the user has permission to download the file

S208...下載檔案到用戶端S208. . . Download file to client

S210...在用戶端建立獨立存儲區,解密該檔案到所建立的獨立存儲區S210. . . Establish an independent storage area on the user side, decrypt the file to the established independent storage area

S212...利用專用的閱讀器查看解密後的檔案S212. . . View the decrypted file with a dedicated reader

Claims (12)

一種保護檔案內容安全的方法,該方法包括以下步驟:
上傳步驟:當需要上傳檔案時,設置檔案加密類型及授權用戶,並上傳檔案;
加密步驟:根據所述加密類型對上傳檔案進行加密;
保存步驟:將檔案上傳位址、加密類型、授權用戶資訊存入資料庫配置表中;
判斷步驟:當需要下載加密後的檔案時,根據資料庫配置表資訊判斷用戶是否有許可權下載該加密後的檔案,若無許可權則拒絕下載,若有許可權則準予下載;
下載步驟:將該加密後的檔案下載到用戶端;
解密步驟:在用戶端建立獨立存儲區,根據資料庫配置表中記錄的該檔案的加密類型解密該加密後的檔案到該獨立存儲區。A method of securing archive content, the method comprising the steps of:
Upload step: When you need to upload files, set the file encryption type and authorized users, and upload files;
Encryption step: encrypting the uploaded file according to the encryption type;
The saving step: storing the file upload address, the encryption type, and the authorized user information in the database configuration table;
Judgment step: when the encrypted file needs to be downloaded, it is judged according to the database configuration table information whether the user has the permission to download the encrypted file, and if there is no permission, the download is refused, and if there is permission, the download is permitted;
Download step: download the encrypted file to the client;
Decryption step: establishing a separate storage area on the user side, and decrypting the encrypted file to the independent storage area according to the encryption type of the file recorded in the database configuration table. 如申請專利範圍第1項所述之保護檔案內容安全的方法,其中,所述加密步驟還包括:加密時設置檔案參數來記錄檔案的大小。The method for protecting the content of the file as described in claim 1, wherein the encrypting step further comprises: setting an file parameter during encryption to record the size of the file. 如申請專利範圍第2項所述之保護檔案內容安全的方法,其中,所述解密步驟還包括:依據在加密時設置的檔案參數記錄的檔案大小,比較加密後檔案和下載後需要解密檔案的大小是否一致,從而判斷檔案是否有被改動過,如果改動過,提示用戶無法解密。The method for protecting the content security of the file according to the second aspect of the patent application, wherein the decrypting step further comprises: comparing the encrypted file according to the file size recorded by the file parameter set at the time of encryption, and comparing the encrypted file after downloading Whether the size is the same, so as to determine whether the file has been changed, if the change, the user is unable to decrypt. 如申請專利範圍第1項或者第2項所述之保護檔案內容安全的方法,其中,所述加密步驟進一步包括:對加密後檔案重新定義檔類型。The method for protecting the content of a file as described in claim 1 or 2, wherein the encrypting step further comprises: re-defining the file type after the encrypted file. 如申請專利範圍第4項所述之保護檔案內容安全的方法,其中,所述解密步驟進一步包括:比較在加密後重新定義的檔案類型與下載的需要解密的檔案類型是否一致,判斷該下載的需要解密的檔案是否是之前加密過的檔案,如果不是,提示用戶無法解密。The method for protecting file content security according to claim 4, wherein the decrypting step further comprises: comparing whether the file type re-defined after encryption is consistent with the downloaded file type to be decrypted, and determining the downloaded Whether the file to be decrypted is a previously encrypted file, if not, the user cannot be decrypted. 如申請專利範圍第1項所述之保護檔案內容安全的方法,其中,該方法在解密步驟之後還包括步驟:
利用專用的閱讀器查看解密後的檔案,該閱讀器只能查看檔案內容,不能進行別的操作,查看完自動刪除解密檔案。The method for protecting the content security of the file as described in claim 1, wherein the method further comprises the following steps after the decrypting step:
Use a dedicated reader to view the decrypted file. The reader can only view the contents of the file, and cannot perform other operations. After the view, the decrypted file is automatically deleted. 一種保護檔案內容安全的系統,其中,該系統包括:
上傳模組,用於當需要上傳檔案時,設置加密類型與下載該檔案的用戶許可權,並上傳檔案;
加密模組,用於根據所述加密類型對上傳檔案進行加密;
