WO2016037330A1 - Information processing method and device - Google Patents

Information processing method and device Download PDF

Info

Publication number
WO2016037330A1
WO2016037330A1 PCT/CN2014/086234 CN2014086234W WO2016037330A1 WO 2016037330 A1 WO2016037330 A1 WO 2016037330A1 CN 2014086234 W CN2014086234 W CN 2014086234W WO 2016037330 A1 WO2016037330 A1 WO 2016037330A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
anonymous
private
mapping list
security module
Prior art date
Application number
PCT/CN2014/086234
Other languages
French (fr)
Chinese (zh)
Inventor
冯成燕
王江胜
熊春山
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201480033996.4A priority Critical patent/CN105684343B/en
Priority to PCT/CN2014/086234 priority patent/WO2016037330A1/en
Publication of WO2016037330A1 publication Critical patent/WO2016037330A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Definitions

  • the present invention relates to the field of communications, and in particular, to an information processing method and device.
  • NFV Network Function Virtualization
  • VNF Virtualised Network Function
  • hardware devices such as general-purpose servers, switches, and storage devices, so that these network functions are on general-purpose hardware devices. Operation, no need to configure a new dedicated network element device, can greatly enhance the flexibility of network deployment and reduce investment costs.
  • NFVI Network Function Virtualization Infrastructure
  • NFVI provides an execution environment for the virtual network function VNF.
  • NFVI includes Virtual Machine Monitor (VMM). It can also be called a hypervisor, responsible for the management of physical resources (computing, storage, and network) under it, as well as the creation and management of virtual environments.
  • VMs virtual machines are provided to run the guest operating system.
  • NFVI's memory such as memory
  • Information including user privacy information stored by the VNF, such as IMSI (International Mobile Subscriber Identification Number), IMEI (International Mobile Equipment Identity), MSISDN (Mobile Subscriber International ISDN/PSTN Number, Mobile user international number), MAC (Media Access Control) address, IP (Internet Protocol) address, etc., as well as private information related to third-party applications, such as the user's bank account information, etc. Privacy information has hidden dangers.
  • IMSI International Mobile Subscriber Identification Number
  • IMEI International Mobile Equipment Identity
  • MSISDN Mobile Subscriber International ISDN/PSTN Number, Mobile user international number
  • MAC Media Access Control
  • IP Internet Protocol
  • Embodiments of the present invention provide an information processing method and device, which can solve a virtual network
  • the administrator of the virtual infrastructure has the right to view the virtual network function running on it or the user privacy information saved by the third-party application, so that the user's private information may be leaked.
  • an embodiment of the present invention provides an information processing method, which is applied to a virtualized cloud infrastructure in a virtual network, where the virtualized cloud infrastructure includes a virtual machine monitor and a security module, where the virtual machine monitors The device cannot obtain information in the security module, and the method includes:
  • the anonymous to-be-stored information is stored.
  • the obtaining, by the security module, the first anonymous information corresponding to the first private information includes:
  • mapping list that has been stored by the security module includes the first private information
  • the mapping list includes a correspondence between the first private information and the first anonymous information, and according to the mapping list, The security module acquires first anonymous information corresponding to the first privacy information
  • the security information is used by the security module to obtain the first anonymous information corresponding to the first private information by using a first algorithm. And storing, in the mapping list, a correspondence between the first private information and the first anonymous information.
  • the method further includes:
  • the second anonymous information corresponding to the second private information is obtained by the security module according to the mapping list;
  • the method further includes:
  • the second information including second anonymous information
  • the second private information corresponding to the second anonymous information is obtained by the security module according to the mapping list;
  • the acquiring the first anonymous information corresponding to the first private information includes:
  • the mapping list includes a correspondence between the first private information and the first encryption key, and according to the mapping list, Obtaining, by the security module, the first encryption key corresponding to the first privacy information;
  • the first private information is encrypted according to a third encryption key to generate the first anonymous information, and the first privacy is stored in the mapping list. Correspondence between the information and the third encryption key.
  • the method further includes:
  • the method further includes:
  • the second information including second anonymous information
  • the second encryption key corresponding to the second anonymous information is obtained by the security module according to the mapping list;
  • the second anonymous information is replaced with the second private information in the second information to obtain second read information.
  • the first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  • IMSI International Mobile Subscriber Identity
  • IMEI mobile device international identification code
  • MSISDN mobile subscriber international number
  • MSISDN mobile subscriber international number
  • media access control MAC address of the user a location Describe one or more of the user's Internet Protocol IP addresses.
  • the security module is a hardware security module HSM or a trusted platform module TPM.
  • the embodiment of the present invention provides a virtualized cloud infrastructure, including a virtual machine monitor, a security module, an obtaining module, and a storage module, where the virtual machine monitor cannot obtain information in the security module;
  • the acquiring module is configured to acquire information to be stored, where the information to be stored includes first privacy information;
  • the security module is configured to obtain the first anonymous information corresponding to the first private information acquired by the acquiring module, and replace the first private information in the to-be-stored information with the first anonymous information to be anonymously Store information;
  • the storage module is configured to store the anonymous to-be-stored information obtained by the security module.
  • the security module is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
  • the security module is further configured to: when the first private information is not included in the mapping list, perform the operation on the first private information by using a first algorithm to obtain the first corresponding to the first private information.
  • An anonymous information and a correspondence between the first private information and the first anonymous information is stored in the mapping list.
  • the obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
  • the security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information Second anonymous information; replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
  • the virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
  • the obtaining module is further configured to: acquire a lookup request
  • the virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
  • the security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is found by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second private information; replacing the second anonymous information with the second private information in the second information to obtain second read information.
  • the security module is specifically configured to: when the mapping list that has been stored by the security module includes the first privacy information, where the mapping list includes a correspondence between the first privacy information and a first encryption key, according to the Obtaining, by the mapping list, the first encryption key corresponding to the first private information, and encrypting the first private information according to the first encryption key to generate the first corresponding to the first private information An anonymous message;
  • the security module is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
  • the obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
  • the security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information a second encryption key; encrypting the second private information according to the second encryption key to generate the second corresponding to the second private information Anonymous information; replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
  • the virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
  • the obtaining module is further configured to acquire a lookup request
  • the virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
  • the security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is searched by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second encryption key; decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second information
  • the second private information is obtained by the second private information.
  • the security module is further configured to determine whether the first privacy information is included in the mapping list.
  • the first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  • IMSI International Mobile Subscriber Identity
  • IMEI mobile device international identification code
  • MSISDN mobile subscriber international number
  • MSISDN mobile subscriber international number
  • media access control MAC address of the user a location Describe one or more of the user's Internet Protocol IP addresses.
  • the security module is a hardware security module HSM or a trusted platform module TPM.
  • an embodiment of the present invention provides a virtualized cloud infrastructure, including a processor, a memory, and a bus, where the processor and the memory are connected to each other through the bus, in the processor, the memory, and Above the hardware resources included in the bus, the virtualized cloud infrastructure includes a virtual machine monitor and a security module, and the virtual machine monitor cannot obtain information in the security module;
  • the processor is configured to acquire information to be stored, where the information to be stored includes first privacy information;
  • the processor is further configured to acquire the first anonymous information corresponding to the first private information by using the security module, and replace, by the security module, the first private information in the to-be-stored information with the first
  • the anonymous information is obtained by anonymizing the information to be stored, and the anonymous information to be stored is stored.
  • the processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
  • the processor is further configured to: when the first private information is not included in the mapping list, perform the operation on the first private information by using a first algorithm to obtain the first corresponding to the first private information.
  • An anonymous information and a correspondence between the first private information and the first anonymous information is stored in the mapping list.
  • the processor is further configured to acquire a lookup request, where the lookup request includes second privacy information
  • the processor is further configured to: when the mapping list includes the second private information included in the search request, acquire second anonymous information corresponding to the second private information according to the mapping list; The second privacy information is replaced by the second anonymous information in the lookup request to obtain an anonymous search request, and the second information is found according to the anonymous search request.
  • the processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
  • the processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire second privacy information corresponding to the second anonymous information according to the mapping list; The second anonymous information is replaced with the second private information in the second information to obtain second read information.
  • the processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and a first encryption key, according to Obtaining, by the mapping list, the first encryption key corresponding to the first private information, and encrypting the first private information according to the first encryption key to generate the first corresponding to the first private information An anonymous message;
  • the processor is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
  • the processor is further configured to acquire a lookup request, where the lookup request includes second privacy information
  • the processor is further configured to: when the mapping list includes the second private information included in the search request, acquire a second encryption key corresponding to the second private information according to the mapping list; Encrypting the second private information according to the second encryption key to generate the second anonymous information corresponding to the second private information; replacing the second private information with the searching request.
  • the second anonymous information is obtained by an anonymous lookup request, and the second information is found according to the anonymous lookup request.
  • the processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
  • the processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire a second encryption key corresponding to the second anonymous information according to the mapping list Decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second private information in the second information Second, read the information.
  • the processor is further configured to determine, by the security module, whether the first private information is included in the mapping list.
  • the first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  • IMSI International Mobile Subscriber Identity
  • IMEI mobile device international identification code
  • MSISDN mobile subscriber international number
  • MSISDN mobile subscriber international number
  • media access control MAC address of the user a location Describe one or more of the user's Internet Protocol IP addresses.
  • the security module is a hardware security module HSM or a trusted platform module TPM.
  • the information processing method and device provided by the embodiment of the present invention obtain the anonymous to-be-stored information and store the anonymous to-be-stored information by replacing the first private information in the information to be stored with the first anonymous information. Because the mapping list of the first private information and the first anonymous information or the first encryption key or the third encryption key is stored in the security device, so that the virtual machine monitor cannot obtain the first privacy information and the first anonymous information.
  • the corresponding relationship solves the problem that the administrator of the virtual infrastructure has the right to view the user's private information in the virtual network, so that the user's private information may be leaked, and the user's privacy information is ensured. Fullness.
  • FIG. 1 is a schematic structural diagram of a virtual network according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of an information processing method according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of an information processing method according to another embodiment of the present invention.
  • FIG. 4 is a schematic flowchart of an information reading method according to another embodiment of the present invention.
  • FIG. 5 is a schematic flowchart of another information processing method according to another embodiment of the present invention.
  • FIG. 6 is a schematic flowchart diagram of another information reading method according to another embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of a virtualized cloud infrastructure according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a virtualized cloud infrastructure according to another embodiment of the present invention.
  • the virtual network 10 includes a NFVO (Network Functions Virtualization Orchestrator). Function Virtualization Orchestrator) 101, VNFM (Virtualized Network Function Manager) 102, VIM (Virtualised Infrastructure Manager) 103, OSS/BSS (Operations and Business Support Systems, Operations and Services) Support system 104, EMS (Element Management System) 105, VNF 106, NFVI (Network Function Virtualization Infrastructure) 107.
  • NFVO Network Functions Virtualization Orchestrator
  • Function Virtualization Orchestrator Function Virtualization Orchestrator
  • VNFM Virtualized Network Function Manager
  • VIM Virtualised Infrastructure Manager
  • OSS/BSS Operations and Services
  • EMS Event Management System
  • VNF 106 Network Function Virtualization Infrastructure
  • NFVI Network Function Virtualization Infrastructure
  • the NFVI 107 includes at least one VM, a virtual machine monitor, and hardware resources.
  • the embodiment of the present invention provides an information processing method, which is applied to a virtualized cloud infrastructure in a virtual network, where the virtualized cloud infrastructure includes a virtual machine monitor and security.
  • the module and the virtual machine monitor cannot obtain the information in the security module.
  • the virtualized cloud infrastructure may be a network function virtualization infrastructure NFVI in the virtual network.
  • the embodiment provides Information processing methods include:
  • the information to be stored includes the first private information.
  • the first private information includes the identification information of the user in the mobile communication, such as an IMSI (International Mobile Subscriber Identification Number), and an IMEI of the user.
  • Mobile Equipment Identity Mobile Equipment Identity, mobile device international identification code, user's MSISDN (Mobile Subscriber International ISDN/PSTN Number), user's MAC (Media Access Control) address, user's IP (Internet Protocol, One or more of the Internet Protocol addresses, or the first private information may also include user contact information (such as name, address, email, phone number), or user identity information (such as user identification, ID number, passport number) , social security number, etc., or location information (such as user GPS (Global Positioning System) coordinates, cell identification, WLAN (Wireless Local Area Networks) address, AP (Wireless Access Point, wireless network connection) Point), or the user financial information (e.g., user credit card numbers, bank account number, etc.).
  • the present embodiment is not limited to the embodiments, the user may not leaked sensitive
  • obtaining the first anonymous information corresponding to the first private information may be performed by a security module in the NFVI, and the security module may be an HSM (Hardware Security Module) or a TPM (Trusted Platform Module).
  • HSM Hardware Security Module
  • TPM Trusted Platform Module
  • a protected module such as a trusted platform module, the data processed by the security module, for example, the correspondence between the first private information and the first anonymous information is not obtained by the virtual machine monitor, thereby ensuring the security of the user's private information.
  • obtaining the corresponding first anonymous information according to the first private information has two specific implementation manners:
  • the first anonymous information corresponding to the first private information is obtained according to the mapping list; if the first private information is not saved before, the security module
  • the first anonymous information corresponding to the first private information is obtained by the first algorithm, and the corresponding relationship between the first private information and the first anonymous information is stored in the mapping list by the security module.
  • the method for determining whether the first private information is saved is: searching for the first private information in the already stored mapping list by using the security module; and if the first private information is found in the mapping list, before the first private information
  • the mapping list includes the correspondence between the first private information and the first anonymous information; if the first private information is not found in the mapping list, the first private information is not previously saved.
  • the first encryption key corresponding to the first private information is obtained by the security module according to the mapping list, and the security module is used according to the first encryption key.
  • the first private information is encrypted to generate first anonymous information corresponding to the first private information; if the first private information is not previously saved, the first anonymous information is encrypted by the security module according to the third encryption key to generate the first anonymous information. And storing, by the security module, a correspondence between the first private information and the third encryption key in the mapping list.
  • the method for determining whether the first private information is saved is: searching for the first private information in the already stored mapping list by using the security module; and if the first private information is found in the mapping list, before the first private information Has been saved, the mapping list includes the correspondence between the first privacy information and the first encryption key; if in the mapping list If the first private information is not found, the first private information has not been saved before.
  • the information processing method provided in this embodiment obtains the anonymous to-be-stored information and stores the anonymous to-be-stored information by replacing the first private information in the to-be-stored information with the first anonymous information. Because the mapping list of the first private information and the first anonymous information or the first encryption key or the third encryption key is stored in the security device, so that the virtual machine monitor cannot obtain the first privacy information and the first anonymous information.
  • the corresponding relationship solves the problem that the administrator of the virtual infrastructure has the right to view the user's private information in the virtual network, so that the user's private information may be leaked, and the security of the user's private information is ensured.
  • another embodiment of the present invention provides an information processing method. Referring to FIG. 3, the method includes the following steps:
  • step 303 is performed, and if the first private information is not included in the information to be stored, step 308 is performed.
  • step 305 is performed; if yes, step 306 is performed.
  • the first private information is obtained by the first algorithm to obtain the first anonymous information corresponding to the first private information.
  • the mapping list includes the correspondence between the private information and the anonymous information.
  • the privacy information may be passed through, for example, a hash operation.
  • the first algorithm such as encryption operation, calculates anonymous information.
