CN113792319B - File encryption method, device, storage medium and electronic equipment - Google Patents
File encryption method, device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN113792319B CN113792319B CN202111111464.6A CN202111111464A CN113792319B CN 113792319 B CN113792319 B CN 113792319B CN 202111111464 A CN202111111464 A CN 202111111464A CN 113792319 B CN113792319 B CN 113792319B
- Authority
- CN
- China
- Prior art keywords
- file
- processed
- header
- encryption
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000012795 verification Methods 0.000 claims description 33
- 238000006243 chemical reaction Methods 0.000 claims description 20
- 238000004458 analytical method Methods 0.000 claims description 13
- 230000011218 segmentation Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 description 18
- 230000008569 process Effects 0.000 description 10
- 238000013478 data encryption standard Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 231100000279 safety data Toxicity 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure provides a file encryption method, a file encryption device, a computer readable storage medium and electronic equipment, and belongs to the technical field of computers. The method comprises the following steps: when detecting that a target application executes a writing operation on a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application; and determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type. According to the method and the device, the file in the target application program is encrypted, so that the safety of the file can be improved, and the data leakage is prevented.
Description
Technical Field
The disclosure relates to the field of computer technology, and in particular, to a file encryption method, a file encryption device, a computer readable storage medium and electronic equipment.
Background
Transparent encryption technology is a file encryption technology which has been developed in recent years for enterprise file confidentiality requirements. Specifically, when a user opens or edits a file, the system can automatically complete encryption of an unencrypted file, and the whole process cannot be perceived by the user, so that normal operation of the user cannot be influenced.
Currently, when a file is encrypted, the file type can be distinguished through the suffix name of the file, and the file of the corresponding file type is encrypted. The method for judging the file type is simple and direct, does not generate extra resource expenditure, but can lead to the fact that the true type of the file cannot be identified once the suffix name of the file is changed, so that the encrypted file becomes a plaintext, and safety data is leaked.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The disclosure provides a file encryption method, a file encryption device, a computer readable storage medium and an electronic device, so as to solve the problem that in the prior art, data leakage is caused by easy tampering of files to at least a certain extent.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to a first aspect of the present disclosure, there is provided a file encryption method, the method comprising: when detecting that a target application executes a writing operation on a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application; and determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type.
In an exemplary embodiment of the present disclosure, the obtaining a header rule corresponding to the target application includes: detecting the application type of the target application through the kernel layer driver, and acquiring a file header rule corresponding to the target application according to the application type.
In an exemplary embodiment of the present disclosure, the determining the file encryption type of the file to be processed according to the file header rule includes: determining an analysis rule of the file header of the file to be processed and a file header verification identifier of the file to be processed according to the file header rule; analyzing the file to be processed according to the analysis rule to obtain a file header of the file to be processed, matching the file header of the file to be processed with a file header verification identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type.
In an exemplary embodiment of the present disclosure, when parsing the file to be processed according to the parsing rule, the method includes: determining the byte number of the header of the file to be processed and/or the byte position of each byte in the file to be processed according to the analysis rule; and extracting byte data according to the byte number and/or the byte position of each byte in the file to be processed so as to obtain the file header of the file to be processed.
In an exemplary embodiment of the present disclosure, when matching the header of the to-be-processed file with the header verification identifier of the to-be-processed file, determining whether the to-be-processed file is of an encrypted file type, the method further includes: converting the header of the file to be processed according to a preset conversion rule, matching the processed header with a header verification identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type; the preset conversion rule comprises the step of converting the file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the method further comprises: determining an encryption strategy matched with the file type of the file to be processed according to the file header rule, wherein the encryption strategy comprises an encryption grade of the file to be processed and an encryption algorithm corresponding to the encryption grade; when the file to be processed is determined to belong to the encrypted file type, adding an encrypted identifier at the head or tail of the file to be processed, so that the kernel layer driver determines an encryption algorithm according to the encrypted identifier, and encrypts the file to be processed according to the encryption algorithm.
In an exemplary embodiment of the present disclosure, when encrypting the file to be processed, the method further includes: acquiring an encryption key of the file to be processed by sending an acquisition request of the encryption key of the file to be processed to a server; and encrypting the file to be processed by adopting an encryption key of the file to be processed based on a preset encryption algorithm, wherein the preset encryption algorithm comprises any one or more of a symmetrical encryption algorithm, an asymmetrical encryption algorithm and a combined algorithm formed by the symmetrical encryption algorithm and the asymmetrical encryption algorithm.
According to a second aspect of the present disclosure, there is provided a file encrypting apparatus, the apparatus comprising: the acquisition module is used for acquiring a file header rule corresponding to a target application when the target application is detected to execute a writing operation on a file to be processed through a kernel layer driver; and the encryption module is used for determining the file encryption type of the file to be processed according to the file header rule and encrypting the file to be processed according to the file encryption type.
