[go: up one dir, main page]

CN111506546A - High-security file cloud storage method - Google Patents

High-security file cloud storage method Download PDF

Info

Publication number
CN111506546A
CN111506546A CN202010282699.0A CN202010282699A CN111506546A CN 111506546 A CN111506546 A CN 111506546A CN 202010282699 A CN202010282699 A CN 202010282699A CN 111506546 A CN111506546 A CN 111506546A
Authority
CN
China
Prior art keywords
cloud
file
subfiles
stored
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010282699.0A
Other languages
Chinese (zh)
Inventor
王惠峰
郭峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Tiangu Information Technology Co ltd
Original Assignee
Hangzhou Tiangu Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Tiangu Information Technology Co ltd filed Critical Hangzhou Tiangu Information Technology Co ltd
Priority to CN202010282699.0A priority Critical patent/CN111506546A/en
Publication of CN111506546A publication Critical patent/CN111506546A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a high-security file cloud storage method, which comprises the following steps: the user side sends the file to be stored to the cloud platform; the cloud platform divides the file into a plurality of sub-files, and each sub-file has a corresponding serial number; encrypting a plurality of sub-files; storing each encrypted subfile to one of a plurality of cloud disks respectively; and sending storage information to a user side, wherein the storage information comprises the serial numbers of the plurality of sub-files, the cloud disk corresponding to each sub-file and the position information stored in the cloud disk. The high-security file cloud storage method divides a file to be stored into a plurality of subfiles, stores the subfiles in a plurality of cloud disks, sends storage information to a client, and saves the storage information by a user. The risk that all files are revealed after a single cloud disk is in a problem is avoided, and the information required for restoring the files is stored at the user side, so that the safety of the files is further improved.

