TWI501103B - Sequential data safekeeping system - Google Patents
Sequential data safekeeping system Download PDFInfo
- Publication number
- TWI501103B TWI501103B TW103100255A TW103100255A TWI501103B TW I501103 B TWI501103 B TW I501103B TW 103100255 A TW103100255 A TW 103100255A TW 103100255 A TW103100255 A TW 103100255A TW I501103 B TWI501103 B TW I501103B
- Authority
- TW
- Taiwan
- Prior art keywords
- nth
- serial number
- continuous data
- data
- further configured
- Prior art date
Links
Landscapes
- Storage Device Security (AREA)
Description
本揭露係關於連續性資料之處理。This disclosure relates to the processing of continuous data.
企業或組織內部的網路環境,在一個極端,是防堵任何未被授權的隨身碟、行動電話、平板電腦或筆記型電腦等的攜入,僅允許員工有限度地使用公司配發的設備,甚至這些設備本身只是桌面派送(Desktop Delivery)裝置,機密資料都集中於機房或雲端嚴加控管。在另一個極端,企業鼓勵員工帶自己的智慧型裝置來上班(Bring Your Own Device,簡稱BYOD),以撙節資訊科技的採購和營運支出。前者雖然安全,卻使組織流程複雜僵化,影響生產力;後者則需對外來裝置存取內部網路資源多所退讓,無異於引狼入室。The network environment within a company or organization, at the extreme, is to prevent the insertion of any unauthorized flash drives, mobile phones, tablets or laptops, and only allows employees to use the company's allotted equipment to a limited extent. Even these devices are just desktop delivery devices, and confidential information is concentrated in the computer room or in the cloud. At the other extreme, companies encourage employees to bring their own smart devices to work (Bring Your Own Device, BYOD) to capture the procurement and operating expenses of information technology. Although the former is safe, it makes the organizational process complex and rigid, affecting productivity; the latter requires the external device to access the internal network resources, and it is tantamount to lead the wolf into the room.
本揭露提供之連續性資料維護系統包含連續性資料保存裝置,其又包含儲存模組、序號(voucher)產生模組、第一通訊模組和第一控制模組。儲存模組用以儲存公鑰(public key)和關聯於某運算裝置的連續性資料。儲存模組中之資料僅能由讀取裝置讀出。第一通訊模組用以傳送序號 和公鑰至前述運算裝置,且用以自運算裝置接收關聯於之的記錄項(log entry)。第一控制模組用以判斷記錄項是否包含目前序號;當記錄項包含目前序號時,控制模組更用以將記錄項附加於連續性資料。The continuous data maintenance system provided by the disclosure comprises a continuous data storage device, which further comprises a storage module, a voucher generation module, a first communication module and a first control module. The storage module is configured to store a public key and continuity data associated with an computing device. The data in the storage module can only be read by the reading device. The first communication module is used to transmit the serial number And the public key to the computing device, and is used to receive a log entry associated with the computing device. The first control module is configured to determine whether the record item includes the current serial number; when the record item includes the current serial number, the control module is further configured to attach the record item to the continuity data.
在一實施例中,本揭露提供之連續性資料維護系統更包含電腦可讀取媒體,其具有用以使前述運算裝置的處理器執行多道指令的電腦程式碼。所述指令包含:自連續性資料保存裝置接收公鑰和其產生的第N序號;依據觸發訊號,產生第N事件訊息;取得第N-1序號和關聯於第N-1事件訊息的第N-1驗證碼;依據第N-1序號、第N-1驗證碼和第N事件訊息,產生第N明文資料;依據公鑰加密第N明文資料,以產生第N密文資料,第N序號與第N密文資料形成第N記錄項;以及傳送第N記錄項至連續性資料保存裝置。In one embodiment, the continuum data maintenance system provided by the present disclosure further includes a computer readable medium having a computer program code for causing a processor of the aforementioned computing device to execute a plurality of instructions. The instruction includes: receiving a public key from the continuous data storage device and the Nth serial number generated therefrom; generating an Nth event message according to the trigger signal; obtaining the N-1th serial number and the Nth associated with the N-1 event message -1 verification code; generating Nth plaintext data according to the N-1th serial number, the N-1th verification code, and the Nth event message; encrypting the Nth plaintext data according to the public key to generate the Nth ciphertext data, the Nth serial number Forming an Nth entry with the Nth ciphertext data; and transmitting the Nth entry to the continuous data storage device.