In an exemplary embodiment of the disclosure, the obtaining module is configured to detect, by the kernel layer driver, an application type of the target application, and obtain, according to the application type, a header rule corresponding to the target application.
In an exemplary embodiment of the disclosure, the encryption module is configured to determine an parsing rule of a header of the to-be-processed file and a header verification identifier of the to-be-processed file according to the header rule, parse the to-be-processed file according to the parsing rule to obtain the header of the to-be-processed file, and match the header of the to-be-processed file with the header verification identifier of the to-be-processed file to determine whether the to-be-processed file belongs to an encrypted file type.
In an exemplary embodiment of the present disclosure, when the file to be processed is parsed according to the parsing rule, the encryption module is further configured to determine, according to the parsing rule, a byte number of a header of the file to be processed and/or a byte position of each byte in the file to be processed, and extract byte data according to the byte number and/or the byte position of each byte in the file to be processed, so as to obtain the header of the file to be processed.
In an exemplary embodiment of the present disclosure, when the header of the to-be-processed file is matched with the header verification identifier of the to-be-processed file to determine whether the to-be-processed file belongs to an encrypted file type, the encryption module is further configured to perform conversion processing on the header of the to-be-processed file according to a preset conversion rule, and match the processed header with the header verification identifier of the to-be-processed file to determine whether the to-be-processed file belongs to the encrypted file type; the preset conversion rule comprises the step of converting the file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the encryption module is further configured to determine, according to the header rule, an encryption policy that matches a file type of the file to be processed, where the encryption policy includes an encryption level of the file to be processed and an encryption algorithm corresponding to the encryption level, and when it is determined that the file to be processed belongs to the encrypted file type, add an encryption identifier to a header or a trailer of the file to be processed, so that the kernel layer driver determines the encryption algorithm according to the encryption identifier, and encrypts the file to be processed according to the encryption algorithm.
In an exemplary embodiment of the present disclosure, when encrypting the to-be-processed file, the encryption module is further configured to obtain an encryption key of the to-be-processed file by sending an acquisition request of the encryption key of the to-be-processed file to a server, and encrypt the to-be-processed file with the encryption key of the to-be-processed file based on a preset encryption algorithm, where the preset encryption algorithm includes any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm, and a combination algorithm composed of the symmetric encryption algorithm and the asymmetric encryption algorithm.
According to a third aspect of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements any one of the file encryption methods described above.
According to a fourth aspect of the present disclosure, there is provided an electronic device comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform any of the file encryption methods described above via execution of the executable instructions.
The present disclosure has the following beneficial effects:
In summary, according to the file encryption method, the file encryption apparatus, the computer-readable storage medium, and the electronic device in the present exemplary embodiment, when it is detected by the kernel layer driver that the target application performs a write operation with respect to the file to be processed, a header rule corresponding to the target application may be obtained, a file encryption type of the file to be processed may be determined according to the header rule, and the file to be processed may be encrypted according to the file encryption type. According to the scheme, the file encryption type of the file to be processed is determined according to the file header rule, the file to be processed is encrypted according to the file encryption type, transparent encryption of the file can be achieved, the safety of file data is guaranteed, meanwhile, the real type of the file can be determined according to the file header rule, the file type cannot be identified due to the fact that the file is changed in a suffix mode, and therefore identification accuracy of the file type and encryption reliability can be improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely some embodiments of the present disclosure and that other drawings may be derived from these drawings without undue effort.
Fig. 1 shows a flowchart of a file encrypting method in the present exemplary embodiment;
FIG. 2 illustrates a flow chart of determining a file encryption type in the present exemplary embodiment;
FIG. 3 shows a flowchart of encrypting a file to be processed in the present exemplary embodiment;
FIG. 4 shows a flowchart of another method of encrypting a file to be processed in the present exemplary embodiment;
Fig. 5 shows a flowchart of another file encrypting method in the present exemplary embodiment;
fig. 6 is a block diagram showing a configuration of a file encrypting apparatus in the present exemplary embodiment;
fig. 7 illustrates a computer-readable storage medium for implementing the above-described method in the present exemplary embodiment;
Fig. 8 shows an electronic device for implementing the above method in the present exemplary embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
The exemplary embodiment of the disclosure first provides a file encryption method, which can be applied to a terminal device, so that the terminal device encrypts a file to be processed when processing the file to be processed by using a target application, and the normal operation of a user is not affected by an encryption process. As an example of a system environment of the file encryption method in the present exemplary embodiment, the file encryption method may be performed by a file processing system having data processing monitoring and encryption functions in a terminal device, which may be a file system configured at a kernel layer of an operating system, such as an interface layer that may be located between the file system and a service system, and when a user processes a file through a target application, the file processing system may monitor an operation type of the file by the target application through a kernel layer driver and transparently encrypt the file.