保存模組,用於把檔案上傳位址、加密類型,下載用戶許可權相關資訊存入資料庫配置表;
判斷模組,用於當需要下載加密後的檔案時,根據資料庫配置表資訊判斷用戶是否有許可權下載該加密後的檔案,若無許可權則拒絕下載,若有許可權則準予下載;
下載模組,用於將該加密後的檔案下載到用戶端;
解密模組,用於在用戶端建立獨立存儲區,根據資料庫配置表中檔案的加密類型解密該加密後的檔案到該獨立存儲區。A system for protecting the security of archive content, wherein the system comprises:
The uploading module is configured to set an encryption type and a user permission to download the file when uploading the file, and upload the file;
An encryption module, configured to encrypt the uploaded file according to the encryption type;
The saving module is configured to store the file upload address, the encryption type, and the download user permission related information into the database configuration table;
The judging module is configured to judge whether the user has permission to download the encrypted file according to the information of the database configuration table when downloading the encrypted file, and refuse to download if there is no permission, and grant the download if there is permission;
The download module is configured to download the encrypted file to the user end;
The decryption module is configured to establish an independent storage area on the user end, and decrypt the encrypted file into the independent storage area according to the encryption type of the file in the database configuration table. 如申請專利範圍第7項所述之保護檔案內容安全的系統,其中,所述加密模組還用於加密時設置檔案參數來記錄檔案的大小。The system for protecting the content of the file as described in claim 7 , wherein the encryption module is further configured to set a file parameter to record the size of the file when encrypting. 如申請專利範圍第8項所述之保護檔案內容安全的系統,其中,所述解密模組還用於依據加密時設置的檔案參數記錄的檔案大小,比較加密後檔案和下載後需要解密的檔案大小,判斷檔案是否有被改動過,如果改動過,提示用戶無法解密。The system for protecting the content of the file as described in claim 8 , wherein the decryption module is further configured to compare the encrypted file and the file to be decrypted after the download according to the file size recorded by the file parameter set during encryption. Size, to determine whether the file has been changed, if changed, prompt the user can not decrypt. 如申請專利範圍第7項或第8項所述之保護檔案內容安全的系統,其中,所述加密模組還用於對加密後檔案重新定義檔案類型。The system for protecting the content of the file as described in claim 7 or 8, wherein the encryption module is further configured to redefine the file type of the encrypted file. 如申請專利範圍第10項所述之保護檔案內容安全的系統,其中,所述解密模組還用於比較加密後檔案重新定義的檔案類型與下載後需要解密的檔案類型,判斷是否是之前加密過的檔案,如果不是,提示用戶無法解密。The system for protecting the content of the file as described in claim 10, wherein the decryption module is further configured to compare the file type redefined by the encrypted file with the file type that needs to be decrypted after downloading, and determine whether it is previously encrypted. The file, if not, prompts the user to not decrypt. 如申請專利範圍第7項所述之保護檔案內容安全的系統,其中,該系統還包括一專用閱讀器,該閱讀器只能查看檔案內容而不能進行別的操作,查看完自動刪除解密檔案。The system for protecting the content of the file as described in claim 7 of the patent application, wherein the system further comprises a special reader, the reader can only view the content of the file and cannot perform other operations, and automatically delete the decrypted file after viewing.
TW101101523A 2012-01-09 2012-01-16 System and method for protection of file content security TW201329776A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2012100043686A CN103198261A (en) 2012-01-09 2012-01-09 Method and system for protecting file content security

Publications (1)

Publication Number Publication Date
TW201329776A true TW201329776A (en) 2013-07-16

Family

ID=48720808

Family Applications (1)

Application Number Title Priority Date Filing Date
TW101101523A TW201329776A (en) 2012-01-09 2012-01-16 System and method for protection of file content security

