CN113438238A - User information anti-theft automatic alarm system based on decentralization - Google Patents
User information anti-theft automatic alarm system based on decentralization Download PDFInfo
- Publication number
- CN113438238A CN113438238A CN202110710473.0A CN202110710473A CN113438238A CN 113438238 A CN113438238 A CN 113438238A CN 202110710473 A CN202110710473 A CN 202110710473A CN 113438238 A CN113438238 A CN 113438238A
- Authority
- CN
- China
- Prior art keywords
- user side
- platform
- user
- file
- data management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a decentralized-based automatic alarm system for preventing user information from being stolen, which comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module. The method comprises the steps that encryption operation is carried out on initial files uploaded by a user through a user side private key and a platform public key and the initial files are stored in a database of a data management platform, when the user side calls the initial files, the data management platform decrypts the files through the platform private key and matches the user side public key with the user side private key when the files are stored, the user side is confirmed if matching is successful, the files are called, the user side public key is stored in a blacklist if matching is failed, the user side is informed of the matching failure through a communication module, credibility and verification in a decentralized environment are guaranteed through combination of symmetric encryption and digital signature, and accordingly the safety degree of the user side files is greatly improved.
Description
Technical Field
The invention belongs to the technical field of decentralization, and particularly relates to a user information anti-theft automatic alarm system based on decentralization.
Background
In a system with a plurality of nodes, each node has a highly autonomous characteristic, the nodes can be freely connected with each other to form a new connection unit, any node can be a staged center but does not have a mandatory central control function, and the influence between the nodes can form a nonlinear causal relationship through a network, wherein the open, flattened and equal system phenomena or structures are called decentralization;
the traditional electronic data storage mode adopts a centralized mode and encrypts data in a symmetric encryption mode, which means that whether the data security of users depends on the strength of a secret key, once an illegal user analyzes an encryption algorithm, the data of all users can be accessed, and loss is brought to the users.
Therefore, a user information anti-theft automatic alarm system based on decentralization is provided to solve the problems in the prior art and protect the data of the user.
Disclosure of Invention
The invention aims to provide a decentralized-based automatic alarm system for preventing user information from being stolen so as to solve the problem that an illegal user can access data of all users after analyzing an encryption algorithm in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme: a user information anti-theft automatic alarm system based on decentralized comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module, wherein the data management platform comprises a database and an interaction platform, the user side algorithm encryption module comprises a user side public key and a user side private key, and the platform side algorithm encryption module comprises a platform public key and a platform private key;
the system comprises a client side algorithm encryption module, a platform side algorithm encryption module and a data management platform, wherein the client side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through a communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module.
Preferably, the user side encrypts the initial file to be uploaded through a user side private key to obtain a double-encrypted file, encrypts the double-encrypted file through the platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file to the inside of the data management platform through the communication module.
Preferably, the data management platform receives the double-encrypted file from the user side through the interactive platform and stores the double-encrypted file into the database, packages the double-encrypted file in the database, and stores the double-encrypted file in a partition classification manner according to the type of the double-encrypted file.
Preferably, when the user side calls the double-encryption file, the data management platform calls the selected double-encryption file out, then firstly decrypts the double-encryption file through the platform private key to obtain a double-encryption file, and finally decrypts the double-encryption file through the user side public key.
Preferably, when decrypting a re-encrypted file, the data management platform compares the private key of the user side when the file is stored with the public key of the user side at the moment, and determines whether the private key of the user side and the public key of the user side are from the same user side, and if the private key of the user side is successfully matched with the private key of the user side, the data management platform confirms the user side.
Preferably, when the user public key is unsuccessfully matched with the user private key, the data management platform immediately stores the user public key into a blacklist, and transmits alarm information to the user through the communication module.
Preferably, the user side digests the initial file by using a Hash algorithm when sending the initial file, and then encrypts a private key of the user side by using the Hash algorithm again to form a signature of the initial file.