Description

High-security file cloud storage method
Technical Field
The invention relates to a high-security file cloud storage method.
Background
In the existing file cloud storage technology, after receiving a file uploaded by a user, a cloud platform encrypts the file through a single encryption key, and stores the file of the user in a single cloud disk, and the encryption key is also stored in the cloud platform.
The existing file cloud storage technology has the following defects: 1. files of all users are stored on a single cloud disk, and if the cloud disk is attacked by hackers or the files are leaked, the files of all users are stolen; 2. the encryption means is single, all tenant files use a single encryption key, and once the key is leaked or maliciously used, the files of all users are exposed; 3. the platform side or the service side can master all files of the user, and can decrypt or view the files of the user at will, so that the files of the user are leaked.
Disclosure of Invention
The invention provides a high-security file cloud storage method, which adopts the following technical scheme:
a high-security file cloud storage method comprises the following steps:
the user side sends the file to be stored to the cloud platform;
the cloud platform divides the file into a plurality of sub-files, and each sub-file has a corresponding serial number;
encrypting a plurality of sub-files;
storing each encrypted subfile to one of a plurality of cloud disks respectively;
and sending storage information to a user side, wherein the storage information comprises the serial numbers of the plurality of sub-files, the cloud disk corresponding to each sub-file and the position information stored in the cloud disk.
Further, the number of the subfiles is greater than the number of the cloud disks, and when the number of the subfiles stored to one of the cloud disks is greater than 1, the plurality of subfiles stored to the one cloud disk are not consecutive to each other.
Further, the specific method for dividing the file into a plurality of sub-files comprises the following steps:
dividing the file into n x t sub-files, wherein n is a positive integer, and t is the number of cloud disks;
each cloud disk stores n sub-files.
Further, the specific method for encrypting the plurality of sub-files comprises the following steps:
randomly generating a first secret key group, wherein the first secret key group comprises n × t different first secret keys;
and encrypting the sub-files respectively by n x t different first secret keys.
Further, the storage information further includes a first secret key set.
Further, the specific method for encrypting the plurality of sub-files comprises the following steps:
randomly generating a second secret key;
each subfile is encrypted by a second key.
Further, the storage information further comprises a second key.
Further, the overall size of the subfiles stored to different cloud disks is equal.
Further, the overall sizes of the subfiles stored to the different cloud disks are not equal and satisfy a preset ratio. .
Further, the high-security file cloud storage method further comprises the following steps:
and the user side sets a third secret key and encrypts the storage information through the third secret key to obtain encrypted storage information.
The high-security file cloud storage method has the advantages that the file to be stored is divided into the plurality of subfiles, the subfiles are stored in the plurality of cloud disks, the storage information is sent to the client, the user stores the storage information, and each subfile can be found out from different cloud disks only through the storage information stored by the user so as to restore the complete file. The risk that all files are revealed after a single cloud disk is in a problem is avoided, and the information required for restoring the files is stored at the user side, so that the safety of the files is further improved.
The high-security file cloud storage method has the advantages that the secret key of the cloud platform encrypted file is sent to the user side as one part of the storage information and stored by the user side, and all information of the restored file is mastered by the user. The method can prevent hackers from stealing the data in the cloud disk, and can also prevent the data from being stolen by a platform.
Drawings
Fig. 1 is a schematic diagram of a high-security file cloud storage method according to the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and the embodiments.
Fig. 1 shows a high-security file cloud storage method according to the present invention, which mainly includes the following steps: s1: and the user side sends the file to be stored to the cloud platform. And S2, the cloud platform divides the file into a plurality of sub-files, and each sub-file has a corresponding serial number. S3, several sub-files are encrypted. And S4, storing each encrypted subfile to one of the cloud disks. And S5, sending storage information to the user side, wherein the storage information comprises the serial numbers of the sub-files, the cloud disk corresponding to each sub-file and the position information stored in the cloud disk. By the method, the file to be stored is divided into a plurality of subfiles, the subfiles are stored in the cloud disks, the storage information is sent to the client, the storage information is stored by a user, and each subfile can be found out from different cloud disks only through the storage information stored by the user so as to restore the complete file. The above steps are specifically described below.
For step S1, the user side sends the file to be stored to the cloud platform.
Specifically, the user firstly transmits the complete file with the file to be stored to the cloud platform through the user side. The user side can be connected with the cloud platform through a wired network or a wireless network.
For step S2, the cloud platform divides the file into several subfiles, each subfile having a corresponding sequence number.
After receiving a file to be stored, the cloud platform divides the file into a plurality of subfiles according to a certain mode, and each subfile is provided with a corresponding sequence number for subsequent identification of the subfile.
Specifically, the manner of dividing the file may be preset as needed. It can be understood that the number of the divided subfiles may be greater than the number of the cloud disks, so that the number of the subfiles stored in some cloud disks may be more than one, and in order to further increase the difficulty of brute force cracking, if the number of the subfiles stored in a certain cloud disk is greater than 1, the subfiles are discontinuous and are embodied on the sequence numbers, and the sequence numbers of the plurality of subfiles stored in a cloud disk are discontinuous, so that even if the data of a certain cloud disk is leaked out, the leaked data are discontinuous because the plurality of subfiles in the cloud disk are discontinuous, thereby reducing the risk of data leakage.
In the invention, the cloud platform divides the file into n × t sub-files, wherein n is a positive integer, and t is the number of cloud disks. Each cloud disk stores n sub-files. And the total size of the subfiles stored in each cloud disk is equal.
As another optional implementation, the cloud platform divides the file into n × t sub-files, where n is a positive integer and t is the number of cloud disks. Each cloud disk stores n sub-files. However, the total size of the subfiles stored in each cloud disk is not equal, but conforms to a certain proportional relationship according to a preset mode. It can be understood that, there are many kinds of cloud disks on the market, and the difference between different kinds is large, in order to reduce the cost of the cloud disk, more subfiles can be considered to be stored for the cloud disk with higher cost performance.
For step S3, several copies of the sub-file are encrypted.
Before storing the divided subfiles in the cloud disk, the subfiles need to be encrypted. In the invention, the specific method for encrypting a plurality of parts of sub-files comprises the following steps: the cloud platform randomly generates a first secret key group aiming at the file, the first secret key group comprises n t different first secret keys, and the n t sub-files are encrypted through the first secret keys respectively. Because each subfile is encrypted by a different secret key, the difficulty of violently cracking the subfiles stored in the cloud disk by a hacker is improved.
As another optional implementation, the cloud platform randomly generates a second key for the file, and encrypts each subfile by the second key.
For step S4, each encrypted subfile is saved to one of the plurality of cloud disks.
After the encryption of step S3, each encrypted subfile is stored in the corresponding cloud disk. In the process of storing the subfiles, the storage location information of each subfile is recorded, namely the start-stop information of each subfile stored in the cloud disk. Each subfile can be retrieved from the cloud disk based on this information.
And step S5, sending storage information to the user side, wherein the storage information comprises the serial numbers of the sub-files, the cloud disk corresponding to each sub-file and the position information stored in the cloud disk.
After the file is stored, the cloud platform sends the storage information of the file to a user and stores the storage information, wherein the storage information comprises the serial number of each subfile, the corresponding cloud disk and the storage position information in the cloud disk.
Preferably, in the present invention, the storage information further includes a first secret key group, that is, the first secret key group used for encrypting each subfile is stored in the user side of the user, so that the difficulty of file decryption by the cloud platform is further improved, and all the related information of the stored files is stored in the user side and is held by the user. The method can prevent hackers from stealing the data in the cloud disk and prevent the data from being stolen by a platform party.
For another embodiment, when the key for encrypting the subfile is a unified first key, the stored information further includes the first key.
In the invention, the high-security file cloud storage method further comprises the following steps: and the user side sets a third secret key and encrypts the storage information through the third secret key to obtain encrypted storage information.
It can be understood that, after the user side receives the storage information, in order to prevent a hacker from stealing the storage information from the user side, the user can set a third key for the storage information through the user side, and encrypt the storage information through the set third key, thereby further increasing the difficulty of stealing the storage information of the file by other people.
When the user wants to download the file, the encrypted storage information is decrypted at the user side through the third secret key to obtain the storage information, and then the storage information is sent to the cloud platform. The cloud platform acquires each subfile from the plurality of cloud disks according to the storage information, decrypts the subfiles, restores the subfiles into complete files, and finally sends the files to the user side.
The foregoing illustrates and describes the principles, general features, and advantages of the present invention. It should be understood by those skilled in the art that the above embodiments do not limit the present invention in any way, and all technical solutions obtained by using equivalent alternatives or equivalent variations fall within the scope of the present invention.