Fig. 1 shows a flow of the present exemplary embodiment, which may include the following steps S110 to S120:
Step S110, when the kernel layer driver detects that the target application executes the writing operation on the file to be processed, the file header rule corresponding to the target application is obtained.
The kernel layer is the most basic part in an operating system, can provide security access of computer hardware for various application programs, and the operating system can be generally divided into a kernel mode and a user mode, wherein the kernel code of the system runs in the kernel mode, and the non-kernel code runs in the user mode. The kernel layer driver refers to a program running in kernel mode and having the highest authority of an operating system, and can be used for receiving an access request of an application program sent by an I/O manager and processing the access request. In the present exemplary embodiment, the target application may be any one application program, such as any one or more of CAD software, revit software, sknchup software, and the like; the file to be processed may be a file processed by the target application, for example, CAD software, and the file to be processed may be a file in DWG format or a file in DXF format, or the like. The write operation may include a backup of the file to be processed, saving historical data, logging, and other types of operations. The header rules corresponding to the target application may be header rules corresponding to each file type supported by the target application, including but not limited to a header reading rule, an parsing rule, and a storage rule, and the header rules may be generated by a user through an application layer, that is, user mode configuration in advance.
When the file to be processed is processed through the target application, the operation type of the file to be processed by the target application can be monitored through the kernel layer driver, and when the writing operation of the target application on the file to be processed is detected, the file header rule corresponding to the target application is obtained, for example, the file header rule corresponding to the target application can be read from the rule file configured by the application layer.
Specifically, in an alternative embodiment, the header rule corresponding to the target application may be obtained by the following method:
Detecting the application type of the target application through the kernel layer driver, and acquiring the file header rule corresponding to the target application according to the application type.
For each application program running on the terminal device, the kernel layer driver can monitor the running state of each application, for example, can monitor what operation is performed on the file by each application, and the authority information of the user currently performing the operation, etc. When the target application is detected to execute the writing operation about the file to be processed, the application type of the target application can be judged, for example, the application name of the target application can be judged according to the stored application identification of each application, and the file header rule corresponding to the target application can be obtained according to the application name. For example, when it is detected that the target application performs a backup operation or records operations such as a log, history data, etc. on a file to be processed, a file header rule about the target application stored in advance by the terminal device may be read according to an application type of the target application.
By the method for monitoring the operation of the target application on the file to be processed by the kernel layer driver, the processing environment of the file to be processed can be detected in real time when the file to be processed is processed by the target application, and whether the file to be processed is in a safe environment or not can be judged.
In addition, when the target application reads the file to be processed, the kernel layer driver may determine the operation authority of the current operation user according to the access request of the application program, for example, the kernel layer driver may determine the operation authority of the current operation user according to the user identifier in the read request sent by the I/O manager, for example, determine whether the operation user has the read authority, or determine whether the user having the read authority has the write authority, etc., and control the operation user to process the file to be processed within the range of the operation authority, for example, when determining that the operation user is allowed to access the file to be processed, the kernel layer driver may send the access request to the file system storing the file to be processed, and control the target application to read the file to be processed.
And S120, determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type.
After the file header rule corresponding to the target application is obtained, the file encryption type of the file to be processed can be determined according to the file header rule, for example, whether the file to be processed belongs to the file to be encrypted, the encryption grade of the file to be processed and the like, so that the file to be processed is encrypted according to the file encryption type of the file to be processed.
In an alternative embodiment, referring to FIG. 2, step S120 may be implemented by the following steps S210-S220:
Step S210, determining an analysis rule of a file header of the file to be processed and a file header verification identifier of the file to be processed according to the file header rule.
The parsing rule of the header of the file to be processed may include a reading mode, a conversion rule, etc. of the header of the file to be processed; the header verification identifier of the file to be processed can be used for verifying whether the header of the file to be processed meets encryption conditions or not, and can be an identifier formed by numbers, letters, special symbols and the like. In this exemplary embodiment, the header check identifier of the file to be processed may be set by the operator in advance according to the encryption requirement and the file type supported by the target application, for example, the header check identifier may be set for each file type corresponding to the target application, or if the files of all the file types supported by the target application need to be encrypted, the header check identifiers of all the file types corresponding to the target application may be set to the same identification data. Table 1 below shows an example of a header check identifier, as follows:
TABLE 1
| Target application | File type | File header checking mark | Identifying a location |
| Revit | RVT/RTE/RFA | D0 CF 11 E0 A1 B1 1A E1 | Header 8 bits |
| CAD | DWG/DWT | 41 43 31 30 | Header 4 bits |
| SketchUp | SKP | FF FF FF 0E 53 20 6B 20 | Header 8 bits |
In the above header check identifiers, the header check identifiers corresponding to all file types belonging to the same application program are the same check identifier.
After the header rule corresponding to the target application is obtained, the header rule of the application type corresponding to the target application can be read from the header rule, the header rule consistent with the file type of the file to be processed is extracted from the header rule, the analysis rule of the header of the file to be processed is determined from the header rule, and the header verification identification of the file to be processed is read.
