[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN104967591A - Cloud storage data read-write method and device, and read-write control method and device - Google Patents

Cloud storage data read-write method and device, and read-write control method and device Download PDF

Info

Publication number
CN104967591A
CN104967591A CN201410503024.9A CN201410503024A CN104967591A CN 104967591 A CN104967591 A CN 104967591A CN 201410503024 A CN201410503024 A CN 201410503024A CN 104967591 A CN104967591 A CN 104967591A
Authority
CN
China
Prior art keywords
data
token
encryption
cloud
cryptographic algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410503024.9A
Other languages
Chinese (zh)
Inventor
江文龙
周明伟
张海龙
朱跃前
张兴明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Dahua Technology Co Ltd
Original Assignee
Zhejiang Dahua Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Dahua Technology Co Ltd filed Critical Zhejiang Dahua Technology Co Ltd
Priority to CN201410503024.9A priority Critical patent/CN104967591A/en
Publication of CN104967591A publication Critical patent/CN104967591A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a cloud storage data read-write method and device, and a read-write control method and device, for realizing access control and encryption and decryption of cloud storage read-write data and effectively ensuring security of the cloud storage read-write data. The cloud storage data read-write method comprises the following steps: a storage server receiving a token, cloud storage data and a file identification of the cloud storage data which are sent by a client; and when the token comprises an encryption factor and an encryption algorithm, the storage server encrypting the cloud storage data by use of the encryption factor and the encryption algorithm, writing cryptograph obtained through encryption into a hard disk, and recording a corresponding relation between the cryptograph and the file identification.