在一實施例中,本揭露提供之連續性資料維護系統更包含連續性資料讀取裝置,其包含第二通訊模組和第二控制模組。第二通訊模組用以自連續性資料保存裝置取得序號誌,且用以自連續性資料保存裝置取得包含第M序號的第M記錄項。第二控制模組用以產生指令存取連續性資料保存裝置,並用以判斷序號誌是否包含第M序號。In an embodiment, the continuous data maintenance system provided by the disclosure further includes a continuous data reading device, which includes a second communication module and a second control module. The second communication module is configured to obtain the serial number from the continuous data storage device, and to obtain the Mth record including the Mth serial number from the continuous data storage device. The second control module is configured to generate an instruction access continuity data storage device, and is configured to determine whether the serial number contains the Mth serial number.
以上之關於本揭露內容之說明及以下之實施方式之說明係用以示範與解釋本揭露之精神與原理,並且提供本揭露之專利申請範圍更進一步之解釋。The above description of the disclosure and the following embodiments are intended to illustrate and explain the spirit and principles of the disclosure, and to provide further explanation of the scope of the disclosure.
1‧‧‧代理程式1‧‧‧Agent
2‧‧‧連續性資料保存裝置2‧‧‧Continuous data storage device
3‧‧‧連續性資料讀取裝置3‧‧‧Continuous data reading device
第1圖係依據本揭露一實施例代理程式與連續性資料保存裝置的互動圖。FIG. 1 is an interaction diagram of an agent and a continuous data saving device according to an embodiment of the present disclosure.
第2圖係依據本揭露一實施例連續性資料讀取裝置與連續性資料保存裝置的互動圖。2 is an interaction diagram of a continuous data reading device and a continuous data storage device according to an embodiment of the present disclosure.
第3圖係依據本揭露一實施例連續性資料讀取裝置與連續性資料保存裝置的互動圖。Figure 3 is an interaction diagram of a continuous data reading device and a continuous data storage device in accordance with an embodiment of the present disclosure.
以下在實施方式中詳細敘述本揭露之詳細特徵以及優點,其內容足以使任何熟習相關技藝者了解本揭露之技術內容並據以實施,且依據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本揭露相關之目的及優點。以下之實施例係進一步詳細說明本揭露之觀點,但非以任何觀點限制本揭露之範疇。The detailed features and advantages of the present disclosure are described in detail in the following detailed description of the embodiments of the disclosure, and the disclosure of The objects and advantages associated with the present disclosure can be readily understood by those skilled in the art. The following examples are intended to further illustrate the present disclosure, but are not intended to limit the scope of the disclosure.
在一實施例中,本揭露之電腦可讀取媒體中的程式碼係以如安裝於電腦或智慧型手機上的應用軟體(Application Software,俗稱app)的形式為員工自攜的裝置所執行,用以監視員工於自攜裝置上的相關操作。一般而言,實作或具有前述程式碼的裝置或軟體(以下統稱代理程式〔Agent〕)作為企業資訊安全政策的一環,需由企業提供並貫徹其安裝。連續性資料保存裝置(以下簡稱保存裝置)則通 常是偏小的硬體鍵(Hardware Key或dongle),尺寸以不影響自攜裝置的正常操作為原則,以USB On-The-Go(通用序列匯流排〔Universal Serial Bus〕規範的補充)、音訊端子(Audio Jack或Phone Connector,可用於音訊之外的訊號傳輸,如攜帶式的信用卡機)或其他週邊介面有線地外接自攜裝置,或以藍牙(Bluetooth)、ZigBee等無線個人區域網路(Wireless Personal Area Network,簡稱WPAN)技術和自攜裝置連線。簡單來說,在一實施例中,代理程式安裝於員工自攜裝置,員工抵達公司時需於門禁處領取保存裝置,兩裝置成功連接,代理程式得以監視自攜裝置狀態產生記錄項並將之儲存至保存裝置時始放行。In an embodiment, the code in the computer readable medium of the present disclosure is implemented by an employee-held device in the form of an application software (applicable as an app) installed on a computer or a smart phone. It is used to monitor the related operations of employees on their own devices. In general, devices or software (hereinafter referred to as agents) that are implemented or have the aforementioned code are included in the enterprise information security policy and must be provided and implemented by the enterprise. Continuous data storage device (hereinafter referred to as storage device) Often a small hardware key (Hardware Key or dongle), the size is not affected by the normal operation of the self-contained device, USB On-The-Go (completion of the Universal Serial Bus) Audio terminal (Audio Jack or Phone Connector, which can be used for signal transmission other than audio, such as portable credit card machine) or other peripheral interface wired externally connected device, or wireless personal area network such as Bluetooth or ZigBee (Wireless Personal Area Network, WPAN for short) technology and self-carrying devices. Briefly, in one embodiment, the agent is installed in the employee self-carrying device. When the employee arrives at the company, the employee needs to obtain the storage device at the access control. The two devices are successfully connected, and the agent can monitor the status of the self-carrying device to generate a record and Released when saving to the save device.
