CN101271497A - Electric document anti-disclosure system and its implementing method - Google Patents
Electric document anti-disclosure system and its implementing methodDownload PDFInfo
- Publication number
- CN101271497A CN101271497ACNA2008100368982ACN200810036898ACN101271497ACN 101271497 ACN101271497 ACN 101271497ACN A2008100368982 ACNA2008100368982 ACN A2008100368982ACN 200810036898 ACN200810036898 ACN 200810036898ACN 101271497 ACN101271497 ACN 101271497A
- Authority
- CN
- China
- Prior art keywords
- encrypted partition
- client
- partition
- key
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034methodMethods0.000titleclaimsabstractdescription107
- 230000008569processEffects0.000claimsabstractdescription69
- 238000004891communicationMethods0.000claimsabstractdescription32
- 238000012544monitoring processMethods0.000claimsabstractdescription11
- 238000005192partitionMethods0.000claimsdescription183
- 150000003839saltsChemical class0.000claimsdescription24
- 238000013507mappingMethods0.000claimsdescription9
- 238000004321preservationMethods0.000claimsdescription8
- 238000012546transferMethods0.000claimsdescription6
- 238000004519manufacturing processMethods0.000claimsdescription4
- 230000004044responseEffects0.000claimsdescription4
- 238000012217deletionMethods0.000claimsdescription3
- 230000037430deletionEffects0.000claimsdescription3
- 230000000977initiatory effectEffects0.000claimsdescription3
- 238000007689inspectionMethods0.000claimsdescription3
- 238000000638solvent extractionMethods0.000claimsdescription3
- 230000026676system processEffects0.000claimsdescription3
- 230000002265preventionEffects0.000abstract2
- 238000007726management methodMethods0.000description12
- 238000012550auditMethods0.000description4
- 238000005516engineering processMethods0.000description4
- 230000006870functionEffects0.000description3
- 230000008901benefitEffects0.000description2
- 230000005540biological transmissionEffects0.000description2
- 230000002950deficientEffects0.000description2
- 238000011161developmentMethods0.000description2
- 230000000694effectsEffects0.000description2
- 238000012986modificationMethods0.000description2
- 230000004048modificationEffects0.000description2
- 238000011112process operationMethods0.000description2
- 230000002155anti-virotic effectEffects0.000description1
- 238000013475authorizationMethods0.000description1
- 230000006399behaviorEffects0.000description1
- 239000002775capsuleSubstances0.000description1
- 230000008859changeEffects0.000description1
- 230000007812deficiencyEffects0.000description1
- 238000001514detection methodMethods0.000description1
- 238000010586diagramMethods0.000description1
- 230000008520organizationEffects0.000description1
- 238000003860storageMethods0.000description1
- 239000013589supplementSubstances0.000description1
- 230000009897systematic effectEffects0.000description1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Technical field:
The present invention relates to a kind of system and method that prevents that electronic document from divulging a secret, particularly a kind of system and its implementation that is used for the computer network electric document anti-disclosure.
Background technology:
Along with popularizing and deeply of computer utility, and informationalized continuous development such as governments, enterprise, increasing capsule information are more and more preserved with the form of electronic document, and mutual also gradually the employing electronic document of information is finished.And the development of computer internet, various portable memory apparatus, the means of providing convenience for the exchange of electronic document circulation.How to guarantee to contain the safety problem of concerning security matters electronic document aspect use, transmission, storage of important information, become the key issue in the information-based process of all departments gradually.
But because the facility that these technical progresses bring makes electronic document is protected that it is difficult more to prevent that secret electronic document from revealing away the paper document more traditional than protection.
Divulging a secret of electronic document is meant that electronic document is transferred to the tissue outside from organization internal, perhaps is transferred to the people who haves no right to visit from the people who has the right to visit, and can views the content that they comprise.
Traditional safety technique; comprise fire wall, intrusion detection, anti-virus, information audit etc.; respectively on different levels; electronic document in the enterprise information system is played the certain protection effect; but they are respectively based on separately subsystem; independent operating is difficult to electronic document is formed systematized protection system.Based on the protection of data encryption realization electronic document, become the main method of present electronic document protection, the application data encryption technology is encrypted file, simultaneously in conjunction with other technology, realizes the safety management of electronic document.
For solving the anti-problem of divulging a secret of electronic document, common method is to adopt Host Security audit and network terminal monitoring management.But divulge a secret for the anti-of electronic document and since these methods can not monitoring management to the inner content of file, means as a supplement.
Another method is exactly the method to the encryption of single file and file permission management combination.Deposit by shielded classified papers are encrypted, when visit, judge whether and to visit according to the authority of setting in advance.The characteristics of this type systematic are the centralized management and the mandates of file.Not too suitable for carrying out the occasion that heap file handles at client terminal local, as the native compile of software etc.In addition, it can not stop the active that is authorized to the user to be divulged a secret and the active of document author is divulged a secret.