Description

Cloud stores data read-write method, equipment and read/writing control method, equipment
Technical field
The present invention relates to communication technical field, particularly relate to a kind of cloud and store data read-write method, equipment and read/writing control method, equipment.
Background technology
Cloud storage is in cloud computing (cloud computing) conceptive extension and the new concept of development out one, refer to by functions such as cluster application, grid or distributed file systems, various dissimilar memory device a large amount of in network is gathered collaborative work by application software, a system of data storage and Operational Visit function is externally provided jointly.
In cloud storage system, problem of data safety is very crucial.But, current most cloud storage system is appointed does not have effective data access to control and encryption mechanism, if cause client software development kit (Software Development Kit, SDK) determine that cloud stores the path of the cloud storage server of deposit data, just directly can read all cloud data that this storage server stores, and the keeper of cloud storage system directly can check in this cloud storage server from cloud storage server all cloud data stored.
In sum, the shortcoming of prior art in cloud storage system secure access and in cloud storage data encryption, causes user storage data to divulge a secret.
Summary of the invention
The invention discloses a kind of cloud and store data read-write method, equipment and read/writing control method, equipment, in order to realize secure access cloud being stored to data, effectively ensure that cloud stores the fail safe of data.
A kind of cloud that the embodiment of the present invention provides stores the wiring method of data, comprising:
Receive the data write request that client sends, store the file identification of data comprising token, cloud storage data and this cloud, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
When comprising encryption Summing Factor cryptographic algorithm in this token, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted, will the ciphertext write hard disk obtained be encrypted, and record the corresponding relation of this ciphertext and described file identification.
By the method, achieve storage server to cloud storage data encryption, effectively ensure that cloud stores the fail safe of data.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted, comprising:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted.
Preferably, described cloud stores the data slicer that data are the cloud storing data files that described file identification is corresponding.
A kind of cloud that the embodiment of the present invention provides stores the write-in control method of data, comprising:
Receive the log on request for writing data that client sends, the cloud therefrom obtaining username and password and the write of this client needs stores the file identification of data, verifies described username and password;
When being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding, return token to described client, and record the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
By the method, achieve meta data server stores write data secure access to cloud, effectively ensure that cloud stores the fail safe of data.
Preferably, the effective time of this token is also comprised in described token.
A kind of cloud that the embodiment of the present invention provides stores the wiring method of data, comprising:
Client sends the log on request for writing data to meta data server, needs the cloud of write to store the file identification of data comprising username and password and this client;
Described client receives the token for writing data that described meta data server returns, and is that this client needs the cloud of write to store the encryption Summing Factor cryptographic algorithm of data allocations comprising described meta data server;
Described client sends write request of data to storage server, stores the file identification of data comprising described token, described cloud storage data and this cloud.
By the method, when achieving client to cloud storage write data, need authentication and data encryption, effectively ensure that cloud stores the fail safe of data.
Preferably, the effective time of this token is also comprised in described token.
Preferably, described cloud stores the slice of data that data are the cloud storing data files that described file identification is corresponding.
A kind of cloud that the embodiment of the present invention provides stores the read method of data, comprising:
Receive the reading request of data that client sends, comprising token and the file identification needing the cloud storage data read, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
When comprising encryption Summing Factor cryptographic algorithm in this token, the ciphertext that described file identification is corresponding determined by described storage server, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, return to described client by deciphering the cloud storage data obtained.
By the method, achieve storage server and reading data deciphering is stored to cloud, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, described storage server is determined to comprise the ciphertext that described file identification is corresponding:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, the ciphertext that described file identification is corresponding determined by described storage server.
A kind of cloud that the embodiment of the present invention provides stores the reading and control method thereof of data, comprising:
Receive the log on request for reading data that client sends, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies described username and password;
When being verified, determine the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
By the method, achieve meta data server and cloud is stored to the access control and encryption mechanism of reading data, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token.
A kind of cloud that the embodiment of the present invention provides stores the read method of data, comprising:
The log on request for reading data is sent, comprising username and password and the file identification needing the cloud storage data read to meta data server;
Receive the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
Send to storage server and read request of data, comprising described token and the file identification needing the cloud storage data read.
By the method, when achieving client to cloud storage reading data, need username and password authentication and token to carry out data deciphering, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token.
A kind of cloud that the embodiment of the present invention provides stores the transmission equipment of data, comprising:
Access control module, for receiving the data write request that client sends, stores the file identification of data comprising token, cloud storage data and this cloud, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module, for when comprising encryption Summing Factor cryptographic algorithm in this token, utilize described encryption Summing Factor cryptographic algorithm to store data to described cloud to be encrypted, will the ciphertext write hard disk obtained be encrypted, and record the corresponding relation of this ciphertext and described file identification.
By this equipment, achieve and write data encryption is stored to cloud, effectively ensure that cloud stores the fail safe of write data.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module utilizes described encryption Summing Factor cryptographic algorithm to be encrypted described cloud storage data, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted.
Preferably, described cloud stores the data slicer that data are the cloud storing data files that described file identification is corresponding.
Preferably, described access control module also for: receive the reading request of data that client sends, comprising token and need the cloud read to store the file identification of data, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
