CN115664662B - Key processing method and device - Google Patents
Key processing method and device Download PDFInfo
- Publication number
- CN115664662B CN115664662B CN202211381898.2A CN202211381898A CN115664662B CN 115664662 B CN115664662 B CN 115664662B CN 202211381898 A CN202211381898 A CN 202211381898A CN 115664662 B CN115664662 B CN 115664662B
- Authority
- CN
- China
- Prior art keywords
- key
- spare
- server
- target
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a key processing method and a device, wherein the method comprises the following steps: receiving a key application request sent by a key service application through a load balancer; obtaining a target key from a spare key table of a key database server according to the key application request; transferring the target key to an in-use key table and binding the target key with the key service application; receiving a key inquiry request sent by the key service application through the load balancer; and according to the key inquiry request, acquiring the target key from the in-use key table, and sending the target key to the key service application through the load balancer. The scheme of the invention can keep the stability of the system in a high concurrency scene.
Description
Technical Field
The present invention relates to the field of computer information processing technologies, and in particular, to a method and an apparatus for processing a key.
Background
With the continuous development of information technology, network security is more and more important, and cryptographic technology is the core and foundation of network security. In the use of cryptographic techniques, support by a key server is required. Standard key management systems are well established based on related standards promulgated by the national bureau of security.
However, as security requirements grow, conventional key management systems expose the following problems: higher numbers of concurrency cannot be supported; the number of key stores is limited by tens of millions; the multi-zone secure distributed deployment of the total center and the sub-centers cannot be supported.
Disclosure of Invention
The invention aims to provide a key processing method and device. The stability of the system can be maintained in a high concurrency scene.
In order to solve the technical problems, the technical scheme of the invention is as follows:
a key processing method applied to a key server, the method comprising:
receiving a key application request sent by a key service application through a load balancer;
obtaining a target key from a spare key table of a key database server according to the key application request;
transferring the target key to an in-use key table and binding the target key with the key service application;
receiving a key inquiry request sent by the key service application through the load balancer;
and according to the key inquiry request, acquiring the target key from the in-use key table, and sending the target key to the key service application through the load balancer.
Optionally, the key database server includes: at least one spare key table and at least one active key table;
wherein the at least one spare key table stores spare keys.
Optionally, the process of storing the spare key in the spare key table includes:
generating a spare key;
calculating a spare key identifier;
calculating a hash value of the spare key identifier;
using the hash value to modulo the number of the at least one spare key table to obtain a first value;
the spare key is stored in a target spare key table indexed by a first value.
Optionally, according to the key query request, the obtaining the target key from the in-use key table includes:
acquiring a key identifier to be queried;
calculating a hash value of the key identifier;
using the hash value to modulo the number of the at least one in-use key table to obtain a second value;
the target key is read from the in-use key table indexed by the second value.
Optionally, the key database server includes: at least one key database comprising a spare key table and an active key table; wherein, the spare key table stores spare keys.
Optionally, the process of storing the spare key in the key database includes:
generating a spare key;
calculating a spare key identifier;
calculating a hash value of the spare key identifier;
using the hash value to modulo the number of the key database to obtain a third value;
the spare key is stored in a target key database indexed by a third value.
Optionally, according to the key query request, the obtaining the target key from the in-use key table includes:
acquiring a key identifier to be queried;
calculating a hash value of the key identifier;
using the hash value to modulo the number of the at least one key database to obtain a fourth value;
the target key is read from the in-use key table in the key database indexed by the fourth value.
Optionally, the key processing method further includes:
receiving a security channel establishment request sent by a sub-center key server, wherein the security channel establishment request carries:
encrypting the generated first random number by using an encryption public key certificate of the key server, signing the first random number by using a signature private key of the sub-center key server, and obtaining first signature data;
The key server uses a private key of the key server to decrypt the first signature data, and uses a public key of the sub-center key server to check the first signature data, after the check passes, a security channel establishment response is sent to the sub-center key server, and the security channel response carries a second random number generated by the key server;
the key server and the sub-center key server obtain a session key according to the exclusive or of the first random number and the second random number;
the key server and the sub-center key server transmit data based on the session key.
The embodiment of the invention also provides a key processing device, which comprises:
the receiving and transmitting module is used for receiving a key application request sent by the key service application through the load balancer;
the processing module is used for obtaining a target key from a spare key table of the key database server according to the key application request; transferring the target key to an in-use key table and binding the target key with the key service application;
the receiving and transmitting module is also used for receiving a key inquiry request sent by the key service application through the load balancer; and according to the key inquiry request, acquiring the target key from the in-use key table, and sending the target key to the key service application through the load balancer.