  • the anonymous information is calculated by the first algorithm, the following parameters may also be introduced: a random variable, a VNF identifier, a time variable, and the like. This way in the operation The variables are included, so that the anonymous information calculated every time the same private information is changed, further ensuring that the user's private information is not leaked.
  • the correspondence between the first private information and the first anonymous information may be stored in the mapping list.
  • step 304 the method further includes:
  • mapping list includes the first private information, obtain the first anonymous information corresponding to the first private information according to the mapping list.
  • the mapping list includes a correspondence between the first private information and the first anonymous information.
  • step 305 and step 306 the method further includes:
  • the anonymous identifier may be added to the specific field of the information to be stored to obtain the anonymous information to be stored. If the information includes the anonymous identifier, the anonymous information is included in the information.
  • steps 303-307 may be performed by a security module in the NFVI, or at least step 305 or 306 may be performed by a security module in the NFVI.
  • another embodiment of the present invention provides an information reading method. After storing the information to be stored through steps 301-308, the information reading method provided by the embodiment corresponding to FIG. 4 can be read.
  • the stored information specifically, as shown in FIG. 4, includes the following steps:
  • step 406 is directly executed after the second information is obtained.
  • the method may be used to determine whether the second private information is included in the search request. If not, the second information is found according to the search request. After the second information is obtained, step 406 may be directly executed. Contains second privacy information as an example The line description, when the lookup request includes the second private information, after step 401, the method further includes:
  • step 403 may be directly performed after step 401.
  • the method may further include:
  • step 407 is performed. If the second information does not include the anonymous information, optionally, the second information is used as the second read information and step 409 is performed.
  • whether the second information includes the second anonymous information may be determined by determining whether the specific field of the second information includes an anonymous identifier.
  • the second anonymous information may be a string of characters.
  • the specific field includes the character “1” for the second information to include the second anonymous information, and the specific field includes the character “0” for the second information does not include the second anonymous information.
  • this is only an example.
  • the embodiment does not limit the embodiment.
  • the second information includes the second anonymous information, obtain the second private information corresponding to the second anonymous information according to the mapping list.
  • step 408 may be directly performed.
  • the second information may include other anonymous information. If the second information includes other anonymous information, the other anonymous information is replaced with other anonymous information according to the mapping list. .
  • the method may further include:
  • steps 402-404 and steps 407-408 may be performed by a security module in the NFVI.
  • the information processing method provided in this embodiment obtains the anonymous to-be-stored information by replacing the first private information in the information to be stored with the first anonymous information, and stores the information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, the administrator of the infrastructure has the authority to view the information of the user, so that the user's private information may be The leaked issue ensures the user's information security.
  • another embodiment of the present invention provides another information processing method. Referring to FIG. 5, the following steps are included:
  • step 503 is performed, and if the first private information is not included in the information to be stored, step 509 is performed.
  • the mapping list includes the correspondence between the privacy information and the encryption key.
  • the privacy information is performed by using an encryption key.
  • the following parameters can be introduced: random variables, VNF identifiers, time variables, and so on. In this way, variables are included in the operation process, so that the anonymous information obtained by encrypting the same private information is changed, further ensuring that the user's private information is not leaked.
  • the mapping list If the first private information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information.
  • the third encryption key may be a previously generated key, or may be a third encryption key before the first anonymous information is encrypted according to the third encryption key to generate the first anonymous information.
  • the correspondence between the first private information and the third encryption key may be stored in In the mapping list.
  • step 504 the method further includes:
  • mapping list includes the first privacy information, obtain the first encryption key corresponding to the first privacy information according to the mapping list.
  • the mapping list includes a correspondence between the first privacy information and the first encryption key.
  • step 505 and step 507 the method further includes:
  • the anonymous identifier may be added in a specific field of the anonymous information to be stored, and if the information includes the anonymous identifier, the anonymous information is included in a specific location in the information.
  • steps 503-508 may be performed by a security module in the NFVI.
  • another embodiment of the present invention provides another information reading method. After the information to be stored is stored in steps 501-509, the information reading method provided by the embodiment corresponding to FIG. 6 is provided. The stored information is read. Specifically, as shown in FIG. 6, the following steps are included:
  • step 606 is directly executed after the second information is obtained.
  • the second privacy information may be included in the search request. If not, the second information is found according to the search request. After the second information is obtained, step 606 may be directly performed.
  • the second private information is included in the search request as an example.
  • the method further includes:
  • step 603 is performed. If the second private information is not found in the mapping list, the search request is performed as an anonymous search request in step 606.
  • step 603 may be directly performed after step 601.
  • the method may further include:
  • step 608 is performed. If the second information does not include the second anonymous information, optionally, the second information may be used as the second read information and step 610 is performed.
  • whether the second information includes the second anonymous information may be determined by determining whether the specific field of the second information includes an anonymous identifier.
  • the second anonymous information may be a string of characters.
  • the specific field includes the character “1” for the second information to include the second anonymous information, and the specific field includes the character “0” for the second information does not include the second anonymous information.
  • this is only an example.
  • the embodiment does not limit the embodiment.
  • the second information includes the second anonymous information, decrypt the second anonymous information according to the second encryption key to obtain the second private information.
  • step 609 may be directly performed.
  • the second information may include other anonymous information, such as If the second information includes other anonymous information, the other anonymous information is decrypted according to the encryption key corresponding to other anonymous information in the mapping list to obtain corresponding private information, and the other anonymous information is replaced with other anonymous information in the second information. Privacy information.
  • the method may further include:
  • steps 602-605 and steps 608-609 may be performed by a security module in the NFVI.
  • the information to be stored or the information to be read may include multiple user privacy information.
  • multiple times according to the method provided in the embodiment corresponding to FIG. 2-6 can. For example, for the embodiment corresponding to FIG. 3, steps 304-307 are repeatedly performed; for the embodiment corresponding to FIG. 4, steps 407-409 are repeatedly performed.
  • the information processing method provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the information to be stored with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, in the virtual network, the administrator of the virtual infrastructure has the right to view the user's private information, so that the user's private information may be The leaked issue ensures the security of the user's private information.
  • the embodiment of the present invention provides a virtualized cloud infrastructure.
  • the virtualized cloud infrastructure 70 includes a security module 701, an obtaining module 702, a storage module 703, and a virtual machine monitor 704.
  • the virtual machine monitor 704 The information in the security module 701 could not be obtained.
  • the obtaining module 702 is configured to obtain information to be stored, where the information to be stored includes the first private information.
  • the security module 701 is configured to obtain the first anonymous information corresponding to the first private information acquired by the obtaining module 702, and replace the first private information in the information to be stored with the first anonymous information to obtain anonymous pending information.
  • the storage module 703 is configured to store the anonymous to-be-stored information obtained by the security module 701.
  • the virtualized cloud infrastructure 70 also includes a lookup module 705.
  • the security module 701 is specifically configured to be secure.
  • the mapping list that has been stored by the module 701 includes the first private information.
  • the mapping list includes the correspondence between the first private information and the first anonymous information
  • the first anonymous information corresponding to the first private information is obtained according to the mapping list.
  • the security module 701 is further configured to: when the first privacy information is not included in the mapping list, obtain the first anonymous information corresponding to the first private information by using the first algorithm, and store the first information in the mapping list. The correspondence between the privacy information and the first anonymous information.
  • the obtaining module 702 is further configured to obtain a lookup request, where the lookup request includes the second private information.
  • the security module 701 is further configured to: when the mapping list includes the second private information included in the search request acquired by the obtaining module 702, obtain the second anonymous information corresponding to the second private information according to the mapping list. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request.
  • the searching module 705 is configured to find the second information according to the anonymous lookup request obtained by the security module 701.
  • the obtaining module 702 is further configured to obtain a lookup request.
  • the searching module 705 is configured to search for the second information according to the lookup request acquired by the obtaining module 702, where the second information includes the second anonymous information.
  • the security module 701 is further configured to: when the mapping list includes the second anonymous information included in the second information that is found by the searching module 705, obtain the second private information corresponding to the second anonymous information according to the mapping list.
  • the second anonymous information is replaced with the second private information in the second information to obtain the second read information.
  • the security module 701 is specifically configured to include the first privacy information in the mapping list that has been stored by the security module 701, where the mapping list includes the correspondence between the first privacy information and the first encryption key.
  • the first encryption key corresponding to the first private information is obtained according to the mapping list.
  • the first private information is encrypted according to the first encryption key to generate first anonymous information corresponding to the first private information.
  • the security module 701 is further configured to: when the first privacy information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information and display the first anonymous information.
  • the correspondence between the first private information and the third encryption key is stored in the shot list.
  • the obtaining module 702 is further configured to obtain a lookup request, where the lookup request includes the second private information.
  • the security module 701 is further configured to: when the mapping list includes the second private information included in the search request acquired by the obtaining module 702, obtain the second encryption key corresponding to the second private information according to the mapping list. Encrypting the second private information according to the second encryption key to generate second anonymous information corresponding to the second private information. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request.
  • the searching module 705 is configured to find the second information according to the anonymous lookup request obtained by the security module 701.
  • the obtaining module 702 is further configured to obtain a lookup request.
  • the searching module 705 is configured to search for the second information according to the lookup request acquired by the obtaining module 702, where the second information includes the second anonymous information.
  • the security module 701 is further configured to: when the mapping list includes the second anonymous information included in the second information found by the searching module 705, obtain the second encryption key corresponding to the second anonymous information according to the mapping list. Decrypting the second anonymous information according to the second encryption key to obtain second private information. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
  • the security module 701 is further configured to determine whether the first privacy information is included in the mapping list.
  • the first privacy information includes the user's International Mobile Subscriber Identity (IMSI), the user's mobile device international identifier IMEI, the user's mobile subscriber international number MSISDN, the user's media access control MAC address, and the user's Internet Protocol IP address.
  • IMSI International Mobile Subscriber Identity
  • IMEI mobile device international identifier
  • MSISDN mobile subscriber international number
  • MSISDN media access control MAC address
  • IP address Internet Protocol IP address
  • the security module 701 can be a hardware security module HSM or a trusted platform module TPM.
  • the virtualized cloud infrastructure provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the to-be-stored information with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, the virtual network administrator has the authority to view the virtual network. The privacy information of the user makes the privacy information of the user may be leaked, and the security of the user's private information is ensured.
  • the virtualized cloud infrastructure 80 includes: at least one processor 801, a memory 802, a bus 803, the at least one processor 801, and a memory.
  • the 802 connects and completes communication with each other through the bus 803.
  • the virtualized cloud infrastructure includes a virtual machine monitor 804 and a security module 805, and a virtual machine monitor.
  • 804 and security module 805 are virtual modules on top of virtualized cloud infrastructure 80 hardware resources, and virtual machine monitor 805 is unable to obtain information in security module 805.
  • the bus 803 may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component) bus, or an EISA (Extended Industry Standard Architecture) bus.
  • the bus 803 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 8, but it does not mean that there is only one bus or one type of bus. among them:
  • the memory 802 is used to execute the application code of the inventive scheme, and the application code for executing the inventive scheme is stored in a memory and controlled by the processor 801 for execution.
  • the memory can be a read only memory ROM or other type of static storage device that can store static information and instructions, a random access memory RAM or other type of dynamic storage device that can store information and instructions, or can be electrically erasable or programmable.
  • These memories are connected to the processor via a bus.
  • the processor 801 may be a central processing unit (CPU), or an application specific integrated circuit (ASIC), or one configured to implement an embodiment of the present invention. Multiple integrated circuits.
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • the processor 801 is configured to invoke program code in the memory 802. In a possible implementation manner, when the application program is executed by the processor 801, the following functions are implemented.
  • the processor 801 is configured to obtain information to be stored, where the information to be stored includes first privacy information.
  • the processor 801 is further configured to obtain the first anonymous information corresponding to the first private information by using the security module 805, and replace the first private information in the information to be stored with the first anonymous information by the security module 805 to obtain the anonymous information to be stored, and Store anonymous information to be stored.
  • the processor 801 is configured to: when the mapping list that has been stored by the security module 805 includes the first private information, where the mapping list includes the correspondence between the first private information and the first anonymous information, obtain the first private information according to the mapping list. First anonymous information.
  • the processor 801 is further configured to: when the first privacy information is not included in the mapping list, obtain the first anonymous information corresponding to the first private information by using the first algorithm, and store the first information in the mapping list. The correspondence between the privacy information and the first anonymous information.
  • the processor 801 is further configured to obtain a lookup request, where the lookup request includes the second private information.
  • the processor 801 is further configured to: when the mapping list includes the second private information included in the search request, obtain the second anonymous information corresponding to the second private information according to the mapping list.
  • the second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request, and the second information is found according to the anonymous lookup request.
  • the processor 801 is further configured to obtain a lookup request, and find the second information according to the lookup request, where the second information includes the second anonymous information.
  • the processor 801 is further configured to: when the mapping list includes the second anonymous information included in the second information, obtain the second private information corresponding to the second anonymous information according to the mapping list.
  • the second anonymous information is replaced with the second private information in the second information to obtain the second read information.
  • the processor 801 is specifically configured to: when the mapping list that has been stored by the security module 805 includes the first privacy information, where the mapping list includes the correspondence between the first privacy information and the first encryption key, obtain the first privacy information according to the mapping list.
  • the first encryption key The first private information is encrypted according to the first encryption key to generate first anonymous information corresponding to the first private information.
  • the processor 801 is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information, and store the first private information and the third in the mapping list. The correspondence between the encryption keys.
  • the processor 801 is further configured to obtain a lookup request, where the lookup request includes the second private information.
  • the processor 801 is further configured to: when the mapping list includes the second private information included in the search request, acquire the second encryption key corresponding to the second private information according to the mapping list. Encrypting the second private information according to the second encryption key to generate second anonymous information corresponding to the second private information. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request, and the second information is found according to the anonymous lookup request.
  • the processor 801 is further configured to obtain a lookup request, and find the second information according to the lookup request, where the second information includes the second anonymous information.
  • the processor 801 is further configured to: when the mapping list includes the second anonymous information included in the second information, obtain the second encryption key corresponding to the second anonymous information according to the mapping list. Decrypting the second anonymous information according to the second encryption key to obtain second private information. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
  • the first privacy information includes the user's International Mobile Subscriber Identity (IMSI), the user's mobile device international identifier IMEI, the user's mobile subscriber international number MSISDN, the user's media access control MAC address, and the user's Internet Protocol IP address.
  • IMSI International Mobile Subscriber Identity
  • IMEI mobile device international identifier
  • MSISDN mobile subscriber international number
  • MSISDN media access control MAC address
  • IP address Internet Protocol IP address
  • the security module 805 can be a hardware security module HSM or a trusted platform module TPM.
  • the virtualized cloud infrastructure provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the to-be-stored information with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information. In the virtual network, the administrator of the virtual infrastructure has the right to view the user's private information, so that the user's private information may be leaked, and the security of the user's private information is ensured.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium may be any available media that can be accessed by a computer.
  • the computer readable medium may include a RAM (Random Access Memory), a ROM (Read Only Memory), and an EEPROM (Electrically Erasable Programmable Read Only Memory).
  • CD-ROM Compact Disc Read Only Memory
  • CD-ROM Compact Disc Read Only Memory
  • disk storage media or other magnetic storage device, or can be used to carry or store a desired program in the form of an instruction or data structure.
  • Any connection may suitably be a computer readable medium.