Described data ciphering and deciphering module also for: when client send reading request of data in token in comprise encryption Summing Factor cryptographic algorithm time, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding, and utilize the encryption Summing Factor cryptographic algorithm in this reading request of data to be decrypted described ciphertext, return to deciphering the cloud storage data obtained the client sending described reading request of data.
Preferably, the effective time of this token is also comprised in the token in described reading request of data;
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, when described data ciphering and deciphering module determines the ciphertext needing the file identification of the cloud of reading storage data corresponding, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, and when indicating the effective time in this token this token effective, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding.
The embodiment of the present invention provides a kind of cloud to store the write control appliance of data, comprising:
Authentication management module, for receiving the log on request for writing data that client sends, the cloud therefrom obtaining username and password and the write of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module, for when being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding to return token to described client, and recording the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
By this equipment, achieve the access control and the encryption mechanism that cloud are stored to write data, effectively ensure that cloud stores the fail safe of write data.
Preferably, described authentication management module, also for: receive client send the log on request for reading data, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies for the username and password read in the log on request of data described;
Described encryption handling module, also for: when to described for reading being verified of username and password in the log on request of data time, determine the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data that this client needs to read is corresponding, return token to this client, need comprising this client the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data read is corresponding.
Preferably, the effective time of this token is also comprised in described token.
The embodiment of the present invention provides a kind of client device, comprising:
Sending request unit, for sending the log on request for writing data to meta data server, needing the cloud of write to store the file identification of data comprising username and password and this client;
Receiving token, for receiving the token for writing data that described meta data server returns, is that this client needs the cloud of write to store the encryption Summing Factor cryptographic algorithm of data allocations comprising described meta data server;
Sending information unit, for sending write request of data to storage server, storing the file identification of data comprising described token, described cloud storage data and this cloud.
By this equipment, when achieving to cloud storage reading data, need username and password authentication and token to carry out data deciphering, effectively ensure that cloud stores the fail safe of reading data.
Preferably, described in send request unit, also for: send the log on request for reading data to described meta data server, comprising username and password and need the cloud read to store the file identification of data;
Described reception token, also for: receiving the token for reading data that described meta data server returns, storing encryption Summing Factor cryptographic algorithm corresponding to the file identification of data comprising the described cloud needing to read;
Described transmission information unit, also for: send to described storage server and read request of data, comprising described token for reading data and need the cloud read to store the file identification of data.
Preferably, the effective time of this token is also comprised in described token.
The embodiment of the present invention provides a kind of cloud to store the transmission equipment of data, comprising:
Access control module, for receiving the reading request of data that client sends, comprising token and the file identification needing the cloud storage data read, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module, for when comprising encryption Summing Factor cryptographic algorithm in this token, determining the ciphertext that described file identification is corresponding, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, returning to described client by deciphering the cloud storage data obtained.
By this equipment, achieve and reading data deciphering is stored to cloud, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module determines ciphertext corresponding to described file identification, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, determine the ciphertext that described file identification is corresponding.
The embodiment of the present invention provides a kind of cloud to store the reading control appliance of data, comprising:
Authentication management module, for receiving the log on request for reading data that client sends, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module, for when being verified, determines the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
By this equipment, achieve meta data server and cloud is stored to the access control and encryption mechanism of reading data, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token.
The embodiment of the present invention provides a kind of client device, comprising:
Sending request unit, for sending the log on request for reading data to meta data server, needing the cloud read to store the file identification of data comprising username and password and this client;
Receive token, for receiving the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
Transmission information unit, reads request of data for sending to storage server, comprising described token and the file identification needing the cloud storage data read.
By this equipment, when achieving client to cloud storage reading data, need username and password authentication and token to carry out data deciphering, effectively ensure that cloud stores the fail safe of reading data.
Preferably, the effective time of this token is also comprised in described token.
Accompanying drawing explanation
Fig. 1 is the structural representation of embodiment of the present invention part;
The schematic flow sheet of the wiring method of a kind of cloud storage data that Fig. 2 provides for the embodiment of the present invention;
The schematic flow sheet of the write-in control method of a kind of cloud storage data that Fig. 3 provides for the embodiment of the present invention;
The schematic flow sheet of the wiring method of a kind of cloud storage data that Fig. 4 provides for the embodiment of the present invention;
The schematic flow sheet of the read method of a kind of cloud storage data that Fig. 5 provides for the embodiment of the present invention;
The schematic flow sheet of the reading and control method thereof of a kind of cloud storage data that Fig. 6 provides for the embodiment of the present invention;
The schematic flow sheet of the read method of a kind of cloud storage data that Fig. 7 provides for the embodiment of the present invention;
The structural representation of a kind of cloud storage data equipment that Fig. 8 provides for the embodiment of the present invention.
Embodiment
Embodiments provide a kind of cloud and store data read-write method, equipment and read/writing control method, equipment, in order to realize reading and writing data access control and encryption mechanism to cloud storages, the effectively fail safe that reads and writes data of guarantee cloud storage.