Embodiments of the present invention also provide a computer-readable storage medium storing instructions that, when executed on a computer, cause the computer to perform a method as described above.
The scheme of the invention at least comprises the following beneficial effects:
the scheme of the invention receives the key application request sent by the key service application through the load equalizer; obtaining a target key from a spare key table of a key database server according to the key application request; transferring the target key to an in-use key table and binding the target key with the key service application; receiving a key inquiry request sent by the key service application through the load balancer; according to the key inquiry request, the target key is obtained from the in-use key table, and the target key is sent to the key service application through the load balancer; the system can support high-concurrency key service requests and can maintain the stability of the system under a high concurrency scene.
Drawings
FIG. 1 is a flow chart of a key processing method according to an embodiment of the present invention;
FIG. 2 is a schematic illustration of an Nginx deployment architecture for a high concurrency scenario in accordance with an embodiment of the present invention;
FIG. 3 is a schematic diagram of a key database sub-table structure according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart of a spare key generation storage location table according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an in-use key table reading positioning table flow according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a key database partition structure according to an embodiment of the present invention;
FIG. 7 is a schematic flow chart of a backup key generation storage location key database of an embodiment of the present invention;
FIG. 8 is a schematic flow chart of the method for reading a positioning database by using a key table according to the embodiment of the invention;
FIG. 9 is a schematic diagram of a key hierarchy management structure according to an embodiment of the present invention;
FIG. 10 is a schematic diagram of a key management system total center and sub-center secure channel establishment process according to an embodiment of the present invention;
fig. 11 is a schematic software architecture of a key server according to an embodiment of the present invention.
Description of the embodiments
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As shown in fig. 1, an embodiment of the present invention provides a key processing method, applied to a key server, including:
and step 15, according to the key inquiry request, the target key is obtained from the in-use key table, and the target key is sent to the key service application through the load balancer.
The embodiment forwards a key application request sent by a key service application to a key database server through a load balancer; obtaining a target key from a spare key table of a key database server according to the key application request; here, the key database server is communicatively connected to the key server; transferring the target key to an in-use key table and binding the target key with the key service application; receiving a key inquiry request sent by the key service application through the load balancer; according to the key inquiry request, the target key is obtained from the in-use key table, and the target key is sent to the key service application through the load balancer; the system can support high-concurrency key service requests and can maintain the stability of the system under a high concurrency scene.
As shown in fig. 2, the system architecture between the key service application, the load balancer and the key server adopts a key management system cluster to improve instantaneous high-concurrency data requests.
The key processing mechanism of the high concurrency scene can select Nginx software as a load equalizer of the front end: the nmginx load balancer 203 acts to offload highly concurrent requests to its proxy's key management system according to a policy, alleviating the request data processing pressure of the key server.
In a high concurrency scenario, the key service application 201 and the key service application 202 send a key data request message to the nginnx load balancer 203;
the Nginx load balancer 203 proxies the whole key management system server cluster 204, and starts to process the request message after receiving the key application request message sent by the key service application 201 and the key service application 202;
the nginnx load balancer 203 queries its own load balancing policy, and selects a key server from the key management system server cluster 204 according to the load balancing policy, which may be any one of three key servers 205-207;
after selecting a key server, the nginnx load balancer 203 forwards the data message sent by the key service application terminal to the selected key server;
After receiving the data message forwarded by the nginnx load balancer 203, the key server starts to analyze the message;
if the message information is in the correct format, the key server starts to perform service logic processing. Otherwise, returning the appointed error information to the key service application;
and under the condition that the message information format is correct, the key server starts to process the received data message.
Inquiring information in a spare key base according to the data analyzed by the data message, taking out a specified number of keys meeting the conditions from the spare key base of the key server, transferring the keys to an active base of the key server, and binding the keys with the application identifier of the key service sending the request.
After the business logic processing is completed, the key of the database is subjected to data format message encapsulation, and the encapsulated message is directly returned to the key business application. Complete request-response logic in a high concurrency scenario thus far. The key processing mechanism of the high concurrency scenario may use hardware as a load balancer of the front end.
In an alternative embodiment of the present invention, as shown in fig. 3, the key database server includes: at least one spare key table and at least one active key table; wherein the at least one spare key table stores spare keys.