Abstract

Disclosed are an information processing method and device, which relate to the field of communications, and can solve the problem that privacy information about a user may be revealed due to the fact that an administrator of a virtual infrastructure in a virtual network has access to the privacy information about the user. The specific technical solution comprises: acquiring information to be stored; acquiring, by a security module, first anonymous information corresponding to first privacy information; replacing, in the information to be stored, by means of the security module, the first privacy information with the first anonymous information, so as to obtain anonymous information to be stored; and storing the anonymous information to be stored. The present invention is used for information processing.

Description

一种信息处理方法及设备Information processing method and device 技术领域Technical field
本发明涉及通信领域,尤其涉及一种信息处理方法及设备。The present invention relates to the field of communications, and in particular, to an information processing method and device.
背景技术Background technique
NFV(Network Function Virtulization,网络功能虚拟化)通过在通用的服务器、交换机、存储器等硬件设备上建立VNF(Virtualised Network Function,虚拟网络功能)实现部分网络功能,使得这些网络功能在通用的硬件设备上运行,不需要配置新的专用网元设备,能够极大的增强网络部署的灵活性,并且降低了投资成本。NFV (Network Function Virtualization) implements some network functions by establishing VNF (Virtualised Network Function) on hardware devices such as general-purpose servers, switches, and storage devices, so that these network functions are on general-purpose hardware devices. Operation, no need to configure a new dedicated network element device, can greatly enhance the flexibility of network deployment and reduce investment costs.
NFVI(Network Function Virtulization Infrastructure,网络功能虚拟化基础设施)由硬件资源、虚拟层及虚拟资源组成NFVI向其上的虚拟网络功能VNF提供执行环境,NFVI包括虚拟机监控器(Virtual Machine Monitor,VMM),也可称为hypervisor,负责其下的物理资源(计算、存储、网络)的管理,以及虚拟环境的创建和管理,向上提供VM(Virtual Machine,虚拟机)用于运行客户机操作系统。NFVI (Network Function Virtualization Infrastructure) consists of hardware resources, virtual layers and virtual resources. NFVI provides an execution environment for the virtual network function VNF. NFVI includes Virtual Machine Monitor (VMM). It can also be called a hypervisor, responsible for the management of physical resources (computing, storage, and network) under it, as well as the creation and management of virtual environments. VMs (virtual machines) are provided to run the guest operating system.
在虚拟化环境下,VNF和第三方应用的信息需要保存在NFVI的存储器(例如内存)中。由于存储在NFVI中的信息可能会频繁地被查询,如果对这些信息整体进行加密,会降低信息保存和查询的效率;如果对这些信息不加密,虚拟基础设施的管理员有权限可以查看到这些信息,包括VNF存储的用户隐私信息,例如IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)、IMEI(International Mobile Equipment Identity,移动设备国际辨识码)、MSISDN(Mobile Subscriber International ISDN/PSTN Number,移动用户国际号码)、MAC(Media Access Control,介质访问控制)地址、IP(Internet Protocol,互联网协议)地址等,以及第三方应用涉及到的隐私信息如用户的银行账户信息等,这使得用户的隐私信息存在被泄露的隐患。In a virtualized environment, information about VNFs and third-party applications needs to be stored in NFVI's memory (such as memory). Since the information stored in the NFVI may be frequently queried, if the information is encrypted as a whole, the efficiency of information saving and querying is reduced; if the information is not encrypted, the administrator of the virtual infrastructure has the right to view these. Information, including user privacy information stored by the VNF, such as IMSI (International Mobile Subscriber Identification Number), IMEI (International Mobile Equipment Identity), MSISDN (Mobile Subscriber International ISDN/PSTN Number, Mobile user international number), MAC (Media Access Control) address, IP (Internet Protocol) address, etc., as well as private information related to third-party applications, such as the user's bank account information, etc. Privacy information has hidden dangers.
发明内容Summary of the invention
本发明的实施例提供一种信息处理方法及设备,能够解决虚拟网 络中,虚拟基础设施的管理员有权限查看到其上运行的虚拟网络功能或第三方应用保存的用户隐私信息,使得用户隐私信息可能会被泄露的问题。Embodiments of the present invention provide an information processing method and device, which can solve a virtual network In the network, the administrator of the virtual infrastructure has the right to view the virtual network function running on it or the user privacy information saved by the third-party application, so that the user's private information may be leaked.
为达到上述目的,本发明的实施例采用如下技术方案:In order to achieve the above object, embodiments of the present invention adopt the following technical solutions:
第一方面,本发明实施例提供一种信息处理方法,应用于虚拟网络中的虚拟化云基础设施,所述虚拟化云基础设施包括虚拟机监控器及安全模块,其中,所述虚拟机监控器无法获取所述安全模块中的信息,所述方法包括:In a first aspect, an embodiment of the present invention provides an information processing method, which is applied to a virtualized cloud infrastructure in a virtual network, where the virtualized cloud infrastructure includes a virtual machine monitor and a security module, where the virtual machine monitors The device cannot obtain information in the security module, and the method includes:
获取待存储信息,所述待存储信息包括第一隐私信息;Obtaining information to be stored, where the information to be stored includes first privacy information;
通过所述安全模块获取所述第一隐私信息对应的第一匿名信息;Acquiring the first anonymous information corresponding to the first private information by using the security module;
通过所述安全模块将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息;And replacing, by the security module, the first private information in the to-be-stored information with the first anonymous information to obtain anonymous to-be-stored information;
存储所述匿名待存储信息。The anonymous to-be-stored information is stored.
结合第一方面,在第一种可能的实现方式中,所述通过所述安全模块获取所述第一隐私信息对应的第一匿名信息,包括:With reference to the first aspect, in a first possible implementation, the obtaining, by the security module, the first anonymous information corresponding to the first private information includes:
如果所述安全模块已经存储的映射列表中包含所述第一隐私信息,则所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系,根据所述映射列表,通过所述安全模块获取所述第一隐私信息对应的第一匿名信息;If the mapping list that has been stored by the security module includes the first private information, the mapping list includes a correspondence between the first private information and the first anonymous information, and according to the mapping list, The security module acquires first anonymous information corresponding to the first privacy information;
如果所述映射列表中没有包含所述第一隐私信息,则通过所述安全模块将所述第一隐私信息通过第一算法进行运算获取所述第一隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。If the first private information is not included in the mapping list, the security information is used by the security module to obtain the first anonymous information corresponding to the first private information by using a first algorithm. And storing, in the mapping list, a correspondence between the first private information and the first anonymous information.
结合第一方面的第一种可能的实现方式,在第二种可能的实现方式中,所述方法还包括:In conjunction with the first possible implementation of the first aspect, in a second possible implementation, the method further includes:
获取查找请求,所述查找请求包括第二隐私信息;Obtaining a lookup request, where the lookup request includes second privacy information;
如果所述映射列表中包含所述第二隐私信息,根据所述映射列表,通过所述安全模块获取所述第二隐私信息对应的第二匿名信息;If the second private information is included in the mapping list, the second anonymous information corresponding to the second private information is obtained by the security module according to the mapping list;
通过所述安全模块在所述查找请求中将所述第二隐私信息替换 为所述第二匿名信息得到匿名查找请求;Replacing the second private information in the lookup request by the security module Obtaining an anonymous lookup request for the second anonymous information;
根据所述匿名查找请求查找到第二信息。Finding the second information according to the anonymous lookup request.
结合第一方面的第一种可能的实现方式,在第三种可能的实现方式中,所述方法还包括:In conjunction with the first possible implementation of the first aspect, in a third possible implementation, the method further includes:
获取查找请求;Get a lookup request;
根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;Finding second information according to the lookup request, the second information including second anonymous information;
如果所述映射列表中包含所述第二匿名信息,根据所述映射列表,通过所述安全模块获取所述第二匿名信息对应的第二隐私信息;If the second anonymous information is included in the mapping list, the second private information corresponding to the second anonymous information is obtained by the security module according to the mapping list;
通过所述安全模块在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。And replacing, by the security module, the second anonymous information with the second private information in the second information to obtain second read information.
结合第一方面,在第四种可能的实现方式中,所述获取所述第一隐私信息对应的第一匿名信息,包括:With reference to the first aspect, in a fourth possible implementation manner, the acquiring the first anonymous information corresponding to the first private information includes:
如果所述安全模块已经存储的映射列表中包含所述第一隐私信息,则所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系,根据所述映射列表,通过所述安全模块获取所述第一隐私信息对应的所述第一加密密钥;If the first private information is included in the mapping list that has been stored by the security module, the mapping list includes a correspondence between the first private information and the first encryption key, and according to the mapping list, Obtaining, by the security module, the first encryption key corresponding to the first privacy information;
根据所述第一加密密钥,通过所述安全模块对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;Encrypting the first private information by the security module to generate the first anonymous information corresponding to the first private information according to the first encryption key;
如果所述映射列表中没有包含所述第一隐私信息,则根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。If the first private information is not included in the mapping list, the first private information is encrypted according to a third encryption key to generate the first anonymous information, and the first privacy is stored in the mapping list. Correspondence between the information and the third encryption key.
结合第一方面的第四种可能的实现方式,在第五种可能的实现方式中,所述方法还包括:In conjunction with the fourth possible implementation of the first aspect, in a fifth possible implementation, the method further includes:
获取查找请求,所述查找请求包括第二隐私信息;Obtaining a lookup request, where the lookup request includes second privacy information;
如果所述映射列表中包含所述第二隐私信息,根据所述映射列表,通过所述安全模块获取所述第二隐私信息对应的第二加密密钥;And obtaining, by the security module, a second encryption key corresponding to the second private information, according to the mapping list, if the second private information is included in the mapping list;
根据所述第二加密密钥,通过所述安全模块对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二匿名信息; Encrypting the second private information by the security module to generate the second anonymous information corresponding to the second private information according to the second encryption key;
在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;Replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
根据所述匿名查找请求查找到第二信息。Finding the second information according to the anonymous lookup request.
结合第一方面的第四种可能的实现方式,在第六种可能的实现方式中,所述方法还包括:In conjunction with the fourth possible implementation of the first aspect, in a sixth possible implementation, the method further includes:
获取查找请求;Get a lookup request;
根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;Finding second information according to the lookup request, the second information including second anonymous information;
如果所述映射列表中包含所述第二匿名信息,根据所述映射列表,通过所述安全模块获取所述第二匿名信息对应的第二加密密钥;If the second anonymous information is included in the mapping list, the second encryption key corresponding to the second anonymous information is obtained by the security module according to the mapping list;
根据所述第二加密密钥,通过所述安全模块对所述第二匿名信息进行解密得到所述第二隐私信息;Decrypting the second anonymous information by the security module according to the second encryption key to obtain the second private information;
在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The second anonymous information is replaced with the second private information in the second information to obtain second read information.
结合第一方面的第一种可能的实现方式至第一方面的第六种可能的实现方式中任一实现方式,在第七种可能的实现方式中,所述通过所述安全模块获取所述第一隐私信息对应的第一匿名信息之前,还包括:With reference to the first possible implementation of the first aspect, to any implementation of the sixth possible implementation of the first aspect, in a seventh possible implementation, the obtaining, by the security module, Before the first anonymous information corresponding to the first privacy information, the method further includes:
通过所述安全模块判断所述映射列表中是否包含所述第一隐私信息。Determining, by the security module, whether the first private information is included in the mapping list.
结合第一方面至第一方面的第七种可能的实现方式中任一实现方式,在第八种可能的实现方式中,With reference to any implementation of the first aspect to the seventh possible implementation manner of the first aspect, in an eighth possible implementation manner,
所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
结合第一方面至第一方面的第八种可能的实现方式中任一实现方式,在第九种可能的实现方式中,With reference to any implementation of the first aspect to the eighth possible implementation of the first aspect, in a ninth possible implementation manner,
所述安全模块为硬件安全模块HSM或受信平台模块TPM。 The security module is a hardware security module HSM or a trusted platform module TPM.
第二方面,本发明实施例提供一种虚拟化云基础设施,包括虚拟机监控器、安全模块、获取模块及存储模块,所述虚拟机监控器无法获取所述安全模块中的信息;In a second aspect, the embodiment of the present invention provides a virtualized cloud infrastructure, including a virtual machine monitor, a security module, an obtaining module, and a storage module, where the virtual machine monitor cannot obtain information in the security module;
其中,所述获取模块用于,获取待存储信息,所述待存储信息包括第一隐私信息;The acquiring module is configured to acquire information to be stored, where the information to be stored includes first privacy information;
所述安全模块,用于获取所述获取模块获取的所述第一隐私信息对应的第一匿名信息,将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息;The security module is configured to obtain the first anonymous information corresponding to the first private information acquired by the acquiring module, and replace the first private information in the to-be-stored information with the first anonymous information to be anonymously Store information;
所述存储模块,用于存储所述安全模块得到的所述匿名待存储信息。The storage module is configured to store the anonymous to-be-stored information obtained by the security module.
结合第二方面,在第一种可能的实现方式中,In combination with the second aspect, in a first possible implementation manner,
所述安全模块,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系时,根据所述映射列表获取所述第一隐私信息对应的第一匿名信息;The security module is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
所述安全模块,还具体用于当所述映射列表中没有包含所述第一隐私信息时,将所述第一隐私信息通过第一算法进行运算获取所述第一隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。The security module is further configured to: when the first private information is not included in the mapping list, perform the operation on the first private information by using a first algorithm to obtain the first corresponding to the first private information. An anonymous information and a correspondence between the first private information and the first anonymous information is stored in the mapping list.
结合第二方面的第一种可能的实现方式,在第二种可能的实现方式中,In conjunction with the first possible implementation of the second aspect, in a second possible implementation,
所述获取模块,还用于获取查找请求,所述查找请求包括第二隐私信息;The obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
所述安全模块,还用于当所述映射列表中包含所述获取模块获取的所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;The security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information Second anonymous information; replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
所述虚拟化云基础设施还包括查找模块,用于根据所述安全模块得到的所述匿名查找请求查找到第二信息。 The virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
结合第二方面的第一种可能的实现方式,在第三种可能的实现方式中,In conjunction with the first possible implementation of the second aspect, in a third possible implementation,
所述获取模块还用于,获取查找请求;The obtaining module is further configured to: acquire a lookup request;
所述虚拟化云基础设施还包括查找模块,用于根据所述获取模块获取的所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
所述安全模块还用于,当所述映射列表中包含所述查找模块查找到的所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is found by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second private information; replacing the second anonymous information with the second private information in the second information to obtain second read information.
结合第二方面的第一种可能的实现方式,在第四种可能的实现方式中,In conjunction with the first possible implementation of the second aspect, in a fourth possible implementation,
所述安全模块,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系时,根据所述映射列表获取所述第一隐私信息对应的所述第一加密密钥;根据所述第一加密密钥对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;The security module is specifically configured to: when the mapping list that has been stored by the security module includes the first privacy information, where the mapping list includes a correspondence between the first privacy information and a first encryption key, according to the Obtaining, by the mapping list, the first encryption key corresponding to the first private information, and encrypting the first private information according to the first encryption key to generate the first corresponding to the first private information An anonymous message;
所述安全模块,还具体用于当所述映射列表中没有包含所述第一隐私信息时,根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。The security module is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
结合第二方面的第四种可能的实现方式,在第五种可能的实现方式中,In conjunction with the fourth possible implementation of the second aspect, in a fifth possible implementation manner,
所述获取模块,还用于获取查找请求,所述查找请求包括第二隐私信息;The obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
所述安全模块,还用于当所述映射列表中包含所述获取模块获取的所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二加密密钥;根据所述第二加密密钥对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二 匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;The security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information a second encryption key; encrypting the second private information according to the second encryption key to generate the second corresponding to the second private information Anonymous information; replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
所述虚拟化云基础设施还包括查找模块,用于根据所述安全模块得到的所述匿名查找请求查找到第二信息。The virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
结合第二方面的第四种可能的实现方式,在第六种可能的实现方式中,In conjunction with the fourth possible implementation of the second aspect, in a sixth possible implementation manner,
所述获取模块,还用于获取查找请求;The obtaining module is further configured to acquire a lookup request;
所述虚拟化云基础设施还包括查找模块,用于根据所述获取模块获取的所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
所述安全模块,还用于当所述映射列表中包含所述查找模块查找到的所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二加密密钥;根据所述第二加密密钥对所述第二匿名信息进行解密得到所述第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is searched by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second encryption key; decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second information The second private information is obtained by the second private information.
结合第二方面的第一种可能的实现方式至第二方面的第六种可能的实现方式,在第七种可能的实现方式中,With reference to the first possible implementation of the second aspect to the sixth possible implementation of the second aspect, in a seventh possible implementation,
所述安全模块,还用于判断所述映射列表中是否包含所述第一隐私信息。The security module is further configured to determine whether the first privacy information is included in the mapping list.
结合第二方面至第二方面的第七种可能的实现方式,在第八种可能的实现方式中,With reference to the second aspect to the seventh possible implementation of the second aspect, in an eighth possible implementation manner,
所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
结合第二方面至第二方面的第八种可能的实现方式,在第九种可能的实现方式中,With reference to the second aspect to the eighth possible implementation manner of the second aspect, in a ninth possible implementation manner,
所述安全模块为硬件安全模块HSM或受信平台模块TPM。 The security module is a hardware security module HSM or a trusted platform module TPM.