Step S220, analyzing the file to be processed according to the analysis rule to obtain a file header of the file to be processed, and matching the file header of the file to be processed with a file header verification identifier of the file to be processed to determine whether the file to be processed belongs to an encrypted file type.
After determining the parsing rule of the header of the file to be processed, the file to be processed can be parsed according to the parsing rule, for example, byte data of the file to be processed can be read, data within a certain byte range can be extracted from the byte data to be used as the header of the file to be processed, and then the header of the file to be processed is matched with the header verification identifier of the file to be processed to determine whether the file to be processed belongs to the encrypted file type. For example, when it is determined that the header of the file to be processed is successfully matched with the header verification identifier, it may be determined that the file to be processed belongs to an encrypted file type, otherwise, if the header of the file to be processed is not successfully matched with the header verification identifier, it is indicated that the file to be processed does not need to be encrypted, and at this time, the kernel layer driver may issue an access request of the target application to a next layer driver for processing, so as to control the target application to normally process the file to be processed.
In practice, the files are stored in a binary manner in a hard disk in a certain order before being read by an application program, and only the application program reads the contents of each part of the files in a fixed order, so that the data in the files can be obtained, otherwise, the correct file data cannot be obtained. In this exemplary embodiment, the header is used as an identifier that indicates "identity" to the application program, and may also be obtained by parsing the file to be processed according to a parsing rule corresponding to the header. Specifically, in an alternative embodiment, the header of the file to be processed may be obtained by performing the following method to parse the file to be processed:
Determining the byte number of the header of the file to be processed and/or the byte position of each byte in the file to be processed through an analysis rule;
and extracting byte data according to the byte number and/or the byte position of each byte in the file to be processed so as to obtain the file header of the file to be processed.
For example, the kernel layer driver may determine, according to an parsing rule of a header of the file to be processed, to read the number of bytes of the header of the file to be processed, and when the header of the file to be processed is obtained, may start from the header of the file to be processed, and read the corresponding number of bytes to obtain the header of the file to be processed, for example, for files in DWG and DWT formats in CAD software, the header may be byte data of the first 4 bytes, that is, 41 43 31 30. For another example, the kernel layer driver may determine, according to an parsing rule of a header of the file to be processed, to read the byte number and the byte position of the header of the file to be processed, for example, may read the header of the file to be processed according to the interval number of each byte, for example, for a file in SKP format in SketchUp software, byte data may be read from the first byte at intervals of 1 bit to obtain a header with a byte number of 4, i.e., the obtained header is FF 536B.
By the method, the file header of the file to be processed can be read according to the established file rule, and after the file is encrypted in the mode, the true type of the file can be still distinguished even if the suffix of the file is modified.
In an alternative embodiment, when the header of the file to be processed is matched with the header verification identifier of the file to be processed, and it is determined whether the file to be processed is of an encrypted file type, the following method may be further executed:
and converting the header of the file to be processed according to a preset conversion rule, matching the processed header with a header verification identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type.
The preset conversion rule may include converting a header of the file to be processed into a hash value having a fixed length by using a hash algorithm.
The file header verification identifier of the file to be processed may be identifier data obtained after a certain conversion rule is processed, for example, may be a hash value with a fixed length obtained after a hash algorithm is adopted for conversion. Therefore, when the header of the file to be processed is matched with the header verification identifier of the file to be processed, the header of the file to be processed can be converted according to a preset conversion rule, and then the header obtained after the processing is matched with the header verification identifier to determine whether the file to be processed belongs to the encrypted file type. By the method, the file header verification mark can be stored as the mark data processed by the conversion rule, so that the security level of the file header verification mark can be improved, and the phenomenon that the encryption of the file to be processed is influenced due to random modification of the file header verification mark is avoided. In addition, when the data volume of the file header of the file to be processed is large, the file header can be converted into a hash value with a fixed length through a preset conversion rule, so that the speed of judging the file encryption type of the file to be processed is improved.
Further, in encrypting, different encryption rules may be configured for different types or levels of files, and in an alternative embodiment, referring to fig. 3, the files to be processed may be encrypted by executing the following steps S310 to S320:
step S310, determining an encryption strategy matched with the file type of the file to be processed according to the file header rule.
The encryption policy may include an encryption level of the file to be processed and an encryption algorithm corresponding to the encryption level, for example, an importance level of the file may be included in file information of the file to be processed, and the encryption policy may be an encryption algorithm having different complexity levels configured according to the importance level of the file. When the file to be processed is encrypted through the kernel layer driver, the kernel layer driver can read the file header rule configured by the application layer, and determine the encryption strategy matched with the file type of the file to be processed.