In this embodiment, a method is employed in which a plurality of tables of the same table structure are stored in plural, and key data are horizontally dispersed in different tables, thereby increasing the storage amount of key data and not being affected by the performance of a single table.
In a database, a table level may be split into N tables of the same table structure. When N is 1024, the data of each table is calculated by 1000 ten thousand data capacity, the data which can be stored in the table structure of the type can reach more than 100 hundred million, and the key capacity is greatly expanded; in this embodiment, the number of spare key tables is the same as the number of key tables in use.
In this embodiment, the process of storing the spare key in the spare key table includes:
step 41, generating a spare key;
step 42, calculating a spare key identification;
step 43, calculating the hash value of the spare key identifier;
step 44, using the hash value to modulo the number of the at least one spare key table to obtain a first value n1;
step 45, the spare key is stored in a target spare key table indexed by a first value n 1.
In this embodiment, the key server may obtain the key data of the key database by connecting to the key database server. Because of the multiple identical table structures, the key server stores the generated keys to the key database, locating them in a particular one of the N tables. And when the key server reads the key data from the key database, locating which of the N tables to read the data from.
In this embodiment, as shown in fig. 4, taking a process of generating a spare key and storing the spare key in a database to locate a specific table as an example, the specific steps are as follows:
After locating a particular table, data manipulation may be performed on the table n1, storing spare key data into the table.
In an alternative embodiment of the present invention, step 15 may include:
step 151, obtaining the key identification to be queried;
step 152, calculating a hash value of the key identification;
step 153, using the hash value to modulo the number of the at least one in-use key table to obtain a second value n2;
step 154, reading the target key from the used key table indexed by the second value n 2.
Specifically, as shown in fig. 5, taking a process of reading a specific table of the database in use of the library key as an example, the specific steps are as follows:
After locating the specific table, the key server may operate on the table n2, and read the corresponding key data according to the key identifier UUID.
As shown in fig. 6, the key database server includes: at least one key database comprising a spare key table and an active key table; wherein, the spare key table stores spare keys.
In the embodiment, the key database is horizontally split into a plurality of key databases with the same structure, so that the key data is horizontally dispersed in different key databases, the storage amount of the key data is increased, and the key databases are not influenced by the performance of a single database.
In terms of key database, one key database can be split horizontally into N databases of the same structure. When N is 1024, the data which can be stored by the table structure of the type can reach more than 100 hundred million by calculating with 1000 ten thousand data capacity of each library, and the key capacity is greatly expanded.
In this embodiment, the process of storing the spare key in the key database includes:
Step 71, generating a spare key;
step 72, calculating a spare key identification;
step 73, calculating a hash value of the spare key identifier;
step 74, using the hash value to modulo the number of the key database to obtain a third value n3;
step 75, storing the spare key in a target key database indexed by a third value n 3.
Specifically, as shown in fig. 7, the key server may acquire key data of the key database by connecting the key database server. Since there are multiple databases of the same structure, the key server stores the generated key to the key database, and locates it in a specific one of the N databases. And when the key server reads the key data from the key database, positioning to read the data from a specific one of the N databases.
As shown in fig. 7, taking a process of generating a spare key and storing the spare key in a database to locate a specific database as an example, the specific steps are as follows:
After locating the specific table, a data operation may be performed on database n3, and the spare key data may be stored in the database. If the sub-table is performed in the library, the sub-table positioning technology is continuously adopted to reposition to the specific table.
In an alternative embodiment of the present invention, step 15 may include:
step 155, obtaining the key identification to be queried;
step 156, calculating the hash value of the key identification;
step 157, using the hash value to modulo the number of the at least one key database to obtain a fourth value n4;
step 158 reads the target key from the in-use key table in the key database indexed by the fourth value n 4.
Specifically, as shown in fig. 8, taking an example of a process of locating a specific database by using a library key, the specific steps are as follows:
If the sub-table is performed in the database, the sub-table positioning technology is continuously adopted to position the specific table. And then reading the corresponding key data according to the UUID of the key identifier.
The database connected with each key server can adopt the database structure of the horizontal sub-table shown in fig. 3, or the database structure of the horizontal sub-table shown in fig. 6, and if larger key capacity needs to be supported, a mode of combining the two sub-table structures and the sub-table structures can be adopted.
