WO2023065772A1 - Procédé et appareil de traitement de données de journal, support de stockage et dispositif électronique - Google Patents

Procédé et appareil de traitement de données de journal, support de stockage et dispositif électronique Download PDF

Info

Publication number
WO2023065772A1
WO2023065772A1 PCT/CN2022/109748 CN2022109748W WO2023065772A1 WO 2023065772 A1 WO2023065772 A1 WO 2023065772A1 CN 2022109748 W CN2022109748 W CN 2022109748W WO 2023065772 A1 WO2023065772 A1 WO 2023065772A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
log data
log
chip
ciphertext
Prior art date
Application number
PCT/CN2022/109748
Other languages
English (en)
Chinese (zh)
Inventor
曹有彬
Original Assignee
深圳市锐尔觅移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市锐尔觅移动通信有限公司 filed Critical 深圳市锐尔觅移动通信有限公司
Publication of WO2023065772A1 publication Critical patent/WO2023065772A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present disclosure relates to the field of computer technology, and in particular, to a log data processing method, a log data processing device, a computer-readable storage medium, and electronic equipment.
  • the log data of terminal devices is usually controlled by adding access rights.
  • root authority root authority
  • hackers can easily obtain log data, resulting in leakage of device information and even loss of user property.
  • a log data processing method including: calling the software development kit SDK integrated in the chip firmware to generate a first key, the first key is uniquely generated based on the physical characteristics of the chip key; use the first key to encrypt the second key, and store the ciphertext of the generated second key in the flash memory of the chip, and the second key is used to encrypt the log data;
  • call the SDK to generate the first key; use the first key to decrypt the ciphertext of the second key stored in the flash memory to obtain the second key; use the second key to log
  • the data is encrypted to obtain the ciphertext of the log data, and the ciphertext of the log data is stored.
  • a log data processing device including: a first calling module configured to call a software development kit SDK integrated in the chip firmware to generate a first key, the first key The key is uniquely generated based on the physical characteristics of the chip; the encryption module is configured to use the first key to encrypt the second key, and store the generated ciphertext of the second key in the flash memory of the chip.
  • the second key is used to encrypt the log data;
  • the second calling module is configured to call the SDK to generate the first key during the process of storing the log data;
  • the decryption module is configured to use the first key pair
  • the ciphertext of the second key stored in the flash memory is decrypted to obtain the second key;
  • the log storage module is configured to use the second key to encrypt the log data to obtain the ciphertext of the log data, and to log data
  • the ciphertext is stored.
  • a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, the above log data processing method is realized.
  • an electronic device including a processor; a memory configured to store one or more programs, and when the one or more programs are executed by the processor, the processor implements the above-mentioned log data processing method.
  • FIG. 1 shows a schematic diagram of the stages included in the log data processing process of an embodiment of the present disclosure
  • FIG. 2 shows a schematic structural diagram of an electronic device suitable for implementing an embodiment of the present disclosure
  • FIG. 3 schematically shows a flow chart of a log data processing method according to an exemplary embodiment of the present disclosure
  • FIG. 4 schematically shows a flow chart of the process of storing the ciphertext of the second key in an embodiment of the present disclosure
  • FIG. 5 schematically shows a flowchart of a terminal device maintenance process according to an embodiment of the present disclosure
  • FIG. 6 shows a schematic diagram of a log data processing process in an embodiment of the present disclosure
  • Fig. 7 schematically shows a block diagram of a log data processing device according to an exemplary embodiment of the present disclosure
  • Fig. 8 schematically shows a block diagram of a log data processing device according to another exemplary embodiment of the present disclosure.
  • Example embodiments will now be described more fully with reference to the accompanying drawings.
  • Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete and will fully convey the concept of example embodiments to those skilled in the art.
  • the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
  • numerous specific details are provided in order to give a thorough understanding of embodiments of the present disclosure.
  • those skilled in the art will appreciate that the technical solutions of the present disclosure may be practiced without one or more of the specific details being omitted, or other methods, components, devices, steps, etc. may be adopted.
  • well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
  • encryption and decryption of log data are implemented using a log key
  • encryption and decryption of the log key are implemented using a key uniquely generated based on chip physical characteristics.
  • the key uniquely generated based on the physical characteristics of the chip can be obtained by using the PUF technology.
  • the PUF mentioned in this disclosure refers to Physical Unclonable Function (Physical Unclonable Function), which is an identification technology in the chip field and a "digital fingerprint".
  • Physical Unclonable Function Physical Unclonable Function
  • During the chip manufacturing process even if two chips have the same design and even the same manufacturing process, there are still some differences in their physical characteristics. At the molecular scale, there are always inevitable and uncontrollable variables that make each chip unique. These variables are random and cannot be eliminated, even on the most advanced production lines, chips on the same wafer will have internal structural differences.