員工離開工作崗位時需再次通過門禁。此時將保存裝置拆下或斷線,並送交連續性資料讀取裝置(以下簡稱讀取裝置)驗證。讀取裝置亦具有有線或無線連接保存裝置的能力,可以是一臺專門的設備,也可以是一般的伺服器或電腦。讀取裝置檢視保存裝置所儲存的連續性資料,在有可疑記錄項(依組織安全政策的定義)時發出警告,門禁處可依據警告扣留員工進一步調查。在其他並非如上對自攜裝置側錄的實施例中,保存裝置具有連網介面,讀取裝置可即時驗證記錄項,使企業於第一時間掌握員工異常的操作行為。When employees leave their jobs, they need to pass the door again. At this time, the storage device is removed or disconnected, and sent to the continuous data reading device (hereinafter referred to as the reading device) for verification. The reading device also has the ability to store the device by wire or wireless connection, and can be a special device or a general server or a computer. The reading device examines the continuity data stored in the storage device and issues a warning when there is a suspicious record (as defined by the organization's security policy), and the access control may detain the employee for further investigation according to the warning. In other embodiments that are not recorded on the self-contained device as described above, the storage device has a networking interface, and the reading device can instantly verify the recorded items, so that the enterprise can grasp the abnormal operation behavior of the employee at the first time.
以上實施例的細節請先參見第1圖。第1圖係依據本揭露一實施例具有前述程式碼的代理程式1與保存裝置 2的互動圖。假設代理程式1與保存裝置2連接成功之後,代理程式1立即從保存裝置2取得公鑰與第一序號。如第1圖所示,於步驟S101中,代理程式1依據某個觸發訊號,產生第N事件訊息。在一實施例中,觸發訊號可分為週期性和條件式兩種。週期性的觸發訊號使代理程式1定期觀察所在自攜裝置的硬體狀態,如藍牙、無線區域網路(Wireless Local Area Network或Wi-Fi)、通用序列匯流排、攝影鏡頭等輸出入介面是否開啟或接有其他裝置,以及保存裝置2是否仍與自攜裝置保持連結,發現異常時方產生事件訊息。條件式的觸發訊號則在某個條件發生時促使代理程式1產生事件訊息,如自攜裝置存取了非法授權的網址、下載了檔案、重新啟動或變更了其作業系統。第N-1事件訊息與第N事件訊息本質相同,為稍早另一次進行步驟S101時所產生。於步驟S102中,代理程式1依據第N-1序號、第N-1驗證碼和第N事件訊息產生第N明文資料。代理程式1記錄有第N-1序號和關聯於第N-1事件訊息的第N-1驗證碼。第N-1序號是從保存裝置2取得。第N-1驗證碼是第N-1事件訊息的訊息驗證碼(Message Authentication Code),一般而言係以某個雜湊函數(Hash Function),如MD5、SHA-1、Whirlpool等,對第N-1事件訊息運算所得之雜湊值(Hash Value)。Please refer to Figure 1 for details of the above embodiment. 1 is an agent 1 and a saving device having the aforementioned code according to an embodiment of the present disclosure. 2 interactive diagram. Assuming that the agent 1 is successfully connected to the saving device 2, the agent 1 immediately obtains the public key and the first serial number from the saving device 2. As shown in FIG. 1, in step S101, the agent 1 generates an Nth event message according to a certain trigger signal. In an embodiment, the trigger signal can be divided into periodic and conditional. The periodic trigger signal causes the agent 1 to periodically observe the hardware status of the self-contained device, such as Bluetooth, wireless local area network (Wi-Fi), universal serial bus, photographic lens, etc. Whether other devices are turned on or connected, and whether the storage device 2 is still connected to the self-carrying device, and an event message is generated when an abnormality is found. The conditional trigger signal causes the agent 1 to generate an event message when a certain condition occurs, such as the self-carrying device accessing the illegally authorized web address, downloading the file, restarting or changing its operating system. The N-1th event message is essentially the same as the Nth event message, which is generated when the step S101 is performed another time earlier. In step S102, the agent 1 generates the Nth plaintext data according to the N-1th number, the N-1th verification code, and the Nth event message. The agent 1 records the N-1th serial number and the N-1th verification code associated with the N-1th event message. The number N-1 is obtained from the storage device 2. The N-1 verification code is a message authentication code of the N-1 event message, and is generally a hash function such as MD5, SHA-1, Whirlpool, etc., for the Nth -1 Hash Value of the event message operation.