第三方面,本发明实施例提供一种虚拟化云基础设施,包括处理器、存储器、总线,所述处理器及所述存储器通过所述总线相互连接,在所述处理器、所述存储器及所述总线所包含的硬件资源之上,所述虚拟化云基础设施包括虚拟机监控器及安全模块,所述虚拟机监控器无法获取所述安全模块中的信息;In a third aspect, an embodiment of the present invention provides a virtualized cloud infrastructure, including a processor, a memory, and a bus, where the processor and the memory are connected to each other through the bus, in the processor, the memory, and Above the hardware resources included in the bus, the virtualized cloud infrastructure includes a virtual machine monitor and a security module, and the virtual machine monitor cannot obtain information in the security module;
其中,所述处理器,用于获取待存储信息,所述待存储信息包括第一隐私信息;The processor is configured to acquire information to be stored, where the information to be stored includes first privacy information;
所述处理器,还用于通过所述安全模块获取所述第一隐私信息对应的第一匿名信息,通过所述安全模块将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息,并存储所述匿名待存储信息。The processor is further configured to acquire the first anonymous information corresponding to the first private information by using the security module, and replace, by the security module, the first private information in the to-be-stored information with the first The anonymous information is obtained by anonymizing the information to be stored, and the anonymous information to be stored is stored.
结合第三方面,在第一种可能的实现方式中,In combination with the third aspect, in a first possible implementation manner,
所述处理器,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系时,根据所述映射列表获取所述第一隐私信息对应的第一匿名信息;The processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
所述处理器,还具体用于当所述映射列表中没有包含所述第一隐私信息时,将所述第一隐私信息通过第一算法进行运算获取所述第一隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。The processor is further configured to: when the first private information is not included in the mapping list, perform the operation on the first private information by using a first algorithm to obtain the first corresponding to the first private information. An anonymous information and a correspondence between the first private information and the first anonymous information is stored in the mapping list.
结合第三方面的第一种可能的实现方式,在第二种可能的实现方式中,In conjunction with the first possible implementation of the third aspect, in a second possible implementation manner,
所述处理器,还用于获取查找请求,所述查找请求包括第二隐私信息;The processor is further configured to acquire a lookup request, where the lookup request includes second privacy information;
所述处理器,还用于当所述映射列表中包含所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求,根据所述匿名查找请求查找到第二信息。 The processor is further configured to: when the mapping list includes the second private information included in the search request, acquire second anonymous information corresponding to the second private information according to the mapping list; The second privacy information is replaced by the second anonymous information in the lookup request to obtain an anonymous search request, and the second information is found according to the anonymous search request.
结合第三方面的第一种可能的实现方式,在第三种可能的实现方式中,In conjunction with the first possible implementation of the third aspect, in a third possible implementation,
所述处理器,还用于获取查找请求,根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
所述处理器,还用于当所述映射列表中包含所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire second privacy information corresponding to the second anonymous information according to the mapping list; The second anonymous information is replaced with the second private information in the second information to obtain second read information.
结合第三方面的第一种可能的实现方式,在第四种可能的实现方式中,In conjunction with the first possible implementation of the third aspect, in a fourth possible implementation,
所述处理器,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系时,根据所述映射列表获取所述第一隐私信息对应的所述第一加密密钥;根据所述第一加密密钥对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;The processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and a first encryption key, according to Obtaining, by the mapping list, the first encryption key corresponding to the first private information, and encrypting the first private information according to the first encryption key to generate the first corresponding to the first private information An anonymous message;
所述处理器,还具体用于当所述映射列表中没有包含所述第一隐私信息时,根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。The processor is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
结合第三方面的第四种可能的实现方式,在第五种可能的实现方式中,In conjunction with the fourth possible implementation of the third aspect, in a fifth possible implementation manner,
所述处理器,还用于获取查找请求,所述查找请求包括第二隐私信息;The processor is further configured to acquire a lookup request, where the lookup request includes second privacy information;
所述处理器,还用于当所述映射列表中包含所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二加密密钥;根据所述第二加密密钥对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求,根据所述匿名查找请求查找到第二信息。 The processor is further configured to: when the mapping list includes the second private information included in the search request, acquire a second encryption key corresponding to the second private information according to the mapping list; Encrypting the second private information according to the second encryption key to generate the second anonymous information corresponding to the second private information; replacing the second private information with the searching request The second anonymous information is obtained by an anonymous lookup request, and the second information is found according to the anonymous lookup request.
结合第三方面的第四种可能的实现方式,在第六种可能的实现方式中,In conjunction with the fourth possible implementation of the third aspect, in a sixth possible implementation manner,
所述处理器,还用于获取查找请求,根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
所述处理器,还用于当所述映射列表中包含所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二加密密钥;根据所述第二加密密钥对所述第二匿名信息进行解密得到所述第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire a second encryption key corresponding to the second anonymous information according to the mapping list Decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second private information in the second information Second, read the information.
结合第三方面的第一种可能的实现方式至第三方面的第六种可能的实现方式,在第七种可能的实现方式中,With reference to the first possible implementation of the third aspect to the sixth possible implementation of the third aspect, in a seventh possible implementation,
所述处理器,还用于通过所述安全模块判断所述映射列表中是否包含所述第一隐私信息。The processor is further configured to determine, by the security module, whether the first private information is included in the mapping list.
结合第三方面至第三方面的第七种可能的实现方式,在第八种可能的实现方式中,With reference to the seventh possible implementation manner of the third aspect to the third aspect, in an eighth possible implementation manner,
所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
结合第三方面至第三方面的第八种可能的实现方式,在第九种可能的实现方式中,With reference to the eighth aspect to the eighth possible implementation manner of the third aspect, in a ninth possible implementation manner,
所述安全模块为硬件安全模块HSM或受信平台模块TPM。The security module is a hardware security module HSM or a trusted platform module TPM.
本发明实施例提供的一种信息处理方法及设备,通过将待存储信息中的第一隐私信息替换为第一匿名信息后,得到匿名待存储信息并存储该匿名待存储信息。因为第一隐私信息与第一匿名信息或第一加密密钥或第三加密密钥的映射列表存储于安全设备中,使得虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关系,解决了虚拟网络中,虚拟基础设施的管理员有权限可以查看到用户隐私信息,使得用户隐私信息可能会被泄露的问题,保证了用户隐私信息安 全性。The information processing method and device provided by the embodiment of the present invention obtain the anonymous to-be-stored information and store the anonymous to-be-stored information by replacing the first private information in the information to be stored with the first anonymous information. Because the mapping list of the first private information and the first anonymous information or the first encryption key or the third encryption key is stored in the security device, so that the virtual machine monitor cannot obtain the first privacy information and the first anonymous information. The corresponding relationship solves the problem that the administrator of the virtual infrastructure has the right to view the user's private information in the virtual network, so that the user's private information may be leaked, and the user's privacy information is ensured. Fullness.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only the present invention. For some embodiments, other drawings may be obtained from those of ordinary skill in the art without departing from the drawings.
图1为本发明的实施例提供的一种虚拟网络结构示意图;FIG. 1 is a schematic structural diagram of a virtual network according to an embodiment of the present invention;
图2为本发明的实施例提供的一种信息处理方法流程示意图;2 is a schematic flowchart of an information processing method according to an embodiment of the present invention;
图3为本发明的另一实施例提供的一种信息处理方法流程示意图;3 is a schematic flowchart of an information processing method according to another embodiment of the present invention;
图4为本发明的另一实施例提供的一种信息读取方法流程示意图;4 is a schematic flowchart of an information reading method according to another embodiment of the present invention;
图5为本发明的另一实施例提供的另一种信息处理方法流程示意图;FIG. 5 is a schematic flowchart of another information processing method according to another embodiment of the present invention; FIG.
图6为本发明的另一实施例提供的另一种信息读取方法流程示意图;FIG. 6 is a schematic flowchart diagram of another information reading method according to another embodiment of the present invention; FIG.
图7为本发明的实施例提供的一种虚拟化云基础设施结构示意图;FIG. 7 is a schematic structural diagram of a virtualized cloud infrastructure according to an embodiment of the present invention;
图8为本发明的另一实施例提供的一种虚拟化云基础设施结构示意图。FIG. 8 is a schematic structural diagram of a virtualized cloud infrastructure according to another embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
本发明的实施例提供一种虚拟网络,参照图1所示,该虚拟网络10包括NFVO(Network Functions Virtualization Orchestrator,网络 功能虚拟化编排器)101、VNFM(Virtualized Network Function Manager,虚拟网络功能管理器)102、VIM(Virtualised Infrastructure Manager,虚拟基础设备管理器)103、OSS/BSS(Operations and Business Support Systems,运营和业务支撑系统)104、EMS(Element Management System,网元管理系统)105、VNF 106、NFVI(Network Function Virtulization Infrastructure,网络功能虚拟化基础设施)107。An embodiment of the present invention provides a virtual network. As shown in FIG. 1, the virtual network 10 includes a NFVO (Network Functions Virtualization Orchestrator). Function Virtualization Orchestrator) 101, VNFM (Virtualized Network Function Manager) 102, VIM (Virtualised Infrastructure Manager) 103, OSS/BSS (Operations and Business Support Systems, Operations and Services) Support system 104, EMS (Element Management System) 105, VNF 106, NFVI (Network Function Virtualization Infrastructure) 107.
其中,NFVI 107包括至少一个VM、虚拟机监控器及硬件资源。The NFVI 107 includes at least one VM, a virtual machine monitor, and hardware resources.
基于上述图1对应的实施例中所描述的虚拟网络,本发明实施例提供一种信息处理方法,应用于虚拟网络中的虚拟化云基础设施,虚拟化云基础设施包括虚拟机监控器及安全模块,且虚拟机监控器无法获取安全模块中的信息,可选的,该虚拟化云基础设施可以是虚拟网络中的网络功能虚拟化基础设施NFVI,参照图2所示,本实施例提供的信息处理方法包括:Based on the virtual network described in the foregoing embodiment corresponding to FIG. 1, the embodiment of the present invention provides an information processing method, which is applied to a virtualized cloud infrastructure in a virtual network, where the virtualized cloud infrastructure includes a virtual machine monitor and security. The module and the virtual machine monitor cannot obtain the information in the security module. Optionally, the virtualized cloud infrastructure may be a network function virtualization infrastructure NFVI in the virtual network. As shown in FIG. 2, the embodiment provides Information processing methods include:
201、获取待存储信息。201. Acquire information to be stored.
其中,待存储信息包括第一隐私信息,可选的,第一隐私信息包括移动通信中的用户的标识信息,例如IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)、用户的IMEI(International Mobile Equipment Identity,移动设备国际辨识码)、用户的MSISDN(Mobile Subscriber International ISDN/PSTN Number,移动用户国际号码)、用户的MAC(Media Access Control,介质访问控制)地址、用户的IP(Internet Protocol,互联网协议)地址中的一个或者多个,或者,第一隐私信息也可以包括用户联系信息(如姓名、地址、邮箱、电话号码),或者用户身份信息(例如用户标识、身份证号码、护照号码、社会保险号码等),或者位置信息(例如用户GPS(Global Positioning System,全球定位系统)坐标、小区标识、WLAN(Wireless Local Area Networks,无线局域网络)地址、AP(Wireless Access Point,无线网络接入点),或者用户金融信息(例如用户信用卡号码、银行账号等)。对于第一隐私信息的具体定义,本实施例不做限制,可以是用户敏感的不宜泄露的信息。 The information to be stored includes the first private information. Optionally, the first private information includes the identification information of the user in the mobile communication, such as an IMSI (International Mobile Subscriber Identification Number), and an IMEI of the user. Mobile Equipment Identity, mobile device international identification code, user's MSISDN (Mobile Subscriber International ISDN/PSTN Number), user's MAC (Media Access Control) address, user's IP (Internet Protocol, One or more of the Internet Protocol addresses, or the first private information may also include user contact information (such as name, address, email, phone number), or user identity information (such as user identification, ID number, passport number) , social security number, etc., or location information (such as user GPS (Global Positioning System) coordinates, cell identification, WLAN (Wireless Local Area Networks) address, AP (Wireless Access Point, wireless network connection) Point), or the user financial information (e.g., user credit card numbers, bank account number, etc.). For specific definition of the first private information, the present embodiment is not limited to the embodiments, the user may not leaked sensitive information.
202、通过安全模块获取第一隐私信息对应的第一匿名信息。202. Acquire first anonymous information corresponding to the first private information by using the security module.
优选的,以NFVI为例,获取第一隐私信息对应的第一匿名信息可以由NFVI中的安全模块执行,该安全模块可以是HSM(Hardware Security Module,硬件安全模块)或TPM(Trusted Platform Module,受信平台模块)等受保护的模块,该安全模块所处理的数据,例如第一隐私信息与第一匿名信息的对应关系不会被虚拟机监控器获取,这就保证了用户隐私信息的安全性。Preferably, taking the NFVI as an example, obtaining the first anonymous information corresponding to the first private information may be performed by a security module in the NFVI, and the security module may be an HSM (Hardware Security Module) or a TPM (Trusted Platform Module). A protected module, such as a trusted platform module, the data processed by the security module, for example, the correspondence between the first private information and the first anonymous information is not obtained by the virtual machine monitor, thereby ensuring the security of the user's private information. .
可选的,根据第一隐私信息获取对应的第一匿名信息有两种具体的实现方式:Optionally, obtaining the corresponding first anonymous information according to the first private information has two specific implementation manners:
在第一种实现方式中,如果第一隐私信息之前已被保存,则根据映射列表获取第一隐私信息对应的第一匿名信息;如果第一隐私信息之前未被保存,则通过安全模块将第一隐私信息通过第一算法进行运算获取第一隐私信息对应的第一匿名信息,并通过安全模块在映射列表中存储第一隐私信息与第一匿名信息的对应关系。其中,确定第一隐私信息是否被保存的一种方法为:通过安全模块在已经存储的映射列表中查找第一隐私信息;如果在映射列表中查找到第一隐私信息,则第一隐私信息之前已被保存,映射列表包括第一隐私信息与第一匿名信息的对应关系;如果在映射列表中没有查找到第一隐私信息,则第一隐私信息之前未被保存过。In the first implementation, if the first private information has been saved before, the first anonymous information corresponding to the first private information is obtained according to the mapping list; if the first private information is not saved before, the security module The first anonymous information corresponding to the first private information is obtained by the first algorithm, and the corresponding relationship between the first private information and the first anonymous information is stored in the mapping list by the security module. The method for determining whether the first private information is saved is: searching for the first private information in the already stored mapping list by using the security module; and if the first private information is found in the mapping list, before the first private information The mapping list includes the correspondence between the first private information and the first anonymous information; if the first private information is not found in the mapping list, the first private information is not previously saved.
在第二种实现方式中,如果第一隐私信息之前已被保存,则根据映射列表,通过安全模块获取第一隐私信息对应的第一加密密钥,根据第一加密密钥,通过安全模块对第一隐私信息进行加密生成第一隐私信息对应的第一匿名信息;如果第一隐私信息之前未被保存,则根据第三加密密钥,通过安全模块对第一隐私信息加密生成第一匿名信息,并通过安全模块在映射列表中存储第一隐私信息与第三加密密钥的对应关系。其中,确定第一隐私信息是否被保存的一种方法为:通过安全模块在已经存储的映射列表中查找第一隐私信息;如果在映射列表中查找到第一隐私信息,则第一隐私信息之前已被保存,映射列表包括第一隐私信息与第一加密密钥的对应关系;如果在映射列表中 没有查找到第一隐私信息,则第一隐私信息之前未被保存过。In the second implementation manner, if the first private information has been saved before, the first encryption key corresponding to the first private information is obtained by the security module according to the mapping list, and the security module is used according to the first encryption key. The first private information is encrypted to generate first anonymous information corresponding to the first private information; if the first private information is not previously saved, the first anonymous information is encrypted by the security module according to the third encryption key to generate the first anonymous information. And storing, by the security module, a correspondence between the first private information and the third encryption key in the mapping list. The method for determining whether the first private information is saved is: searching for the first private information in the already stored mapping list by using the security module; and if the first private information is found in the mapping list, before the first private information Has been saved, the mapping list includes the correspondence between the first privacy information and the first encryption key; if in the mapping list If the first private information is not found, the first private information has not been saved before.
当然,此处只是列举两种具体的实现方式,并不代表本发明局限于此。Of course, only two specific implementations are listed herein, and the present invention is not limited thereto.
203、通过安全模块在待存储信息中将第一隐私信息替换为第一匿名信息得到匿名待存储信息。203. Obtain an anonymous to-be-stored information by replacing the first private information with the first anonymous information in the to-be-stored information by the security module.
204、存储匿名待存储信息。204. Store anonymous information to be stored.
本实施例提供的信息处理方法,通过将待存储信息中的第一隐私信息替换为第一匿名信息后,得到匿名待存储信息并存储该匿名待存储信息。因为第一隐私信息与第一匿名信息或第一加密密钥或第三加密密钥的映射列表存储于安全设备中,使得虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关系,解决了虚拟网络中,虚拟基础设施的管理员有权限可以查看到用户隐私信息,使得用户隐私信息可能会被泄露的问题,保证了用户隐私信息安全性。The information processing method provided in this embodiment obtains the anonymous to-be-stored information and stores the anonymous to-be-stored information by replacing the first private information in the to-be-stored information with the first anonymous information. Because the mapping list of the first private information and the first anonymous information or the first encryption key or the third encryption key is stored in the security device, so that the virtual machine monitor cannot obtain the first privacy information and the first anonymous information. The corresponding relationship solves the problem that the administrator of the virtual infrastructure has the right to view the user's private information in the virtual network, so that the user's private information may be leaked, and the security of the user's private information is ensured.
基于上述图2对应的实施例,本发明的另一实施例提供一种信息处理方法,参照图3所示,包括以下步骤:Based on the embodiment corresponding to FIG. 2 above, another embodiment of the present invention provides an information processing method. Referring to FIG. 3, the method includes the following steps:
301、获取待存储信息。301. Acquire information to be stored.
302、判断待存储信息中是否包含第一隐私信息。302. Determine whether the first private information is included in the to-be-stored information.
具体的,如果待存储信息中包含第一隐私信息,则执行步骤303,如果待存储信息中不包含第一隐私信息,则执行步骤308。Specifically, if the information to be stored includes the first private information, step 303 is performed, and if the first private information is not included in the information to be stored, step 308 is performed.
303、在待存储信息中提取第一隐私信息。303. Extract the first private information in the to-be-stored information.
304、判断映射列表中是否包含第一隐私信息。304. Determine whether the first privacy information is included in the mapping list.
如果不包含,则执行步骤305;如果包含,则执行步骤306。If not, step 305 is performed; if yes, step 306 is performed.
305、如果映射列表中不包含第一隐私信息,则将第一隐私信息通过第一算法进行运算获取第一隐私信息对应的第一匿名信息。305. If the first private information is not included in the mapping list, the first private information is obtained by the first algorithm to obtain the first anonymous information corresponding to the first private information.
