[go: up one dir, main page]

CN108197487A - A kind of encryption method and system for promoting mass data security performance - Google Patents

A kind of encryption method and system for promoting mass data security performance Download PDF

Info

Publication number
CN108197487A
CN108197487A CN201711393589.6A CN201711393589A CN108197487A CN 108197487 A CN108197487 A CN 108197487A CN 201711393589 A CN201711393589 A CN 201711393589A CN 108197487 A CN108197487 A CN 108197487A
Authority
CN
China
Prior art keywords
key
encryption
encrypted
data set
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711393589.6A
Other languages
Chinese (zh)
Inventor
王任康
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Digital Data Technology Co Ltd
Original Assignee
Nanjing Digital Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Digital Data Technology Co Ltd filed Critical Nanjing Digital Data Technology Co Ltd
Priority to CN201711393589.6A priority Critical patent/CN108197487A/en
Publication of CN108197487A publication Critical patent/CN108197487A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of encryption methods and system for promoting mass data security performance, are a kind of when encryption key updates, and do not need to that full dose decrypt again to re-encrypt the technical method it is also ensured that data safety.The method can improve the storage safety of mass data, and the update of key does not need to take considerable time carries out re-encrypted processing with computing resource cost to initial data, greatly improves the performance of data safety.

Description

A kind of encryption method and system for promoting mass data security performance
Technical field
The invention belongs to data encryption technology fields, relate in particular to a kind of encryption for promoting mass data security performance Method and system.
Background technology
With the arrival in big data epoch, have become the Important Problems that every field is paid close attention in society at present.Big number Important influence is produced according in people’s lives and production, while bringing positive effect, also brings certain risk. Big data is being collected, during storage and use, all suffers from certain security risk, once big data generates privacy leakage Situation, serious threat can be caused to the safety of user.
2015 annual global leaking data cost studies are shown:The leaking datas of 350 trans-corporations of investigation it is average into This up to 3,790,000 dollars, every is lost or is stolen record(Include sensitive and confidential information)Level payment cost be up to 154 U.S. Member.The safety and secret protection situation in big data epoch are extremely arduous.
Currently in order to reply problem of data safety, common technological means have data encryption technology, i.e., after data generation, Data encryption may be used, and then effectively prevent the effective means of giving away secrets property of database information.Usual encrypted method have replacement, Displacement, Hybrid Encryption etc..It is encrypted by the different data information of the key pair of different editions, number can be greatly improved According to the security intensity of library data.Due in decryption must Corresponding matching key version, during encryption just as possible select it is newest Encryption Algorithm.
But when mass data is encrypted, due to being limited to hardware configuration, often takes considerable time and count Resource is calculated, and when key updates, needs again to decrypt the data of full dose using primary key, then using Xinmi City Key is encrypted, caused by the waste of time and computing resource be great.
Invention content
In view of the above-mentioned problems in the prior art, The present invention gives one kind when encryption key updates, It does not need to that full dose decrypt again to re-encrypt the technical method it is also ensured that data safety.The method can improve magnanimity The storage safety of data, the update of key, which does not need to take considerable time, to be carried out initial data with computing resource cost again adding Close processing greatly improves the performance of data safety.
Specifically, present invention employs following technical schemes:
It is a kind of promoted mass data security performance encryption system, the system comprises data warehouse, enciphering algorithm module, Decipherment algorithm module, cipher key storage block, key production module, after data warehouse is for storing raw data set and encryption Data set, key production module generation key, cipher key storage block storage key, enciphering algorithm module and decryption algoritic module Data set is encrypted and decrypted using algorithms for encryption and decryption for the key according to generation, which is characterized in that the system System performs following operate:Step 1)Raw data set with mass data is encrypted, wherein key production module Generate an original encryption key e, enciphering algorithm module according to the first Encryption Algorithm using key e to raw data set into Row encryption, encrypted data set exist in data warehouse again;Step 2)It is given birth to again by key production module Into a key f, enciphering algorithm module encrypts key e one key k of generation using the second Encryption Algorithm using key f, Middle key f is different from the first Encryption Algorithm for the meeting newer key of duration, the second Encryption Algorithm later;Step 3)By key e It destroys, and by key f and k storage to cipher key storage block, wherein it is physically-isolated to include at least two for cipher key storage block Part, key f and k are stored separately into two physically-isolated cipher key storage blocks;Step 4)Key is updated, wherein Key f and k are taken out from two physically-isolated cipher key storage blocks, decipherment algorithm module uses close using the second decipherment algorithm Key f is decrypted key k and obtains key e, wherein the second decipherment algorithm is used for using key e with decipherment algorithm module to encryption The the first decipherment algorithm difference for obtaining raw data set is decrypted in data set afterwards, and one is generated more by key production module New key f1 carries out re-encrypted to primary key e by enciphering algorithm module using f1 and obtains key k1, next will be former Beginning key e is destroyed, and then the key f1 and k1 that are obtained after update are stored separately to two physically-isolated cipher key storage blocks In.
Preferably, in key updating, re-encrypted acquisition is carried out to primary key e by enciphering algorithm module using f1 Encryption Algorithm used in key k1 can be identical or different with the second Encryption Algorithm, but with the first Encryption Algorithm centainly not Together.
In a preferred approach, decipherment algorithm module is included to the decryption of encrypted data set after key updating and utilizes key F1 is decrypted key k1 and obtains key e, then encrypted data set is decrypted to obtain initial data using key e Collection.
Additionally preferably, enciphering algorithm module is the crypto engine either encryption based on physical hardware of Distributed Calculation Module.
It is further preferred that data warehouse is relevant database, distributed file system, Distributed Data Warehouse System, distribution MPP databases or NoSQL databases.
In addition the present invention also provides a kind of encryption methods for promoting mass data security performance, which is characterized in that described Method includes the following steps:Step 1)Raw data set with mass data is encrypted, wherein firstly generating one Then the key e of a original encryption is encrypted raw data set using key e according to the first Encryption Algorithm, right Encrypted data set is stored;Step 2)A key f is regenerated, using the second Encryption Algorithm using key f to key e Encryption generation one key k, wherein key f is the meeting newer key of duration later, and the second Encryption Algorithm is calculated with the first encryption Method is different;Step 3)Key e is destroyed, and key f and k are stored separately into two physically-isolated parts;Step 4)It is right Key is updated, wherein taking out key f and k from described two physically-isolated parts, is used using the second decipherment algorithm Key f is decrypted key k and obtains key e, wherein the second decipherment algorithm is used for using key e with above-mentioned to encrypted number The the first decipherment algorithm difference for obtaining raw data set is decrypted according to collection, a newer key f1 is generated, using f1 to original Beginning key e carries out re-encrypted and obtains key k1, next destroys primary key e, then the key f1 obtained after update It is stored separately with k1 into two physically-isolated parts.
Preferably, in key updating, primary key e is carried out using f1 used in re-encrypted acquisition key k1 to add Close algorithm can be identical or different with the second Encryption Algorithm, but centainly different from the first Encryption Algorithm.
Additionally preferably, the decryption of encrypted data set carries out key k1 including the use of key f1 after key updating Decryption obtains key e, then encrypted data set is decrypted to obtain raw data set using key e.
In other preferred embodiment, Encryption Algorithm is the crypto engine in Distributed Calculation either based on physical hardware Encrypting module on carry out.
It is further preferred that raw data set and encrypted data set are stored in relevant database, distributed document In system, Distributed Data Warehouse system, distribution MPP databases or NoSQL databases.
It is The present invention gives a kind of Encryption Algorithm of efficient mass data, and using the algorithm and using the algorithm System is efficiently quickly encrypted mass data, and the periodical of key is changed on encryption data without influence, is not needed to sea It measures data and carries out encryption and decryption again using new key, improve the security performance of encryption efficiency and data.
Description of the drawings
Fig. 1 is the schematic diagram of method flow that the present invention uses.
Specific embodiment
The present invention is directed to provide the encryption method of a set of mass data, can quickly be coped with when key updates, nothing Must be to the data re-encrypted of full dose, nowadays traditional encryption technology needs complete using old key pair when key updates Amount data are decrypted, and then reuse new key to full dose data re-encrypted, often take a substantial amount of time and calculate money Source, and the interruption of business can be caused during re-encrypted, if midway occurs mistake and but will cause data consistency The problem of.
In order to solve the encrypted performance issue of mass data, it is proposed that a set of encryption technique method, is as follows:
We gather around the data set T there are one magnanimity first, it is assumed that the data volume of T is 1PB, we need that T is encrypted at this time Processing, encryption method are enc (T, e), and e is encryption key, and enc () is Encryption Algorithm;
We will first generate encrypted key e by algorithm at this time, be then encrypted using this data key collection T, encryption Encrypted data set T1 is obtained later, i.e.,
T1=enc(T,e)
Then the key f that we are updated as time goes by by other algorithm one meeting of generation again, use can update Key f the key e generated in previous step is encrypted to obtain key k, i.e.,
k=enc(e,f)
We have been completed the encryption to initial data now, obtain encrypted data set T1, while gather around there are one can be at any time The newer key f and secret key k encrypted using f.The step of decryption, is first carries out encrypted secret key k using secret key f Decryption, obtains secret key e, reuses secret key e and encrypted data set T1 is decrypted, obtain raw data set T.
If our secret key needs to update, a new secret key f1 is generated by algorithm, reuses f1 to original secret Key e is encrypted to obtain secret key k1, i.e.,
k1=enc(e,f1)
We just have the secret key f1 after a update after secret key update, after the secret key f1 encryptions after update Secret key k1 and encrypted data set T1.The step of decrypting at this time is that encrypted secret key k1 is decrypted using secret key f1, Secret key e is obtained, secret key e is reused and encrypted data set T1 is decrypted, obtain raw data set T.
Secret key periodically updates the encrypted result for not interfering with initial data, does not need to that initial data is decrypted It re-encrypts, it is only necessary to original cipher key is decrypted and re-encrypted, newer cost is dropped to from mass data encryption and decryption The encryption and decryption of one key is greatly improved the encryption performance of mass data.
Embodiments thereof is described in detail now with reference to the technical solution of this paper.In order to which its thought is communicated to this The those of ordinary skill in field provides these embodiments hereafter introduced as case.Therefore, these embodiments can be with Different forms is implemented, so as to be not limited to these embodiments described here.Moreover, in any possible place, whole It will make the same or similar component is presented with like reference characters in a the description and the appended drawings.
Fig. 1 is a kind of encryption and decryption flow realized according to technical solution proposed in this paper, and in the flow, we, which possess, deposits Store up it is original with encrypted data set data warehouse, there are one enciphering algorithm module, there are one decipherment algorithm module, There are one cipher key storage blocks simultaneously, and in addition there are one key production modules.
We can be there are one needing encrypted raw data set to be stored in data warehouse first, which can be Traditional relevant database RMDB can be distributed file system such as HDFS, can be Distributed Data Warehouse system System can be distribution MPP databases such as GreenPlum etc., or NoSQL databases such as HBase such as Hive Deng.Raw data set is stored in data warehouse with plaintext version at the beginning.
In order to promote data storage and the safety of data application, it would be desirable to initial data is encrypted, this When we will by key production module generate an original encryption key e, the key e generation after we will use this Key pair raw data set is encrypted, and specific Encryption Algorithm is gone to realize by enciphering algorithm module, enciphering algorithm module Can be that the crypto engine of a Distributed Calculation is for example realized or a higher based on MapReduce or Spark Safety based on the encrypting module of physical hardware such as encrypting flight data recorder, by enciphering algorithm module, we will be to original number It is encrypted according to collection, is then stored in encrypted data set in data warehouse again.
