CN113438238A - User information anti-theft automatic alarm system based on decentralization - Google Patents

User information anti-theft automatic alarm system based on decentralization Download PDF

Info

Publication number
CN113438238A
CN113438238A CN202110710473.0A CN202110710473A CN113438238A CN 113438238 A CN113438238 A CN 113438238A CN 202110710473 A CN202110710473 A CN 202110710473A CN 113438238 A CN113438238 A CN 113438238A
Authority
CN
China
Prior art keywords
user side
platform
user
file
data management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110710473.0A
Other languages
Chinese (zh)
Inventor
王佳帅
阮安邦
魏明
陈旭明
翟东雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Octa Innovations Information Technology Co Ltd
Original Assignee
Beijing Octa Innovations Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Octa Innovations Information Technology Co Ltd filed Critical Beijing Octa Innovations Information Technology Co Ltd
Priority to CN202110710473.0A priority Critical patent/CN113438238A/en
Publication of CN113438238A publication Critical patent/CN113438238A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a decentralized-based automatic alarm system for preventing user information from being stolen, which comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module. The method comprises the steps that encryption operation is carried out on initial files uploaded by a user through a user side private key and a platform public key and the initial files are stored in a database of a data management platform, when the user side calls the initial files, the data management platform decrypts the files through the platform private key and matches the user side public key with the user side private key when the files are stored, the user side is confirmed if matching is successful, the files are called, the user side public key is stored in a blacklist if matching is failed, the user side is informed of the matching failure through a communication module, credibility and verification in a decentralized environment are guaranteed through combination of symmetric encryption and digital signature, and accordingly the safety degree of the user side files is greatly improved.