Preferably, the data management platform performs two parts of processing after receiving the double-encrypted file, the first part signs a signature for the received initial file and decrypts the signature through a public key of the user side to obtain a summary, the second part uses a Hash algorithm the same as that of the user side to obtain the summary for the content of the received initial file, and the second part compares the obtained summary with the two groups of summaries to judge whether the file received by the data management platform is the file which the user side wants to send.
The invention has the technical effects and advantages that: compared with the prior art, the user information anti-theft automatic alarm system based on decentralization provided by the invention has the following advantages:
the method comprises the steps that encryption operation is carried out on initial files uploaded by a user through a user side private key and a platform public key and the initial files are stored in a database of a data management platform, when the user side calls the initial files, the data management platform can decrypt the files through the platform private key and match the user side public key with the user side private key when the files are stored, the user side is confirmed if matching is successful, the files are called, the user side public key is stored in a blacklist if matching is failed, the user side is alarmed through a communication module, credibility and verification in a decentralized environment are guaranteed through combination of symmetric encryption and digital signature, and accordingly the safety degree of the user side files is greatly improved.
Drawings
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The specific embodiments described herein are merely illustrative of the invention and do not delimit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a decentralized-based automatic alarm system for preventing user information from being stolen, which comprises a user side, a data management platform, a user side algorithm encryption module, a platform side algorithm encryption module and a communication module, wherein the user side algorithm encryption module is used for encrypting user information;
the data management platform comprises a database and an interactive platform, the user side algorithm encryption module comprises a user side public key and a user side private key, the platform side algorithm encryption module comprises a platform public key and a platform private key, the platform side algorithm encryption module and the user side algorithm encryption module form asymmetric encryption and comprise two keys, only the user side public key or the platform public key can be disclosed, and a receiver only needs to use the own private key for decryption, so that the safety problem of the keys in the transmission process can be well avoided;
the user side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through the communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module;
the method comprises the steps that a user side encrypts an initial file to be uploaded through a user side private key to obtain a re-encrypted file, then encrypts the re-encrypted file through a platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file into a data management platform through a communication module;
the data management platform receives the double-encrypted file from the user side through the interactive platform and stores the double-encrypted file into the database, packages the double-encrypted file in the database, and stores the double-encrypted file in a partition classification mode according to the type of the double-encrypted file;
when the user side calls the double-encrypted file, the data management platform calls the selected double-encrypted file out, then firstly decrypts the double-encrypted file through the platform private key to obtain a double-encrypted file, and finally decrypts the double-encrypted file through the user side public key;
the data management platform compares a user side private key when the file is stored with a user side public key at the moment when a re-encrypted file is decrypted, whether the user side private key and the user side public key are from the same user side or not is judged, the user side is confirmed if the user side public key and the user side private key are successfully matched, the file is safely protected in an asymmetric encryption mode, if the user side public key and the user side private key are not matched in verification within a limited number of times, the data management platform reports illegal behaviors of the user side and synchronously notifies the user side of the information to remind the user side of timely processing, and at the moment, a data management center does not deal with the unmatched user side private key and blackens the user side private key;
when the matching between the user side public key and the user side private key is unsuccessful, the data management platform immediately stores the user side public key into a blacklist and transmits alarm information to the user side through the communication module, and the security of a file is improved and the requirement of exchanging keys by a final user is eliminated through the arrangement of the user side public key, the user side private key, the platform public key and the platform private key;
the method comprises the steps that a user side digests an initial file through a Hash algorithm when sending the initial file, then the user side encrypts a private key of the user side by using a Hash algorithm again to form a signature of the initial file, the Hash algorithm can convert data into a mark, the mark and each byte of source data have a very close relation, and the Hash algorithm also has the characteristic that a reverse rule is difficult to find;
the data management platform receives the double-encrypted file and then carries out two-part processing, the first part signs the received initial file and carries out decryption through a user side public key to obtain an abstract, the second part uses a Hash algorithm which is the same as that of the user side to obtain the abstract according to the content of the received initial file, whether the file received by the data management platform is the file which the user side wants to send or not is judged through comparison with the two groups of abstracts, the file is divided into the abstract and the signature part through the Hash algorithm, then the signature and the abstract are converted into two groups of new abstracts again through the data management platform, whether the information which is the same as that the user side wants to send or not is judged through comparison of the two groups of abstracts, and the identity of the user side is verified, so that the security of the file uploaded by the user side is improved.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.