在本实施例中,结合图2对应的实施例中步骤202中第一种实现方式的描述,映射列表包含了隐私信息与匿名信息的对应关系,优选的,可以将隐私信息通过如哈希运算、加密运算等第一算法计算得到匿名信息。进一步优选的,通过第一算法计算匿名信息时,还可以引入以下参数:随机变量、VNF标识、时间变量等。这样在运算过程中 包含了变量,使得同样的隐私信息每一次计算得到的匿名信息都在变化,进一步保证了用户的隐私信息不被泄露。In this embodiment, in conjunction with the description of the first implementation in step 202 in the embodiment corresponding to FIG. 2, the mapping list includes the correspondence between the private information and the anonymous information. Preferably, the privacy information may be passed through, for example, a hash operation. The first algorithm, such as encryption operation, calculates anonymous information. Further preferably, when the anonymous information is calculated by the first algorithm, the following parameters may also be introduced: a random variable, a VNF identifier, a time variable, and the like. This way in the operation The variables are included, so that the anonymous information calculated every time the same private information is changed, further ensuring that the user's private information is not leaked.
优选的,可以将第一隐私信息与第一匿名信息的对应关系存储在映射列表中。Preferably, the correspondence between the first private information and the first anonymous information may be stored in the mapping list.
步骤304之后,还包括:After step 304, the method further includes:
306、如果映射列表中包含第一隐私信息,根据映射列表获取第一隐私信息对应的第一匿名信息。306. If the mapping list includes the first private information, obtain the first anonymous information corresponding to the first private information according to the mapping list.
如果在映射列表中查找到第一隐私信息,则映射列表包括第一隐私信息与第一匿名信息的对应关系。If the first private information is found in the mapping list, the mapping list includes a correspondence between the first private information and the first anonymous information.
步骤305与步骤306之后,还包括:After step 305 and step 306, the method further includes:
307、将待存储信息中的第一隐私信息替换为第一匿名信息,得到匿名待存储信息。307. Replace the first private information in the to-be-stored information with the first anonymous information, and obtain the anonymous to-be-stored information.
可选的,将第一隐私信息替换为第一匿名信息后,可以在待存储信息的特定字段添加匿名标识得到匿名待存储信息,如果一条信息包含匿名标识,则代表该信息中包含匿名信息。Optionally, after the first private information is replaced with the first anonymous information, the anonymous identifier may be added to the specific field of the information to be stored to obtain the anonymous information to be stored. If the information includes the anonymous identifier, the anonymous information is included in the information.
优选的,结合上述图2对应的实施例,步骤303-307可以由NFVI中的安全模块执行,或者,至少步骤305或306由NFVI中的安全模块执行。Preferably, in conjunction with the embodiment corresponding to FIG. 2 above, steps 303-307 may be performed by a security module in the NFVI, or at least step 305 or 306 may be performed by a security module in the NFVI.
308、存储匿名待存储信息或待存储信息。308. Store anonymous information to be stored or information to be stored.
基于上述图3对应的实施例,本发明的另一实施例提供一种信息读取方法,通过步骤301-308存储待存储信息后,可以通过图4对应的实施例提供的信息读取方法读取存储的信息,具体的,参照图4所示,包括以下步骤:Based on the embodiment corresponding to FIG. 3 above, another embodiment of the present invention provides an information reading method. After storing the information to be stored through steps 301-308, the information reading method provided by the embodiment corresponding to FIG. 4 can be read. The stored information, specifically, as shown in FIG. 4, includes the following steps:
401、获取查找请求。401. Obtain a lookup request.
可选的,获取查找请求之后根据查找请求查找到第二信息,在获取第二信息后直接执行步骤406。Optionally, after obtaining the lookup request, the second information is found according to the lookup request, and step 406 is directly executed after the second information is obtained.
或者,可选的,可以判断查找请求中是否包含第二隐私信息,如果不包含,则根据查找请求查找到第二信息,在获取第二信息后可以直接执行步骤406,本实施例以查找请求中包含第二隐私信息为例进 行说明,当查找请求包括第二隐私信息时,步骤401之后还包括:Alternatively, the method may be used to determine whether the second private information is included in the search request. If not, the second information is found according to the search request. After the second information is obtained, step 406 may be directly executed. Contains second privacy information as an example The line description, when the lookup request includes the second private information, after step 401, the method further includes:
402、在映射列表中查找第二隐私信息。402. Search for the second private information in the mapping list.
可选的,如果确认映射列表中包含第二隐私信息,也可以在步骤401之后直接执行步骤403。Optionally, if the second mapping information is included in the confirmation mapping list, step 403 may be directly performed after step 401.
403、根据映射列表获取第二隐私信息对应的第二匿名信息。403. Acquire second anonymous information corresponding to the second private information according to the mapping list.
404、在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求。404. Replace the second private information with the second anonymous information in the lookup request to obtain an anonymous search request.
405、根据匿名查找请求查找到第二信息。405. Find the second information according to the anonymous lookup request.
可选的,步骤405之后,还可以包括:Optionally, after step 405, the method may further include:
406、判断第二信息中是否包含匿名信息。406. Determine whether the second information includes anonymous information.
如果第二信息中包含第二匿名信息,则执行步骤407,如果第二信息中不包含匿名信息,可选的,可以将第二信息作为第二读取信息并执行步骤409。If the second information includes the second anonymous information, step 407 is performed. If the second information does not include the anonymous information, optionally, the second information is used as the second read information and step 409 is performed.
优选的,结合上述图3对应的实施例中步骤307的描述,可以通过判断第二信息的特定字段是否包含匿名标识来判断第二信息是否包含第二匿名信息。可选的,第二匿名信息可以是一串字符,例如,特定字段包含字符“1”代表第二信息包含第二匿名信息,特定字段包含字符“0”代表第二信息不包含第二匿名信息,当然,此处只是举例说明,对于第二匿名标识的具体形式,本实施例不做限制。Preferably, in combination with the description of step 307 in the embodiment corresponding to FIG. 3 above, whether the second information includes the second anonymous information may be determined by determining whether the specific field of the second information includes an anonymous identifier. Optionally, the second anonymous information may be a string of characters. For example, the specific field includes the character “1” for the second information to include the second anonymous information, and the specific field includes the character “0” for the second information does not include the second anonymous information. Of course, this is only an example. For the specific form of the second anonymous identifier, the embodiment does not limit the embodiment.
407、如果第二信息中包含第二匿名信息,根据映射列表获取第二匿名信息对应的第二隐私信息。407. If the second information includes the second anonymous information, obtain the second private information corresponding to the second anonymous information according to the mapping list.
优选的,如果在步骤403缓存了第二隐私信息及第二匿名信息的对应关系,则可以直接执行步骤408。Preferably, if the correspondence between the second private information and the second anonymous information is cached in step 403, step 408 may be directly performed.
408、在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。408. Replace the second anonymous information with the second private information in the second information to obtain the second read information.
可选的,结合步骤406,第二信息中可能包含其它匿名信息,如果第二信息中包含其它匿名信息,则根据映射列表在第二信息中将其它匿名信息替换为其他匿名信息对应的隐私信息。Optionally, in combination with step 406, the second information may include other anonymous information. If the second information includes other anonymous information, the other anonymous information is replaced with other anonymous information according to the mapping list. .
可选的,步骤408之后,还可以包括: Optionally, after step 408, the method may further include:
409、发送第二读取信息。409. Send a second read information.
可选的,结合图2对应的实施例,步骤402-404及步骤407-408可以由NFVI中的安全模块执行。Optionally, in conjunction with the embodiment corresponding to FIG. 2, steps 402-404 and steps 407-408 may be performed by a security module in the NFVI.
本实施例提供的信息处理方法,通过将待存储信息中的第一隐私信息替换为第一匿名信息后得到匿名待存储信息,并进行存储。因为虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关系,解决了虚拟网络中,基础设施的管理员有权限可以查看到用户的信息,使得用户的隐私信息可能会被泄露的问题,保证了用户的信息安全性。The information processing method provided in this embodiment obtains the anonymous to-be-stored information by replacing the first private information in the information to be stored with the first anonymous information, and stores the information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, the administrator of the infrastructure has the authority to view the information of the user, so that the user's private information may be The leaked issue ensures the user's information security.
基于上述图2对应的实施例,本发明的另一实施例提供另一种信息处理方法,参照图5所示,包括以下步骤:Based on the embodiment corresponding to FIG. 2 above, another embodiment of the present invention provides another information processing method. Referring to FIG. 5, the following steps are included:
501、获取待存储信息。501. Obtain information to be stored.
502、判断待存储信息中是否包含第一隐私信息。502. Determine whether the first private information is included in the to-be-stored information.
具体的,如果待存储信息中包含第一隐私信息,则执行步骤503,如果待存储信息中不包含第一隐私信息,则执行步骤509。Specifically, if the information to be stored includes the first private information, step 503 is performed, and if the first private information is not included in the information to be stored, step 509 is performed.
503、在待存储信息中提取第一隐私信息。503. Extract the first private information in the to-be-stored information.
504、判断映射列表中是否包含第一隐私信息。504. Determine whether the first privacy information is included in the mapping list.
在本实施例中,结合图2对应的实施例中步骤202中第二种实现方式的描述,映射列表包含了隐私信息与加密密钥的对应关系,优选的,将隐私信息通过加密密钥进行加密得到匿名信息时,可以引入以下参数:随机变量、VNF标识、时间变量等。这样在运算过程中包含了变量,使得同样的隐私信息每一次加密得到的匿名信息都在变化,进一步保证了用户的隐私信息不被泄露。In this embodiment, in conjunction with the description of the second implementation manner in step 202 in the embodiment corresponding to FIG. 2, the mapping list includes the correspondence between the privacy information and the encryption key. Preferably, the privacy information is performed by using an encryption key. When encrypting anonymous information, the following parameters can be introduced: random variables, VNF identifiers, time variables, and so on. In this way, variables are included in the operation process, so that the anonymous information obtained by encrypting the same private information is changed, further ensuring that the user's private information is not leaked.
505、如果映射列表中不包含第一隐私信息,则根据第三加密密钥对第一隐私信息加密生成第一匿名信息。505. If the first private information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information.
可选地,第三加密密钥可以为事先生成的密钥,或者在根据第三加密密钥对第一隐私信息加密生成第一匿名信息之前先生成第三加密密钥。Optionally, the third encryption key may be a previously generated key, or may be a third encryption key before the first anonymous information is encrypted according to the third encryption key to generate the first anonymous information.
可选的,可以将第一隐私信息与第三加密密钥的对应关系存储在 映射列表中。Optionally, the correspondence between the first private information and the third encryption key may be stored in In the mapping list.
步骤504之后,还包括:After step 504, the method further includes:
506、如果映射列表中包含第一隐私信息,根据映射列表获取第一隐私信息对应的第一加密密钥。506. If the mapping list includes the first privacy information, obtain the first encryption key corresponding to the first privacy information according to the mapping list.
如果在映射列表中查找到第一隐私信息,则映射列表包括第一隐私信息与第一加密密钥的对应关系。If the first privacy information is found in the mapping list, the mapping list includes a correspondence between the first privacy information and the first encryption key.
507、根据第一加密密钥对第一隐私信息进行加密生成第一隐私信息对应的第一匿名信息。507. Encrypt the first private information according to the first encryption key to generate first anonymous information corresponding to the first private information.
步骤505与步骤507之后,还包括:After step 505 and step 507, the method further includes:
508、在待存储信息中将第一隐私信息替换为第一匿名信息得到匿名待存储信息。508. Replace the first private information with the first anonymous information in the information to be stored to obtain anonymous information to be stored.
可选的,将第一隐私信息替换为第一匿名信息后,可以在匿名待存储信息的特定字段添加匿名标识,如果一条信息包含匿名标识,则代表该信息中的特定位置包含匿名信息。Optionally, after the first private information is replaced with the first anonymous information, the anonymous identifier may be added in a specific field of the anonymous information to be stored, and if the information includes the anonymous identifier, the anonymous information is included in a specific location in the information.
优选的,结合上述图2对应的实施例,步骤503-508可以由NFVI中的安全模块执行。Preferably, in conjunction with the embodiment corresponding to FIG. 2 above, steps 503-508 may be performed by a security module in the NFVI.
509、存储匿名待存储信息或待存储信息。509. Store anonymous information to be stored or information to be stored.
基于上述图5对应的实施例,本发明的另一实施例提供另一种信息读取方法,通过步骤501-509存储待存储信息后,可以通过图6对应的实施例提供的信息读取方法读取存储的信息,具体的,参照图6所示,包括以下步骤:Based on the embodiment corresponding to FIG. 5 above, another embodiment of the present invention provides another information reading method. After the information to be stored is stored in steps 501-509, the information reading method provided by the embodiment corresponding to FIG. 6 is provided. The stored information is read. Specifically, as shown in FIG. 6, the following steps are included:
601、获取查找请求。601. Obtain a lookup request.
可选的,获取查找请求之后根据查找请求查找到第二信息,在获取第二信息后直接执行步骤606。Optionally, after obtaining the lookup request, the second information is found according to the lookup request, and step 606 is directly executed after the second information is obtained.
或者,可选的,可以判断查找请求中是否包含第二隐私信息,如果不包含,则根据查找请求查找到第二信息,在获取第二信息后可以直接执行步骤606。本实施例以查找请求中包含第二隐私信息为例进行说明,当查找请求中包含第二隐私信息时,步骤601之后,还包括:Alternatively, optionally, the second privacy information may be included in the search request. If not, the second information is found according to the search request. After the second information is obtained, step 606 may be directly performed. In this embodiment, the second private information is included in the search request as an example. When the second private information is included in the search request, after the step 601, the method further includes:
602、在映射列表中查找第二隐私信息。 602. Search for the second private information in the mapping list.
如果在映射列表中查找到第二隐私信息,则执行步骤603,如果在映射列表中没有查找到第二隐私信息,则将查找请求作为匿名查找请求执行步骤606。If the second private information is found in the mapping list, step 603 is performed. If the second private information is not found in the mapping list, the search request is performed as an anonymous search request in step 606.
可选的,如果确认映射列表中包含第二隐私信息,也可以在步骤601之后直接执行步骤603。Optionally, if the second mapping information is included in the confirmation mapping list, step 603 may be directly performed after step 601.
603、根据映射列表获取第二隐私信息对应的第二加密密钥。603. Acquire a second encryption key corresponding to the second privacy information according to the mapping list.
604、根据第二加密密钥对第二隐私信息进行加密生成第二隐私信息对应的第二匿名信息。604. Encrypt the second private information according to the second encryption key to generate second anonymous information corresponding to the second private information.
605、在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求。605. Replace the second private information with the second anonymous information in the lookup request to obtain an anonymous search request.
606、根据匿名查找请求查找到第二信息。606. Find the second information according to the anonymous lookup request.
可选的,步骤606之后,还可以包括:Optionally, after step 606, the method may further include:
607、判断第二信息中是否包含匿名信息。607. Determine whether the second information includes anonymous information.
如果第二信息中包含第二匿名信息,则执行步骤608,如果第二信息中不包含第二匿名信息,可选的,可以将第二信息作为第二读取信息并执行步骤610。If the second information includes the second anonymous information, step 608 is performed. If the second information does not include the second anonymous information, optionally, the second information may be used as the second read information and step 610 is performed.
优选的,结合上述图5对应的实施例中步骤508的描述,可以通过判断第二信息的特定字段是否包含匿名标识来判断第二信息是否包含第二匿名信息。可选的,第二匿名信息可以是一串字符,例如,特定字段包含字符“1”代表第二信息包含第二匿名信息,特定字段包含字符“0”代表第二信息不包含第二匿名信息,当然,此处只是举例说明,对于第二匿名标识的具体形式,本实施例不做限制。Preferably, in combination with the description of step 508 in the embodiment corresponding to FIG. 5 above, whether the second information includes the second anonymous information may be determined by determining whether the specific field of the second information includes an anonymous identifier. Optionally, the second anonymous information may be a string of characters. For example, the specific field includes the character “1” for the second information to include the second anonymous information, and the specific field includes the character “0” for the second information does not include the second anonymous information. Of course, this is only an example. For the specific form of the second anonymous identifier, the embodiment does not limit the embodiment.
608、如果第二信息中包含第二匿名信息,根据第二加密密钥对第二匿名信息进行解密得到第二隐私信息。608. If the second information includes the second anonymous information, decrypt the second anonymous information according to the second encryption key to obtain the second private information.
可选的,如果在步骤604缓存了第二隐私信息及第二匿名信息的对应关系,则可以直接执行步骤609。Optionally, if the correspondence between the second private information and the second anonymous information is cached in step 604, step 609 may be directly performed.
609、在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。609. Replace the second anonymous information with the second private information in the second information to obtain the second read information.
可选的,结合步骤607,第二信息中可能包含其它匿名信息,如 果第二信息中包含其它匿名信息,则根据映射列表中其它匿名信息对应的加密秘钥对其它匿名信息进行解密得到对应的隐私信息,在第二信息中将其它匿名信息替换为其它匿名信息对应的隐私信息。Optionally, in combination with step 607, the second information may include other anonymous information, such as If the second information includes other anonymous information, the other anonymous information is decrypted according to the encryption key corresponding to other anonymous information in the mapping list to obtain corresponding private information, and the other anonymous information is replaced with other anonymous information in the second information. Privacy information.
可选的,步骤609之后,还可以包括:Optionally, after step 609, the method may further include:
610、发送第二读取信息。610. Send a second read information.
优选的,结合图2对应的实施例,步骤602-605及步骤608-609可以由NFVI中的安全模块执行。Preferably, in conjunction with the embodiment corresponding to FIG. 2, steps 602-605 and steps 608-609 may be performed by a security module in the NFVI.
图2-6对应的实施例提供的方法中,待存储信息或读取信息中可能包含多个用户隐私信息,此时,按照图2-6对应的实施例中提供的方法进行多次处理即可。例如,对于图3对应的实施例,重复执行步骤304-307;对于图4对应的实施例,则重复执行步骤407-409。In the method provided in the embodiment of FIG. 2-6, the information to be stored or the information to be read may include multiple user privacy information. In this case, multiple times according to the method provided in the embodiment corresponding to FIG. 2-6, can. For example, for the embodiment corresponding to FIG. 3, steps 304-307 are repeatedly performed; for the embodiment corresponding to FIG. 4, steps 407-409 are repeatedly performed.
本实施例提供的信息处理方法,通过将待存储信息中第一隐私信息替换为第一匿名信息后得到匿名待存储信息并进行存储。因为虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关系,解决了虚拟网络中,虚拟基础设施的管理员有权限可以查看到用户隐私信息,使得用户隐私信息可能会被泄露的问题,保证了用户隐私信息的安全性。The information processing method provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the information to be stored with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, in the virtual network, the administrator of the virtual infrastructure has the right to view the user's private information, so that the user's private information may be The leaked issue ensures the security of the user's private information.
本发明实施例提供一种虚拟化云基础设施,参照图7所示,该虚拟化云基础设施70包括安全模块701、获取模块702、存储模块703及虚拟机监控器704,虚拟机监控器704无法获取安全模块701中的信息。The embodiment of the present invention provides a virtualized cloud infrastructure. As shown in FIG. 7, the virtualized cloud infrastructure 70 includes a security module 701, an obtaining module 702, a storage module 703, and a virtual machine monitor 704. The virtual machine monitor 704 The information in the security module 701 could not be obtained.
其中,获取模块702用于,获取待存储信息,待存储信息包括第一隐私信息。The obtaining module 702 is configured to obtain information to be stored, where the information to be stored includes the first private information.
安全模块701,用于获取获取模块702获取的第一隐私信息对应的第一匿名信息,将待存储信息中的第一隐私信息替换为第一匿名信息得到匿名待存储信息。The security module 701 is configured to obtain the first anonymous information corresponding to the first private information acquired by the obtaining module 702, and replace the first private information in the information to be stored with the first anonymous information to obtain anonymous pending information.