In existing Anticompromise Technique, also there is following shortcoming: encrypt after e-file is converted to particular file format, use by authorization control then, this method is too strict to the format restriction of protected document,, file layout can't use incompatible protection if can't changing to generic-document; The method of application encipher file dedicated reader, owing to be subjected to the restriction of reader, not only the file layout of Zhi Chiing can be restricted, the dirigibility that encrypt file uses also can be affected; Though also used the rights management of file in certain methods, the function ratio of rights management is more single; Editor is not exclusively supported to encrypt in the use aspect of encrypt file, and promptly when editor's encrypt file, the operation of file is uncontrollable, and file content is revealed easily.
Chinese patent application 200610041967.X, a kind of document protection method under cooperative surroundings has been proposed, this method is based on networked security files is encrypted, to the granted access of encrypt file, use under the confidential state and omnidistance audit management module and step, construct the collaborative work applied environment of a security files, its mainly anti-step of divulging a secret is: 1. delimit security files environment of applications scope, all security files that need protection in this environment are carried out encryption; 2. according to the management process of document, the use of security files is authorized, the user verifies to have only validated user can visit security files according to mandate to the visit of file; 3. authorized user uses security files under confidential state, can only carry out Authorized operation, forbids the operation of divulging a secret to file content; 4. when carrying out the security files visit, carry out complete log tracks and audit, do not provide a good operating platform for security files in use has the visit of divulging a secret.Though the anti-method of divulging a secret like this is irrelevant with file layout, also is based on the bulk encryption of file, accomplishes fully to prevent to divulge a secret, and also needs to be used other a large amount of means.
At the defective of file encryption system, various transparent encryption system is suggested.Their basic ideas are the file system Drive Layer work in system, are not based on the encryption of single file, and are based on the encryption of disk sector.The principle of work of transparent encryption system is exactly the interface of modification system to file operation.If revised the realization that the kernel of this read-write operation drives, will change the read-write behavior of all application programs.Like this, it can solve the defective based on the system of whole file encryption.
The transparent encryption system can be according to the suffix of file or the catalogue at place, and perhaps the process according to access file judges whether to carry out transparent encryption and decryption.
The transparent encryption system also needs to take precautions against divulging a secret that operations such as clipbook, film recording, screenshotss curtain cause except monitoring file operation, process operation, it is very big to finish a complete system works amount, and is very easy to be cracked.
In a word, all there is certain limitation in existing various electric document anti-disclosure methods.
Summary of the invention:
The present invention is directed to the existing deficiency of above-mentioned existing electric document anti-disclosure technology, and a kind of electronic document transmission that makes things convenient for is provided, can effectively prevent system and its implementation that electronic document is divulged a secret again.
In order to achieve the above object, a kind of electric document anti-disclosure system and the implementation method that the present invention relates to, this system mainly comprises the server and client side, described server carries out information communication by computer network and client;
Described server inside is provided with and is used for management trust process list, comprises interpolation, deletion trust process, the subscriber interface module I of establishment, loading, unloading encrypted partition; Described subscriber interface module I creates encrypted partition by connected encrypted partition module I, load key production module and generate and preserve encrypted partition loading key, the connection request of communication module I customer in response end, send to trust process list and encrypted partition loads key and transfer files, and by the encrypting module I realization that links to each other with the communication module I encryption and decryption to Content of communciation;
Described client inside is provided with and is used for Connection Service device, other client, creates, loads, unloads the subscriber interface module II of encrypted partition and exchange files; Described subscriber interface module II creates encrypted partition by connected encrypted partition module ii, the startup of process monitoring module monitors system process, the file operation of file monitor module monitors encrypted partition, communication between communication module II realization and server and the client, send connection request to server, transfer files etc., and realize encryption and decryption to Content of communciation by the encrypting module II that links to each other with communication module II.
Encrypted partition be can create on the described server and client side, encrypted partition and unloading encrypted partition loaded.
Described trust process list is the hashed value tabulation that is allowed to the executable program file carried out on client.
Communication between described server, the client is encrypted.
Described encrypted partition comprises Head Section and data field, the data encryption key that Head Section writes salt and encrypted during establishment, and the data field writes random data; When encrypted partition was created in a subregion or whole magnetic disk, this subregion or disk be not for comprising the system partitioning of operating system file.
What described encryption and decryption were used is disclosed standard symmetric encipherment algorithm, but the encryption and decryption key of communication two party exchanges after by the rivest, shamir, adelman rsa encryption.
Described client enters the concerning security matters attitude after loading encrypted partition, after this file is encrypted when being saved in the encrypted partition data field automatically, deciphers automatically when the file in reading of data district, and what encryption and decryption was used is data encryption key; Client computer can only write encrypted partition with file under the concerning security matters attitude, forbids other disk partition write operation; The client computer No starting process in trusting process list not under the concerning security matters attitude.
Based on the implementation method of above-mentioned electric document anti-disclosure system, this method comprises the steps:
(1) server initialization;
(2) client initialization;
(3) client is used encrypted partition.
Described step (1) realizes as follows:
(11) build-in services device end system on server;
(12) will on server, generate a tabulation and a preservation of trusting process in the program that will move on the client;
(13) on server, generate an encrypted partition at random and load key and preservation;
(14) use encrypted partition to load key and on server, create an encrypted partition;
(15) load encrypted partition;
(16) classified papers that will be protected are saved in this subregion.
Described step (2) realizes as follows:
(21) client is installed on client;
(22) client Connection Service device, the encrypted partition that obtains on the server loads key;
(23) use encrypted partition to load key and on client, create an encrypted partition.
Described step (3) realizes as follows:
(31) client Connection Service device obtains the tabulation of the trust process on the server and loads key;
(32) load encrypted partition, enter the concerning security matters attitude;
(33) operation encrypted partition;
(34) the unloading encrypted partition withdraws from the concerning security matters attitude.
Encrypted partition of described establishment specifically comprises the steps:
(231) user selects a file and specifies size, perhaps selects a Physical Extents or whole magnetic disk as encrypted partition;
(232) generate a salt at random, generate data encryption key at random; A key schedule uses salt and repeatedly generates a key in the back by the loading key interative computation that step (22) obtains, with a secret key encryption data encryption key;
(233) salt and ciphered data encryption key are kept at the encrypted partition Head Section, fill remaining space in the encrypted partition with random data.
Described step (15) comprises following operation steps:
(151) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(152) read in the Head Section of encrypted partition, obtain to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (13), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(153) be logic magnetic disc of encrypted partition mapping.
Described step (32) comprises following operation steps:
(321) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(322) read in the Head Section of encrypted partition, obtain to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (31), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(323) process of moving in the check system is if the hashed value of the executable program file of process is just killed this process not within the trust process list that step (31) is obtained;
(153) be logic magnetic disc of encrypted partition mapping.
Described step (33) comprises following operation steps:
(331) user starts a process, and the process that inspection will start is if the hashed value of the executable program file of this process just stops this process initiation not within the trust process list that step (31) is obtained;
(332) if the user preserves file to non-encrypted subregion, client stops this operation;
(333) if the user preserves file to encrypted partition, client is saved in the encrypted partition data field after using data encryption key to encrypt the data that will preserve;
(334) return to the user after the data that the file in user's reading encrypted partition data district, client use the data encryption key deciphering to read;
(335) user can be from server for encrypting partition data district xcopy to local cipher partition data district, perhaps the file copy with local cipher partition data district arrives server for encrypting partition data district, perhaps with the file copy in local cipher partition data district to other client encrypt partition data district, perhaps with the file copy local cipher partition data district in other client encrypt partition data district.
Other client and server in the described step (335) all loads encrypted partition.
Unloading encrypted partition in the described step (34) is meant to be deleted the logic magnetic disc of mapping from system, can not have access to the file that does not have deciphering in the encrypted partition before loading next time; This step comprises following content of operation:
(341) destroy the loading key;
(342) destroy a key;
(343) destroy data encryption key;
(344) kill all operating trust processes;
(345) empty the buffer memory that clipbook, buffer zone etc. may comprise file content in the encrypted partition.
The present invention who obtains according to technique scheme has the following advantages with respect to prior art: with this core content as protection of electronic document, rather than according to the catalogue at filename or place, neither be the object of protection with the read-write target of some process, have and the irrelevant characteristics of file layout; Under the concerning security matters attitude, only allow trust process operation, can prevent from variously to have the functional programs of divulging a secret and carry out, can prevent from variously to crack, the debugged program operation, make them can not crack, debug native system; Do not limit the use of screenshotss key, clipbook, be user-friendly to.
System of the present invention is by being kept at encrypted partition with shielded electronic document; electronic document can freely transmit between encrypted partition; but can not copy beyond the encrypted partition; therefore both made things convenient for freely exchanging of the interior electronic document of network; prevent divulging a secret of electronic document again effectively, had good application prospects.
Description of drawings:
Further specify the present invention below in conjunction with the drawings and specific embodiments.
Fig. 1 is a structural representation of the present invention.
Fig. 2 is the graph of a relation of the inner main modular of server among the present invention.
Fig. 3 is the graph of a relation of the inner main modular of client among the present invention
Fig. 4 is the structural drawing of encrypted partition of the present invention.
Fig. 5 is the graph of a relation of encryption key of the present invention, a key and data encryption key.
Embodiment:
For technological means, creation characteristic that the present invention is realized, reach purpose and effect is easy to understand, below in conjunction with concrete diagram, further set forth the present invention.
As shown in Figure 1, be a electric document anti-disclosure system under windows platform based on encrypted partition, system comprises following parts:
The Windows server that server software has been installed is used for management and trusts process list, generates encrypted partition loading key, customer in response end load request etc.
A plurality of window clients that client software is installed.Be used for the Connection Service device, create encrypted partition, load encrypted partition, restriction forbids moving non-trust process to the write operation of encrypted partition.
As shown in Figure 2, server software comprises following five functional modules:
Subscriber interface module I, system manager use this interface management to trust process, comprise interpolation, deletion trust process, create, load, unload encrypted partition etc.The interface is the Windows window interface of standard;
The encrypted partition module I is used for a file, subregion or whole magnetic disk are mapped to a logic magnetic disc, and file is encrypted when being saved in encrypted partition automatically, deciphers automatically when reading, and what encryption and decryption were used is disclosed standard symmetric encipherment algorithm.This module realizes that by a Windows device driver its work Windows core is by IRP and subscriber interface module communication;
Load key production module, be used for generating and preservation encrypted partition loading key;
Communication module I is used for the connection request of customer in response end, sends to trust process list and encrypted partition loads key, transfer files etc.;
Encrypting module I is used for the encryption and decryption Content of communciation, and what encryption and decryption were used is disclosed standard symmetric encipherment algorithm, but the encryption and decryption key of communication two party exchanges after by the rivest, shamir, adelman rsa encryption.
Can get every function that the user can realize server by the direct control loaded key production module of subscriber interface module I, encrypted partition module I and the communication module I that is connected with encrypting module I by Fig. 2.
As shown in Figure 3, client software comprises following six functional modules:
Subscriber interface module II, user use this interface Connection Service device, other client, create, load, unload encrypted partition, exchange files etc.The interface is the Windows window interface of standard;
The encrypted partition module ii, be used for a file, subregion or whole magnetic disk are mapped to a logic magnetic disc, file is encrypted when being saved in encrypted partition automatically, deciphers automatically when reading, and what encryption and decryption were used is disclosed standard symmetric encipherment algorithm.This module realizes that by a Windows device driver its work Windows core is by IRP and user interface communication;
The process monitoring module is responsible for the startup of supervisory system process, has only the process of trusting in the process list just to allow to carry out.This module realizes by a Windows device driver, by the monitoring of hook Windows system core service implementation process.Its work Windows core is by IRP and subscriber interface module communication;
The file monitor module is responsible for the file operation of monitoring encrypted partition, have only the trust process just can write encrypted partition, and the trust process can not write file encrypted partition subregion in addition.This module realizes by a Windows device driver, realizes file monitor by the service of the hook Windows system core.Its work Windows core is by IRP and user interface communication;
Communication module II, be responsible for and server and client between communication, send connection request, transfer files etc. to server;
Encrypting module II is used for the encryption and decryption Content of communciation, and what encryption and decryption were used is disclosed standard symmetric encipherment algorithm, but the encryption and decryption key of communication two party exchanges after by the rivest, shamir, adelman rsa encryption.
By on Fig. 3 as can be known, the user can directly control encrypted partition module ii, process monitoring module, file monitor module and be connected with encrypting module II by the subscriber interface module II on the client communication module II is to realize every function of client.
All be divided into system partitioning (installing operating system), encrypted partition (preservation confidential document) and other subregion (preserving other data) on server and client side's disk in this implementation column, the server and client side can create encrypted partition, loads encrypted partition and unloading encrypted partition.
The trust process list here is meant the hashed value tabulation that is allowed to the executable program file carried out on client.
In order to prevent that information-leakage the server here, the communication between the client from having realized encryption by encrypting module.
As shown in Figure 4, the encrypted partition of indication comprises Head Section and data field here, the data encryption key that Head Section writes salt and encrypted during establishment, and the data field writes random data; When encrypted partition was created in a subregion or whole magnetic disk, this subregion or disk be not for comprising the subregion of operating system file.
According to the anti-disclosure system that technique scheme obtains, its using method based on the electric document anti-disclosure system of encrypted partition under windows platform comprises following operation steps:
(1) server initialization;
(2) client initialization;
(3) client is used encrypted partition.
Step (1) further comprises following content of operation:
(11) build-in services device end system on server;
(12) will on server, generate a tabulation and a preservation of trusting process in the program that will move on the client;
(13) on server, generate an encrypted partition at random and load key and preservation;
(14) use encrypted partition to load key and on server, create an encrypted partition;
(15) load encrypted partition;
(16) classified papers that will be protected are saved in this subregion.
Step (2) further comprises following content of operation:
(21) client is installed on client;
(22) client Connection Service device, the encrypted partition that obtains on the server loads key;
(23) use encrypted partition to load key and on client, create an encrypted partition.
Step (3) further comprises following content of operation:
(31) client Connection Service device obtains the tabulation of the trust process on the server and loads key;
(32) load encrypted partition, enter the concerning security matters attitude;
(33) operation encrypted partition;
(34) the unloading encrypted partition withdraws from the concerning security matters attitude.
Described step (14) and (23) further comprise following content of operation:
(231) user selects a file and specifies size, perhaps selects a Physical Extents or whole magnetic disk as encrypted partition;
(232) generate a salt at random, generate data encryption key at random; A key schedule uses salt and repeatedly generates a key in the back by the loading key interative computation that step (22) obtains, and with a secret key encryption data encryption key, the relation between the key as shown in Figure 5;
(233) salt and ciphered data encryption key are kept at the encrypted partition Head Section, fill remaining space in the encrypted partition with random data.
Step (15) further comprises following content of operation:
(151) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(152) client is read in the Head Section of encrypted partition, obtains to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (13), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(153) be logic magnetic disc of encrypted partition mapping.
Step (32) further comprises following content of operation:
(321) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(322) read in the Head Section of encrypted partition, obtain to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (31), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(323) process of moving in the check system is if the hashed value of the executable program file of process is just killed this process not within the trust process list that step (31) is obtained;
(324) be logic magnetic disc of encrypted partition mapping.
Described step (33) further comprises following content of operation:
(331) user starts a process, and the process that inspection will start is if the hashed value of the executable program file of this process just stops this process initiation not within the trust process list that step (31) is obtained;
(332) if the user preserves file to non-encrypted subregion, client stops this operation;
(333) if the user preserves file to encrypted partition, client is saved in the encrypted partition data field after using data encryption key to encrypt the data that will preserve;
(334) if the file in user's reading encrypted partition data district returns to the user after the data that client uses the data encryption key deciphering to read;
(335) user can be from server for encrypting partition data district xcopy to local cipher partition data district, perhaps the file copy with local cipher partition data district arrives server for encrypting partition data district, perhaps with the file copy in local cipher partition data district to other client encrypt partition data district, perhaps with the file copy local cipher partition data district in other client encrypt partition data district.
After any one server, client had loaded encrypted partition, other server, client could mutual swap files after also must loading encrypted partition.
Unloading encrypted partition in the step (34) is meant to be deleted the logic magnetic disc of mapping from system, can not have access to the file that does not have deciphering in the encrypted partition before loading next time; This step comprises following content of operation:
(341) destroy the loading key;
(342) destroy a key;
(343) destroy data encryption key;
(344) kill all operating trust processes;
(345) empty the buffer memory that clipbook, buffer zone etc. may comprise file content in the encrypted partition.
The present invention who obtains according to technique scheme the anti-function of divulging a secret specific as follows shown in:
1, the employee is installed to notebook computer with client software, and classified papers are copied to encrypted partition from corporate server.After leaving company, owing to can not be connected to corporate server, can't obtain the encrypted partition loading pin, can not open encrypted partition, realized the anti-purpose of divulging a secret.
2, after loading encrypted partition, the employee wants the classified papers in the encrypted partition are copied to portable hard drive, but system forbids the disk write operation to other, duplicates failure, has realized the anti-purpose of divulging a secret.
3, after loading encrypted partition, the employee wants by certain ftp software the classified papers in the encrypted partition to be sent, but this ftp software not in the trust process list on the server, and this software can not move, and has realized the anti-purpose of divulging a secret.
4, after loading encrypted partition, the employee has opened the classified papers in the encrypted partition, wants then by screenshotss screen content to be preserved, though system allows the employee to use the screenshotss key, but when preserving, can only be saved in encrypted partition, realize the anti-purpose of divulging a secret.
More than show and described ultimate principle of the present invention and principal character and advantage of the present invention.The technician of the industry should understand; the present invention is not restricted to the described embodiments; that describes in the foregoing description and the instructions just illustrates principle of the present invention; without departing from the spirit and scope of the present invention; the present invention also has various changes and modifications, and these changes and improvements all fall in the claimed scope of the invention.The claimed scope of the present invention is defined by appending claims and equivalent thereof.
Claims (17)
1, a kind of electric document anti-disclosure system, this system mainly comprises the server and client side, it is characterized in that, described server carries out information communication by computer network and client;
Described server inside is provided with and is used for management trust process list, comprises interpolation, deletion trust process, the subscriber interface module I of establishment, loading, unloading encrypted partition; Described subscriber interface module I creates encrypted partition by connected encrypted partition module I, load key production module and generate and preserve encrypted partition loading key, the connection request of communication module I customer in response end, send to trust process list and encrypted partition loads key and transfer files, and by the encrypting module I realization that links to each other with the communication module I encryption and decryption to Content of communciation;
Described client inside is provided with and is used for Connection Service device, other client, creates, loads, unloads the subscriber interface module II of encrypted partition and exchange files; Described subscriber interface module II creates encrypted partition by connected encrypted partition module ii, the startup of process monitoring module monitors system process, the file operation of file monitor module monitors encrypted partition, communication between communication module II realization and server and the client, send connection request to server, transfer files etc., and realize encryption and decryption to Content of communciation by the encrypting module II that links to each other with communication module II.
2, a kind of electric document anti-disclosure system according to claim 1 is characterized in that, can create encrypted partition on the described server and client side, loads encrypted partition and unloading encrypted partition.
3, a kind of electric document anti-disclosure system according to claim 1 is characterized in that, described trust process list is the hashed value tabulation that is allowed to the executable program file carried out on client.
4, a kind of electric document anti-disclosure system according to claim 1 is characterized in that, the communication between described server, the client is encrypted.
5, a kind of electric document anti-disclosure system according to claim 1 is characterized in that, described encrypted partition comprises Head Section and data field, the data encryption key that Head Section writes salt and encrypted during establishment, and the data field writes random data; When encrypted partition was created in a subregion or whole magnetic disk, this subregion or disk be not for comprising the system partitioning of operating system file.
6, a kind of electric document anti-disclosure system according to claim 1 is characterized in that, what described encryption and decryption were used is disclosed standard symmetric encipherment algorithm, but the encryption and decryption key of communication two party exchanges after by the rivest, shamir, adelman rsa encryption.
7, a kind of electric document anti-disclosure system according to claim 1, it is characterized in that, described client enters the concerning security matters attitude after loading encrypted partition, after this file is encrypted when being saved in the encrypted partition data field automatically, automatically decipher when the file in reading of data district, what encryption and decryption was used is data encryption key; Client computer can only write encrypted partition with file under the concerning security matters attitude, forbids other disk partition write operation; The client computer No starting process in trusting process list not under the concerning security matters attitude.
8, based on the implementation method of above-mentioned electric document anti-disclosure system, this method comprises the steps:
(1) server initialization;
(2) client initialization;
(3) client is used encrypted partition.
9, implementation method according to claim 8 is characterized in that, described step (1) realizes as follows:
(11) build-in services device end system on server;
(12) will on server, generate a tabulation and a preservation of trusting process in the program that will move on the client;
(13) on server, generate an encrypted partition at random and load key and preservation;
(14) use encrypted partition to load key and on server, create an encrypted partition;
(15) load encrypted partition;
(16) classified papers that will be protected are saved in this subregion.
10, implementation method according to claim 8 is characterized in that, described step (2) realizes as follows:
(21) client is installed on client;
(22) client Connection Service device, the encrypted partition that obtains on the server loads key;
(23) use encrypted partition to load key and on client, create an encrypted partition.
11, implementation method according to claim 8 is characterized in that, described step (3) realizes as follows:
(31) client Connection Service device obtains the tabulation of the trust process on the server and loads key;
(32) load encrypted partition, enter the concerning security matters attitude;
(33) operation encrypted partition;
(34) the unloading encrypted partition withdraws from the concerning security matters attitude.
According to claim 9 or 10 described implementation methods, it is characterized in that 12, encrypted partition of described establishment specifically comprises the steps:
(231) user selects a file and specifies size, perhaps selects a Physical Extents or whole magnetic disk as encrypted partition;
(232) generate a salt at random, generate data encryption key at random; A key schedule uses salt and repeatedly generates a key in the back by the loading key interative computation that step (22) obtains, with a secret key encryption data encryption key;
(233) salt and ciphered data encryption key are kept at the encrypted partition Head Section, fill remaining space in the encrypted partition with random data.
13, implementation method according to claim 9 is characterized in that, described step (15) comprises following operation steps:
(151) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(152) client is read in the Head Section of encrypted partition, obtains to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (13), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(153) be logic magnetic disc of encrypted partition mapping.
14, implementation method according to claim 11 is characterized in that, described step (32) comprises following operation steps:
(321) user selects file, subregion or the whole magnetic disk at the encrypted partition place of step (231) establishment;
(322) read in the Head Section of encrypted partition, obtain to be kept at the salt of Head Section; With this salt and the loading key that obtains from step (31), carry out generating algorithm and generate a key; With ciphered data encryption key in the secret key decryption Head Section, obtain data encryption key;
(323) process of moving in the check system is if the hashed value of the executable program file of process is just killed this process not within the trust process list that step (31) is obtained;
(324) be logic magnetic disc of encrypted partition mapping.
15, implementation method according to claim 11 is characterized in that, described step (33) comprises following operation steps:
(331) user starts a process, and the process that the client inspection will start is if the hashed value of the executable program file of this process just stops this process initiation not within the trust process list that step (31) is obtained;
(332) if the user preserves file to non-encrypted subregion, client stops this operation;
(333) if the user preserves file to encrypted partition, client is saved in the encrypted partition data field after using data encryption key to encrypt the data that will preserve;
(334) return to the user after the data that the file in user's reading encrypted partition data district, client use the data encryption key deciphering to read;
(335) user can be from server for encrypting partition data district xcopy to local cipher partition data district, perhaps the file copy with local cipher partition data district arrives server for encrypting partition data district, perhaps with the file copy in local cipher partition data district to other client encrypt partition data district, perhaps with the file copy local cipher partition data district in other client encrypt partition data district.
16, implementation method according to claim 15 is characterized in that, other client and server in the described step (335) has all loaded encrypted partition.
17, implementation method according to claim 11 is characterized in that, the unloading encrypted partition in the described step (34) is meant to be deleted the logic magnetic disc of mapping from system, can not have access to the file that does not have deciphering in the encrypted partition before loading next time; This step comprises following content of operation:
(341) destroy the loading key;
(342) destroy a key;
(343) destroy data encryption key;
(344) kill all operating trust processes;
(345) empty the buffer memory that clipbook, buffer zone etc. may comprise file content in the encrypted partition.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810036898ACN100592313C (en) | 2008-04-30 | 2008-04-30 | An electronic document anti-leakage system and its implementation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810036898ACN100592313C (en) | 2008-04-30 | 2008-04-30 | An electronic document anti-leakage system and its implementation method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101271497Atrue CN101271497A (en) | 2008-09-24 |
| CN100592313C CN100592313C (en) | 2010-02-24 |
Family
ID=40005465
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810036898AExpired - Fee RelatedCN100592313C (en) | 2008-04-30 | 2008-04-30 | An electronic document anti-leakage system and its implementation method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100592313C (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101814120A (en)* | 2010-03-11 | 2010-08-25 | 四川大学锦江学院 | Word document data transfer based on digital watermarking |
| CN101860438A (en)* | 2010-06-30 | 2010-10-13 | 上海华御信息技术有限公司 | Local data secret leakage prevention system and method based on secret-related data flow direction encryption |
| CN102045169A (en)* | 2010-12-10 | 2011-05-04 | 厦门市美亚柏科信息股份有限公司 | New password authentication method and device |
| CN102087605A (en)* | 2011-01-28 | 2011-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
| CN102495987A (en)* | 2011-12-18 | 2012-06-13 | 西安安智科技有限公司 | Method and system for local confidence breach preventing access to electronic information |
| CN101729550B (en)* | 2009-11-09 | 2012-07-25 | 西北大学 | Digital content safeguard system based on transparent encryption and decryption, and encryption and decryption method thereof |
| CN103235916A (en)* | 2013-05-14 | 2013-08-07 | 张训杰 | Method for preventing information from being leaked passively |
| CN103268452A (en)* | 2013-05-31 | 2013-08-28 | 福建伊时代信息科技股份有限公司 | Method and device for file processing |
| CN103488956A (en)* | 2012-06-07 | 2014-01-01 | 亚旭电脑股份有限公司 | Data protection method of portable electronic device and computer program product thereof |
| CN103516722A (en)* | 2013-09-17 | 2014-01-15 | 亚欧宝龙信息安全技术(湖南)有限公司 | Subscriber stage file automatic encryption and decryption method and device |
| CN103914662A (en)* | 2013-09-17 | 2014-07-09 | 亚欧宝龙信息安全技术(湖南)有限公司 | Access control method and device of file encrypting system on the basis of partitions |
| CN104079539A (en)* | 2013-03-28 | 2014-10-01 | 阿里巴巴集团控股有限公司 | Data privacy storage method and client |
| CN104376270A (en)* | 2013-08-12 | 2015-02-25 | 深圳中兴网信科技有限公司 | File protection method and system |
| CN104732323A (en)* | 2013-12-18 | 2015-06-24 | 株式会社日立制作所 | Maintenance management system of elevating apparatus |
| CN105046174A (en)* | 2015-07-17 | 2015-11-11 | 中国科学院信息工程研究所 | Disk data protection method and system |
| CN105471956A (en)* | 2014-09-11 | 2016-04-06 | 中兴通讯股份有限公司 | User safety control method of social network, social application tool and terminal |
| CN107665311A (en)* | 2016-07-28 | 2018-02-06 | 中国电信股份有限公司 | Authentication Client, encryption data access method and system |
| CN111177783A (en)* | 2019-12-31 | 2020-05-19 | 北京明朝万达科技股份有限公司 | Method and device for preventing mobile storage medium from being divulged |
- 2008
- 2008-04-30CNCN200810036898Apatent/CN100592313C/ennot_activeExpired - Fee Related
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101729550B (en)* | 2009-11-09 | 2012-07-25 | 西北大学 | Digital content safeguard system based on transparent encryption and decryption, and encryption and decryption method thereof |
| CN101814120A (en)* | 2010-03-11 | 2010-08-25 | 四川大学锦江学院 | Word document data transfer based on digital watermarking |
| CN101860438A (en)* | 2010-06-30 | 2010-10-13 | 上海华御信息技术有限公司 | Local data secret leakage prevention system and method based on secret-related data flow direction encryption |
| CN102045169A (en)* | 2010-12-10 | 2011-05-04 | 厦门市美亚柏科信息股份有限公司 | New password authentication method and device |
| CN102045169B (en)* | 2010-12-10 | 2015-11-25 | 厦门市美亚柏科信息股份有限公司 | A kind of New password authentication method and device |
| CN102087605A (en)* | 2011-01-28 | 2011-06-08 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
| CN102087605B (en)* | 2011-01-28 | 2014-05-07 | 宇龙计算机通信科技(深圳)有限公司 | Android-based platform application installation control method and system |
| CN102495987A (en)* | 2011-12-18 | 2012-06-13 | 西安安智科技有限公司 | Method and system for local confidence breach preventing access to electronic information |
| CN102495987B (en)* | 2011-12-18 | 2015-08-19 | 西安安智科技有限公司 | The method and system of the anti-access of divulging a secret in a kind of electronic information this locality |
| CN103488956A (en)* | 2012-06-07 | 2014-01-01 | 亚旭电脑股份有限公司 | Data protection method of portable electronic device and computer program product thereof |
| CN104079539A (en)* | 2013-03-28 | 2014-10-01 | 阿里巴巴集团控股有限公司 | Data privacy storage method and client |
| CN104079539B (en)* | 2013-03-28 | 2017-09-08 | 阿里巴巴集团控股有限公司 | A kind of data confidentiality storage method and client |
| CN103235916A (en)* | 2013-05-14 | 2013-08-07 | 张训杰 | Method for preventing information from being leaked passively |
| CN103235916B (en)* | 2013-05-14 | 2016-05-11 | 张训杰 | A kind of passive method of divulging a secret of anti-information |
| CN103268452A (en)* | 2013-05-31 | 2013-08-28 | 福建伊时代信息科技股份有限公司 | Method and device for file processing |
| CN104376270A (en)* | 2013-08-12 | 2015-02-25 | 深圳中兴网信科技有限公司 | File protection method and system |
| CN103914662A (en)* | 2013-09-17 | 2014-07-09 | 亚欧宝龙信息安全技术(湖南)有限公司 | Access control method and device of file encrypting system on the basis of partitions |
| CN103516722A (en)* | 2013-09-17 | 2014-01-15 | 亚欧宝龙信息安全技术(湖南)有限公司 | Subscriber stage file automatic encryption and decryption method and device |
| CN103516722B (en)* | 2013-09-17 | 2016-08-17 | 亚欧宝龙信息安全技术(湖南)有限公司 | A kind of automatic encryption and decryption method and device of user class file |
| CN104732323A (en)* | 2013-12-18 | 2015-06-24 | 株式会社日立制作所 | Maintenance management system of elevating apparatus |
| CN105471956A (en)* | 2014-09-11 | 2016-04-06 | 中兴通讯股份有限公司 | User safety control method of social network, social application tool and terminal |
| CN105046174A (en)* | 2015-07-17 | 2015-11-11 | 中国科学院信息工程研究所 | Disk data protection method and system |
| CN107665311A (en)* | 2016-07-28 | 2018-02-06 | 中国电信股份有限公司 | Authentication Client, encryption data access method and system |
| CN111177783A (en)* | 2019-12-31 | 2020-05-19 | 北京明朝万达科技股份有限公司 | Method and device for preventing mobile storage medium from being divulged |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100592313C (en) | 2010-02-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100592313C (en) | An electronic document anti-leakage system and its implementation method | |
| CN101729550B (en) | Digital content safeguard system based on transparent encryption and decryption, and encryption and decryption method thereof | |
| US7210043B2 (en) | Trusted computer system | |
| CN103530570B (en) | A kind of electronic document safety management system and method | |
| US8261320B1 (en) | Systems and methods for securely managing access to data | |
| CN100568251C (en) | Protection method of secret-related documents in collaborative work environment | |
| CN103679050A (en) | Security management method for enterprise-level electronic documents | |
| CN101944168B (en) | Electronic file authority control and management system | |
| CN109104281A (en) | Tokenized hardware security module | |
| US20090319786A1 (en) | Electronic data security system and method | |
| CN103336929B (en) | Method and system for encrypted file access | |
| CN101441601B (en) | Ciphering transmission method of hard disk ATA instruction and system | |
| CN201682524U (en) | Document transfer authority control system based on document filtering driver | |
| CN102948114A (en) | Single-use authentication method for accessing encrypted data | |
| CN102156844A (en) | Implementation method of electronic document on-line/off-line safety management system | |
| CN101098224B (en) | Method for encrypting/deciphering dynamically data file | |
| CN102609667A (en) | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program | |
| JP4735331B2 (en) | Information processing apparatus and information processing system using virtual machine, and access control method | |
| CN106682521B (en) | File transparent encryption and decryption system and method based on driver layer | |
| CN105740725A (en) | File protection method and system | |
| CN105303074A (en) | Method for protecting security of Web application | |
| CN109063499A (en) | A kind of electronic record area authorization method and system that flexibly can configure | |
| CN111736783A (en) | A self-service printing method based on blockchain | |
| CN104933361A (en) | Device and method for protecting login password | |
| CN109918934A (en) | Research and development data security and confidentiality system based on AES three-layer dynamic encryption technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20100224 Termination date:20140430 |