In an alternative embodiment of the present invention, the key processing method further includes:
step 16, receiving a secure channel establishment request sent by a sub-center key server, where the secure channel establishment request carries: encrypting the random number random mA by using an encryption public key certificate of the key server, and signing the random mA by using a signature private key of the sub-center key server to obtain first signature data;
step 17, the key server uses the private key of the key server to decrypt the first signature data, and uses the public key of the sub-center key server to check the first signature data, after the check passes, a security channel establishment response is sent to the sub-center key server, and the security channel response carries a random number random B generated by the key server;
Step 18, the key server and the sub-center key server obtain a session key K according to the exclusive OR of the random mA and the random B;
and step 19, the key server and the sub-center key server transmit data based on the session key K.
Specifically, as shown in fig. 9, a key hierarchical management and multiple security domain control are provided, the key management system can support key hierarchical management of a general center and a branch center, so that multiple security domains are respectively controlled, and security is improved.
The key hierarchical management adopts a deployment mode of physical isolation of a main center and sub centers, and each center adopts a respective security policy. The centers are connected through a safety channel.
The key server may choose to initialize to the total center or the split center at the time of initialization. The process of initializing as a total central key server includes:
(1) Filling in basic information of a total center key server, wherein the basic information comprises the name, the physical position, the affiliated area and the like of the total center key server;
(2) The uploading general center key server encrypts the public key certificate and signs the public key certificate;
(3) Configuring a security policy, wherein the security policy comprises whether the split center key server is allowed to be connected;
The process of initializing the sub-center key server comprises the following steps:
(1) Filling in basic information of the sub-center key server, wherein the basic information comprises the name, the physical benefit, the affiliated area and the like of the sub-center key server;
(2) Selecting a total central key server to which the sub-central key server belongs;
(3) Uploading an encrypted public key certificate and a signed public key certificate of a sub-center key server;
(4) Configuring a security policy;
after the configuration of the total center key server and the sub-center key servers is completed, communication can be performed between the total center key server and the sub-center key servers. The communication data between them is transmitted through a secure channel.
Fig. 10 shows a process of establishing a secure channel between a sub-center key server and a total center key server:
(1) The sub-center key server A generates a first random number random mA;
(2) The branch center key server a encrypts the randomA using the encryption public key certificate of the general center key server B and signs the randomA using its own signature private key.
(3) The sub-center key server A splices the encrypted data and the signed data and then sends the spliced data to the total center key server B;
(4) After the data is received by the total center key server B, the data is decrypted by using the private key of the total center key server B, and signature verification is carried out on the signed data by using the public key of the sub-center key server A.
If the signature verification passes, continuing, otherwise, returning error information;
(5) The total center key server B generates a second random number random B, and the random mA and the random B are exclusive-or to obtain a session key K;
(6) The total center key server B encrypts the random B by using an encryption public key certificate of the sub-center key server A and signs the random B by using a signature private key of the total center key server B;
(7) The total center key server B splices the encrypted data and the signed data and then sends the spliced data to the sub-center key server A;
(8) After the data is received by the sub-center key server A, the data is decrypted by using the private key of the sub-center key server A, and signature verification is carried out on the signature data by using the public key of the total center key server B. If the signature verification passes, continuing, otherwise, returning error information;
(9) The sub-center key server A generates a random mA and decrypts the random mA to obtain a random B, and the random B is exclusive-or to obtain a session key K.
(10) So far, the sub-center key server A and the total center key server B both generate the same session key K, and the establishment of the secure channel is completed.
After the establishment of the security channels of the sub-center key server and the total center key server is completed, the security communication can be performed. The secure channel is time-limited and will fail when the security policy setting is reached. When the communication is performed again, a secure channel needs to be established again before the communication, and then normal communication can be performed.
As shown in fig. 11: the key server 11 also has at least one of the following functional modules,
and a user management module: maintenance and management of all administrative user information in a key system is provided. Including management of the user's roles and rights management and maintenance of the roles. The user can only log in to access the key management system after endowing relevant roles, and only access the authorized resources, and the security of data and business is ensured by separating the authorities. Authorization and authentication of the user role authority during login are provided by the identity authentication module.
Identity authentication module: the identity authentication module provides authority management of access application, including application authorization and authentication, and provides authorization and authentication when the whole key management system manages user login, so that only legal management users can access the authorized key management system resources. The identity authentication module is one of core modules in the whole key management system and plays a role in protecting the resource security of the whole key management system.
A key application management module: the key application management module provides maintenance and management of information of key service applications accessed in the whole key server. The operation includes application addition, application deletion, application freezing and application authorization. The key server can be accessed with a plurality of key service applications, and provides key generation services for the plurality of key service applications.