Claims (10)

1. A high-security file cloud storage method is characterized by comprising the following steps:
the user side sends the file to be stored to the cloud platform;
the cloud platform divides the file into a plurality of sub-files, and each sub-file has a corresponding serial number;
encrypting a plurality of parts of the subfiles;
storing each encrypted subfile to one of a plurality of cloud disks respectively;
and sending storage information to the user side, wherein the storage information comprises a plurality of serial numbers of the subfiles and position information of the subfiles, wherein the subfiles correspond to the cloud disk and the position information stored in the cloud disk.
2. The high-security file cloud storage method according to claim 1,
the number of the subfiles is greater than the number of the cloud disks, and when the number of the subfiles stored to one of the cloud disks is greater than 1, the subfiles stored to the one cloud disk are not consecutive to each other.
3. The high-security file cloud storage method according to claim 2,
the specific method for dividing the file into a plurality of sub-files comprises the following steps:
dividing the file into n x t subfiles, wherein n is a positive integer greater than 1, and t is the number of cloud disks;
each cloud disk stores n subfiles.
4. The high-security file cloud storage method according to claim 3,
the specific method for encrypting the plurality of subfiles comprises the following steps:
randomly generating a first secret key set, wherein the first secret key set comprises n × t different first secret keys;
and encrypting the subfiles by n x t different first secret keys respectively.
5. The high-security file cloud storage method according to claim 6,
the storage information further includes the first set of secret keys.
6. The high-security file cloud storage method according to claim 3,
the specific method for encrypting the plurality of subfiles comprises the following steps:
randomly generating a second secret key;
encrypting each said subfile with said second secret key.
7. The high-security file cloud storage method according to claim 4,
the stored information further includes the second key.
8. The high-security file cloud storage method according to claim 1,
the overall size of the subfiles stored to different cloud disks is equal.
9. The high-security file cloud storage method according to claim 1,
the overall sizes of the subfiles stored to the different cloud disks are not equal and satisfy a preset ratio.
10. The high-security file cloud storage method according to claim 1,
the high-security file cloud storage method further comprises the following steps:
and the user side sets a third secret key and encrypts the storage information through the third secret key to obtain encrypted storage information.
CN202010282699.0A 2020-04-08 2020-04-08 High-security file cloud storage method Pending CN111506546A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010282699.0A CN111506546A (en) 2020-04-08 2020-04-08 High-security file cloud storage method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010282699.0A CN111506546A (en) 2020-04-08 2020-04-08 High-security file cloud storage method