Description

User information anti-theft automatic alarm system based on decentralization
Technical Field
The invention belongs to the technical field of decentralization, and particularly relates to a user information anti-theft automatic alarm system based on decentralization.
Background
In a system with a plurality of nodes, each node has a highly autonomous characteristic, the nodes can be freely connected with each other to form a new connection unit, any node can be a staged center but does not have a mandatory central control function, and the influence between the nodes can form a nonlinear causal relationship through a network, wherein the open, flattened and equal system phenomena or structures are called decentralization;
the traditional electronic data storage mode adopts a centralized mode and encrypts data in a symmetric encryption mode, which means that whether the data security of users depends on the strength of a secret key, once an illegal user analyzes an encryption algorithm, the data of all users can be accessed, and loss is brought to the users.
Therefore, a user information anti-theft automatic alarm system based on decentralization is provided to solve the problems in the prior art and protect the data of the user.
Disclosure of Invention
The invention aims to provide a decentralized-based automatic alarm system for preventing user information from being stolen so as to solve the problem that an illegal user can access data of all users after analyzing an encryption algorithm in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme: a user information anti-theft automatic alarm system based on decentralized comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module, wherein the data management platform comprises a database and an interaction platform, the user side algorithm encryption module comprises a user side public key and a user side private key, and the platform side algorithm encryption module comprises a platform public key and a platform private key;
the system comprises a client side algorithm encryption module, a platform side algorithm encryption module and a data management platform, wherein the client side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through a communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module.
Preferably, the user side encrypts the initial file to be uploaded through a user side private key to obtain a double-encrypted file, encrypts the double-encrypted file through the platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file to the inside of the data management platform through the communication module.
Preferably, the data management platform receives the double-encrypted file from the user side through the interactive platform and stores the double-encrypted file into the database, packages the double-encrypted file in the database, and stores the double-encrypted file in a partition classification manner according to the type of the double-encrypted file.
Preferably, when the user side calls the double-encryption file, the data management platform calls the selected double-encryption file out, then firstly decrypts the double-encryption file through the platform private key to obtain a double-encryption file, and finally decrypts the double-encryption file through the user side public key.
Preferably, when decrypting a re-encrypted file, the data management platform compares the private key of the user side when the file is stored with the public key of the user side at the moment, and determines whether the private key of the user side and the public key of the user side are from the same user side, and if the private key of the user side is successfully matched with the private key of the user side, the data management platform confirms the user side.
Preferably, when the user public key is unsuccessfully matched with the user private key, the data management platform immediately stores the user public key into a blacklist, and transmits alarm information to the user through the communication module.
Preferably, the user side digests the initial file by using a Hash algorithm when sending the initial file, and then encrypts a private key of the user side by using the Hash algorithm again to form a signature of the initial file.
Preferably, the data management platform performs two parts of processing after receiving the double-encrypted file, the first part signs a signature for the received initial file and decrypts the signature through a public key of the user side to obtain a summary, the second part uses a Hash algorithm the same as that of the user side to obtain the summary for the content of the received initial file, and the second part compares the obtained summary with the two groups of summaries to judge whether the file received by the data management platform is the file which the user side wants to send.
The invention has the technical effects and advantages that: compared with the prior art, the user information anti-theft automatic alarm system based on decentralization provided by the invention has the following advantages:
the method comprises the steps that encryption operation is carried out on initial files uploaded by a user through a user side private key and a platform public key and the initial files are stored in a database of a data management platform, when the user side calls the initial files, the data management platform can decrypt the files through the platform private key and match the user side public key with the user side private key when the files are stored, the user side is confirmed if matching is successful, the files are called, the user side public key is stored in a blacklist if matching is failed, the user side is alarmed through a communication module, credibility and verification in a decentralized environment are guaranteed through combination of symmetric encryption and digital signature, and accordingly the safety degree of the user side files is greatly improved.
Drawings
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The specific embodiments described herein are merely illustrative of the invention and do not delimit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a decentralized-based automatic alarm system for preventing user information from being stolen, which comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module, wherein the user side algorithm encryption module is used for encrypting user information;
the data management platform comprises a database and an interactive platform, the user side algorithm encryption module comprises a user side public key and a user side private key, the platform side algorithm encryption module comprises a platform public key and a platform private key, the platform side algorithm encryption module and the user side algorithm encryption module form asymmetric encryption and comprise two keys, only the user side public key or the platform public key can be disclosed, and a receiver only needs to use the own private key for decryption, so that the safety problem of the keys in the transmission process can be well avoided;
the user side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through the communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module;
the method comprises the steps that a user side encrypts an initial file to be uploaded through a user side private key to obtain a re-encrypted file, then encrypts the re-encrypted file through a platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file into a data management platform through a communication module;
the data management platform receives the double-encrypted file from the user side through the interactive platform and stores the double-encrypted file into the database, packages the double-encrypted file in the database, and stores the double-encrypted file in a partition classification mode according to the type of the double-encrypted file;
when the user side calls the double-encrypted file, the data management platform calls the selected double-encrypted file out, then firstly decrypts the double-encrypted file through the platform private key to obtain a double-encrypted file, and finally decrypts the double-encrypted file through the user side public key;
the data management platform compares a user side private key when the file is stored with a user side public key at the moment when a re-encrypted file is decrypted, whether the user side private key and the user side public key are from the same user side or not is judged, the user side is confirmed if the user side public key and the user side private key are successfully matched, the file is safely protected in an asymmetric encryption mode, if the user side public key and the user side private key are not matched in verification within a limited number of times, the data management platform reports illegal behaviors of the user side and synchronously notifies the user side of the information to remind the user side of timely processing, and at the moment, a data management center does not deal with the unmatched user side private key and blackens the user side private key;
when the matching between the user side public key and the user side private key is unsuccessful, the data management platform immediately stores the user side public key into a blacklist and transmits alarm information to the user side through the communication module, and the security of a file is improved and the requirement of exchanging keys by a final user is eliminated through the arrangement of the user side public key, the user side private key, the platform public key and the platform private key;
the method comprises the steps that a user side digests an initial file through a Hash algorithm when sending the initial file, then the user side encrypts a private key of the user side by using a Hash algorithm again to form a signature of the initial file, the Hash algorithm can convert data into a mark, the mark and each byte of source data have a very close relation, and the Hash algorithm also has the characteristic that a reverse rule is difficult to find;
the data management platform receives the double-encrypted file and then carries out two-part processing, the first part signs the received initial file and carries out decryption through a user side public key to obtain an abstract, the second part uses a Hash algorithm which is the same as that of the user side to obtain the abstract according to the content of the received initial file, whether the file received by the data management platform is the file which the user side wants to send or not is judged through comparison with the two groups of abstracts, the file is divided into the abstract and the signature part through the Hash algorithm, then the signature and the abstract are converted into two groups of new abstracts again through the data management platform, whether the information which is the same as that the user side wants to send or not is judged through comparison of the two groups of abstracts, and the identity of the user side is verified, so that the security of the file uploaded by the user side is improved.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.