A key management module: the key management module is used for operating and maintaining symmetric key and asymmetric key information. The operation of the method comprises key generation, key revocation, key destruction, key import, key export, key backup, key restarting, key archiving and key recovery. The security of the use and storage of the keys is critical. The generation of the secret key is generated by a hardware cipher card, so that the randomness of the secret key generation is ensured.
The key server generates a master key by the hardware cipher card, encrypts the key pair in the hardware cipher card, and the user key pair in the cipher card cannot derive the storage position outside the cipher card, so that the security of the system master key in the key management system is ensured.
The symmetric key and the asymmetric key generated in the key server are stored in the database of the key server after being encrypted by the master key of the key server, the encryption storage of the keys ensures the security of the keys, and meanwhile, each key is subjected to MAC value verification in the key database, so that unauthorized key data modification phenomenon can be prevented, and the problem keys can be found timely.
Log audit module: the log audit module is also an important function in the key management system, and the operation of the log audit module comprises business log audit and operation log audit. An authorized operator can timely discover possible abnormal security operation in the key management system through auditing the log and perform corresponding security processing.
A database module: the database submodule provides a storage operation of all data in the whole key management system, and the storage operation comprises system main key information, application key information, key service application information, user information, system configuration information and security audit logs. Wherein the key information is securely stored in the key database in encrypted form.
In the above embodiment of the present invention, the key full life cycle management includes:
initializing: when the key is generated, the key metadata only contains general attributes such as key ID, generation time, key device identifier, generation apparatus device identifier, and the like.
Enabling: when the user selects the protected task (encryption), the system automatically allocates a secret key in a synchronous state to the user without the secret key, and supplements user information, task information, the validity period of the initiator, the validity period of the receiver, related algorithms and the like into the secret key metadata. When the key reaches this state, the key begins to calculate the initiator validity period.
And (3) stopping: when the receiver validity period of the key expires, the key will enter this state accordingly. The key in this state is no longer in open use for the user.
And (3) lifting pins: it is possible for a key management system administrator to revoke keys for security events, keys in this state not being able to be invoked. By a special procedure, the administrator can re-enable this key in a short time according to the user's needs.
Archiving: the system derives, compresses and saves the key data in the inactive state at intervals, and only basic information such as key ID, owner, filing time and the like is reserved. By a special procedure, the administrator can re-enable this key in a short time according to the user's needs.
Deletion: when the user performs a destroying key operation, the key enters this state. The key in this state is not visible to the user, but the system does nothing to do with the key. The user may retrieve this key through a key management system administrator.
Destroying: when the key is in the deleted state for N days, the system can destroy the key, and the destroyed key cannot be retrieved. N is specifically configured.
(1) The key generation comprises two modes of manual key generation and automatic key generation. Wherein the manual generation of keys requires the selection of the type of key used and the number of keys generated; the automatic generation of the key is divided into threshold generation and timing trigger generation, wherein the threshold generation refers to triggering the automatic generation of the key when the system detects that the number of the keys in the database standby table is lower than the threshold, the timing trigger generation refers to triggering the automatic generation of the key according to the timer time set by the system, and related strategies including parameters such as the threshold of the number of the keys are required to be set in the two automatic key generation modes. The generated key stores the ciphertext in a local backup database.
(2) Key enablement, which is initiated after a key in the spare library (from the time it was produced to be assigned) is moved to the user library and bound to the user request information.
(3) The compromise process is lost and when the key has been compromised, the secure use of the key will be immediately stopped. The method comprises the functions of encryption, decryption, signature verification and the like; at this point the system moves the key from the active keystore to the historical keystore and marks the key as revoked and appends the revoked reason.
(4) Key querying, providing a querying function to the key, wherein parameters include generation time, key type and the like.
When the key of the historical library is queried, key attribute keywords can be input into the system to query the key to support key application recovery operation, the use time of the application restarting expiration key can provide key decryption and signature verification operation according to the historical key restarting use time in the cluster strategy, and the expiration key cannot be used.
(5) The system can complete the backup and recovery of the secret key by adopting a database operation mode.
(6) The key is destroyed/deleted, and the destroying mode is different according to different key types. Before destroying the key, the key manager initiating the key operation must be authenticated again to ensure that the operation is executed correctly, and prevent illegal and misoperation. After confirmation, the key management system may require the service administrator to input a destruction reason for recording the audit log. The key data state that is operated upon will first transition to a "pre-destruction" state. In addition, the key management system also provides key data which can be withdrawn in a pre-destroying state for the administrator user, and provides timely recovery processing for misoperation of the administrator user. When the pre-destruction state of the key is finished, the key management system destroys the ciphertext value of the key and moves the ciphertext value into the historical key store.