  • the algorithm for generating the key by PUF may include but not limited to general keyword cipher (Rivest Shamir Adelman, RSA), digital signature algorithm (Digital Signature Algorithm, DSA), which is not limited in this disclosure.
  • This disclosure can use PUF technology to generate a unique unpredictable random number based on the random characteristics of DRAM (Dynamic Random Access Memory, Dynamic Random Access Memory) when it is powered on, as the only one generated based on the physical characteristics of the chip in this disclosure. key.
  • DRAM Dynamic Random Access Memory
  • the present disclosure may also use other information that uniquely characterizes the physical characteristics of the chip as the first key described below to implement encryption and decryption of the log key.
  • the chip described in the present disclosure is a chip that needs encrypted transmission protection. It mainly includes the system chip of the terminal device, that is to say, the embodiment of the present disclosure mainly encrypts and decrypts the log data generated based on the system chip. However, it is conceivable that the log data processing solution of the present disclosure can also encrypt and decrypt data generated by other chips (such as communication chips, sensor chips, etc.).
  • the terminal devices described in the present disclosure may include, but are not limited to, smart phones, tablet computers, smart wearable devices, portable computers, desktop computers, and the like.
  • Fig. 1 shows a schematic diagram of the stages included in the log data processing process of the embodiment of the present disclosure.
  • the log data processing process of the embodiment of the present disclosure may at least include an SDK integration stage, a key encryption stage, and a log encryption stage.
  • the log data processing process may also include a device maintenance stage.
  • the chip generates a unique unpredictable random number based on the physical characteristics of the chip through the integrated PUF SDK, as the first key, which can be 32 bytes.
  • the log key generation data can be read to the log maintenance background.
  • the log key generation data may include a model of the terminal device, a chip serial number, and the like.
  • the log maintenance background can call the interface of the key management background according to the log key generation data, generate a log key, and record it as the second key, for example, generate a 32-byte log key. Note the log key as the second key.
  • the first key may be used to encrypt the second key to obtain the ciphertext of the second key, and store the ciphertext in the flash memory (Flash) of the chip.
  • the chip operating system After the chip operating system generates log data, it can call the PUF SDK to generate the first key. Next, the ciphertext of the second key stored in the flash memory may be decrypted by using the first key to obtain the second key. Subsequently, the log data is encrypted with the second key and saved.
  • the equipment maintenance phase first, the user provides the unlock password of the terminal equipment and agrees to restore the log files.
  • the maintenance engineer uploads the log key generation data to the log maintenance background to determine the corresponding second key.
  • the maintenance engineer exports the log file from the terminal device, uploads the log file to the log maintenance background, calls the decryption interface provided by the password management background, decrypts the log file, and restores the plaintext log data.
  • the log data can be analyzed to provide corresponding maintenance or repair services.
  • FIG. 2 shows a schematic diagram of an electronic device suitable for implementing an exemplary embodiment of the present disclosure.
  • a terminal device according to an exemplary embodiment of the present disclosure may be configured in the form of FIG. 2 .
  • the electronic device shown in FIG. 2 is only an example, and should not limit the functions and application scope of the embodiments of the present disclosure.
  • the electronic device of the present disclosure includes at least a processor and a memory, the memory is used to store one or more programs, and when the one or more programs are executed by the processor, the processor can implement the log data processing method of the exemplary embodiment of the present disclosure .
  • the electronic device 200 may include: a processor 210, an internal memory 221, an external memory interface 222, a Universal Serial Bus (Universal Serial Bus, USB) interface 230, a charging management module 240, and a power management module 241, battery 242, antenna 1, antenna 2, mobile communication module 250, wireless communication module 260, audio module 270, speaker 271, receiver 272, microphone 273, earphone interface 274, sensor module 280, display screen 290, camera module 291 , an indicator 292, a motor 293, a button 294, and a Subscriber Identification Module (Subscriber Identification Module, SIM) card interface 295, etc.
  • a processor 210 an internal memory 221, an external memory interface 222, a Universal Serial Bus (Universal Serial Bus, USB) interface 230, a charging management module 240, and a power management module 241, battery 242, antenna 1, antenna 2, mobile communication module 250, wireless communication module 260, audio module 270, speaker 271, receiver 272, microphone 273, earphone interface 274, sensor module 280, display screen 290, camera module 291
  • the sensor module 280 may include a depth sensor, a pressure sensor, a gyro sensor, an air pressure sensor, a magnetic sensor, an acceleration sensor, a distance sensor, a proximity light sensor, a fingerprint sensor, a temperature sensor, a touch sensor, an ambient light sensor, and a bone conduction sensor.
  • the structure illustrated in the embodiment of the present disclosure does not constitute a specific limitation on the electronic device 200 .