在此同時,代理程式1已自保存裝置2取得第N序號。在非對稱式密碼學(Asymmetric Cryptography)中, 用以加解密的密鑰係成對存在,分別稱為公鑰(Public Key)和私鑰(Private Key)。用公鑰加密則需用私鑰解密。於步驟S103中,代理程式1依據接收到的公鑰加密第N明文資料,以產生第N密文資料,並於步驟S104中將第N密文資料和取得的第N序號作為第N記錄項一併傳送給保存裝置2。當保存裝置2於步驟S201中判斷第N記錄項包含其之前產生並給予代理程式1的第N序號時,保存裝置2即認為第N記錄項合乎正常程序,並於步驟S202中將之附加於保存所有記錄項的一份連續性資料。連續性資料舉例而言可以是文字檔、小型資料庫或快閃記憶體上的專用儲存區塊,可容納多筆記錄項。請注意保存裝置2並不持有配合前述公鑰的私鑰,因此無法得知記錄項中序號以外的內容。於步驟S202中,保存裝置2亦可選擇性地將第N序號附加於其所保存的一個序號誌。當保存裝置2判斷第N記錄項並不包含第N序號時,可直接丟棄第N記錄項,或仍附加第N記錄項於另一連續性儲存標的。於步驟S203中,保存裝置2選擇性地傳送一個確認訊號給自攜裝置。若保存裝置2並未發現異樣,則此確認訊號可以指示包含第N序號的第N記錄項成功被儲存了,促使代理程式1於步驟S106中依據如前述同樣的雜湊函數產生第N事件訊息的第N驗證碼,並連同第N序號保存起來供產生第N+1記錄項時使用。於步驟S204中,當第N記錄項與第N序號已成功被附加時,保存裝置2立即會產生第N+1序號, 並於步驟S205中通知代理程式1。於步驟S107中,代理程式1亦保存第N+1序號。At the same time, the agent 1 has obtained the Nth serial number from the saving device 2. In Asymmetric Cryptography, The keys used for encryption and decryption exist in pairs, called Public Key and Private Key. Encryption with a public key requires decryption with a private key. In step S103, the agent 1 encrypts the Nth plaintext data according to the received public key to generate the Nth ciphertext data, and in step S104, the Nth ciphertext data and the obtained Nth serial number are used as the Nth entry. It is also transmitted to the storage device 2. When the saving device 2 determines in step S201 that the Nth record contains the Nth number that was previously generated and given to the agent 1, the saving device 2 considers that the Nth entry is in the normal procedure and attaches it to the step S202. Keep a continuous piece of data for all entries. The continuous data can be, for example, a text file, a small database, or a dedicated storage block on the flash memory, and can accommodate a plurality of records. Note that the storage device 2 does not hold the private key that matches the aforementioned public key, and therefore cannot know anything other than the serial number in the recorded item. In step S202, the saving device 2 may also selectively append the Nth serial number to a serial number stored therein. When the saving device 2 determines that the Nth record does not include the Nth sequence number, the Nth record item may be directly discarded, or the Nth record item may still be attached to another continuity storage target. In step S203, the saving device 2 selectively transmits a confirmation signal to the self-contained device. If the save device 2 does not find any abnormality, the confirmation signal may indicate that the Nth record containing the Nth serial number is successfully stored, and causes the agent 1 to generate the Nth event message according to the same hash function as described above in step S106. The Nth verification code is used in conjunction with the Nth serial number for generating the N+1th entry. In step S204, when the Nth record and the Nth serial number have been successfully added, the saving device 2 immediately generates the N+1th serial number. The agent 1 is notified in step S205. In step S107, the agent 1 also saves the N+1th serial number.