See Fig. 1, the embodiment of the present invention comprises storage server, meta data server, client three parts.Concrete encryption is responsible for by storage server, deciphering calculates, and the storage of data and reading; Meta data server, except being responsible for traditional metadata management, is also responsible for subscription authentication management, encryption handling function; Client is responsible for the data providing and obtain the storage of user name, password and cloud.
The technical scheme that the embodiment of the present invention provides, ensure that client only has by after username and password authentication, just storage server can be accessed, read cloud and store data, thus, ensure that client can only read the cloud that this client write by authentication and store data, and arbitrarily can not read the cloud of other clients write under same memory and store data.Cloud stores data and is encrypted when writing this storage server, read when this cloud stores data in client and be decrypted, even therefore system manager also cannot directly viewing client-side write cloud store data, only have the token being obtained meta data server generation by authentication, just can check that the cloud that this client writes stores data.
The embodiment of the present invention, will explain respectively from storage server, meta data server, client three aspects.
See Fig. 2, at storage server end, cloud stores the concrete handling process of the wiring method of data, comprising:
The data write request that S201, reception client send, stores the file identification of data comprising token, cloud storage data and this cloud, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
S202, when comprising encryption Summing Factor cryptographic algorithm in this token, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted, the ciphertext write hard disk obtained will be encrypted, and record the corresponding relation of this ciphertext and described file identification.
Wherein, the token that the client that S201 receives sends comprises the effective time of this token, namely indicate this token effective in the effective time of this token, and when comprising complete encryption Summing Factor cryptographic algorithm in this token, perform S202 and the cloud storage data slicer receiving client transmission is encrypted.
See Fig. 3, at meta data server end, cloud stores the concrete handling process of the write-in control method of data, comprising:
The log on request for writing data that S301, reception client send, therefrom obtains the file identification of the cloud storage data of username and password and the write of this client needs, verifies described username and password;
S302, when being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding, return token to described client, and record the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
Wherein, S301 receives the log on request that client sends, and verify the username and password in this log on request, when being verified, perform S302, the effective time of this token that the token returned to client comprises, namely client must use this token within the effective time of token, otherwise meta data server or storage server can refuse this token.
See Fig. 4, in client, cloud stores the concrete handling process of the wiring method of data, comprising:
S401, send log on request for writing data to meta data server, comprising username and password and need the cloud of write to store the file identification of data;
S402, receiving the token for writing data that described meta data server returns, is the encryption Summing Factor cryptographic algorithm needing the cloud of write to store data allocations comprising described meta data server;
S403, send write request of data to storage server, store comprising described token, described cloud the file identification that data and this cloud store data.
Preferably, in S402 and S403, the token of the write data that meta data server returns with send to storage server the token write in request of data, all comprise the effective time of this token, namely client must use this token within the effective time of token, otherwise meta data server or storage server can refuse this token.
Preferably, in S403, client by original cloud file according to the rules size carry out data slicer operation (such as 512 bytes/sheet, 4KB/ sheet, 8KB/ sheet, 32KB/ sheet etc.), every a slice data slicer will be sent to mutually different storage server by client.
Wherein, data slicer, refers to initial data to divide into a few aliquot according to fixed size, is all stored on different servers by every portion.Such as, using 4KB as section unit, 4 storage servers are adopted.When original document size is 16KB, need according in file skew order, using skew be 0 ~ 4KB (not comprising the data of 4KB) as first section, be stored in storage server A; The rest may be inferred, using 4KB ~ 8KB (not comprising the data of 8KB) as second section, is stored in storage server B; Using 8KB ~ 12KB (not comprising the data of 12KB) as the 3rd section, be stored in storage server C; Using 12KB ~ 16KB as the 4th section, be stored in storage server D.
See Fig. 5, at storage server end, cloud stores the concrete handling process of the read method of data, comprising:
S501, receive the reading request of data that client sends, comprising token and need the cloud read to store the file identification of data, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
S502, when comprise in this token encryption Summing Factor cryptographic algorithm time, the ciphertext that described file identification is corresponding determined by described storage server, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, return to described client by deciphering the cloud storage data obtained.
Wherein, the token comprised in the reading request of data that in S501, client sends, also comprises the effective time of this token, namely indicates this token effective in the effective time of this token, and when comprising encryption Summing Factor cryptographic algorithm in this token, performs S502.
See Fig. 6, at meta data server end, cloud stores the concrete handling process of the reading and control method thereof of data, comprising:
The log on request for reading data that S601, reception client send, therefrom obtains the file identification of the cloud storage data of username and password and the reading of this client needs, verifies described username and password;
S602, when being verified, determine the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
Wherein, S601 receives the log on request that client sends, and verify the username and password in this log on request, when being verified, perform S602, the effective time of this token that the token returned to client comprises, namely client must use this token within the effective time of token, otherwise meta data server or storage server can refuse this token.
See Fig. 7, in client, cloud stores the concrete handling process of the read method of data, comprising:
S701, send log on request for reading data to meta data server, comprising username and password and need the cloud read to store the file identification of data;
S702, receive the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
S703, to send to storage server and read request of data, comprising described token and need the cloud read to store the file identification of data.
Preferably, in S702 and S703, the token of the reading data that meta data server returns with send to storage server the token read in request of data, all comprise the effective time of this token, namely client must use this token within the effective time of token, otherwise meta data server or storage server can refuse this token.
Preferably, S703, client obtains the data slicer after deciphering by from each storage server, and is reduced into original cloud file in order, more finally presents to user.
The embodiment of the present invention stores data instance to create cloud, illustrates whole system access control, the flow process of data encryption comprises:
Step one, client SDK, by input username and password, send log on request to meta data server, and this request comprises user name and the password of SDK input, and the cloud that can also comprise the write of these client needs stores the file identification of data.
The authentication management module of step 2, meta data server is verified the username and password received in log on request, after being verified, by the username and password in log on request, and the file identification that this client needs the cloud of write to store data gives encryption handling module;
The encryption handling module of step 3, meta data server is SDK stochastic generation one the encryption factor, and the encryption factor of generation is returned to SDK.Meanwhile, by the cryptographic algorithm of cloud data and encryption type, (such as XOR, skew, RSA Algorithm encryption etc.) also return to SDK.Meta data server records the encryption factor of stochastic generation, the corresponding relation of cryptographic algorithm and cloud file identification;
Step 4, SDK use the token got from meta data server transmission information to be connected to storage server, and wherein, the token got in meta data server transmission information, comprises the encryption factor and the cryptographic algorithm of stochastic generation;
The access control module of step 5, storage server inspection receives the data write request of SDK transmission, and check that whether this token is complete, namely encryption Summing Factor cryptographic algorithm whether is comprised, if this token is imperfect, then directly refuse this SDK and access this storage server, if token is complete, then gives data ciphering and deciphering module by encryption Summing Factor cryptographic algorithm, and perform step 6;
Step 6, SDK by original cloud file according to the rules size carry out data slicer (such as 512 bytes/sheet, 4KB/ sheet, 8KB/ sheet, 32KB/ sheet etc.), then data slicer is sent to respectively different storage servers;
After step 7, storage server receive data slicer, by data ciphering and deciphering module, be encrypted computing according to encryption Summing Factor cryptographic algorithm, after computing completes, call memory module interface, ciphertext is write hard disk, and record the corresponding relation of this ciphertext and described file identification.
The embodiment of the present invention stores data instance to read cloud, illustrates the access control of whole system, the flow process of data deciphering:
Step one, client SDK, by input username and password, send log on request to meta data server, and this request comprises user name and the password of SDK input, and wants the file identification of reading;
The authentication management module of step 2, meta data server is verified the username and password received in log on request, after being verified, inquire about the encryption factor that this file identification is corresponding, the encryption Summing Factor cryptographic algorithm corresponding by this file identification generates access token, and this token is returned to SDK;
Step 3, SDK are connected to each storage server storing data slicer by the access token got from meta data server;
The access control module of step 4, storage server inspection receives the data read request of SDK transmission, and check that whether this token is complete, namely the file identification encrypted Summing Factor cryptographic algorithm and want to read whether is comprised, if token is imperfect, this SDK of direct refusal accesses this storage server, as complete, if token is complete, then give data ciphering and deciphering module by encryption Summing Factor cryptographic algorithm, and perform step 5;
Step 5, storage server are according to the file identification of the access token got from meta data server, this data slicer after encryption is read from hard disk, and give data ciphering and deciphering module, this data ciphering and deciphering module is decrypted according to encryption Summing Factor cryptographic algorithm, and the data slicer after deciphering is returned to SDK.
Data slicer after the deciphering that step 6, SDK return according to each storage server, is reduced into original document in order, and presents to end user.
See Fig. 8, at storage server end, a kind of cloud that the embodiment of the present invention provides stores the transmission equipment of data, comprising:
Access control module 801, for receiving the data write request that client sends, stores the file identification of data comprising token, cloud storage data and this cloud, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module 802, for when comprising encryption Summing Factor cryptographic algorithm in this token, utilize described encryption Summing Factor cryptographic algorithm to store data to described cloud to be encrypted, will the ciphertext write hard disk obtained be encrypted, and record the corresponding relation of this ciphertext and described file identification.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module 802 utilizes described encryption Summing Factor cryptographic algorithm to be encrypted described cloud storage data, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted.
Preferably, described cloud stores the data slicer that data are the cloud storing data files that described file identification is corresponding.
Preferably, described access control module 801 also for: receive the reading request of data that client sends, comprising token and need the cloud read to store the file identification of data, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
Described data ciphering and deciphering module 802 also for: when client send reading request of data in token in comprise encryption Summing Factor cryptographic algorithm time, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding, and utilize the encryption Summing Factor cryptographic algorithm in this reading request of data to be decrypted described ciphertext, return to deciphering the cloud storage data obtained the client sending described reading request of data.
Preferably, the effective time of this token is also comprised in the token in described reading request of data;
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, when described data ciphering and deciphering module 802 determines the ciphertext needing the file identification of the cloud of reading storage data corresponding, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, and when indicating the effective time in this token this token effective, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding.
That is, the cloud described in the embodiment of the present invention stores the transmission equipment of data, has both had data write-in functions in the embodiment of the present invention, and has had again digital independent function in the embodiment of the present invention.
That is, the transmission equipment that the cloud described in the embodiment of the present invention stores data can be storage server.
See Fig. 8, at meta data server end, the embodiment of the present invention provides a kind of cloud to store the write control appliance of data, comprising:
Authentication management module 803, for receiving the log on request for writing data that client sends, the cloud therefrom obtaining username and password and the write of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module 804, for when being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding, token is returned to described client, and recording the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
Preferably, described authentication management module 803, also for: receive client send the log on request for reading data, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies for the username and password read in the log on request of data described;
Described encryption handling module 804, also for: when to described for reading being verified of username and password in the log on request of data time, determine the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data that this client needs to read is corresponding, return token to this client, need comprising this client the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data read is corresponding.