  • the electronic device 200 may include more or fewer components than shown in the illustration, or combine certain components, or separate certain components, or arrange different components.
  • the illustrated components may be realized in hardware, software, or a combination of software and hardware.
  • the processor 210 may include one or more processing units, for example: the processor 210 may include an application processor (Application Processor, AP), a modem processor, a graphics processor (Graphics Processing Unit, GPU), an image signal processor (Image Signal Processor, ISP), controller, video codec, digital signal processor (Digital Signal Processor, DSP), baseband processor and/or neural network processor (Neural-network Processing Unit, NPU), etc. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.
  • a memory may also be provided in the processor 210 for storing instructions and data.
  • a processor included in the electronic device 200 may correspond to a chip of the present disclosure.
  • the internal memory 221 may be used to store computer-executable program codes including instructions.
  • the internal memory 221 may include an area for storing programs and an area for storing data.
  • the external memory interface 222 can be used to connect an external memory card, such as a Micro SD card, so as to expand the storage capacity of the electronic device 200.
  • the electronic device 200 may perform data interaction with the log maintenance background and/or the key management background through the antenna 2.
  • the present disclosure also provides a computer-readable storage medium.
  • the computer-readable storage medium may be included in the electronic device described in the above embodiments, or may exist independently without being assembled into the electronic device.
  • a computer readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of computer-readable storage media may include, but are not limited to, electrical connections with one or more wires, portable computer diskettes, hard disks, random access memory (RAM), read-only memory (ROM), erasable Programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
  • a computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in conjunction with an instruction execution system, apparatus, or device.
  • the computer-readable storage medium may send, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
  • Program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wires, optical cables, RF, etc., or any suitable combination of the foregoing.
  • the computer-readable storage medium bears one or more programs, and when the above one or more programs are executed by an electronic device, the electronic device is made to implement the methods described in the following embodiments.
  • each block in a flowchart or block diagram may represent a module, program segment, or portion of code that includes one or more logical functions for implementing specified executable instructions.
  • the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block in the block diagrams or flowchart illustrations, and combinations of blocks in the block diagrams or flowchart illustrations can be implemented by a dedicated hardware-based system that performs the specified function or operation, or can be implemented by a A combination of dedicated hardware and computer instructions.
  • the units described in the embodiments of the present disclosure may be implemented by software or by hardware, and the described units may also be set in a processor. Wherein, the names of these units do not constitute a limitation of the unit itself under certain circumstances.
  • Fig. 3 schematically shows a flowchart of a log data processing method in an exemplary embodiment of the present disclosure.
  • the log data processing method may include the following steps:
  • the terminal device can call the SDK pre-integrated in the chip firmware to generate the first key.
  • the first key is uniquely generated based on the physical characteristics of the chip.
  • the physical characteristics of the chip may include the impedance characteristics of the chip. For example, when the input impedance can uniquely correspond to a chip, that is, when different input impedances correspond to different chips, the input impedance of the chip may be used to characterize the physical characteristics of the chip.
  • the terminal device can invoke the PUF SDK pre-integrated in the chip firmware to generate a unique unpredictable 32-byte random number representing the physical characteristics of the chip as the first key.
  • the second key is a log key for encrypting and decrypting log data. Before applying the second key to encrypt the log data, the second key may be encrypted and stored.
  • the second key may be generated by using log key generation data.
  • the log key generation data may include data associated with the terminal device and/or chip, for example, the log key generation data includes but not limited to the terminal device model, chip serial number and other data.
  • the device in the production process that is, the external device relative to the terminal device, can read the log key generation data and use the key generation data to obtain the second key.
  • the log key generation data may be sent to the log maintenance background through the external device, so as to realize the process of reading the log key generation data by the log maintenance background.
  • the log maintenance background can be configured as an independent device for log maintenance.
  • the log maintenance background can also form a device together with other backgrounds, that is, the device can realize the functions of the log maintenance background and other backgrounds.
  • the log maintenance background can call the interface of the key management background according to the log key generation data, and the key management background generates the second key.
  • the key management background can be configured as an independent device for key management.
  • the key management background can also be, for example, the same device as the log maintenance background.
  • the key management background is integrated with a key generation algorithm, which can generate the corresponding key according to the received data. For example, a 32-byte second key is generated.
  • the terminal device may receive the second key generated based on calling the interface of the key management background.
  • the second key may be encrypted by using the first key to generate a ciphertext of the second key.
  • AES Advanced Encryption Standard, Advanced Encryption Standard
  • CBC Cipher Block Chaining, cipher block chaining
  • the length of the key is 256 bits.
  • the second key can be stored in the flash memory of the chip.
  • step S402 the chip can call the PUF SDK to generate the first key.
  • step S404 the device in the production stage (external device) can read the log key generation data to the log maintenance background.
  • step S406 the log maintenance background can call the interface of the key management background according to the log key generation data to generate the second key.
  • the chip may use the first key to encrypt the second key to obtain the ciphertext of the second key.
  • the chip may store the ciphertext of the second key in the flash memory.
  • the ciphertext of the second key is already stored in the flash memory in case the log data needs to be encrypted.
  • the chip operating system when the chip operating system generates a piece of log data, it is considered that the log data needs to be encrypted and stored. At this point, the log data that needs to be encrypted is the newly generated log data.
  • the log data that needs to be encrypted is all log data under the current total amount. That is to say, the log data may be encrypted periodically batch by batch with reference to the total amount of generated log data.
  • the newly generated log data is encrypted every predetermined time, in this case, whenever a periodic time point is reached, it is considered that the log data needs to be encrypted and stored the process of.
  • the log data that needs to be encrypted is all the log data generated between the previous time point and the current time point.
  • the terminal device may call the SDK to generate the first key.
  • the ciphertext of the second key can still be decrypted by using the AES decryption process corresponding to the above-mentioned AES encryption process.
  • the log data may be encrypted with the second key.
  • AES encryption may be performed on the log data. For example, if the encryption mode of CBC is adopted, the length of the key is 256 bits.
  • the ciphertext of the log data can be obtained, and the ciphertext of the log data can be stored.
  • the ciphertext of the log data is stored in the log storage area of the chip. It can be understood that the log storage area is an area for storing ciphertext of log data obtained by dividing the chip storage area.
  • the scheme encrypts the log data to ensure the security of the log data; on the other hand, the scheme uses the log key to encrypt the log data.
  • the log key is encrypted and decrypted with the key uniquely generated based on the physical characteristics of the chip, so even if the hacker obtains the encrypted log data, the hacker cannot obtain the first key uniquely generated based on the physical characteristics of the chip , the plaintext of the log key cannot be obtained, and the encrypted log data cannot be decrypted, that is, the plaintext of the log data cannot be obtained. Therefore, the security of the log data is further improved.
  • the present disclosure also provides a solution of how to extract plain text of log data for device maintenance.
  • the ciphertext of the log data can be decrypted to obtain the log data.
  • maintenance processing can be performed based on this log data.
  • the log key generation data can be uploaded to the log maintenance background, the ciphertext of the log data can be obtained through the log maintenance background, and the log maintenance background can call the key management background
  • the ciphertext of the log data is decrypted to obtain the log data. Therefore, the log data can be used for maintenance processing, and the present disclosure does not limit the content and process of the maintenance processing.
  • Fig. 5 schematically shows a flow chart of a terminal device maintenance process according to an embodiment of the present disclosure.
  • step S502 after the authority verification is passed, the log file to be restored is determined.
  • the log file to be restored is the ciphertext of the log data. Specifically, the user may provide the unlocking password of the terminal device and agree to read the log file to be restored.
  • step S504 the log key generation data is uploaded to the log maintenance background, and the log maintenance background determines the second key according to the log key generation data.
  • step S506 the log file is decrypted by using the second key to obtain plaintext log data.
  • step S508 the maintenance engineer performs maintenance processing of the terminal device based on the log data.
  • FIG. 6 shows a schematic diagram of a log data processing process in an embodiment of the present disclosure. Each stage of the log data processing process in the embodiment of the present disclosure will be described below with reference to FIG. 6 .
  • the system chip may include a custom-defined factory preset storage area, a log storage area, and a log configuration storage area, and these three storage areas are all protected by root authority.
  • the factory preset storage area is used to store data in the production stage of the terminal equipment, including but not limited to the ciphertext of the log key, factory files 1 to n, and so on.
  • the log storage area is used to store the ciphertext of log file 1, the ciphertext of log file 2, the ciphertext of log file 3 to the ciphertext of log file n, etc.
  • the user configuration storage area is used to store user files 1 to n and so on.
  • the developer integrates the PUF SDK in the firmware of the SoC.
  • the external device can read the log key generation data to the log maintenance background, and the log maintenance background calls the interface of the key management background according to the log key generation data to generate the log key.
  • the plaintext of the key can be called by the SoC.
  • the SoC can call the PUF SDK to generate a PUF key.
  • use the PUF key to perform an AES encryption process on the plaintext of the log key, generate a ciphertext of the log key, and store it in the factory preset storage area.
  • the PUF SDK can be called to generate a PUF key, and the ciphertext of the log key can be decrypted by AES using the PUF key to obtain the plaintext of the log key.
  • use the log key to perform AES encryption on the log data to generate, for example, the ciphertext of log file 1, and store it in the log storage area.
  • this example implementation also provides a log data processing device.
  • Fig. 7 schematically shows a block diagram of a log data processing device according to an exemplary embodiment of the present disclosure.
  • the log data processing apparatus 7 may include a first calling module 71 , an encryption module 73 , a second calling module 75 , a decryption module 77 and a log storage module 79 .
  • the first calling module 71 can be configured to call the software development kit SDK integrated in the chip firmware to generate a first key, the first key is a uniquely generated key based on the physical characteristics of the chip; the encryption module 73 It can be configured to use the first key to encrypt the second key, and store the generated ciphertext of the second key in the flash memory of the chip.
  • the second key is used to encrypt the log data;
  • the second call The module 75 can be configured to call the SDK to generate the first key during the process of storing the log data;
  • the decryption module 77 can be configured to use the first key to store the ciphertext of the second key in the flash memory Decrypt to obtain the second key;
  • the log storage module 79 may be configured to encrypt the log data with the second key to obtain the ciphertext of the log data, and store the ciphertext of the log data.
  • the key generation data is read by an external device, and the key generation data is used to obtain a second key; wherein the key generation data includes data associated with the terminal device and/or chip .
  • the key generation data is sent to the log maintenance background through an external device, and the log maintenance background calls an interface of the key management background based on the key generation data.
  • the encryption module 73 may also be configured to receive the second key generated based on calling the interface of the key management background.
  • the SDK is an SDK pre-built in chip firmware based on a physical unclonable function PUF.
  • the encryption module 73 may be configured to: encrypt the second key by using the first key and adopting a cipher block chaining CBC encryption method with a key length of 256 bits.
  • the log data processing device 8 may further include a maintenance module 81 .
  • the maintenance module 81 may be configured to execute: after storing the ciphertext of the log data, decrypt the ciphertext of the log data to obtain the log data; and perform maintenance processing based on the log data.
  • the maintenance module 81 may also be configured to execute: uploading the key generation data to the log maintenance background; sending the ciphertext of the log data to the log maintenance background, and the log maintenance background generates key The data calls the interface of the key management background, decrypts the ciphertext of the log data, and obtains the log data.
  • the example implementations described here can be implemented by software, or by combining software with necessary hardware. Therefore, the technical solutions according to the embodiments of the present disclosure can be embodied in the form of software products, and the software products can be stored in a non-volatile storage medium (which can be CD-ROM, U disk, mobile hard disk, etc.) or on the network , including several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the embodiments of the present disclosure.
  • a computing device which may be a personal computer, a server, a terminal device, or a network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Procédé de traitement de données de journal, appareil de traitement de données de journal et support de stockage lisible par ordinateur et dispositif électronique, lesquels se rapportent au domaine technique des ordinateurs. Le procédé de traitement de données de journal consiste : à appeler un kit de développement logiciel (SDK) intégré dans un micrologiciel de puce pour générer une première clé, la première clé étant une clé générée de manière unique sur la base de caractéristiques physiques d'une puce (S30) ; à chiffrer une seconde clé à l'aide de la première clé, et à stocker un texte chiffré généré de la seconde clé dans une mémoire flash de la puce, la seconde clé servant à chiffrer des données de journal (S32) ; pendant un processus de stockage des données de journal, à appeler le SDK pour l'amener à générer la première clé (S34) ; à déchiffrer, à l'aide de la première clé, le texte chiffré de la seconde clé stocké dans la mémoire flash pour obtenir la seconde clé (S36) ; et à chiffrer les données de journal à l'aide de la seconde clé pour obtenir un texte chiffré des données de journal et à stocker le texte chiffré des données de journal (S38). Le procédé peut améliorer la sécurité des données de journal.
PCT/CN2022/109748 2021-10-19 2022-08-02 Procédé et appareil de traitement de données de journal, support de stockage et dispositif électronique WO2023065772A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111216158.9A CN113918992A (zh) 2021-10-19 2021-10-19 日志数据处理方法及装置、存储介质和电子设备
CN202111216158.9 2021-10-19

Publications (1)

Publication Number Publication Date
WO2023065772A1 true WO2023065772A1 (fr) 2023-04-27

Family

ID=79241473

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/109748 WO2023065772A1 (fr) 2021-10-19 2022-08-02 Procédé et appareil de traitement de données de journal, support de stockage et dispositif électronique

Country Status (2)

Country Link
CN (1) CN113918992A (fr)
WO (1) WO2023065772A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113918992A (zh) * 2021-10-19 2022-01-11 深圳市锐尔觅移动通信有限公司 日志数据处理方法及装置、存储介质和电子设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150006912A1 (en) * 2013-06-28 2015-01-01 International Business Machines Corporation Firmware for protecting data from software threats field of the invention
CN108352984A (zh) * 2015-11-05 2018-07-31 三菱电机株式会社 安全装置和安全方法
CN110661748A (zh) * 2018-06-28 2020-01-07 武汉斗鱼网络科技有限公司 一种日志的加密方法、解密方法及装置
CN113918992A (zh) * 2021-10-19 2022-01-11 深圳市锐尔觅移动通信有限公司 日志数据处理方法及装置、存储介质和电子设备

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150006912A1 (en) * 2013-06-28 2015-01-01 International Business Machines Corporation Firmware for protecting data from software threats field of the invention
CN108352984A (zh) * 2015-11-05 2018-07-31 三菱电机株式会社 安全装置和安全方法
CN110661748A (zh) * 2018-06-28 2020-01-07 武汉斗鱼网络科技有限公司 一种日志的加密方法、解密方法及装置
CN113918992A (zh) * 2021-10-19 2022-01-11 深圳市锐尔觅移动通信有限公司 日志数据处理方法及装置、存储介质和电子设备

Also Published As

Publication number Publication date
CN113918992A (zh) 2022-01-11

Similar Documents

Publication Publication Date Title
WO2021013245A1 (fr) Procédé et système de protection de clé de données, dispositif électronique et support d'informations
US11880831B2 (en) Encryption system, encryption key wallet and method
US9813247B2 (en) Authenticator device facilitating file security
US11115393B2 (en) Message server, method for operating message server and computer-readable recording medium
US10230697B2 (en) User terminals, and methods and computer-readable recording mediums storing computer programs for transmitting and receiving messages
JP2017536729A (ja) 安全な共有鍵共有システム及び方法
JP2020508619A (ja) データバックアップ方法およびデータバックアップ装置、記憶媒体ならびにサーバ
US20200226952A1 (en) Digital cryptosystem with re-derivable hybrid keys
WO2020155812A1 (fr) Procédé et dispositif de stockage de données, et appareil
WO2023065772A1 (fr) Procédé et appareil de traitement de données de journal, support de stockage et dispositif électronique
US20230421372A1 (en) Accessory assisted account recovery
CN103458101A (zh) 一种手机私密联系人的硬件加密存储方法及系统
CN111277605B (zh) 数据分享方法、装置、计算机设备以及存储介质
CN116011028B (zh) 电子签名方法、电子签名设备和电子签名系统
US20230075275A1 (en) Secure pairing and pairing lock for accessory devices
US11914737B2 (en) Authenticated and encrypted archives
WO2018054144A1 (fr) Procédé, appareil, dispositif, et système de génération dynamique de clé symétrique
CN116264505A (zh) 密钥管理系统和方法、电子设备和计算机可读存储介质
CN113868505A (zh) 数据处理方法、装置、电子设备、服务器及存储介质
CN109543367B (zh) 基于量子加密的软件授权方法、装置及存储介质
CN112400295A (zh) 管理与单个公共密钥相关联的多个用户设备的中央私密密钥
CN110601841B (zh) Sm2协同签名及解密方法、装置
CN111597575B (zh) 一种数据存储方法、装置、设备及存储介质
CN116055032B (zh) 一种密钥生成方法及电子设备
CN113381854B (zh) 数据传输方法、装置、设备和存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22882394

Country of ref document: EP

Kind code of ref document: A1