Country Status (2)

Country Link
CN (1) CN103198261A (en)
TW (1) TW201329776A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI821824B (en) * 2021-12-16 2023-11-11 上銀科技股份有限公司 Method and system of automatically loading of parameters, and serving-end server and client-end server thereof

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106709852A (en) * 2015-08-13 2017-05-24 新人类资讯科技股份有限公司 Method for generating watermark file and electronic device
CN105160271B (en) * 2015-08-28 2017-11-10 英威康科技股份有限公司 Reducible formula file protection device control method and reducible formula document protection method
CN105915330A (en) * 2016-06-24 2016-08-31 武汉斗鱼网络科技有限公司 Security data sharing method and system
CN107800714A (en) * 2017-11-10 2018-03-13 中国民生银行股份有限公司 A kind of file of client shows method and apparatus
CN109299611A (en) * 2018-08-27 2019-02-01 优视科技新加坡有限公司 File encrypting method, device, equipment/terminal/server and computer readable storage medium
CN109347828B (en) * 2018-10-22 2019-11-26 北京达佳互联信息技术有限公司 File Upload and Download method, apparatus, electronic equipment and storage medium
CN114553532A (en) * 2022-02-22 2022-05-27 深圳壹账通智能科技有限公司 Data secure transmission method and device, electronic equipment and storage medium
CN114785598A (en) * 2022-04-22 2022-07-22 博智安全科技股份有限公司 Encryption and decryption method, device, equipment and storage medium for player identity
CN116127510A (en) * 2023-01-10 2023-05-16 广州集联信息技术有限公司 Encryption communication system of internet of things data

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060143180A1 (en) * 2000-03-09 2006-06-29 Pkware, Inc. System and method for manipulating and managing computer archive files
CN101901313B (en) * 2010-06-10 2013-12-18 中科方德软件有限公司 Linux file protection system and method
CN102215214B (en) * 2010-07-29 2014-01-15 上海华御信息技术有限公司 Selective-transparent-encryption/decryption-based file protection method and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI821824B (en) * 2021-12-16 2023-11-11 上銀科技股份有限公司 Method and system of automatically loading of parameters, and serving-end server and client-end server thereof

Also Published As

Publication number Publication date
CN103198261A (en) 2013-07-10

Similar Documents

Publication Publication Date Title
TW201329776A (en) System and method for protection of file content security
US9424400B1 (en) Digital rights management system transfer of content and distribution
US9342701B1 (en) Digital rights management system and methods for provisioning content to an intelligent storage
CN105245328B (en) It is a kind of that management method is generated based on the key of third-party user and file
US20100095118A1 (en) Cryptographic key management system facilitating secure access of data portions to corresponding groups of users
WO2012151785A1 (en) Built-in file encryption method for mobile terminal and mobile terminal
WO2016146013A1 (en) Method, device and system for online writing application key in digital content device
KR20060081336A (en) Digital certificates in a recoding medium
CN103731395A (en) Processing method and system for files
WO2017024804A1 (en) Data encryption method, decryption method, apparatus, and system
US20210167955A1 (en) Data transmission
TW201003451A (en) Safety storage device with two-stage symmetrical encryption algorithm
JP2016072769A5 (en)
JP2020524864A5 (en)
WO2017050152A1 (en) Password security system adopted by mobile apparatus and secure password entering method thereof
JPH11215117A (en) Method and device for key encoding and recovery
WO2016050118A1 (en) Information processing method and information processing device
AU2015202697A1 (en) Agent for providing security cloud service and security token device for security cloud service
US10380353B2 (en) Document security in enterprise content management systems
WO2024060820A1 (en) File encryption and decryption method and file encryption and decryption system, and electronic device
CN108173906A (en) Installation kit method for down loading, device, storage medium and electronic equipment
WO2018205723A1 (en) Secure disk with secure encryption function, and secure encryption method
CN105553945A (en) Method and device for encrypting and decrypting data in mobile terminal
TW201530345A (en) Digital right management system, management method and information transmission system and method thereof
CN117938546B (en) Verification and data access method of electronic account