So far we have been completed the encryption process to raw data set, and next we will be to encrypted key Handled, first can prevent the leakage of encrypted primary key from causing the hidden danger of data safety, second can be substantially improved it is close The renewal speed of key.
We need to regenerate a key f by key production module, this key is newer close for meeting duration later Key, calculating will be encrypted to primary key e by enciphering algorithm module with this key f in we, the encryption that we select at this time Algorithm should be different from the Encryption Algorithm that raw data set is encrypted, after the completion of we encrypt primary key, we A completely new key k can be obtained, this when, we can be by original cipher key e to destroying, because we will not later It is directly used again.
We have the encrypted data set being stored in data warehouse now, have a cycle change Key f more has a key k obtained after being encrypted to primary key, it would be desirable to which the two keys are stored And management, so we are needed the two key storages to cipher key storage block.Generally for the sake of security, it would be desirable to will Two keys are stored separately in two physically-isolated cipher key storage blocks, in this way if a key is revealed, also not Influence whether the safety of raw data set.
We have been completed the encryption of initial data and the storage management of key so far, next herein will Encrypted processing procedure is described.
In order to complete the decryption oprerations to raw data set, it would be desirable to from two physically-isolated cipher key storage blocks Two keys are obtained, one is the key f periodically changed, another is the key k obtained after being encrypted to primary key.It obtains After the two keys, calculating will be decrypted to key k using decipherment algorithm module in we, can be obtained after decryption original Key e.
After primary key e is obtained, calculation processing is decrypted to raw data set by decipherment algorithm module in we, The decipherment algorithm used at this time should be different from the decipherment algorithm in previous step, can be based on Distributed Calculation engine for example The Distributed Decryption of Word algorithm that MapReduce or Spark is realized, or the decryption flight data recorder realized based on physical hardware. After being decrypted by decipherment algorithm, we have regained the data of raw data set, and so far entire decrypting process is completed.
Next the renewal process of key is described herein, the update operating process of key is discussed in detail as why not influenced sea Measure the encryption performance of data.
After operation after a period of time, in other words periodic key f have occurred may leakage risk accidents it Afterwards, it would be desirable to processing is updated to key, we are firstly the need of from two physically-isolated cipher key storage blocks at this time Two keys are obtained, one is the key f periodically changed, another is the key k obtained after being encrypted to primary key.It obtains After the two keys, calculating will be decrypted to key k using decipherment algorithm module in we, can be obtained after decryption original Key e.
Then we generate a new key f1 periodically changed by key production module again, are then led to using f1 It crosses enciphering algorithm module and re-encrypted is carried out to primary key e, key k1 is obtained after encryption.Next we will be primary key E is destroyed, and then the key f1 and k1 that are obtained after update are respectively stored into two physically-isolated cipher key storage blocks.
We have been completed the update processing of a secondary key now, are finally described herein after key updating to original The decryption oprerations flow of beginning data set.
In order to complete the decryption oprerations to raw data set after key updating, it would be desirable to physically-isolated from two Two keys are obtained in cipher key storage block, one is periodically changed key f1 to be updated, another is to primary key The key k1 obtained after encryption.After obtaining the two keys, we will be decrypted key k1 using decipherment algorithm module It calculates, primary key e can be obtained after decryption.
After primary key e is obtained, calculation processing is decrypted to raw data set by decipherment algorithm module in we. After being decrypted by decipherment algorithm, we have regained the data of raw data set, so far after key changes Entire decrypting process is completed.
Embodiments of the present invention are described in detail above in conjunction with attached drawing, but the present invention is not limited to above-mentioned implementations Mode in the knowledge having in technical field those of ordinary skill, can also not depart from present inventive concept Under the premise of make a variety of changes.