Step S320, when the file to be processed is determined to be of the encrypted file type, an encryption identifier is added to the head or tail of the file to be processed, so that the kernel layer driver determines an encryption algorithm according to the encryption identifier, and encrypts the file to be processed according to the encryption algorithm.
When the file to be processed is determined to belong to the type of the encrypted file, the kernel layer driver can add a custom encrypted identifier, such as a character string with a certain length, at the head or tail of the file to be processed, and encrypt the file by an encryption algorithm according to the encryption algorithm corresponding to the encrypted identifier of the file to be processed. For example, the encryption identifier may include an encryption algorithm and an encryption key of the file to be processed, and when the file to be processed is encrypted, the kernel layer driver may acquire the encryption key according to the encryption identifier of the file to be processed, and encrypt the file to be processed according to the encryption algorithm using the encryption key.
Through the steps S310 to S320, the files to be processed can be encrypted by adopting corresponding encryption strategies based on different file types, so that the differential encryption of the files is realized, the encryption flexibility of the files can be improved, and the security of the files can be enhanced to a certain extent.
Further, in an alternative embodiment, the file to be processed may be encrypted by using a different encryption algorithm, and the encrypted key may be obtained by sending a request to the server, that is, when the encryption process is performed, referring to fig. 4, the following method may be further performed:
in step S410, the encryption key of the file to be processed is obtained by sending an obtaining request of the encryption key of the file to be processed to the server.
For example, when encryption is performed, the terminal device may send the header check code of the file to be processed as the file identifier of the file to be processed to the server, so as to receive the encryption key distributed by the server according to the file identifier.
Step S420, based on a preset encryption algorithm, the encryption key of the file to be processed is adopted to encrypt the file to be processed.
The preset encryption algorithm may include any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm, and a combination algorithm formed by the symmetric encryption algorithm and the asymmetric encryption algorithm, for example, an AES (Advanced Encryption Standard ) algorithm, a DES (Data Encryption Standard, data encryption standard) algorithm, an RSA algorithm (an asymmetric encryption algorithm), and the like.
After the encryption key is obtained, the kernel layer driver can encrypt the file to be processed by adopting the encryption key according to a corresponding encryption algorithm. Taking DES algorithm as an example, the kernel layer driver may replace the data position in the file to be processed by the IP replacement table, then perform iterative processing on the replaced file to be processed by using the subkey, and finally perform inverse replacement to generate final ciphertext data.
By the method, transparent encryption of the file to be processed can be completed, the file to be processed is stored as ciphertext data in a hard disk, and the file to be processed is plaintext data in a memory, so that the security of the file to be processed can be effectively ensured.
In an alternative embodiment, the file header rule may further include a data segmentation rule when the file to be processed is encrypted, and when the file to be processed is encrypted, the file to be processed may be segmented according to the data segmentation rule, and then each segment of the file to be processed is encrypted according to a different or the same encryption algorithm, so as to generate final ciphertext data. Wherein the data segmentation rules may include a length of each segment, a spacing of segments, etc., which is not particularly limited in the present exemplary embodiment. In this way, the security of the file can be further improved.
In the present exemplary embodiment, a specific target application may be monitored, so as to encrypt a file for executing a write operation in the target application. Specifically, referring to fig. 5, assuming that the target application is CAD software, revit software, and sknchup software, the following steps may be performed:
Step S510, the kernel layer driver monitors the application program to execute the writing operation on the file to be processed, and when determining to execute the writing operation, step S520 is executed.
Step S520, determining the application type of the application program, and determining whether the application program is a target application. Step S530 may be performed when it is determined that the application is the target application, whereas step S560 may be performed when it is determined that the application is not the target application, storing the file to be processed.
Specifically, the kernel layer driver may monitor whether the target application is any one or more of the CAD software, the Revit software, and the sknchup software described above.
Step S530, determining an analysis rule of the header of the file to be processed according to the header rule corresponding to the target application, and analyzing the header of the file to be processed according to the analysis rule.
For example, when the target application is the Revit software, an 8-bit file header located at the header of the file to be processed can be obtained by parsing the file to be processed; when the target application is CAD software, a 4-bit file header positioned at the header of the file to be processed can be obtained by analyzing the file to be processed; when the target application is Sketchup software, an 8-bit file header positioned at the header of the file to be processed can be obtained by parsing the file to be processed.
Step S540, judging whether the header of the file to be processed is matched with the corresponding header verification mark.
When it is determined that the header of the to-be-processed file matches the corresponding header verification identifier, it is indicated that the to-be-processed file belongs to the file encryption type, step S550 may be executed to complete encryption of the to-be-processed file, otherwise, it is indicated that the to-be-processed file does not belong to the file encryption type, step S560 may be executed to store the to-be-processed file.
Step S550, encrypt the file to be processed.
For example, the encryption key and the encryption rule for storing the file to be processed may be configured in the file header rule, and the kernel layer driver may determine an encryption algorithm for encrypting the file to be processed by using the file header rule and encrypt the file to be processed by using the encryption key.