Claims (8)

1. The utility model provides a user information thief-proof automatic alarm system based on decentralization, includes user, data management platform, user algorithm encryption module, platform end algorithm encryption module and communication module, its characterized in that: the data management platform comprises a database and an interactive platform, the user side algorithm encryption module comprises a user side public key and a user side private key, and the platform side algorithm encryption module comprises a platform public key and a platform private key;
the system comprises a client side algorithm encryption module, a platform side algorithm encryption module and a data management platform, wherein the client side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through a communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module.
2. A decentralized based automatic alarm system for the theft of subscriber information according to claim 1, characterized in that: the user side encrypts the initial file to be uploaded through a user side private key to obtain a re-encrypted file, encrypts the re-encrypted file through the platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file to the inside of the data management platform through the communication module.
3. A decentralized based automatic alarm system for the theft of subscriber information according to claim 2, characterized in that: the data management platform receives the double-encrypted files from the user side through the interactive platform, stores the double-encrypted files into the database, packages the double-encrypted files in the database, and stores the double-encrypted files in a partition classification mode according to the types of the double-encrypted files.
4. A decentralized based automatic alarm system for the theft of subscriber information according to claim 3, characterized in that: when the user side calls the double-encryption file, the data management platform calls the selected double-encryption file out, then firstly decrypts the double-encryption file through the platform private key to obtain a double-encryption file, and finally decrypts the double-encryption file through the user side public key.
5. A decentralized based automatic alarm system for the theft of subscriber information according to claim 4, characterized in that: when the data management platform decrypts a re-encrypted file, the private key of the user side when the file is stored is compared with the public key of the user side at the moment, whether the private key and the public key of the user side come from the same user side or not is judged, and the user side is confirmed if the public key of the user side is successfully matched with the private key of the user side.
6. A decentralized based automatic alarm system for the theft of subscriber information according to claim 5, characterized in that: when the user public key is unsuccessfully matched with the user private key, the data management platform immediately stores the user public key into the blacklist and transmits alarm information to the user through the communication module.
7. A decentralized based automatic alarm system for the theft of subscriber information according to claim 2, characterized in that: and when the user side sends the initial file, the user side performs the digest through the Hash algorithm, and then uses the Hash algorithm again to encrypt the private key of the user side to form the signature of the initial file.
8. A decentralized based automatic alarm system for the theft of subscriber information according to claim 3, characterized in that: and the data management platform carries out two parts of processing after receiving the double-encrypted file, wherein the first part signs a signature for the received initial file and carries out decryption through a public key of the user terminal to obtain an abstract, and the second part uses the Hash algorithm same as that of the user terminal to obtain the abstract according to the content of the received initial file, and judges whether the file received by the data management platform is the file which the user terminal wants to send or not by comparing the abstract with the two groups of abstract.
CN202110710473.0A 2021-06-25 2021-06-25 User information anti-theft automatic alarm system based on decentralization Pending CN113438238A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110710473.0A CN113438238A (en) 2021-06-25 2021-06-25 User information anti-theft automatic alarm system based on decentralization