Claims (10)

1. a kind of encryption system for promoting mass data security performance, the system comprises data warehouse, Encryption Algorithm moulds Block, decipherment algorithm module, cipher key storage block, key production module, data warehouse are used to store raw data set and add Data set after close, key production module generation key, cipher key storage block storage key, enciphering algorithm module and decipherment algorithm Module is used to that data set to be encrypted and decrypted using algorithms for encryption and decryption according to the key of generation, which is characterized in that institute It states system and performs following operate:Step 1)Raw data set with mass data is encrypted, wherein key generates Module generates the key e of an original encryption, and enciphering algorithm module is according to the first Encryption Algorithm using key e to initial data Collection is encrypted, and encrypted data set exists in data warehouse again;Step 2)Mould is generated by key again Block generates a key f, and enciphering algorithm module encrypts key e one key of generation using the second Encryption Algorithm using key f K, wherein key f are different from the first Encryption Algorithm for the meeting newer key of duration, the second Encryption Algorithm later;Step 3)It will be close Key e is destroyed, and by key f and k storage to cipher key storage block, wherein cipher key storage block includes at least two physical isolations Part, key f and k are stored separately into two physically-isolated cipher key storage blocks;Step 4)Key is updated, In from two physically-isolated cipher key storage blocks take out key f and k, decipherment algorithm module using the second decipherment algorithm use Key f is decrypted key k and obtains key e, wherein the second decipherment algorithm is used for adding for e pairs using key with decipherment algorithm module The the first decipherment algorithm difference for obtaining raw data set is decrypted in data set after close, passes through key production module and generates one Newer key f1 carries out re-encrypted to primary key e by enciphering algorithm module using f1 and obtains key k1, next will Primary key e is destroyed, and then the key f1 and k1 that are obtained after update are stored separately to two physically-isolated key storage moulds In block.
2. the encryption system of mass data security performance is promoted as described in claim 1, which is characterized in that in key updating When, it can to Encryption Algorithm used in primary key e progress re-encrypted acquisition keys k1 by enciphering algorithm module using f1 With identical or different with the second Encryption Algorithm, but it is centainly different from the first Encryption Algorithm.
3. the encryption system of mass data security performance is promoted as described in claim 1, which is characterized in that right after key updating The decryption of encrypted data set is included decipherment algorithm module and key k1 is decrypted using key f1 acquisition key e, then Encrypted data set is decrypted to obtain raw data set using key e.
4. the encryption system of mass data security performance is promoted as described in claim 1, which is characterized in that enciphering algorithm module It is the crypto engine either encrypting module based on physical hardware of Distributed Calculation.
5. the encryption system of mass data security performance is promoted as described in claim 1, which is characterized in that data warehouse For relevant database, distributed file system, Distributed Data Warehouse system, distribution MPP databases or NoSQL data Library.
6. a kind of encryption method for promoting mass data security performance, which is characterized in that described method includes following steps:Step 1)Raw data set with mass data is encrypted, wherein firstly generating the key e of an original encryption, so Raw data set is encrypted using key e according to the first Encryption Algorithm afterwards, encrypted data set is stored; Step 2)A key f is regenerated, one key k of generation is encrypted to key e using key f using the second Encryption Algorithm, wherein Key f is different from the first Encryption Algorithm for the meeting newer key of duration, the second Encryption Algorithm later;Step 3)Key e is sold It ruins, and key f and k is stored separately into two physically-isolated parts;Step 4)Key is updated, wherein from described Key f and k are taken out in two physically-isolated parts, acquisition is decrypted to key k using key f using the second decipherment algorithm Key e, wherein the second decipherment algorithm with above-mentioned is used for that acquisition initial data is decrypted to encrypted data set using key e First decipherment algorithm of collection is different, generates a newer key f1, primary key e progress re-encrypteds is obtained using f1 close Next key k1 destroys primary key e, then the key f1 and k1 that are obtained after update are stored separately to two physical isolations Part in.
7. the encryption method of mass data security performance is promoted as claimed in claim 6, which is characterized in that in key updating When, it can be with the second Encryption Algorithm to Encryption Algorithm used in primary key e progress re-encrypted acquisition keys k1 using f1 It is identical or different, but it is centainly different from the first Encryption Algorithm.
8. the encryption method of mass data security performance is promoted as claimed in claim 6, which is characterized in that right after key updating The decryption of encrypted data set is decrypted key k1 including the use of key f1 and obtains key e, then using e pairs of key plus Close data set is decrypted to obtain raw data set.
9. as claimed in claim 6 promoted mass data security performance encryption method, which is characterized in that Encryption Algorithm be It is carried out on the crypto engine of the Distributed Calculation either encrypting module based on physical hardware.
10. the encryption method of mass data security performance is promoted as claimed in claim 6, which is characterized in that raw data set Relevant database, distributed file system, Distributed Data Warehouse system, distribution are stored in encrypted data set In MPP databases or NoSQL databases.
CN201711393589.6A 2017-12-21 2017-12-21 A kind of encryption method and system for promoting mass data security performance Pending CN108197487A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711393589.6A CN108197487A (en) 2017-12-21 2017-12-21 A kind of encryption method and system for promoting mass data security performance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711393589.6A CN108197487A (en) 2017-12-21 2017-12-21 A kind of encryption method and system for promoting mass data security performance