本揭露之另一個面向請參見第2圖。第2圖係依據一實施例讀取裝置3與保存裝置2的互動圖。在此實施例中,讀取裝置3與保存裝置2的互動必須由讀取裝置3下達指令予保存裝置2,而保存裝置2再根據下達的指令做出相對應的處置與回傳結果資料。所有的指令都伴隨數位簽章,保存裝置2驗證數位簽章無誤之後指令方可被執行。如第2圖所示,讀取裝置3於步驟S301中產生指令並依據一把私鑰產生關聯於指令的數位簽章,並於步驟S302中將指令和數位簽章傳送至保存裝置2。這把私鑰不一定與前述加密記錄項的公鑰成對;若不成對,顯然保存裝置2也需保存和這把私鑰成對的公鑰。為求說明簡潔,本揭露並不仔細區分使用了哪些公私鑰對,凡本揭露所屬領域中具通常知識者應可輕易類推出使用不同對公私鑰於不同用途的多種實施樣態。於步驟S401中,保存裝置2依據對應前述私鑰的一把公鑰,驗證數位簽章。若以公鑰可成功驗證數位簽章,則表示傳送指令者確是被授權的一個讀取裝置。相應地,於步驟S402中,保存裝置2會執行指令,並於步驟S403傳送指令執行結果與關聯於指令的資料給讀取裝置3。See Figure 2 for another aspect of this disclosure. 2 is an interaction diagram of the reading device 3 and the saving device 2 in accordance with an embodiment. In this embodiment, the interaction between the reading device 3 and the saving device 2 must be issued by the reading device 3 to the saving device 2, and the saving device 2 then makes the corresponding handling and returning result data according to the issued instructions. All instructions are accompanied by a digital signature, and the instruction can be executed after the save device 2 verifies that the digital signature is correct. As shown in Fig. 2, the reading device 3 generates an instruction in step S301 and generates a digital signature associated with the instruction based on a private key, and transmits the instruction and the digital signature to the saving device 2 in step S302. The private key is not necessarily paired with the public key of the encrypted entry; if it is not paired, it is obvious that the save device 2 also needs to hold the public key paired with the private key. For the sake of brevity, the disclosure does not carefully distinguish which public-private key pairs are used. Anyone with ordinary knowledge in the field of disclosure should be able to easily introduce various implementations using different public-private keys for different purposes. In step S401, the saving device 2 verifies the digital signature according to a public key corresponding to the aforementioned private key. If the digital signature can be successfully verified with the public key, it means that the delivery commander is indeed an authorized reading device. Accordingly, in step S402, the saving device 2 executes the instruction, and in step S403, transmits the instruction execution result and the material associated with the instruction to the reading device 3.
請配合第2圖參見第3圖。第3圖係讀取裝置3驗證連續性資料時與保存裝置2的互動圖。假設一第M記錄 項包含第M序號和第M密文資料。於步驟S501中,讀取裝置3下達讀取第M記錄項的指令予保存裝置2,保存裝置2驗證此讀取指令合法後執行之,並於步驟S601中回傳第M記錄項予讀取裝置3。讀取裝置3於步驟S502中初步驗證第M序號存在於序號誌後,於步驟S503中依據與保存裝置2所提供給代理程式1用以加密明文資料的公鑰成對的私鑰解密第M密文資料,以產生第M明文資料。第M明文資料包含第M事件訊息和第M-1序號和第M-1驗證碼。讀取裝置3欲判斷第M和第M-1記錄項是否確實連續,則需於步驟S504中判斷第M-1記錄項的序號欄位是否記錄有第M明文資料的第M-1序號,並於步驟S505中判斷第M-1驗證碼是否關聯於第M-1記錄項中的第M-1事件訊息,也就是若對第M-1事件訊息進行雜湊計算,能否產生與第M-1驗證碼同樣的驗證碼。於步驟S504和S505中,若出現任何否定的判斷,讀取裝置3都應提出警告。在確認連續性資料的連續性和有效性後,讀取裝置3可再針對已解密的事件訊息依據企業所設定的政策檢視員工進出門禁之間對自攜裝置的操作是否合乎規定、是否有洩密之虞。Please refer to Figure 3 in conjunction with Figure 2. Fig. 3 is an interaction diagram of the reading device 3 with the saving device 2 when verifying the continuity data. Assume an M record The item contains the Mth and Mth ciphertext data. In step S501, the reading device 3 issues an instruction to read the Mth entry to the saving device 2, and the saving device 2 verifies that the read command is legal, and returns the M record to the read in step S601. Device 3. The reading device 3 preliminarily verifies in step S502 that the Mth serial number exists after the serial number, and decrypts in the step S503 according to the private key paired with the public key provided by the saving device 2 to the agent 1 for encrypting the plaintext data. Ciphertext data to produce the Mth plaintext material. The Mth plaintext data includes the Mth event message and the M-1th number and the M-1th verification code. If the reading device 3 is to determine whether the Mth and M-1th entries are indeed continuous, it is determined in step S504 whether the M-1 number of the Mth plaintext data is recorded in the serial number field of the M-1 record. And in step S505, it is determined whether the M-1 verification code is associated with the M-1 event message in the M-1 record item, that is, if the M-1 event message is hashed, whether it can be generated and the Mth -1 verification code with the same verification code. In steps S504 and S505, if any negative determination occurs, the reading device 3 should issue a warning. After confirming the continuity and validity of the continuous data, the reading device 3 can further check whether the operation of the self-carrying device between the entry and exit of the employee is in accordance with the policy set by the enterprise for the decrypted event message, and whether the leak is confidential. After that.
綜上所述,本揭露以外接硬體鍵的方式在容許BYOD的同時仍得以進行全面的監視。於員工自攜的裝置上執行本揭露提供之電腦可讀取媒體中的指令,配合本揭露提供之連續性資料保存裝置,可依企業資訊安全需求妥善建立 連續性資料,包括加密記錄項以及以序號機制確認記錄項的機密性與連續性。連續性資料保存裝置配合本揭露提供之連續性資料讀取裝置則保證監視記錄需經授權才能被讀取、解密和驗證連續性與有效性。In summary, the method of externally connecting the hardware keys allows for full monitoring while allowing BYOD. The instructions in the computer readable medium provided by the disclosure are executed on the device carried by the employee, and the continuous data storage device provided by the disclosure can be properly established according to the information security requirements of the enterprise. Continuity data, including encrypted records and the confidentiality and continuity of records by the serial number mechanism. The continuous data storage device in conjunction with the continuous data reading device provided by the present disclosure ensures that the monitoring record is authorized to be read, decrypted and verified for continuity and validity.
雖然本揭露以前述之實施例揭露如上,然其並非用以限定本揭露。在不脫離本揭露之精神和範圍內,所為之更動與潤飾,均屬本揭露之專利保護範圍。關於本揭露所界定之保護範圍請參考所附之申請專利範圍。Although the disclosure is disclosed above in the foregoing embodiments, it is not intended to limit the disclosure. All changes and refinements are beyond the scope of this disclosure. Please refer to the attached patent application for the scope of protection defined by this disclosure.