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110710473.0A CN113438238A (en) 2021-06-25 2021-06-25 User information anti-theft automatic alarm system based on decentralization

Publications (1)

Publication Number Publication Date
CN113438238A true CN113438238A (en) 2021-09-24

Family

ID=77755297

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110710473.0A Pending CN113438238A (en) 2021-06-25 2021-06-25 User information anti-theft automatic alarm system based on decentralization

Country Status (1)

Country Link
CN (1) CN113438238A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102185691A (en) * 2011-03-31 2011-09-14 中山大学深圳研究院 Method for encrypting information of comprehensive service card based on digital home
CN108200181A (en) * 2018-01-11 2018-06-22 中国人民解放军战略支援部队信息工程大学 A kind of revocable attribute-based encryption system and method towards cloud storage
WO2019040182A1 (en) * 2017-08-25 2019-02-28 Symantec Corporation Systems and methods for encrypting files
CN109510704A (en) * 2018-12-11 2019-03-22 中新金桥数字科技(北京)有限公司 A kind of digital cipher protection system and method based on IOS system
CN109787747A (en) * 2018-12-29 2019-05-21 如般量子科技有限公司 Anti- quantum calculation multi-enciphering cloud storage method and system based on multiple unsymmetrical key ponds

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102185691A (en) * 2011-03-31 2011-09-14 中山大学深圳研究院 Method for encrypting information of comprehensive service card based on digital home
WO2019040182A1 (en) * 2017-08-25 2019-02-28 Symantec Corporation Systems and methods for encrypting files
CN108200181A (en) * 2018-01-11 2018-06-22 中国人民解放军战略支援部队信息工程大学 A kind of revocable attribute-based encryption system and method towards cloud storage
CN109510704A (en) * 2018-12-11 2019-03-22 中新金桥数字科技(北京)有限公司 A kind of digital cipher protection system and method based on IOS system
CN109787747A (en) * 2018-12-29 2019-05-21 如般量子科技有限公司 Anti- quantum calculation multi-enciphering cloud storage method and system based on multiple unsymmetrical key ponds

Similar Documents

Publication Publication Date Title
US11070364B2 (en) Secure communication method and smart lock system based thereof
CN106898065B (en) Unlocking method of intelligent door lock
US5568554A (en) Method for improving the processing and storage performance of digital signature schemes
KR101753859B1 (en) Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device
US11394696B2 (en) Resource request method, device and storage medium
CN105828332A (en) Method of improving wireless local area authentication mechanism
CN113630248B (en) Session key negotiation method
CN111181723B (en) Method and device for offline security authentication between Internet of things devices
CN113612610B (en) Session key negotiation method
CN109905371A (en) Two-way encrypted authentication system and its application method
CN105471901A (en) Industrial information security authentication system
CN111639348A (en) Management method and device of database keys
CN116506854A (en) Encryption communication system and method for Beidou short message
CN112653553A (en) Internet of things equipment identity management system
CN110225028B (en) Distributed anti-counterfeiting system and method thereof
CN113591109B (en) Method and system for communication between trusted execution environment and cloud
CN112202773B (en) Computer network information security monitoring and protection system based on internet
CN113343264A (en) Block chain-based data tamper-proof system and method
CN112800462A (en) Method for storing confidential information in cloud computing environment
CN112020037A (en) Domestic communication encryption method suitable for rail transit
CN113438238A (en) User information anti-theft automatic alarm system based on decentralization
CN112423295B (en) Lightweight security authentication method and system based on block chain technology
CN114286331A (en) Identity authentication method and system suitable for 5G data terminal of power Internet of things
CN113111371A (en) Data transmission method and system based on block chain
CN110661803A (en) Gate encryption control system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210924