Publications (1)

Publication Number Publication Date
CN108197487A true CN108197487A (en) 2018-06-22

Family

ID=62577510

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711393589.6A Pending CN108197487A (en) 2017-12-21 2017-12-21 A kind of encryption method and system for promoting mass data security performance

Country Status (1)

Country Link
CN (1) CN108197487A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284302A (en) * 2018-08-10 2019-01-29 新华三大数据技术有限公司 Data processing method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050235345A1 (en) * 2000-06-15 2005-10-20 Microsoft Corporation Encryption key updating for multiple site automated login
CN101917403A (en) * 2010-07-23 2010-12-15 华中科技大学 A distributed key management method for ciphertext storage
CN105850072A (en) * 2013-12-02 2016-08-10 三菱电机株式会社 Data processing system, encryption apparatus, decryption apparatus, and program

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050235345A1 (en) * 2000-06-15 2005-10-20 Microsoft Corporation Encryption key updating for multiple site automated login
CN101917403A (en) * 2010-07-23 2010-12-15 华中科技大学 A distributed key management method for ciphertext storage
CN105850072A (en) * 2013-12-02 2016-08-10 三菱电机株式会社 Data processing system, encryption apparatus, decryption apparatus, and program

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284302A (en) * 2018-08-10 2019-01-29 新华三大数据技术有限公司 Data processing method and device
CN109284302B (en) * 2018-08-10 2020-12-01 新华三大数据技术有限公司 Data processing method and device

Similar Documents

Publication Publication Date Title
CN102236766B (en) Security data item level database encryption system
JP6227728B2 (en) System and method for wireless data protection
CN106330868B (en) A kind of high speed network encryption storage key management system and method
CN102891876B (en) Distributed data encryption method and system under cloud computing environment
EP2472426B1 (en) Accelerated cryptography with an encryption attribute
CN105635144B (en) Data processing method based on cloud platform server and system
US10733317B2 (en) Searchable encryption processing system
TW201740305A (en) Data encryption method, data decryption method, device and system
JP2020513183A (en) Data tokenization
CN110166458B (en) Three-level key encryption method
WO2013068843A2 (en) Multi-key cryptography for encrypting file system acceleration
CN102402664A (en) Data access control device and data access control method
CN101311942A (en) Software encryption and decryption method and encryption and decryption device
CN101651543A (en) Creditable calculation platform key migration system and key migration method thereof
JPWO2020251795A5 (en)
CN102355352A (en) Data confidentiality and integrity protection method
WO2021098293A1 (en) Database security protection method and device
CN102811124B (en) Based on the system Authentication method of two card trigram technology
Hoang et al. Oblivious dynamic searchable encryption on distributed cloud systems
CN118427852A (en) Transparent file encryption system and method based on domestic symmetric encryption
CN108197487A (en) A kind of encryption method and system for promoting mass data security performance
CN106549927B (en) Key storage and acquisition method and device
CN108055127A (en) It calculates and supports heat update Encryption Algorithm and key data encryption method with data separating
CN100531032C (en) Method for storing cipher key
CN111010386A (en) Privacy protection and data supervision control method based on shared account book

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180622