(7) The key archiving is mainly used for exporting and archiving keys which are in the historical key store and meet the screening conditions, and transferring the exported keys to a local place for storage; key archiving attributes include: key start-stop time, key archiving time, etc.
In the embodiment of the invention, the key server completes the management of the whole life cycle of the key. Through the architecture mode of load balancing, the performance guarantee of stability and high availability under a high concurrency scene is realized.
The accurate positioning of data is realized through the horizontal database splitting and table splitting technology of the database and the database searching and table searching technology of the key server, so that the key management system can support billions and even billions of key capacity storage, and in the scene that information security keys are used more and more, the larger key use requirement can be met.
The key server main center and the sub-center are respectively deployed, and the key server main center and the sub-center are physically isolated, so that hierarchical management of keys is realized. The key management main center and the sub-centers are in data communication through the secure channel, each upper core forms a multi-security domain, the security domains are isolated from each other and are not affected, and the security of the whole key management system is improved.
The embodiment of the invention also provides a key processing device, which comprises:
the receiving and transmitting module is used for receiving a key application request sent by the key service application through the load balancer;
the processing module is used for obtaining a target key from a spare key table of the key database server according to the key application request; transferring the target key to an in-use key table and binding the target key with the key service application;
the receiving and transmitting module is also used for receiving a key inquiry request sent by the key service application through the load balancer; and according to the key inquiry request, acquiring the target key from the in-use key table, and sending the target key to the key service application through the load balancer.
Optionally, the key database server includes: at least one spare key table and at least one active key table;
wherein the at least one spare key table stores spare keys.
Optionally, the process of storing the spare key in the spare key table includes:
generating a spare key;
calculating a spare key identifier;
calculating a hash value of the spare key identifier;
Modulo the number of the at least one spare key table using the hash value to obtain n1;
the spare key is stored in the target spare key table n 1.
Optionally, according to the key query request, the obtaining the target key from the in-use key table includes:
acquiring a key identifier to be queried;
calculating a hash value of the key identifier;
using the hash value to modulo the number of the at least one in-use key table to obtain n2;
the target key is read from the in-use key table n 2.
Optionally, the key database server includes: at least one key database comprising a spare key table and an active key table; wherein, the spare key table stores spare keys.
Optionally, the process of storing the spare key in the key database includes:
generating a spare key;
calculating a spare key identifier;
calculating a hash value of the spare key identifier;
using the hash value to modulo the number of the key database to obtain n3;
the spare key is stored in the target key database n 3.
Optionally, according to the key query request, the obtaining the target key from the in-use key table includes:
Acquiring a key identifier to be queried;
calculating a hash value of the key identifier;
modulo the number of the at least one key database using the hash value to obtain n4;
the target key is read from the in-use key table in the key database n 4.
Optionally, the transceiver module is further configured to receive a secure channel establishment request sent by the key server sub-center, where the secure channel establishment request carries: encrypting the random number random mA by using an encryption public key certificate of the key server, and signing the random mA by using a signature private key of the sub-center key server to obtain first signature data;
the key server uses a private key of the key server to decrypt the first signature data, and uses a public key of the sub-center key server to check the first signature data, after the check passes, a security channel establishment response is sent to the sub-center key server, and the security channel response carries a random number random B generated by the key server;
the key server and the sub-center key server obtain a session key K according to the random mA and the random B exclusive or respectively;
the key server and the sub-center key server transmit data based on the session key K.
The device corresponds to the method on the key server side, and all the implementation manners in the above method embodiments are applicable to the embodiment, so that the same technical effects can be achieved.
Embodiments of the present invention also provide a computing device comprising: a processor, a memory and a program or instruction stored on the memory and executable on the processor, which when executed by the processor, implements the steps of the method as described above. The computing device may be the key server described above. In the embodiment of the present invention, the split center key server and the total center key server are the same key server, and may be the key servers.
Embodiments of the present invention also provide a computer-readable storage medium storing instructions that, when executed on a computer, cause the computer to perform a method as described above. All the implementation manners in the above method embodiments are applicable to the embodiment, and the same technical effects can be achieved.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, etc.