存储模块703,用于存储安全模块701得到的匿名待存储信息。The storage module 703 is configured to store the anonymous to-be-stored information obtained by the security module 701.
可选的,虚拟化云基础设施70还包括查找模块705。Optionally, the virtualized cloud infrastructure 70 also includes a lookup module 705.
可选的,在第一种应用场景中,安全模块701,具体用于当安全 模块701已经存储的映射列表中包含第一隐私信息,映射列表包括第一隐私信息与第一匿名信息的对应关系时,根据映射列表获取第一隐私信息对应的第一匿名信息。Optionally, in the first application scenario, the security module 701 is specifically configured to be secure. The mapping list that has been stored by the module 701 includes the first private information. When the mapping list includes the correspondence between the first private information and the first anonymous information, the first anonymous information corresponding to the first private information is obtained according to the mapping list.
安全模块701,还具体用于当映射列表中没有包含第一隐私信息时,将第一隐私信息通过第一算法进行运算获取第一隐私信息对应的第一匿名信息并在映射列表中存储第一隐私信息与第一匿名信息的对应关系。The security module 701 is further configured to: when the first privacy information is not included in the mapping list, obtain the first anonymous information corresponding to the first private information by using the first algorithm, and store the first information in the mapping list. The correspondence between the privacy information and the first anonymous information.
进一步可选的,获取模块702,还用于获取查找请求,查找请求包括第二隐私信息。Further, the obtaining module 702 is further configured to obtain a lookup request, where the lookup request includes the second private information.
安全模块701,还用于当映射列表中包含获取模块702获取的查找请求中包括的第二隐私信息时,根据映射列表获取第二隐私信息对应的第二匿名信息。在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求。The security module 701 is further configured to: when the mapping list includes the second private information included in the search request acquired by the obtaining module 702, obtain the second anonymous information corresponding to the second private information according to the mapping list. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request.
查找模块705,用于根据安全模块701得到的匿名查找请求查找到第二信息。The searching module 705 is configured to find the second information according to the anonymous lookup request obtained by the security module 701.
或者,可选的,获取模块702还用于,获取查找请求。Alternatively, the obtaining module 702 is further configured to obtain a lookup request.
查找模块705,用于根据获取模块702获取的查找请求查找到第二信息,第二信息包括第二匿名信息。The searching module 705 is configured to search for the second information according to the lookup request acquired by the obtaining module 702, where the second information includes the second anonymous information.
安全模块701还用于,当映射列表中包含查找模块705查找到的第二信息中包括的第二匿名信息时,根据映射列表获取第二匿名信息对应的第二隐私信息。在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。The security module 701 is further configured to: when the mapping list includes the second anonymous information included in the second information that is found by the searching module 705, obtain the second private information corresponding to the second anonymous information according to the mapping list. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
可选的,在第二种应用场景中,安全模块701,具体用于当安全模块701已经存储的映射列表中包含第一隐私信息,映射列表包括第一隐私信息与第一加密密钥的对应关系时,根据映射列表获取第一隐私信息对应的第一加密密钥。根据第一加密密钥对第一隐私信息进行加密生成第一隐私信息对应的第一匿名信息。Optionally, in the second application scenario, the security module 701 is specifically configured to include the first privacy information in the mapping list that has been stored by the security module 701, where the mapping list includes the correspondence between the first privacy information and the first encryption key. In the case of a relationship, the first encryption key corresponding to the first private information is obtained according to the mapping list. The first private information is encrypted according to the first encryption key to generate first anonymous information corresponding to the first private information.
安全模块701,还具体用于当映射列表中没有包含第一隐私信息时,根据第三加密密钥对第一隐私信息加密生成第一匿名信息并在映 射列表中存储第一隐私信息与第三加密密钥的对应关系。The security module 701 is further configured to: when the first privacy information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information and display the first anonymous information. The correspondence between the first private information and the third encryption key is stored in the shot list.
进一步可选的,获取模块702,还用于获取查找请求,查找请求包括第二隐私信息。Further, the obtaining module 702 is further configured to obtain a lookup request, where the lookup request includes the second private information.
安全模块701,还用于当映射列表中包含获取模块702获取的查找请求中包括的第二隐私信息时,根据映射列表获取第二隐私信息对应的第二加密密钥。根据第二加密密钥对第二隐私信息进行加密生成第二隐私信息对应的第二匿名信息。在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求。The security module 701 is further configured to: when the mapping list includes the second private information included in the search request acquired by the obtaining module 702, obtain the second encryption key corresponding to the second private information according to the mapping list. Encrypting the second private information according to the second encryption key to generate second anonymous information corresponding to the second private information. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request.
查找模块705,用于根据安全模块701得到的匿名查找请求查找到第二信息。The searching module 705 is configured to find the second information according to the anonymous lookup request obtained by the security module 701.
或者,可选的,获取模块702,还用于获取查找请求。Alternatively, the obtaining module 702 is further configured to obtain a lookup request.
查找模块705,用于根据获取模块702获取的查找请求查找到第二信息,第二信息包括第二匿名信息。The searching module 705 is configured to search for the second information according to the lookup request acquired by the obtaining module 702, where the second information includes the second anonymous information.
安全模块701,还用于当映射列表中包含查找模块705查找到的第二信息中包括的第二匿名信息时,根据映射列表获取第二匿名信息对应的第二加密密钥。根据第二加密密钥对第二匿名信息进行解密得到第二隐私信息。在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。The security module 701 is further configured to: when the mapping list includes the second anonymous information included in the second information found by the searching module 705, obtain the second encryption key corresponding to the second anonymous information according to the mapping list. Decrypting the second anonymous information according to the second encryption key to obtain second private information. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
可选的,安全模块701,还用于判断映射列表中是否包含第一隐私信息。Optionally, the security module 701 is further configured to determine whether the first privacy information is included in the mapping list.
可选的,第一隐私信息包括用户的国际移动用户识别码IMSI、用户的移动设备国际辨识码IMEI、用户的移动用户国际号码MSISDN、用户的介质访问控制MAC地址、用户的互联网协议IP地址中的一个或者多个。安全模块701可以是硬件安全模块HSM或受信平台模块TPM。Optionally, the first privacy information includes the user's International Mobile Subscriber Identity (IMSI), the user's mobile device international identifier IMEI, the user's mobile subscriber international number MSISDN, the user's media access control MAC address, and the user's Internet Protocol IP address. One or more. The security module 701 can be a hardware security module HSM or a trusted platform module TPM.
本实施例提供的虚拟化云基础设施,通过将待存储信息中第一隐私信息替换为第一匿名信息后得到匿名待存储信息并进行存储。因为虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关系,解决了虚拟网络中,虚拟基础设施的管理员有权限可以查看到用 户隐私信息,使得用户隐私信息可能会被泄露的问题,保证了用户隐私信息的安全性。The virtualized cloud infrastructure provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the to-be-stored information with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information, the virtual network administrator has the authority to view the virtual network. The privacy information of the user makes the privacy information of the user may be leaked, and the security of the user's private information is ensured.
本发明另一实施例提供一种虚拟化云基础设施,参照图8所示,该虚拟化云基础设施80包括:至少一个处理器801、存储器802、总线803,该至少一个处理器801、存储器802通过总线803连接并完成相互间的通信,在处理器801、存储器802及总线803所包含的硬件资源之上,虚拟化云基础设施包括虚拟机监控器804及安全模块805,虚拟机监控器804及安全模块805是虚拟化云基础设施80硬件资源之上的虚拟模块,虚拟机监控器805无法获取安全模块805中的信息。Another embodiment of the present invention provides a virtualized cloud infrastructure. As shown in FIG. 8, the virtualized cloud infrastructure 80 includes: at least one processor 801, a memory 802, a bus 803, the at least one processor 801, and a memory. The 802 connects and completes communication with each other through the bus 803. Above the hardware resources included in the processor 801, the memory 802, and the bus 803, the virtualized cloud infrastructure includes a virtual machine monitor 804 and a security module 805, and a virtual machine monitor. 804 and security module 805 are virtual modules on top of virtualized cloud infrastructure 80 hardware resources, and virtual machine monitor 805 is unable to obtain information in security module 805.
该总线803可以是ISA(Industry Standard Architecture,工业标准体系结构)总线、PCI(Peripheral Component,外部设备互连)总线或EISA(Extended Industry Standard Architecture,扩展工业标准体系结构)总线等。该总线803可以分为地址总线、数据总线、控制总线等。为便于表示,图8中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。其中:The bus 803 may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component) bus, or an EISA (Extended Industry Standard Architecture) bus. The bus 803 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 8, but it does not mean that there is only one bus or one type of bus. among them:
存储器802用于执行本发明方案的应用程序代码,执行本发明方案的应用程序代码保存在存储器中,并由处理器801来控制执行。The memory 802 is used to execute the application code of the inventive scheme, and the application code for executing the inventive scheme is stored in a memory and controlled by the processor 801 for execution.
该存储器可以是只读存储器ROM或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器RAM或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器EEPROM、只读光盘CD-ROM或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。这些存储器通过总线与处理器相连接。The memory can be a read only memory ROM or other type of static storage device that can store static information and instructions, a random access memory RAM or other type of dynamic storage device that can store information and instructions, or can be electrically erasable or programmable. Read-only memory EEPROM, CD-ROM or other optical disc storage, optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), disk storage media or other magnetic storage devices, or can be used for Any other medium that carries or stores the desired program code in the form of an instruction or data structure and that can be accessed by a computer, but is not limited thereto. These memories are connected to the processor via a bus.
处理器801可能是一个中央处理器801(Central Processing Unit,简称为CPU),或者是特定集成电路(Application Specific Integrated Circuit,简称为ASIC),或者是被配置成实施本发明实施例的一个或 多个集成电路。The processor 801 may be a central processing unit (CPU), or an application specific integrated circuit (ASIC), or one configured to implement an embodiment of the present invention. Multiple integrated circuits.
处理器801,用于调用存储器802中的程序代码,在一种可能的实施方式中,当上述应用程序被所述处理器801执行时,实现如下功能。The processor 801 is configured to invoke program code in the memory 802. In a possible implementation manner, when the application program is executed by the processor 801, the following functions are implemented.
处理器801,用于获取待存储信息,待存储信息包括第一隐私信息。The processor 801 is configured to obtain information to be stored, where the information to be stored includes first privacy information.
处理器801,还用于通过安全模块805获取第一隐私信息对应的第一匿名信息,通过安全模块805将待存储信息中的第一隐私信息替换为第一匿名信息得到匿名待存储信息,并存储匿名待存储信息。The processor 801 is further configured to obtain the first anonymous information corresponding to the first private information by using the security module 805, and replace the first private information in the information to be stored with the first anonymous information by the security module 805 to obtain the anonymous information to be stored, and Store anonymous information to be stored.
可选的,在一种应用场景中,Optionally, in an application scenario,
处理器801,具体用于当安全模块805已经存储的映射列表中包含第一隐私信息,映射列表包括第一隐私信息与第一匿名信息的对应关系时,根据映射列表获取第一隐私信息对应的第一匿名信息。The processor 801 is configured to: when the mapping list that has been stored by the security module 805 includes the first private information, where the mapping list includes the correspondence between the first private information and the first anonymous information, obtain the first private information according to the mapping list. First anonymous information.
处理器801,还具体用于当映射列表中没有包含第一隐私信息时,将第一隐私信息通过第一算法进行运算获取第一隐私信息对应的第一匿名信息并在映射列表中存储第一隐私信息与第一匿名信息的对应关系。The processor 801 is further configured to: when the first privacy information is not included in the mapping list, obtain the first anonymous information corresponding to the first private information by using the first algorithm, and store the first information in the mapping list. The correspondence between the privacy information and the first anonymous information.
进一步可选的,处理器801,还用于获取查找请求,查找请求包括第二隐私信息。Further optionally, the processor 801 is further configured to obtain a lookup request, where the lookup request includes the second private information.
处理器801,还用于当映射列表中包含查找请求中包括的第二隐私信息时,根据映射列表获取第二隐私信息对应的第二匿名信息。在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求,根据匿名查找请求查找到第二信息。The processor 801 is further configured to: when the mapping list includes the second private information included in the search request, obtain the second anonymous information corresponding to the second private information according to the mapping list. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request, and the second information is found according to the anonymous lookup request.
或者,可选的,处理器801,还用于获取查找请求,根据查找请求查找到第二信息,第二信息包括第二匿名信息。Alternatively, the processor 801 is further configured to obtain a lookup request, and find the second information according to the lookup request, where the second information includes the second anonymous information.
处理器801,还用于当映射列表中包含第二信息中包括的第二匿名信息时,根据映射列表获取第二匿名信息对应的第二隐私信息。在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。The processor 801 is further configured to: when the mapping list includes the second anonymous information included in the second information, obtain the second private information corresponding to the second anonymous information according to the mapping list. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
可选的,在第二种应用场景中, Optionally, in the second application scenario,
处理器801,具体用于当安全模块805已经存储的映射列表中包含第一隐私信息,映射列表包括第一隐私信息与第一加密密钥的对应关系时,根据映射列表获取第一隐私信息对应的第一加密密钥。根据第一加密密钥对第一隐私信息进行加密生成第一隐私信息对应的第一匿名信息。The processor 801 is specifically configured to: when the mapping list that has been stored by the security module 805 includes the first privacy information, where the mapping list includes the correspondence between the first privacy information and the first encryption key, obtain the first privacy information according to the mapping list. The first encryption key. The first private information is encrypted according to the first encryption key to generate first anonymous information corresponding to the first private information.
处理器801,还具体用于当映射列表中没有包含第一隐私信息时,根据第三加密密钥对第一隐私信息加密生成第一匿名信息并在映射列表中存储第一隐私信息与第三加密密钥的对应关系。The processor 801 is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to the third encryption key to generate the first anonymous information, and store the first private information and the third in the mapping list. The correspondence between the encryption keys.
进一步可选的,处理器801,还用于获取查找请求,查找请求包括第二隐私信息。Further optionally, the processor 801 is further configured to obtain a lookup request, where the lookup request includes the second private information.
处理器801,还用于当映射列表中包含查找请求中包括的第二隐私信息时,根据映射列表获取第二隐私信息对应的第二加密密钥。根据第二加密密钥对第二隐私信息进行加密生成第二隐私信息对应的第二匿名信息。在查找请求中将第二隐私信息替换为第二匿名信息得到匿名查找请求,根据匿名查找请求查找到第二信息。The processor 801 is further configured to: when the mapping list includes the second private information included in the search request, acquire the second encryption key corresponding to the second private information according to the mapping list. Encrypting the second private information according to the second encryption key to generate second anonymous information corresponding to the second private information. The second private information is replaced with the second anonymous information in the lookup request to obtain an anonymous lookup request, and the second information is found according to the anonymous lookup request.
或者,可选的,处理器801,还用于获取查找请求,根据查找请求查找到第二信息,第二信息包括第二匿名信息。Alternatively, the processor 801 is further configured to obtain a lookup request, and find the second information according to the lookup request, where the second information includes the second anonymous information.
处理器801,还用于当映射列表中包含第二信息中包括的第二匿名信息时,根据映射列表获取第二匿名信息对应的第二加密密钥。根据第二加密密钥对第二匿名信息进行解密得到第二隐私信息。在第二信息中将第二匿名信息替换为第二隐私信息得到第二读取信息。The processor 801 is further configured to: when the mapping list includes the second anonymous information included in the second information, obtain the second encryption key corresponding to the second anonymous information according to the mapping list. Decrypting the second anonymous information according to the second encryption key to obtain second private information. The second anonymous information is replaced with the second private information in the second information to obtain the second read information.
可选的,第一隐私信息包括用户的国际移动用户识别码IMSI、用户的移动设备国际辨识码IMEI、用户的移动用户国际号码MSISDN、用户的介质访问控制MAC地址、用户的互联网协议IP地址中的一个或者多个。安全模块805可以是硬件安全模块HSM或受信平台模块TPM。Optionally, the first privacy information includes the user's International Mobile Subscriber Identity (IMSI), the user's mobile device international identifier IMEI, the user's mobile subscriber international number MSISDN, the user's media access control MAC address, and the user's Internet Protocol IP address. One or more. The security module 805 can be a hardware security module HSM or a trusted platform module TPM.
本实施例提供的虚拟化云基础设施,通过将待存储信息中第一隐私信息替换为第一匿名信息后得到匿名待存储信息并进行存储。因为虚拟机监控器无法获取第一隐私信息与第一匿名信息之间的对应关 系,解决了虚拟网络中,虚拟基础设施的管理员有权限可以查看到用户隐私信息,使得用户隐私信息可能会被泄露的问题,保证了用户隐私信息的安全性。The virtualized cloud infrastructure provided in this embodiment obtains the anonymous to-be-stored information and stores it by replacing the first private information in the to-be-stored information with the first anonymous information. Because the virtual machine monitor cannot obtain the correspondence between the first private information and the first anonymous information. In the virtual network, the administrator of the virtual infrastructure has the right to view the user's private information, so that the user's private information may be leaked, and the security of the user's private information is ensured.
通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本发明可以用硬件实现,或固件实现,或它们的组合方式来实现。当使用软件实现时,可以将上述功能存储在计算机可读介质中或作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是计算机能够存取的任何可用介质。以此为例但不限于:计算机可读介质可以包括RAM(Random Access Memory,随机存储器)、ROM(Read Only Memory,只读内存)、EEPROM(Electrically Erasable Programmable Read Only Memory,电可擦可编程只读存储器)、CD-ROM(Compact Disc Read Only Memory,即只读光盘)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质。此外。任何连接可以适当的成为计算机可读介质。Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented in hardware, firmware implementation, or a combination thereof. When implemented in software, the functions described above may be stored in or transmitted as one or more instructions or code on a computer readable medium. Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another. A storage medium may be any available media that can be accessed by a computer. For example, but not limited to, the computer readable medium may include a RAM (Random Access Memory), a ROM (Read Only Memory), and an EEPROM (Electrically Erasable Programmable Read Only Memory). Read memory), CD-ROM (Compact Disc Read Only Memory) or other optical disk storage, disk storage media or other magnetic storage device, or can be used to carry or store a desired program in the form of an instruction or data structure. Code and any other medium that can be accessed by a computer. Also. Any connection may suitably be a computer readable medium.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应所述以权利要求的保护范围为准。 The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope of the present invention. It should be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims.

Claims (30)

  1. 一种信息处理方法,其特征在于,应用于虚拟网络中的虚拟化云基础设施,所述虚拟化云基础设施包括虚拟机监控器及安全模块,其中,所述虚拟机监控器无法获取所述安全模块中的信息,所述方法包括:An information processing method, characterized by being applied to a virtualized cloud infrastructure in a virtual network, the virtualized cloud infrastructure comprising a virtual machine monitor and a security module, wherein the virtual machine monitor cannot obtain the virtual machine monitor Information in the security module, the method comprising:
    获取待存储信息,所述待存储信息包括第一隐私信息;Obtaining information to be stored, where the information to be stored includes first privacy information;
    通过所述安全模块获取所述第一隐私信息对应的第一匿名信息;Acquiring the first anonymous information corresponding to the first private information by using the security module;
    通过所述安全模块将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息;And replacing, by the security module, the first private information in the to-be-stored information with the first anonymous information to obtain anonymous to-be-stored information;
    存储所述匿名待存储信息。The anonymous to-be-stored information is stored.
  2. 根据权利要求1所述的方法,其特征在于,所述通过所述安全模块获取所述第一隐私信息对应的第一匿名信息,包括:The method according to claim 1, wherein the obtaining, by the security module, the first anonymous information corresponding to the first private information comprises:
    如果所述安全模块已经存储的映射列表中包含所述第一隐私信息,则所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系,根据所述映射列表,通过所述安全模块获取所述第一隐私信息对应的第一匿名信息;If the mapping list that has been stored by the security module includes the first private information, the mapping list includes a correspondence between the first private information and the first anonymous information, and according to the mapping list, The security module acquires first anonymous information corresponding to the first privacy information;
    如果所述映射列表中没有包含所述第一隐私信息,则通过所述安全模块将所述第一隐私信息通过第一算法进行运算获取所述第一隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。If the first private information is not included in the mapping list, the security information is used by the security module to obtain the first anonymous information corresponding to the first private information by using a first algorithm. And storing, in the mapping list, a correspondence between the first private information and the first anonymous information.
  3. 根据权利要求2所述的方法,其特征在于,所述方法还包括:The method of claim 2, wherein the method further comprises:
    获取查找请求,所述查找请求包括第二隐私信息;Obtaining a lookup request, where the lookup request includes second privacy information;
    如果所述映射列表中包含所述第二隐私信息,根据所述映射列表,通过所述安全模块获取所述第二隐私信息对应的第二匿名信息;If the second private information is included in the mapping list, the second anonymous information corresponding to the second private information is obtained by the security module according to the mapping list;
    通过所述安全模块在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;And obtaining, by the security module, the second private information in the lookup request by using the second anonymous information to obtain an anonymous search request;
    根据所述匿名查找请求查找到第二信息。Finding the second information according to the anonymous lookup request.
  4. 根据权利要求2所述的方法,其特征在于,所述方法还包括:The method of claim 2, wherein the method further comprises:
    获取查找请求; Get a lookup request;
    根据所述查找请求查找到第二信息,所述第二信息包括第二匿名名信息;Finding second information according to the lookup request, where the second information includes second anonymous name information;
    如果所述映射列表中包含所述第二匿名信息,根据所述映射列表,通过所述安全模块获取所述第二匿名信息对应的第二隐私信息;If the second anonymous information is included in the mapping list, the second private information corresponding to the second anonymous information is obtained by the security module according to the mapping list;
    通过所述安全模块在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。And replacing, by the security module, the second anonymous information with the second private information in the second information to obtain second read information.
  5. 根据权利要求1所述的方法,其特征在于,所述获取所述第一隐私信息对应的第一匿名信息,包括:The method according to claim 1, wherein the obtaining the first anonymous information corresponding to the first private information comprises:
    如果所述安全模块已经存储的映射列表中包含所述第一隐私信息,则所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系,根据所述映射列表,通过所述安全模块获取所述第一隐私信息对应的所述第一加密密钥;If the first private information is included in the mapping list that has been stored by the security module, the mapping list includes a correspondence between the first private information and the first encryption key, and according to the mapping list, Obtaining, by the security module, the first encryption key corresponding to the first privacy information;
    根据所述第一加密密钥,通过所述安全模块对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;Encrypting the first private information by the security module to generate the first anonymous information corresponding to the first private information according to the first encryption key;
    如果所述映射列表中没有包含所述第一隐私信息,则根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。If the first private information is not included in the mapping list, the first private information is encrypted according to a third encryption key to generate the first anonymous information, and the first privacy is stored in the mapping list. Correspondence between the information and the third encryption key.
  6. 根据权利要求5所述的方法,其特征在于,所述方法还包括:The method of claim 5, wherein the method further comprises:
    获取查找请求,所述查找请求包括第二隐私信息;Obtaining a lookup request, where the lookup request includes second privacy information;
    如果所述映射列表中包含所述第二隐私信息,根据所述映射列表,通过所述安全模块获取所述第二隐私信息对应的第二加密密钥;And obtaining, by the security module, a second encryption key corresponding to the second private information, according to the mapping list, if the second private information is included in the mapping list;
    根据所述第二加密密钥,通过所述安全模块对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二匿名信息;Encrypting the second private information by the security module to generate the second anonymous information corresponding to the second private information according to the second encryption key;
    在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;Replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
    根据所述匿名查找请求查找到第二信息。Finding the second information according to the anonymous lookup request.
  7. 根据权利要求5所述的方法,其特征在于,所述方法还包括:The method of claim 5, wherein the method further comprises:
    获取查找请求;Get a lookup request;
    根据所述查找请求查找到第二信息,所述第二信息包括第二匿名 信息;Finding second information according to the lookup request, the second information including second anonymous information;
    如果所述映射列表中包含所述第二匿名信息,根据所述映射列表,通过所述安全模块获取所述第二匿名信息对应的第二加密密钥;If the second anonymous information is included in the mapping list, the second encryption key corresponding to the second anonymous information is obtained by the security module according to the mapping list;
    根据所述第二加密密钥,通过所述安全模块对所述第二匿名信息进行解密得到所述第二隐私信息;Decrypting the second anonymous information by the security module according to the second encryption key to obtain the second private information;
    在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The second anonymous information is replaced with the second private information in the second information to obtain second read information.
  8. 根据权利要求2-7任一项所述的方法,其特征在于,所述通过所述安全模块获取所述第一隐私信息对应的第一匿名信息之前,还包括:The method according to any one of claims 2-7, wherein before the obtaining, by the security module, the first anonymous information corresponding to the first private information, the method further includes:
    通过所述安全模块判断所述映射列表中是否包含所述第一隐私信息。Determining, by the security module, whether the first private information is included in the mapping list.
  9. 根据权利要求1-8任一项所述的方法,其特征在于,Method according to any of claims 1-8, characterized in that
    所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  10. 根据权利要求1-9任一项所述的方法,其特征在于,Method according to any of claims 1-9, characterized in that
    所述安全模块为硬件安全模块HSM或受信平台模块TPM。The security module is a hardware security module HSM or a trusted platform module TPM.
  11. 一种虚拟化云基础设施,其特征在于,包括虚拟机监控器、安全模块、获取模块及存储模块,所述虚拟机监控器无法获取所述安全模块中的信息;A virtualized cloud infrastructure, comprising: a virtual machine monitor, a security module, an obtaining module, and a storage module, wherein the virtual machine monitor cannot obtain information in the security module;
    其中,所述获取模块用于,获取待存储信息,所述待存储信息包括第一隐私信息;The acquiring module is configured to acquire information to be stored, where the information to be stored includes first privacy information;
    所述安全模块,用于获取所述获取模块获取的所述第一隐私信息对应的第一匿名信息,将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息;The security module is configured to obtain the first anonymous information corresponding to the first private information acquired by the acquiring module, and replace the first private information in the to-be-stored information with the first anonymous information to be anonymously Store information;
    所述存储模块,用于存储所述安全模块得到的所述匿名待存储信息。 The storage module is configured to store the anonymous to-be-stored information obtained by the security module.
  12. 根据权利要求11所述的装置,其特征在于,The device of claim 11 wherein:
    所述安全模块,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系时,根据所述映射列表获取所述第一隐私信息对应的第一匿名信息;The security module is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
    所述安全模块,还具体用于当所述映射列表中没有包含所述第一隐私信息时,将所述第一隐私信息通过第一算法进行运算获取所述第一隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。The security module is further configured to: when the first private information is not included in the mapping list, perform the operation on the first private information by using a first algorithm to obtain the first corresponding to the first private information. An anonymous information and a correspondence between the first private information and the first anonymous information is stored in the mapping list.
  13. 根据权利要求12所述的装置,其特征在于,The device according to claim 12, characterized in that
    所述获取模块,还用于获取查找请求,所述查找请求包括第二隐私信息;The obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
    所述安全模块,还用于当所述映射列表中包含所述获取模块获取的所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;The security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information Second anonymous information; replacing the second private information with the second anonymous information in the lookup request to obtain an anonymous lookup request;
    所述虚拟化云基础设施还包括查找模块,用于根据所述安全模块得到的所述匿名查找请求查找到第二信息。The virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
  14. 根据权利要求12所述的装置,其特征在于,The device according to claim 12, characterized in that
    所述获取模块还用于,获取查找请求;The obtaining module is further configured to: acquire a lookup request;
    所述虚拟化云基础设施还包括查找模块,用于根据所述获取模块获取的所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
    所述安全模块还用于,当所述映射列表中包含所述查找模块查找到的所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is found by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second private information; replacing the second anonymous information with the second private information in the second information to obtain second read information.
  15. 根据权利要求11所述的装置,其特征在于,The device of claim 11 wherein:
    所述安全模块,具体用于当所述安全模块已经存储的映射列表中 包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系时,根据所述映射列表获取所述第一隐私信息对应的所述第一加密密钥;根据所述第一加密密钥对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;The security module is specifically configured to be used in a mapping list that has been stored by the security module. The first privacy information is included, and when the mapping list includes a correspondence between the first privacy information and the first encryption key, acquiring the first encryption key corresponding to the first privacy information according to the mapping list Key: encrypting the first private information according to the first encryption key to generate the first anonymous information corresponding to the first private information;
    所述安全模块,还具体用于当所述映射列表中没有包含所述第一隐私信息时,根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。The security module is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
  16. 根据权利要求15所述的装置,其特征在于,The device of claim 15 wherein:
    所述获取模块,还用于获取查找请求,所述查找请求包括第二隐私信息;The obtaining module is further configured to acquire a lookup request, where the lookup request includes second privacy information;
    所述安全模块,还用于当所述映射列表中包含所述获取模块获取的所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二加密密钥;根据所述第二加密密钥对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求;The security module is further configured to: when the mapping list includes the second private information included in the search request acquired by the acquiring module, acquire, according to the mapping list, the second private information a second encryption key; encrypting the second private information according to the second encryption key to generate the second anonymous information corresponding to the second private information; and performing the second in the lookup request The privacy information is replaced with the second anonymous information to obtain an anonymous search request;
    所述虚拟化云基础设施还包括查找模块,用于根据所述安全模块得到的所述匿名查找请求查找到第二信息。The virtualized cloud infrastructure further includes a lookup module configured to find the second information according to the anonymous lookup request obtained by the security module.
  17. 根据权利要求15所述的装置,其特征在于,The device of claim 15 wherein:
    所述获取模块,还用于获取查找请求;The obtaining module is further configured to acquire a lookup request;
    所述虚拟化云基础设施还包括查找模块,用于根据所述获取模块获取的所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The virtualized cloud infrastructure further includes a search module, configured to search for second information according to the lookup request obtained by the obtaining module, where the second information includes second anonymous information;
    所述安全模块,还用于当所述映射列表中包含所述查找模块查找到的所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二加密密钥;根据所述第二加密密钥对所述第二匿名信息进行解密得到所述第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信 息。The security module is further configured to: when the mapping list includes the second anonymous information included in the second information that is searched by the searching module, acquire the second anonymous information according to the mapping list. Corresponding second encryption key; decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second information The second private information is obtained as a second read letter interest.
  18. 根据权利要求12-17任一项所述的装置,其特征在于,Apparatus according to any one of claims 12-17, wherein
    所述安全模块,还用于判断所述映射列表中是否包含所述第一隐私信息。The security module is further configured to determine whether the first privacy information is included in the mapping list.
  19. 根据权利要求11-18任一项所述的装置,其特征在于,Apparatus according to any one of claims 11-18, wherein
    所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  20. 根据权利要求11-19任一项所述的装置,其特征在于,Apparatus according to any one of claims 11-19, wherein
    所述安全模块为硬件安全模块HSM或受信平台模块TPM。The security module is a hardware security module HSM or a trusted platform module TPM.
  21. 一种虚拟化云基础设施,其特征在于,包括处理器、存储器、总线,所述处理器及所述存储器通过所述总线相互连接,在所述处理器、所述存储器及所述总线所包含的硬件资源之上,所述虚拟化云基础设施包括虚拟机监控器及安全模块,所述虚拟机监控器无法获取所述安全模块中的信息;A virtualized cloud infrastructure, comprising: a processor, a memory, and a bus, wherein the processor and the memory are connected to each other by the bus, and are included in the processor, the memory, and the bus Above the hardware resources, the virtualized cloud infrastructure includes a virtual machine monitor and a security module, and the virtual machine monitor cannot obtain information in the security module;
    其中,所述处理器,用于获取待存储信息,所述待存储信息包括第一隐私信息;The processor is configured to acquire information to be stored, where the information to be stored includes first privacy information;
    所述处理器,还用于通过所述安全模块获取所述第一隐私信息对应的第一匿名信息,通过所述安全模块将所述待存储信息中的第一隐私信息替换为所述第一匿名信息得到匿名待存储信息,并存储所述匿名待存储信息。The processor is further configured to acquire the first anonymous information corresponding to the first private information by using the security module, and replace, by the security module, the first private information in the to-be-stored information with the first The anonymous information is obtained by anonymizing the information to be stored, and the anonymous information to be stored is stored.
  22. 根据权利要求21所述的装置,其特征在于,The device according to claim 21, wherein
    所述处理器,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与所述第一匿名信息的对应关系时,根据所述映射列表获取所述第一隐私信息对应的第一匿名信息;The processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and the first anonymous information, Acquiring the first anonymous information corresponding to the first private information according to the mapping list;
    所述处理器,还具体用于当所述映射列表中没有包含所述第一隐私信息时,将所述第一隐私信息通过第一算法进行运算获取所述第一 隐私信息对应的所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第一匿名信息的对应关系。The processor is further configured to: when the first private information is not included in the mapping list, obtain the first private information by using a first algorithm to obtain the first The first anonymous information corresponding to the privacy information, and storing, in the mapping list, a correspondence between the first private information and the first anonymous information.
  23. 根据权利要求22所述的装置,其特征在于,The device according to claim 22, wherein
    所述处理器,还用于获取查找请求,所述查找请求包括第二隐私信息;The processor is further configured to acquire a lookup request, where the lookup request includes second privacy information;
    所述处理器,还用于当所述映射列表中包含所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求,根据所述匿名查找请求查找到第二信息。The processor is further configured to: when the mapping list includes the second private information included in the search request, acquire second anonymous information corresponding to the second private information according to the mapping list; The second privacy information is replaced by the second anonymous information in the lookup request to obtain an anonymous search request, and the second information is found according to the anonymous search request.
  24. 根据权利要求22所述的装置,其特征在于,The device according to claim 22, wherein
    所述处理器,还用于获取查找请求,根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
    所述处理器,还用于当所述映射列表中包含所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire second privacy information corresponding to the second anonymous information according to the mapping list; The second anonymous information is replaced with the second private information in the second information to obtain second read information.
  25. 根据权利要求21所述的装置,其特征在于,The device according to claim 21, wherein
    所述处理器,具体用于当所述安全模块已经存储的映射列表中包含所述第一隐私信息,所述映射列表包括所述第一隐私信息与第一加密密钥的对应关系时,根据所述映射列表获取所述第一隐私信息对应的所述第一加密密钥;根据所述第一加密密钥对所述第一隐私信息进行加密生成所述第一隐私信息对应的所述第一匿名信息;The processor is specifically configured to: when the mapping list that has been stored by the security module includes the first private information, where the mapping list includes a correspondence between the first private information and a first encryption key, according to Obtaining, by the mapping list, the first encryption key corresponding to the first private information, and encrypting the first private information according to the first encryption key to generate the first corresponding to the first private information An anonymous message;
    所述处理器,还具体用于当所述映射列表中没有包含所述第一隐私信息时,根据第三加密密钥对所述第一隐私信息加密生成所述第一匿名信息并在所述映射列表中存储所述第一隐私信息与所述第三加密密钥的对应关系。The processor is further configured to: when the first private information is not included in the mapping list, encrypt the first private information according to a third encryption key to generate the first anonymous information, and in the A mapping relationship between the first private information and the third encryption key is stored in the mapping list.
  26. 根据权利要求25所述的装置,其特征在于,The device according to claim 25, wherein
    所述处理器,还用于获取查找请求,所述查找请求包括第二隐私 信息;The processor is further configured to acquire a lookup request, where the lookup request includes a second privacy information;
    所述处理器,还用于当所述映射列表中包含所述查找请求中包括的所述第二隐私信息时,根据所述映射列表获取所述第二隐私信息对应的第二加密密钥;根据所述第二加密密钥对所述第二隐私信息进行加密生成所述第二隐私信息对应的所述第二匿名信息;在所述查找请求中将所述第二隐私信息替换为所述第二匿名信息得到匿名查找请求,根据所述匿名查找请求查找到第二信息。The processor is further configured to: when the mapping list includes the second private information included in the search request, acquire a second encryption key corresponding to the second private information according to the mapping list; Encrypting the second private information according to the second encryption key to generate the second anonymous information corresponding to the second private information; replacing the second private information with the searching request The second anonymous information is obtained by an anonymous lookup request, and the second information is found according to the anonymous lookup request.
  27. 根据权利要求25所述的装置,其特征在于,The device according to claim 25, wherein
    所述处理器,还用于获取查找请求,根据所述查找请求查找到第二信息,所述第二信息包括第二匿名信息;The processor is further configured to obtain a lookup request, and find second information according to the lookup request, where the second information includes second anonymous information;
    所述处理器,还用于当所述映射列表中包含所述第二信息中包括的所述第二匿名信息时,根据所述映射列表获取所述第二匿名信息对应的第二加密密钥;根据所述第二加密密钥对所述第二匿名信息进行解密得到所述第二隐私信息;在所述第二信息中将所述第二匿名信息替换为所述第二隐私信息得到第二读取信息。The processor is further configured to: when the mapping list includes the second anonymous information included in the second information, acquire a second encryption key corresponding to the second anonymous information according to the mapping list Decrypting the second anonymous information according to the second encryption key to obtain the second private information; and replacing the second anonymous information with the second private information in the second information Second, read the information.
  28. 根据权利要求22-27任一项所述的装置,其特征在于,A device according to any one of claims 22-27, wherein
    所述处理器,还用于通过所述安全模块判断所述映射列表中是否包含所述第一隐私信息。The processor is further configured to determine, by the security module, whether the first private information is included in the mapping list.
  29. 根据权利要求21-28任一项所述的装置,其特征在于,Apparatus according to any one of claims 21-28, wherein
    所述第一隐私信息包括所述用户的国际移动用户识别码IMSI、所述用户的移动设备国际辨识码IMEI、所述用户的移动用户国际号码MSISDN、所述用户的介质访问控制MAC地址、所述用户的互联网协议IP地址中的一个或者多个。The first private information includes an International Mobile Subscriber Identity (IMSI) of the user, a mobile device international identification code IMEI of the user, a mobile subscriber international number MSISDN of the user, a media access control MAC address of the user, and a location Describe one or more of the user's Internet Protocol IP addresses.
  30. 根据权利要求21-29任一项所述的装置,其特征在于,A device according to any one of claims 21-29, wherein
    所述安全模块为硬件安全模块HSM或受信平台模块TPM。 The security module is a hardware security module HSM or a trusted platform module TPM.
PCT/CN2014/086234 2014-09-10 2014-09-10 Information processing method and device WO2016037330A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201480033996.4A CN105684343B (en) 2014-09-10 2014-09-10 A kind of information processing method and equipment
PCT/CN2014/086234 WO2016037330A1 (en) 2014-09-10 2014-09-10 Information processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2014/086234 WO2016037330A1 (en) 2014-09-10 2014-09-10 Information processing method and device