Preferably, the effective time of this token is also comprised in described token.
That is, the cloud described in the embodiment of the present invention stores the write control appliance of data, has both had in the embodiment of the present invention function generating crypto token, and has had again in the embodiment of the present invention and return decrypted token function.
That is, the transmission equipment that the cloud described in the embodiment of the present invention stores data can be meta data server.
See Fig. 8, in client, the embodiment of the present invention provides a kind of client device, comprising:
Sending request unit 805, for sending the log on request for writing data to meta data server, needing the cloud of write to store the file identification of data comprising username and password and this client;
Receiving token 806, for receiving the token for writing data that described meta data server returns, is that this client needs the cloud of write to store the encryption Summing Factor cryptographic algorithm of data allocations comprising described meta data server;
Sending information unit 807, for sending write request of data to storage server, storing the file identification of data comprising described token, described cloud storage data and this cloud.
Preferably, described in send request unit 805, also for: send the log on request for reading data to described meta data server, comprising username and password and need the cloud read to store the file identification of data;
Described reception token 806, also for: receiving the token for reading data that described meta data server returns, storing encryption Summing Factor cryptographic algorithm corresponding to the file identification of data comprising the described cloud needing to read;
Described transmission information unit 807, also for: send to described storage server and read request of data, comprising described token for reading data and need the cloud read to store the file identification of data.
Preferably, the effective time of this token is also comprised in described token.
That is, the cloud described in the embodiment of the present invention stores the transmission equipment of data, has both had data write-in functions in the embodiment of the present invention, and has had again digital independent function in the embodiment of the present invention.
That is, the transmission equipment that the cloud described in the embodiment of the present invention stores data can be client.
See Fig. 8, at meta data server end, the embodiment of the present invention provides a kind of cloud to store the transmission equipment of data, comprising:
Authentication management module 803, for receiving the log on request for reading data that client sends, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module 804, for when being verified, determines the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
Preferably, the effective time of this token is also comprised in described token.
See Fig. 8, at storage server end, the embodiment of the present invention provides a kind of cloud to store the reading control appliance of data, comprises
Access control module 801, for receiving the reading request of data that client sends, comprising token and the file identification needing the cloud storage data read, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module 802, for when comprising encryption Summing Factor cryptographic algorithm in this token, determining the ciphertext that described file identification is corresponding, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, returning to described client by deciphering the cloud storage data obtained.
Preferably, the effective time of this token is also comprised in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module 802 determines ciphertext corresponding to described file identification, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, determine the ciphertext that described file identification is corresponding.
See Fig. 8, in client, the embodiment of the present invention provides a kind of client device, comprising:
Sending request unit 805, for sending the log on request for reading data to meta data server, needing the cloud read to store the file identification of data comprising username and password and this client;
Receive token 806, for receiving the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
Transmission information unit 807, reads request of data for sending to storage server, comprising described token and the file identification needing the cloud storage data read.
Preferably, the effective time of this token is also comprised in described token.
Preferably, access control module 801 described in the embodiment of the present invention, send request unit 805, receive token 806 and send information unit 807 can be completed by processor, data ciphering and deciphering module 802, authentication management module 803 and encryption handling module 804 can be software modules, also can be special hardware modules.
Wherein, data ciphering and deciphering module 802 according to the encryption type of specifying (algorithm) and the encryption factor, can perform multiple different encryption, deciphering calculates, as operations such as displacement, XORs fast.
In sum, the invention provides a kind of cloud of protecting and store the access control of data security and the method for encryption.The method ensures that client only has by after username and password authentication, just storage server can be accessed, read cloud and store data, thus, ensure that client can only read the cloud that this client write by authentication and store data, and arbitrarily can not read the cloud of other clients write under same memory and store data.Cloud stores data and is encrypted when writing this storage server, read when this cloud stores data in client and be decrypted, even therefore system manager also cannot directly viewing client-side write cloud store data, only have the token being obtained meta data server generation by authentication, just can check that the cloud that this client writes stores data.
Those skilled in the art should understand, embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect.And the present invention can adopt in one or more form wherein including the upper computer program implemented of computer-usable storage medium (including but not limited to magnetic disc store and optical memory etc.) of computer usable program code.
The present invention describes with reference to according to the flow chart of the method for the embodiment of the present invention, equipment (system) and computer program and/or block diagram.Should understand can by the combination of the flow process in each flow process in computer program instructions realization flow figure and/or block diagram and/or square frame and flow chart and/or block diagram and/or square frame.These computer program instructions can being provided to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, making the instruction performed by the processor of computer or other programmable data processing device produce device for realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be stored in can in the computer-readable memory that works in a specific way of vectoring computer or other programmable data processing device, the instruction making to be stored in this computer-readable memory produces the manufacture comprising command device, and this command device realizes the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, make on computer or other programmable devices, to perform sequence of operations step to produce computer implemented process, thus the instruction performed on computer or other programmable devices is provided for the step realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
Obviously, those skilled in the art can carry out various change and modification to the present invention and not depart from the spirit and scope of the present invention.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.