1‧‧‧代理程式1‧‧‧Agent
2‧‧‧連續性資料保存裝置2‧‧‧Continuous data storage device
Claims (11)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW103100255A TWI501103B (en) | 2014-01-03 | 2014-01-03 | Sequential data safekeeping system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW103100255A TWI501103B (en) | 2014-01-03 | 2014-01-03 | Sequential data safekeeping system |
Publications (2)
Publication Number | Publication Date |
---|---|
TW201528037A TW201528037A (en) | 2015-07-16 |
TWI501103B true TWI501103B (en) | 2015-09-21 |
Family
ID=54198284
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW103100255A TWI501103B (en) | 2014-01-03 | 2014-01-03 | Sequential data safekeeping system |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWI501103B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI230865B (en) * | 2001-04-03 | 2005-04-11 | Digital United Inc | Method for users to access records |
JP2005258495A (en) * | 2004-03-09 | 2005-09-22 | Hitachi Ltd | Database system with function for recording and disclosing personal information access record |
US20070282855A1 (en) * | 2006-06-02 | 2007-12-06 | A10 Networks Inc. | Access record gateway |
US20080263364A1 (en) * | 2007-04-20 | 2008-10-23 | Dundas Alan H | System and method for providing access to a computer resource |
TW201216076A (en) * | 2010-06-29 | 2012-04-16 | Enterproid Inc | Remote access to a mobile device |
-
2014
- 2014-01-03 TW TW103100255A patent/TWI501103B/en active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI230865B (en) * | 2001-04-03 | 2005-04-11 | Digital United Inc | Method for users to access records |
JP2005258495A (en) * | 2004-03-09 | 2005-09-22 | Hitachi Ltd | Database system with function for recording and disclosing personal information access record |
US20070282855A1 (en) * | 2006-06-02 | 2007-12-06 | A10 Networks Inc. | Access record gateway |
US20080263364A1 (en) * | 2007-04-20 | 2008-10-23 | Dundas Alan H | System and method for providing access to a computer resource |
TW201216076A (en) * | 2010-06-29 | 2012-04-16 | Enterproid Inc | Remote access to a mobile device |
Also Published As
Publication number | Publication date |
---|---|
TW201528037A (en) | 2015-07-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019105290A1 (en) | Data processing method, and application method and apparatus of trusted user interface resource data | |
US20210192090A1 (en) | Secure data storage device with security function implemented in a data security bridge | |
US9954826B2 (en) | Scalable and secure key management for cryptographic data processing | |
US9246678B2 (en) | Secure cloud storage and encryption management system | |
CN100487715C (en) | Date safety storing system, device and method | |
KR101891420B1 (en) | Content protection for data as a service (daas) | |
WO2019218919A1 (en) | Private key management method and apparatus in blockchain scenario, and system | |
US8885833B2 (en) | One-time recovery credentials for encrypted data access | |
US9571280B2 (en) | Application integrity protection via secure interaction and processing | |
KR102065833B1 (en) | Data synchronization method and device | |
US9912484B2 (en) | Secure neighbor discovery (SEND) using pre-shared key | |
US20120096257A1 (en) | Apparatus and Method for Protecting Storage Data of a Computing Apparatus in an Enterprise Network System | |
US10762231B2 (en) | Protecting screenshots of applications executing in a protected workspace container provided in a mobile device | |
US11520859B2 (en) | Display of protected content using trusted execution environment | |
CN112733180A (en) | Data query method and device and electronic equipment | |
CN112088376A (en) | File storage method and device and storage medium | |
CA2891610A1 (en) | Agent for providing security cloud service and security token device for security cloud service | |
KR101473656B1 (en) | Method and apparatus for security of mobile data | |
US9270649B1 (en) | Secure software authenticator data transfer between processing devices | |
TWI501103B (en) | Sequential data safekeeping system | |
CN110764797A (en) | Method, device and system for upgrading file in chip and server | |
JP2015065615A (en) | Data encryption device, data encryption program, and data encryption method | |
CN109543367B (en) | Quantum encryption-based software authorization method and device and storage medium | |
KR100952300B1 (en) | Terminal and Memory for secure data management of storage, and Method the same | |
JP6223811B2 (en) | Communication system and communication method |