In step S560, the encrypted file to be processed is stored in the storage medium.
The storage medium may be a local database or any cloud data storage platform, which is not limited in this exemplary embodiment.
In summary, according to the file encryption method in the present exemplary embodiment, when it is detected by the kernel layer driver that the target application performs a write operation on the file to be processed, a header rule corresponding to the target application may be obtained, a file encryption type of the file to be processed may be determined according to the header rule, and the file to be processed may be encrypted according to the file encryption type. According to the scheme, the file encryption type of the file to be processed is determined according to the file header rule, the file to be processed is encrypted according to the file encryption type, transparent encryption of the file can be achieved, the safety of file data is guaranteed, meanwhile, the real type of the file can be determined according to the file header rule, the file type cannot be identified due to the fact that the file is changed in a suffix mode, and therefore identification accuracy of the file type and encryption reliability can be improved.
Also provided in the present exemplary embodiment is a file encrypting apparatus, and referring to fig. 6, a file encrypting apparatus 600 may include: the obtaining module 610 may be configured to obtain a header rule corresponding to a target application when it is detected by the kernel layer driver that the target application performs a write operation on a file to be processed; the encryption module 620 may be configured to determine a file encryption type of the file to be processed according to the file header rule, and encrypt the file to be processed according to the file encryption type.
In an exemplary embodiment of the present disclosure, the obtaining module 610 may be configured to detect, by the kernel layer driver, an application type of the target application, and obtain, according to the application type, a header rule corresponding to the target application.
In an exemplary embodiment of the present disclosure, the encryption module 620 may be configured to determine an parsing rule of a header of a file to be processed and a header verification identifier of the file to be processed according to the header rule, parse the file to be processed according to the parsing rule to obtain the header of the file to be processed, and match the header of the file to be processed with the header verification identifier of the file to be processed to determine whether the file to be processed belongs to an encrypted file type.
In an exemplary embodiment of the present disclosure, when the file to be processed is parsed according to the parsing rule, the encryption module 620 may be further configured to determine the number of bytes of the header of the file to be processed and/or the byte position of each byte in the file to be processed according to the parsing rule, and extract the byte data according to the number of bytes and/or the byte position of each byte in the file to be processed, so as to obtain the header of the file to be processed.
In an exemplary embodiment of the present disclosure, when the header of the to-be-processed file is matched with the header verification identifier of the to-be-processed file to determine whether the to-be-processed file belongs to an encrypted file type, the encryption module 620 may be further configured to perform conversion processing on the header of the to-be-processed file according to a preset conversion rule, and match the processed header with the header verification identifier of the to-be-processed file to determine whether the to-be-processed file belongs to the encrypted file type; the preset conversion rule comprises the step of converting a file header of a file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the encryption module 620 may be further configured to determine an encryption policy matching a file type of the file to be processed according to a file header rule, where the encryption policy includes an encryption level of the file to be processed and an encryption algorithm corresponding to the encryption level, and when it is determined that the file to be processed belongs to the encrypted file type, add an encryption identifier to a header or a trailer of the file to be processed, so that the kernel layer driver determines the encryption algorithm according to the encryption identifier and encrypts the file to be processed according to the encryption algorithm.
In an exemplary embodiment of the present disclosure, when encrypting a file to be processed, the encryption module 620 may be further configured to obtain an encryption key of the file to be processed by sending an acquisition request of the encryption key of the file to be processed to a server, and encrypt the file to be processed with the encryption key of the file to be processed based on a preset encryption algorithm, where the preset encryption algorithm includes any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm, and a combination algorithm of the symmetric encryption algorithm and the asymmetric encryption algorithm.
The specific details of each module in the above apparatus are already described in the method section embodiments, and the details of the undisclosed solution may be referred to the method section embodiments, so that they will not be described in detail.
Those skilled in the art will appreciate that the various aspects of the present disclosure may be implemented as a system, method, or program product. Accordingly, various aspects of the disclosure may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
Exemplary embodiments of the present disclosure also provide a computer-readable storage medium having stored thereon a program product capable of implementing the method described above in the present specification. In some possible implementations, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the disclosure as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.
Referring to fig. 7, a program product 700 for implementing the above-described method according to an exemplary embodiment of the present disclosure is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
Program product 700 may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
The exemplary embodiments of the present disclosure also provide an electronic device capable of implementing the above method, which may be a terminal device for performing the file encryption method in the present exemplary embodiment. An electronic device 800 according to such an exemplary embodiment of the present disclosure is described below with reference to fig. 8. The electronic device 800 shown in fig. 8 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 8, the electronic device 800 may be embodied in the form of a general purpose computing device. Components of electronic device 800 may include, but are not limited to: the at least one processing unit 810, the at least one memory unit 820, a bus 830 connecting the different system components (including the memory unit 820 and the processing unit 810), and a display unit 840.