Furthermore, it should be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. Also, the steps of performing the series of processes described above may naturally be performed in chronological order in the order of description, but are not necessarily performed in chronological order, and some steps may be performed in parallel or independently of each other. It will be appreciated by those of ordinary skill in the art that all or any of the steps or components of the methods and apparatus of the present invention may be implemented in hardware, firmware, software, or a combination thereof in any computing device (including processors, storage media, etc.) or network of computing devices, as would be apparent to one of ordinary skill in the art after reading this description of the invention.
The object of the invention can thus also be achieved by running a program or a set of programs on any computing device. The computing device may be a well-known general purpose device. The object of the invention can thus also be achieved by merely providing a program product containing program code for implementing said method or apparatus. That is, such a program product also constitutes the present invention, and a storage medium storing such a program product also constitutes the present invention. It is apparent that the storage medium may be any known storage medium or any storage medium developed in the future. It should also be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. The steps of executing the series of processes may naturally be executed in chronological order in the order described, but are not necessarily executed in chronological order. Some steps may be performed in parallel or independently of each other.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.
Claims (6)
1. A key processing method, applied to a key server, comprising:
receiving a key application request sent by a key service application through a load balancer; the load balancer shunts high concurrency requests to its selected key servers based on a load balancing policy;
obtaining a target key from a spare key table of a key database server according to the key application request;
transferring the target key to an in-use key table and binding the target key with the key service application;
receiving a key inquiry request sent by the key service application through the load balancer;
according to the key inquiry request, the target key is obtained from the in-use key table, and the target key is sent to the key service application through the load balancer;
wherein the key database server comprises: at least one spare key table and at least one active key table; wherein the at least one spare key table stores spare keys; or alternatively
The key database server includes: at least one key database comprising a spare key table and an active key table; wherein, the spare key table stores spare keys;
The key database server comprises at least one spare key table and at least one in-use key table, and the target key is obtained from the in-use key table according to the key inquiry request, and the method comprises the following steps: acquiring a key identifier to be queried; calculating a hash value of the key identifier; using the hash value to modulo the number of the at least one in-use key table to obtain a second value; reading the target key from an in-use key table indexed by a second value;
in the case that the key database server includes at least one key database, obtaining the target key from the in-use key table according to the key inquiry request, including: acquiring a key identifier to be queried; calculating a hash value of the key identifier; using the hash value to modulo the number of the at least one key database to obtain a fourth value; the target key is read from the in-use key table in the key database indexed by the fourth value.
2. The key processing method according to claim 1, wherein the process of storing the spare key in the spare key table includes:
generating a spare key;
calculating a spare key identifier;
Calculating a hash value of the spare key identifier;
using the hash value to modulo the number of the at least one spare key table to obtain a first value;
the spare key is stored in a target spare key table indexed by a first value.
3. The key processing method according to claim 1, wherein the process of storing the spare key in the key database includes:
generating a spare key;
calculating a spare key identifier;
calculating a hash value of the spare key identifier;
using the hash value to modulo the number of the key database to obtain a third value;
the spare key is stored in a target key database indexed by a third value.
4. The key processing method according to claim 1, further comprising:
receiving a security channel establishment request sent by a sub-center key server, wherein the security channel establishment request carries: encrypting the generated first random number by using an encryption public key certificate of the key server, signing the first random number by using a signature private key of the sub-center key server, and obtaining first signature data;
the key server uses a private key of the key server to decrypt the first signature data, and uses a public key of the sub-center key server to check the first signature data, after the check passes, a security channel establishment response is sent to the sub-center key server, and the security channel establishment response carries a second random number generated by the key server;
The key server and the sub-center key server obtain a session key according to the exclusive or of the first random number and the second random number;
the key server and the sub-center key server transmit data based on the session key.