Claims (31)

1. cloud stores a wiring method for data, and it is characterized in that, the method comprises:
Receive the data write request that client sends, store the file identification of data comprising token, cloud storage data and this cloud, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
When comprising encryption Summing Factor cryptographic algorithm in this token, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted, will the ciphertext write hard disk obtained be encrypted, and record the corresponding relation of this ciphertext and described file identification.
2. method according to claim 1, is characterized in that, also comprises the effective time of this token in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted, comprising:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted.
3. method according to claim 1, is characterized in that, described cloud stores the data slicer that data are the cloud storing data files that described file identification is corresponding.
4. cloud stores a write-in control method for data, and it is characterized in that, the method comprises:
Receive the log on request for writing data that client sends, the cloud therefrom obtaining username and password and the write of this client needs stores the file identification of data, verifies described username and password;
When being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding, return token to described client, and record the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
5. method according to claim 4, is characterized in that, also comprises the effective time of this token in described token.
6. cloud stores a wiring method for data, and it is characterized in that, the method comprises:
Client sends the log on request for writing data to meta data server, needs the cloud of write to store the file identification of data comprising username and password and this client;
Described client receives the token for writing data that described meta data server returns, and is that this client needs the cloud of write to store the encryption Summing Factor cryptographic algorithm of data allocations comprising described meta data server;
Described client sends write request of data to storage server, stores the file identification of data comprising described token, described cloud storage data and this cloud.
7. method according to claim 6, is characterized in that, also comprises the effective time of this token in described token.
8. method according to claim 6, is characterized in that, described cloud stores the slice of data that data are the cloud storing data files that described file identification is corresponding.
9. cloud stores a read method for data, and it is characterized in that, the method comprises:
Receive the reading request of data that client sends, comprising token and the file identification needing the cloud storage data read, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
When comprising encryption Summing Factor cryptographic algorithm in this token, the ciphertext that described file identification is corresponding determined by described storage server, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, return to described client by deciphering the cloud storage data obtained.
10. method according to claim 9, is characterized in that, also comprises the effective time of this token in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, described storage server is determined to comprise the ciphertext that described file identification is corresponding:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, the ciphertext that described file identification is corresponding determined by described storage server.
11. 1 kinds of clouds store the reading and control method thereof of data, and it is characterized in that, the method comprises:
Receive the log on request for reading data that client sends, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies described username and password;
When being verified, determine the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
12. methods according to claim 11, is characterized in that, also comprise the effective time of this token in described token.
13. 1 kinds of clouds store the read method of data, and it is characterized in that, the method comprises:
The log on request for reading data is sent, comprising username and password and the file identification needing the cloud storage data read to meta data server;
Receive the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
Send to storage server and read request of data, comprising described token and the file identification needing the cloud storage data read.
14. methods according to claim 13, is characterized in that, also comprise the effective time of this token in described token.
15. 1 kinds of clouds store the transmission equipment of data, and it is characterized in that, this equipment comprises:
Access control module, for receiving the data write request that client sends, stores the file identification of data comprising token, cloud storage data and this cloud, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module, for when comprising encryption Summing Factor cryptographic algorithm in this token, utilize described encryption Summing Factor cryptographic algorithm to store data to described cloud to be encrypted, will the ciphertext write hard disk obtained be encrypted, and record the corresponding relation of this ciphertext and described file identification.
16. equipment according to claim 15, is characterized in that, also comprise the effective time of this token in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module utilizes described encryption Summing Factor cryptographic algorithm to be encrypted described cloud storage data, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, utilizing described encryption Summing Factor cryptographic algorithm to store data to described cloud and being encrypted.
17. equipment according to claim 15, is characterized in that, described cloud stores the data slicer that data are the cloud storing data files that described file identification is corresponding.
18. equipment according to claim 15, is characterized in that,
Described access control module also for: receive the reading request of data that client sends, comprising token and need the cloud read to store the file identification of data, and judge in described token, whether to comprise encryption Summing Factor cryptographic algorithm;
Described data ciphering and deciphering module also for: when client send reading request of data in token in comprise encryption Summing Factor cryptographic algorithm time, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding, and utilize the encryption Summing Factor cryptographic algorithm in this reading request of data to be decrypted described ciphertext, return to deciphering the cloud storage data obtained the client sending described reading request of data.
19. equipment according to claim 18, is characterized in that, also comprise the effective time of this token in the token in described reading request of data;
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, when described data ciphering and deciphering module determines the ciphertext needing the file identification of the cloud of reading storage data corresponding, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in the token in the reading request of data that client sends, and when indicating the effective time in this token this token effective, determine the ciphertext that the file identification of the cloud storage data needing to read is corresponding.
20. 1 kinds of clouds store the write control appliance of data, and it is characterized in that, this equipment comprises:
Authentication management module, for receiving the log on request for writing data that client sends, the cloud therefrom obtaining username and password and the write of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module, for when being verified, determine the encryption Summing Factor cryptographic algorithm that this client is corresponding to return token to described client, and recording the corresponding relation of the described encryption factor, cryptographic algorithm and described file identification, described token comprises described encryption Summing Factor cryptographic algorithm.
21. equipment according to claim 20, it is characterized in that, described authentication management module, also for: receive client send the log on request for reading data, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies for the username and password read in the log on request of data described;
Described encryption handling module, also for: when to described for reading being verified of username and password in the log on request of data time, determine the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data that this client needs to read is corresponding, return token to this client, need comprising this client the encryption Summing Factor cryptographic algorithm that the file identification of the cloud storage data read is corresponding.
22. equipment according to claim 20 or 21, is characterized in that, also comprise the effective time of this token in described token.
23. 1 kinds of client devices, is characterized in that, this equipment comprises:
Sending request unit, for sending the log on request for writing data to meta data server, needing the cloud of write to store the file identification of data comprising username and password and this client;
Receiving token, for receiving the token for writing data that described meta data server returns, is that this client needs the cloud of write to store the encryption Summing Factor cryptographic algorithm of data allocations comprising described meta data server;
Sending information unit, for sending write request of data to storage server, storing the file identification of data comprising described token, described cloud storage data and this cloud.
24. equipment according to claim 23, is characterized in that,
Describedly send request unit, also for: send the log on request for reading data to described meta data server, comprising username and password and need the cloud read to store the file identification of data;
Described reception token, also for: receiving the token for reading data that described meta data server returns, storing encryption Summing Factor cryptographic algorithm corresponding to the file identification of data comprising the described cloud needing to read;
Described transmission information unit, also for: send to described storage server and read request of data, comprising described token for reading data and need the cloud read to store the file identification of data.
25. equipment according to claim 23 or 24, is characterized in that, also comprise the effective time of this token in described token.
26. 1 kinds of clouds store the transmission equipment of data, and it is characterized in that, this equipment comprises:
Access control module, for receiving the reading request of data that client sends, comprising token and the file identification needing the cloud storage data read, and judges whether comprise encryption Summing Factor cryptographic algorithm in described token;
Data ciphering and deciphering module, for when comprising encryption Summing Factor cryptographic algorithm in this token, determining the ciphertext that described file identification is corresponding, and utilize described encryption Summing Factor cryptographic algorithm to be decrypted described ciphertext, returning to described client by deciphering the cloud storage data obtained.
27. equipment according to claim 26, is characterized in that, also comprise the effective time of this token in described token;
When comprising encryption Summing Factor cryptographic algorithm in this token, when described data ciphering and deciphering module determines ciphertext corresponding to described file identification, specifically for:
When comprising encryption Summing Factor cryptographic algorithm in this token, and when indicating the effective time in this token this token effective, determine the ciphertext that described file identification is corresponding.
28. 1 kinds of clouds store the reading control appliance of data, and it is characterized in that, this equipment comprises:
Authentication management module, for receiving the log on request for reading data that client sends, the cloud therefrom obtaining username and password and the reading of this client needs stores the file identification of data, verifies described username and password;
Encryption handling module, for when being verified, determines the encryption Summing Factor cryptographic algorithm that described file identification is corresponding to return token to described client, comprising described encryption Summing Factor cryptographic algorithm.
29. equipment according to claim 28, is characterized in that, also comprise the effective time of this token in described token.
30. 1 kinds of client devices, is characterized in that, this equipment comprises:
Sending request unit, for sending the log on request for reading data to meta data server, needing the cloud read to store the file identification of data comprising username and password and this client;
Receive token, for receiving the token for reading data that described meta data server returns, comprising the encryption Summing Factor cryptographic algorithm that described file identification is corresponding;
Transmission information unit, reads request of data for sending to storage server, comprising described token and the file identification needing the cloud storage data read.
31. equipment according to claim 30, is characterized in that, also comprise the effective time of this token in described token.
CN201410503024.9A 2014-09-26 2014-09-26 Cloud storage data read-write method and device, and read-write control method and device Pending CN104967591A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410503024.9A CN104967591A (en) 2014-09-26 2014-09-26 Cloud storage data read-write method and device, and read-write control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410503024.9A CN104967591A (en) 2014-09-26 2014-09-26 Cloud storage data read-write method and device, and read-write control method and device

Publications (1)

Publication Number Publication Date
CN104967591A true CN104967591A (en) 2015-10-07

Family

ID=54221537

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410503024.9A Pending CN104967591A (en) 2014-09-26 2014-09-26 Cloud storage data read-write method and device, and read-write control method and device

Country Status (1)

Country Link
CN (1) CN104967591A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295367A (en) * 2016-08-15 2017-01-04 北京奇虎科技有限公司 Data ciphering method and device
CN106411958A (en) * 2016-12-06 2017-02-15 北京锐安科技有限公司 Data transmission method and device based on HTTP protocol
CN108616502A (en) * 2018-03-12 2018-10-02 广东睿江云计算股份有限公司 A kind of method of web secure storages
CN109271572A (en) * 2018-08-16 2019-01-25 中标软件有限公司 Cloud document processing method, device and server
CN111935142A (en) * 2020-08-10 2020-11-13 广州有谱网络科技有限公司 Intelligent family tree editing method and system based on cloud data
CN112134943A (en) * 2020-09-21 2020-12-25 李波 Internet of things cloud storage system and method
CN112437078A (en) * 2020-11-20 2021-03-02 腾讯科技(深圳)有限公司 File storage method, device, equipment and computer readable storage medium
CN112733160A (en) * 2020-12-30 2021-04-30 武汉海昌信息技术有限公司 Encryption read-write method and device based on database and storage medium
CN113596823A (en) * 2021-07-27 2021-11-02 广州爱浦路网络技术有限公司 Slice network protection method and device
CN115396689A (en) * 2022-08-24 2022-11-25 珠海安士佳电子有限公司 Intelligent cloud video transmission and storage method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101917403A (en) * 2010-07-23 2010-12-15 华中科技大学 Distributed key management method for ciphertext storage
US8468352B2 (en) * 2010-09-17 2013-06-18 Microsoft Corporation Retrieving and using cloud based storage credentials
CN103327002A (en) * 2013-03-06 2013-09-25 西安电子科技大学 Cloud storage access control system based on attribute
CN103457932A (en) * 2013-08-15 2013-12-18 中电长城网际系统应用有限公司 Data safety storage method and system under cloud computing environment
US20140089674A1 (en) * 2012-09-21 2014-03-27 Matthias Buehl Encryption in the cloud with customer controlled keys

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101917403A (en) * 2010-07-23 2010-12-15 华中科技大学 Distributed key management method for ciphertext storage
US8468352B2 (en) * 2010-09-17 2013-06-18 Microsoft Corporation Retrieving and using cloud based storage credentials
US20140089674A1 (en) * 2012-09-21 2014-03-27 Matthias Buehl Encryption in the cloud with customer controlled keys
CN103327002A (en) * 2013-03-06 2013-09-25 西安电子科技大学 Cloud storage access control system based on attribute
CN103457932A (en) * 2013-08-15 2013-12-18 中电长城网际系统应用有限公司 Data safety storage method and system under cloud computing environment

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295367A (en) * 2016-08-15 2017-01-04 北京奇虎科技有限公司 Data ciphering method and device
CN106411958A (en) * 2016-12-06 2017-02-15 北京锐安科技有限公司 Data transmission method and device based on HTTP protocol
CN108616502A (en) * 2018-03-12 2018-10-02 广东睿江云计算股份有限公司 A kind of method of web secure storages
CN108616502B (en) * 2018-03-12 2020-11-06 广东睿江云计算股份有限公司 Web safe storage method
CN109271572A (en) * 2018-08-16 2019-01-25 中标软件有限公司 Cloud document processing method, device and server
CN109271572B (en) * 2018-08-16 2020-06-26 中标软件有限公司 Cloud document processing method and device and server
CN111935142A (en) * 2020-08-10 2020-11-13 广州有谱网络科技有限公司 Intelligent family tree editing method and system based on cloud data
CN112134943A (en) * 2020-09-21 2020-12-25 李波 Internet of things cloud storage system and method
CN112134943B (en) * 2020-09-21 2023-08-22 李波 Internet of things cloud storage system and method
CN112437078A (en) * 2020-11-20 2021-03-02 腾讯科技(深圳)有限公司 File storage method, device, equipment and computer readable storage medium
CN112733160A (en) * 2020-12-30 2021-04-30 武汉海昌信息技术有限公司 Encryption read-write method and device based on database and storage medium
CN113596823A (en) * 2021-07-27 2021-11-02 广州爱浦路网络技术有限公司 Slice network protection method and device
CN113596823B (en) * 2021-07-27 2022-10-11 广州爱浦路网络技术有限公司 Slice network protection method and device
CN115396689A (en) * 2022-08-24 2022-11-25 珠海安士佳电子有限公司 Intelligent cloud video transmission and storage method and system
CN115396689B (en) * 2022-08-24 2023-06-30 珠海安士佳电子有限公司 Intelligent cloud video transmission and storage method and system

Similar Documents

Publication Publication Date Title
US12135796B2 (en) Data security using request-supplied keys
CN109144961B (en) Authorization file sharing method and device
CN104967591A (en) Cloud storage data read-write method and device, and read-write control method and device
US9735962B1 (en) Three layer key wrapping for securing encryption keys in a data storage system
US9077541B2 (en) Methods and systems for storage of large data objects
US9020149B1 (en) Protected storage for cryptographic materials
US9070112B2 (en) Method and system for securing documents on a remote shared storage resource
JP5916852B2 (en) Dynamic data protection policy associated with the request-reply message queueing environment
JP5196883B2 (en) Information security apparatus and information security system
KR20210061426A (en) Double-encrypted secret portion allowing assembly of the secret using a subset of the double-encrypted secret portion
CN103095847B (en) Cloud storage safety-ensuring method and system thereof
US10212153B2 (en) Providing data security with a token device
CN110661748B (en) Log encryption method, log decryption method and log encryption device
CN113383335B (en) Secure logging of data storage device events
CN103812927A (en) Storage method
US9356782B2 (en) Block encryption
JP2020155801A (en) Information management system and method therefor
KR101497067B1 (en) Electric document transfer method and apparatus based digital forensic
CN111130788B (en) Data processing method and system, data reading method and iSCSI server
US11165760B2 (en) Increasing security of objects in cloud environments by using a two-part encryption scheme
CN106055987A (en) Data storage method, data reading method and device
JP5539024B2 (en) Data encryption apparatus and control method thereof
CN107517268A (en) A kind of data manipulation method based on SAN storages, apparatus and system
CN117220859A (en) Key migration method, device, equipment and storage medium
JP6492832B2 (en) ENCRYPTION DEVICE, ENCRYPTION METHOD, ENCRYPTION PROGRAM, DATA STRUCTURE, AND ENCRYPTION SYSTEM

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151007