Publications (1)

Publication Number Publication Date
CN111506546A true CN111506546A (en) 2020-08-07

Family

ID=71867445

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010282699.0A Pending CN111506546A (en) 2020-04-08 2020-04-08 High-security file cloud storage method

Country Status (1)

Country Link
CN (1) CN111506546A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150154418A1 (en) * 2013-12-02 2015-06-04 Fortinet, Inc. Secure cloud storage distribution and aggregation
CN105356997A (en) * 2015-08-06 2016-02-24 华南农业大学 Security distributed data management method based on public cloud
CN105721522A (en) * 2014-11-14 2016-06-29 广达电脑股份有限公司 Data access system, data storage method and data reading method
CN106330858A (en) * 2015-07-02 2017-01-11 阿里巴巴集团控股有限公司 Method and apparatus for realizing data cloud storage
CN110381061A (en) * 2019-07-19 2019-10-25 广东省新一代通信与网络创新研究院 Cloudy storage method, method for down loading, device and the storage medium of file

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150154418A1 (en) * 2013-12-02 2015-06-04 Fortinet, Inc. Secure cloud storage distribution and aggregation
CN105721522A (en) * 2014-11-14 2016-06-29 广达电脑股份有限公司 Data access system, data storage method and data reading method
CN106330858A (en) * 2015-07-02 2017-01-11 阿里巴巴集团控股有限公司 Method and apparatus for realizing data cloud storage
CN105356997A (en) * 2015-08-06 2016-02-24 华南农业大学 Security distributed data management method based on public cloud
CN110381061A (en) * 2019-07-19 2019-10-25 广东省新一代通信与网络创新研究院 Cloudy storage method, method for down loading, device and the storage medium of file

Similar Documents

Publication Publication Date Title
US11461487B2 (en) Method for strongly encrypting .ZIP files
US9450749B2 (en) One-time-pad encryption with central key service
EP1279249B1 (en) One-time-pad encryption with central key service and keyable characters
US7634659B2 (en) Roaming hardware paired encryption key generation
US20090144565A1 (en) Method and system for asymmetrically encrypting .ZIP files
EP3494662B1 (en) Method for storing data blocks from client devices to a cloud storage system
US20210144002A1 (en) Secondary Channel Authentication of Public Keys
CN101651714A (en) Downloading method and related system and equipment
CN109299618B (en) Quantum-resistant computing cloud storage method and system based on quantum key card
CN112528309A (en) Data storage encryption and decryption method and device
CN109787747B (en) Anti-quantum-computation multi-encryption cloud storage method and system based on multiple asymmetric key pools
KR101790757B1 (en) Cloud system for storing secure data and method thereof
CN101604296A (en) Disk-data sector-level encryption method
CN109412788B (en) Anti-quantum computing agent cloud storage security control method and system based on public key pool
CN111506546A (en) High-security file cloud storage method
EP1808977A1 (en) One-time-pad encryption with key ID and offset for starting point

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200807

RJ01 Rejection of invention patent application after publication