Publications (1)

Publication Number Publication Date
WO2016037330A1 true WO2016037330A1 (en) 2016-03-17

Family

ID=55458255

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/086234 WO2016037330A1 (en) 2014-09-10 2014-09-10 Information processing method and device

Country Status (2)

Country Link
CN (1) CN105684343B (en)
WO (1) WO2016037330A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109691009A (en) * 2016-09-08 2019-04-26 日本电气株式会社 Network function virtualization system and verification method
CN111274607A (en) * 2020-01-20 2020-06-12 福建奇点时空数字科技有限公司 Mobile application data privacy protection method based on virtual machine
CN115022037A (en) * 2022-06-01 2022-09-06 中国银行股份有限公司 Data transmission method, device, equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080263645A1 (en) * 2007-04-23 2008-10-23 Telus Communications Company Privacy identifier remediation
CN102034046A (en) * 2010-12-10 2011-04-27 北京世纪互联工程技术服务有限公司 Data underlay encryption method based on disk drive in cloud computing environment
CN102655508A (en) * 2012-04-19 2012-09-05 华中科技大学 Method for protecting privacy data of users in cloud environment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100122080A1 (en) * 2008-11-11 2010-05-13 Electronics And Telecommunications Research Institute Pseudonym certificate process system by splitting authority
KR101575282B1 (en) * 2011-11-28 2015-12-09 한국전자통신연구원 Agent device and method for sharing security information based on anonymous identifier between security management domains
CN103856477B (en) * 2012-12-06 2018-01-02 阿里巴巴集团控股有限公司 A kind of credible accounting system and corresponding authentication method and equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080263645A1 (en) * 2007-04-23 2008-10-23 Telus Communications Company Privacy identifier remediation
CN102034046A (en) * 2010-12-10 2011-04-27 北京世纪互联工程技术服务有限公司 Data underlay encryption method based on disk drive in cloud computing environment
CN102655508A (en) * 2012-04-19 2012-09-05 华中科技大学 Method for protecting privacy data of users in cloud environment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109691009A (en) * 2016-09-08 2019-04-26 日本电气株式会社 Network function virtualization system and verification method
CN109691009B (en) * 2016-09-08 2022-04-29 日本电气株式会社 Network function virtualization system and verification method
US11463267B2 (en) 2016-09-08 2022-10-04 Nec Corporation Network function virtualization system and verifying method
CN111274607A (en) * 2020-01-20 2020-06-12 福建奇点时空数字科技有限公司 Mobile application data privacy protection method based on virtual machine
CN115022037A (en) * 2022-06-01 2022-09-06 中国银行股份有限公司 Data transmission method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN105684343A (en) 2016-06-15
CN105684343B (en) 2019-04-05

Similar Documents

Publication Publication Date Title
US11200327B1 (en) Protecting virtual machine data in cloud environments
US9912645B2 (en) Methods and apparatus to securely share data
CN108885665B (en) System and method for decrypting network traffic in a virtualized environment
EP3111618B1 (en) Securing client-specified credentials at cryptographically attested resources
EP3162021B1 (en) Securely storing content within public clouds
US9053059B2 (en) Roots-of-trust for measurement of virtual machines
US11134377B2 (en) Encrypting/decrypting data on mobile terminal
WO2016058487A1 (en) Information processing method and apparatus
KR20180131056A (en) System for managing encryption keys for cloud services
US11068606B2 (en) Secured encrypted shared cloud storage
US11327782B2 (en) Supporting migration of virtual machines containing enclaves
KR102363080B1 (en) A tpm-based secure multiparty computing system using a non-bypassable gateway
WO2016037330A1 (en) Information processing method and device
CN103885725B (en) A kind of virtual machine access control system and its control method based on cloud computing environment
CN113824553A (en) Key management method, device and system
US11494219B2 (en) Encryption and remote attestation of containers
Cheng et al. Protecting in-memory data cache with secure enclaves in untrusted cloud
CN117056943A (en) Data processing method, system, device and readable storage medium
CN113849558A (en) Method and device for deploying data sharing service
Sabapathi et al. A Hybrid Cloud Architecture for Secure Service—Measures Against Poodle Vulnerability
CN113923023A (en) Authority configuration and data processing method, device, electronic equipment and medium
JP2019021131A (en) Malware detection device, malware detection method, and malware detection program
CN104281818A (en) Disk data safety protection method and monitor in virtual machine architecture

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14901675

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14901675

Country of ref document: EP

Kind code of ref document: A1