5. A key processing apparatus, comprising:
the receiving and transmitting module is used for receiving a key application request sent by the key service application through the load balancer; the load balancer shunts high concurrency requests to its selected key servers based on a load balancing policy;
the processing module is used for obtaining a target key from a spare key table of the key database server according to the key application request; transferring the target key to an in-use key table and binding the target key with the key service application;
the receiving and transmitting module is also used for receiving a key inquiry request sent by the key service application through the load balancer; according to the key inquiry request, the target key is obtained from the in-use key table, and the target key is sent to the key service application through the load balancer;
wherein the key database server comprises: at least one spare key table and at least one active key table; wherein the at least one spare key table stores spare keys; or alternatively
The key database server includes: at least one key database comprising a spare key table and an active key table; wherein, the spare key table stores spare keys;
the key database server comprises at least one spare key table and at least one in-use key table, and the target key is obtained from the in-use key table according to the key inquiry request, and the method comprises the following steps: acquiring a key identifier to be queried; calculating a hash value of the key identifier; using the hash value to modulo the number of the at least one in-use key table to obtain a second value; reading the target key from an in-use key table indexed by a second value;
in the case that the key database server includes at least one key database, obtaining the target key from the in-use key table according to the key inquiry request, including: acquiring a key identifier to be queried; calculating a hash value of the key identifier; using the hash value to modulo the number of the at least one key database to obtain a fourth value; the target key is read from the in-use key table in the key database indexed by the fourth value.
6. A computer readable storage medium storing instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211381898.2A CN115664662B (en) | 2022-11-07 | 2022-11-07 | Key processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211381898.2A CN115664662B (en) | 2022-11-07 | 2022-11-07 | Key processing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115664662A CN115664662A (en) | 2023-01-31 |
| CN115664662B true CN115664662B (en) | 2023-06-02 |
Family
ID=85015273
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211381898.2A Active CN115664662B (en) | 2022-11-07 | 2022-11-07 | Key processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115664662B (en) |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9838482B1 (en) * | 2014-12-18 | 2017-12-05 | Amazon Technologies, Inc. | Maintaining client/server session affinity through load balancers |
| CN107508686B (en) * | 2017-10-18 | 2020-07-03 | 克洛斯比尔有限公司 | Identity authentication method and system, computing device and storage medium |
| CN113765654B (en) * | 2020-06-03 | 2022-09-27 | 科大国盾量子技术股份有限公司 | Load balancing quantum key management device |
| CN114900338B (en) * | 2022-04-20 | 2023-07-21 | 岚图汽车科技有限公司 | Encryption and decryption method, device, equipment and medium |
| CN114584307B (en) * | 2022-05-07 | 2022-09-02 | 腾讯科技(深圳)有限公司 | Trusted key management method and device, electronic equipment and storage medium |
| CN115277709A (en) * | 2022-07-29 | 2022-11-01 | 河北素数信息安全有限公司 | Load balancing method of server cipher machine |
-
2022
- 2022-11-07 CN CN202211381898.2A patent/CN115664662B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN115664662A (en) | 2023-01-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11647007B2 (en) | Systems and methods for smartkey information management | |
| US11336631B2 (en) | Authorization method | |
| US20190230072A1 (en) | Securing files using per-file key encryption | |
| CA2752752C (en) | System and method for securely communicating with electronic meters | |
| Ray et al. | Secure logging as a service—delegating log management to the cloud | |
| US9088557B2 (en) | Encryption key management program, data management system | |
| US20140112470A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| CN110489996B (en) | Database data security management method and system | |
| KR101103403B1 (en) | Control method of data management system with emproved security | |
| KR20170047717A (en) | Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device | |
| KR20170019308A (en) | Method for providing trusted right information, method for issuing user credential including trusted right information, and method for obtaining user credential | |
| CN114826652A (en) | Traceable access control method based on double block chains | |
| JP2013020314A (en) | Data decentralization and storage system | |
| JP2024501326A (en) | Access control methods, devices, network equipment, terminals and blockchain nodes | |
| JP2013020313A (en) | Data decentralization and storage system | |
| CN100476841C (en) | Method and system for centrally managing code to hard disk of enterprise | |
| CN115664662B (en) | Key processing method and device | |
| CN114389878B (en) | Block chain slicing method and block chain network system | |
| CN112491787B (en) | Method and equipment for safety management of user data | |
| CN112769560B (en) | Key management method and related device | |
| EP4239510B1 (en) | Collaborative verification of certification computing system based on consistency proofs | |
| CN114726590A (en) | Method for realizing login authentication without centralization in distributed system | |
| CN117313144A (en) | Sensitive data management method and device, storage medium and electronic equipment | |
| CN118250079A (en) | Multi-terminal application data secure transmission method, device and system | |
| CN117251859A (en) | System and method for sharing geographic information data based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder |
Address after: 100000 901, Floor 9, Building 7, Yard 8, Auto Museum East Road, Fengtai District, Beijing Patentee after: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. Address before: 100094 room 101-502, 5th floor, building 10, yard 3, fengxiu Middle Road, Haidian District, Beijing Patentee before: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. |
|
| CP02 | Change in the address of a patent holder |