Claims (8)
1. The utility model provides a user information thief-proof automatic alarm system based on decentralization, includes user, data management platform, user algorithm encryption module, platform end algorithm encryption module and communication module, its characterized in that: the data management platform comprises a database and an interactive platform, the user side algorithm encryption module comprises a user side public key and a user side private key, and the platform side algorithm encryption module comprises a platform public key and a platform private key;
the system comprises a client side algorithm encryption module, a platform side algorithm encryption module and a data management platform, wherein the client side algorithm encryption module is in communication connection with the platform side algorithm encryption module, the platform side algorithm encryption module is connected with the data management platform through a communication module, and the data management platform is connected with the platform side algorithm encryption module through the communication module.
2. A decentralized based automatic alarm system for the theft of subscriber information according to claim 1, characterized in that: the user side encrypts the initial file to be uploaded through a user side private key to obtain a re-encrypted file, encrypts the re-encrypted file through the platform public key to obtain a double-encrypted file, and finally transmits the double-encrypted file to the inside of the data management platform through the communication module.
3. A decentralized based automatic alarm system for the theft of subscriber information according to claim 2, characterized in that: the data management platform receives the double-encrypted files from the user side through the interactive platform, stores the double-encrypted files into the database, packages the double-encrypted files in the database, and stores the double-encrypted files in a partition classification mode according to the types of the double-encrypted files.
4. A decentralized based automatic alarm system for the theft of subscriber information according to claim 3, characterized in that: when the user side calls the double-encryption file, the data management platform calls the selected double-encryption file out, then firstly decrypts the double-encryption file through the platform private key to obtain a double-encryption file, and finally decrypts the double-encryption file through the user side public key.
5. A decentralized based automatic alarm system for the theft of subscriber information according to claim 4, characterized in that: when the data management platform decrypts a re-encrypted file, the private key of the user side when the file is stored is compared with the public key of the user side at the moment, whether the private key and the public key of the user side come from the same user side or not is judged, and the user side is confirmed if the public key of the user side is successfully matched with the private key of the user side.
6. A decentralized based automatic alarm system for the theft of subscriber information according to claim 5, characterized in that: when the user public key is unsuccessfully matched with the user private key, the data management platform immediately stores the user public key into the blacklist and transmits alarm information to the user through the communication module.
7. A decentralized based automatic alarm system for the theft of subscriber information according to claim 2, characterized in that: and when the user side sends the initial file, the user side performs the digest through the Hash algorithm, and then uses the Hash algorithm again to encrypt the private key of the user side to form the signature of the initial file.
8. A decentralized based automatic alarm system for the theft of subscriber information according to claim 3, characterized in that: and the data management platform carries out two parts of processing after receiving the double-encrypted file, wherein the first part signs a signature for the received initial file and carries out decryption through a public key of the user terminal to obtain an abstract, and the second part uses the Hash algorithm same as that of the user terminal to obtain the abstract according to the content of the received initial file, and judges whether the file received by the data management platform is the file which the user terminal wants to send or not by comparing the abstract with the two groups of abstract.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110710473.0A CN113438238A (en) | 2021-06-25 | 2021-06-25 | User information anti-theft automatic alarm system based on decentralization |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110710473.0A CN113438238A (en) | 2021-06-25 | 2021-06-25 | User information anti-theft automatic alarm system based on decentralization |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113438238A true CN113438238A (en) | 2021-09-24 |
Family
ID=77755297
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110710473.0A Pending CN113438238A (en) | 2021-06-25 | 2021-06-25 | User information anti-theft automatic alarm system based on decentralization |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113438238A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102185691A (en) * | 2011-03-31 | 2011-09-14 | 中山大学深圳研究院 | Method for encrypting information of comprehensive service card based on digital home |
CN108200181A (en) * | 2018-01-11 | 2018-06-22 | 中国人民解放军战略支援部队信息工程大学 | A kind of revocable attribute-based encryption system and method towards cloud storage |
WO2019040182A1 (en) * | 2017-08-25 | 2019-02-28 | Symantec Corporation | Systems and methods for encrypting files |
CN109510704A (en) * | 2018-12-11 | 2019-03-22 | 中新金桥数字科技(北京)有限公司 | A kind of digital cipher protection system and method based on IOS system |
CN109787747A (en) * | 2018-12-29 | 2019-05-21 | 如般量子科技有限公司 | Anti- quantum calculation multi-enciphering cloud storage method and system based on multiple unsymmetrical key ponds |
-
2021
- 2021-06-25 CN CN202110710473.0A patent/CN113438238A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102185691A (en) * | 2011-03-31 | 2011-09-14 | 中山大学深圳研究院 | Method for encrypting information of comprehensive service card based on digital home |
WO2019040182A1 (en) * | 2017-08-25 | 2019-02-28 | Symantec Corporation | Systems and methods for encrypting files |
CN108200181A (en) * | 2018-01-11 | 2018-06-22 | 中国人民解放军战略支援部队信息工程大学 | A kind of revocable attribute-based encryption system and method towards cloud storage |
CN109510704A (en) * | 2018-12-11 | 2019-03-22 | 中新金桥数字科技(北京)有限公司 | A kind of digital cipher protection system and method based on IOS system |
CN109787747A (en) * | 2018-12-29 | 2019-05-21 | 如般量子科技有限公司 | Anti- quantum calculation multi-enciphering cloud storage method and system based on multiple unsymmetrical key ponds |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11070364B2 (en) | Secure communication method and smart lock system based thereof | |
CN106898065B (en) | Unlocking method of intelligent door lock | |
US5568554A (en) | Method for improving the processing and storage performance of digital signature schemes | |
KR101753859B1 (en) | Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device | |
US11394696B2 (en) | Resource request method, device and storage medium | |
CN105828332A (en) | Method of improving wireless local area authentication mechanism | |
CN113630248B (en) | Session key negotiation method | |
CN111181723B (en) | Method and device for offline security authentication between Internet of things devices | |
CN113612610B (en) | Session key negotiation method | |
CN109905371A (en) | Two-way encrypted authentication system and its application method | |
CN105471901A (en) | Industrial information security authentication system | |
CN111639348A (en) | Management method and device of database keys | |
CN116506854A (en) | Encryption communication system and method for Beidou short message | |
CN112653553A (en) | Internet of things equipment identity management system | |
CN110225028B (en) | Distributed anti-counterfeiting system and method thereof | |
CN113591109B (en) | Method and system for communication between trusted execution environment and cloud | |
CN112202773B (en) | Computer network information security monitoring and protection system based on internet | |
CN113343264A (en) | Block chain-based data tamper-proof system and method | |
CN112800462A (en) | Method for storing confidential information in cloud computing environment | |
CN112020037A (en) | Domestic communication encryption method suitable for rail transit | |
CN113438238A (en) | User information anti-theft automatic alarm system based on decentralization | |
CN112423295B (en) | Lightweight security authentication method and system based on block chain technology | |
CN114286331A (en) | Identity authentication method and system suitable for 5G data terminal of power Internet of things | |
CN113111371A (en) | Data transmission method and system based on block chain | |
CN110661803A (en) | Gate encryption control system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210924 |