Wherein the storage unit 820 stores program code that can be executed by the processing unit 810, such that the processing unit 810 performs steps according to various exemplary embodiments of the present disclosure described in the above section of the present specification. For example, the processing unit 810 may perform the method steps shown in fig. 1 to 5, etc.
Storage unit 820 may include readable media in the form of volatile storage units such as Random Access Memory (RAM) 821 and/or cache memory unit 822, and may further include Read Only Memory (ROM) 823.
The storage unit 820 may also include a program/utility 824 having a set (at least one) of program modules 825, such program modules 825 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 830 may be one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 800 may also communicate with one or more external devices 900 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 800, and/or any device (e.g., router, modem, etc.) that enables the electronic device 800 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 850. Also, electronic device 800 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 860. As shown, network adapter 860 communicates with other modules of electronic device 800 over bus 830. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 800, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with exemplary embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
Furthermore, the above-described figures are only schematic illustrations of processes included in the method according to the exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily appreciated that the processes shown in the above figures do not indicate or limit the temporal order of these processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, for example, among a plurality of modules.
From the description of the embodiments above, those skilled in the art will readily appreciate that the exemplary embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the exemplary embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the exemplary embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
Claims (6)
1. A method of encrypting a file, the method comprising:
When detecting that a target application executes a writing operation on a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application;
determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type;
The file header rule comprises a data segmentation rule applied to encrypting the file to be processed, and the data segmentation rule is used for segmenting the file to be processed;
And encrypting the file to be processed according to the file encryption type in the following manner: encrypting each segment of the file to be processed according to the file encryption type;
the determining the file encryption type of the file to be processed according to the file header rule includes:
Determining an analysis rule of the file header of the file to be processed and a file header verification identifier of the file to be processed according to the file header rule;
determining the byte number of the header of the file to be processed and/or the byte position of each byte in the file to be processed according to the analysis rule;
Extracting byte data according to the byte number and/or byte positions of each byte in the file to be processed to obtain a file header of the file to be processed;
Converting the header of the file to be processed according to a preset conversion rule, matching the processed header with a header verification identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type; the preset conversion rule comprises the steps of converting a file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm;
wherein, still include:
Determining an encryption strategy matched with the file type of the file to be processed according to the file header rule, wherein the encryption strategy comprises an encryption grade of the file to be processed and an encryption algorithm corresponding to the encryption grade;
when the file to be processed is determined to belong to the encrypted file type, adding an encrypted identifier at the head or tail of the file to be processed, so that the kernel layer driver determines an encryption algorithm according to the encrypted identifier, and encrypts the file to be processed according to the encryption algorithm.
2. The method of claim 1, wherein the obtaining the header rule corresponding to the target application includes:
Detecting the application type of the target application through the kernel layer driver, and acquiring a file header rule corresponding to the target application according to the application type.
3. The method of claim 1, wherein when encrypting the file to be processed, the method further comprises:
acquiring an encryption key of the file to be processed by sending an acquisition request of the encryption key of the file to be processed to a server;
And encrypting the file to be processed by adopting an encryption key of the file to be processed based on a preset encryption algorithm, wherein the preset encryption algorithm comprises any one or more of a symmetrical encryption algorithm, an asymmetrical encryption algorithm and a combined algorithm formed by the symmetrical encryption algorithm and the asymmetrical encryption algorithm.
4. A document encryption apparatus, the apparatus comprising:
The acquisition module is used for acquiring a file header rule corresponding to a target application when the target application is detected to execute a writing operation on a file to be processed through a kernel layer driver;
the encryption module is used for determining the file encryption type of the file to be processed according to the file header rule and encrypting the file to be processed according to the file encryption type;
The file header rule comprises a data segmentation rule applied to encrypting the file to be processed, and the data segmentation rule is used for segmenting the file to be processed;
And the encryption module encrypts the file to be processed according to the file encryption type in the following manner: encrypting each segment of the file to be processed according to the file encryption type;
The encryption module determines the file encryption type of the file to be processed according to the file header rule, and the method comprises the following steps:
Determining an analysis rule of the file header of the file to be processed and a file header verification identifier of the file to be processed according to the file header rule;
determining the byte number of the header of the file to be processed and/or the byte position of each byte in the file to be processed according to the analysis rule;
Extracting byte data according to the byte number and/or byte positions of each byte in the file to be processed to obtain a file header of the file to be processed;
Converting the header of the file to be processed according to a preset conversion rule, matching the processed header with a header verification identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type; the preset conversion rule comprises the steps of converting a file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm;
wherein, still include:
Determining an encryption strategy matched with the file type of the file to be processed according to the file header rule, wherein the encryption strategy comprises an encryption grade of the file to be processed and an encryption algorithm corresponding to the encryption grade;
when the file to be processed is determined to belong to the encrypted file type, adding an encrypted identifier at the head or tail of the file to be processed, so that the kernel layer driver determines an encryption algorithm according to the encrypted identifier, and encrypts the file to be processed according to the encryption algorithm.
5. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the method of any of claims 1-3.
6. An electronic device, comprising:
a processor; and
A memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1-3 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111111464.6A CN113792319B (en) | 2021-09-18 | 2021-09-18 | File encryption method, device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111111464.6A CN113792319B (en) | 2021-09-18 | 2021-09-18 | File encryption method, device, storage medium and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113792319A CN113792319A (en) | 2021-12-14 |
| CN113792319B true CN113792319B (en) | 2024-06-18 |
Family
ID=78879137
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111111464.6A Active CN113792319B (en) | 2021-09-18 | 2021-09-18 | File encryption method, device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113792319B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114662146A (en) * | 2022-03-24 | 2022-06-24 | 平安科技(深圳)有限公司 | Ciphertext data storage method, device, equipment and storage medium |
| CN116150786B (en) * | 2023-01-10 | 2023-11-28 | 深圳技术大学 | USB flash disk file encryption system based on instruction key self-setting |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1219260C (en) * | 2003-09-02 | 2005-09-14 | 四川大学 | Method for controlling storage and access of security file system |
| EP2696305B1 (en) * | 2011-08-15 | 2018-03-21 | Huawei Device Co., Ltd. | Method and device for file protection |
| CN103218575A (en) * | 2013-04-17 | 2013-07-24 | 武汉元昊科技有限公司 | Host file security monitoring method |
| CN103617401B (en) * | 2013-11-25 | 2017-02-08 | 北京深思数盾科技股份有限公司 | Method and device for protecting data files |
| CN106060003A (en) * | 2016-05-09 | 2016-10-26 | 北京航天数控***有限公司 | Network boundary unidirectional isolated transmission device |
| CN107516045A (en) * | 2016-06-17 | 2017-12-26 | 中兴通讯股份有限公司 | Document protection method and device |
| CN110166451B (en) * | 2019-05-20 | 2021-11-16 | 北京计算机技术及应用研究所 | Lightweight electronic document transfer control system and method |
| CN111143291A (en) * | 2019-11-19 | 2020-05-12 | 厦门天锐科技股份有限公司 | Encrypted file searching method and device and electronic equipment |
| CN110990851B (en) * | 2019-11-26 | 2021-07-23 | 山东三未信安信息科技有限公司 | Static data encryption protection method and system |
| CN111324901A (en) * | 2020-02-19 | 2020-06-23 | 陈灿阳 | Method for creating and decrypting enterprise security encrypted file |
| CN112966284A (en) * | 2021-03-26 | 2021-06-15 | 知印信息技术(天津)有限公司 | File encryption and decryption method and system and computer readable storage medium |
-
2021
- 2021-09-18 CN CN202111111464.6A patent/CN113792319B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113792319A (en) | 2021-12-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113792319B (en) | File encryption method, device, storage medium and electronic equipment | |
| US10958657B2 (en) | Utilizing transport layer security (TLS) fingerprints to determine agents and operating systems | |
| US20110060915A1 (en) | Managing Encryption of Data | |
| CN110324416B (en) | Download path tracking method, device, server, terminal and medium | |
| CN111291339A (en) | Processing method, device and equipment of block chain data and storage medium | |
| CN111193725B (en) | Configuration-based combined login method and device and computer equipment | |
| CN113225351B (en) | Request processing method and device, storage medium and electronic equipment | |
| CN111143808B (en) | System security authentication method and device, computing equipment and storage medium | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN113285945B (en) | Communication security monitoring method, device, equipment and storage medium | |
| CN110837635A (en) | Method, device, equipment and storage medium for equipment verification | |
| CN110633074A (en) | Use control method and device of software development kit | |
| CN114615031A (en) | File storage method and device, electronic equipment and storage medium | |
| CN110545542A (en) | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment | |
| CN109522683A (en) | Software source tracing method, system, computer equipment and storage medium | |
| CN113037760B (en) | Message sending method and device | |
| CN114884714A (en) | Task processing method, device, equipment and storage medium | |
| CN113992345A (en) | Method and device for encrypting and decrypting webpage sensitive data, electronic equipment and storage medium | |
| CN117195297B (en) | ERP-based data security and privacy protection system and method | |
| CN113627938B (en) | Data deleting method, device and equipment of block chain and storage medium | |
| CN114978737B (en) | Comprehensive management system for Doppler weather radar data | |
| CN113486380B (en) | Encryption method of text file | |
| US20240089270A1 (en) | Detecting malicious behavior from handshake protocols using machine learning | |
| CN116996248A (en) | Vehicle-mounted ECU file security management method, device, equipment and storage medium | |
| US20140090076A1 (en) | Method for detecting a possibility of an unauthorized transmission of a specific datum |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |