112results about How to "Ensure transmission security" patented technology

The invention discloses isomery medical information integrating system based on HL7 proxy server. It includes the following steps: receiving available resource enrollment from self area HL7 proxy server; managing it as resource metadata; responding any accessing request; setting HL7 proxy server at each hospital knot to manage medical information system; downloading available resource view in time to selecting remote integrating target for user; receiving self area medical information integrating request; accessing local or remote information system; integrating each returning knot. The invention combines centralized control with knot self rule to increase stability for whole platform, has high compatibility, interactive speed, safety etc.

The invention discloses a safety data repetition removing method applicable to a backup system. The method includes the following steps that a backup request submitted by a user is received; all files needing backup are partitioned and multiple data blocks of different sizes are obtained; the Hash algorithm is used for calculating the Hash value F1 of each data block, wherein the Hash values F1 serve as encrypting keys of the data blocks; the Hash algorithm is used again for calculating the Hash value F2 of the Hash value F1 of each data block, wherein the Hash values F2 serve as fingerprints of the data blocks to identify repeated data blocks and the classic encryption algorithm and a private key of the user are used for encrypting the Hash values F1 of the data blocks to obtain ciphertexts E (F1) of the Hash values F1 of the data in order to protect the encrypting keys of the data blocks. All the data block fingerprints F2 and the like are packaged in sequence into fingerprint segments which are transmitted to a storage server. The SSL protocol is adopted in all communication processes. According to the safety data repetition removing method applicable to the backup system, the safety data repetition removing method is adopted to ensure that storage safety problem that data are lost or tampered is solved under the condition that the data repetition removing rate is not changed.

The embodiment of the invention discloses a lightweight authentication method based on an equipment identity label and a gateway. The lightweight authentication method based on the equipment identitylabel comprises a registration method and an authentication method, the registration method comprises the following steps: in response to a registration application request, obtaining the identity information of a terminal sending the registration application request; generating a terminal ID public key based on the identity information; obtaining an encrypted private key and a signed public key of the terminal based on the terminal ID public key; obtaining a session key obtained by negotiation with the terminal; encrypting the encrypted private key and the signed public key based on the session key to obtain first encrypted information; and sending the first encrypted information to the terminal. In the transmission communication of the encrypted private key and the signed public key, thesession key obtained by negotiation with the terminal is used to encrypt the communication, so that the transmission security of the encrypted private key and the signed public key is ensured, and the purpose of improving the security in lightweight registration authentication is achieved.

The present invention discloses a cloud data security protection method adopting a fully homomorphic encryption technology and a multiple digital watermarking technology. The cloud data security protection method is characterized in that in a cloud computing environment, a trusted third-party organization distributes a key to a user, after the user stores the key, a fully homomorphic encryption scheme is adopted to encrypt to-be-uploaded data at a user side, then the encrypted data is uploaded to a cloud side, thereby ensuring transmission security and storage security of data; in addition, when the user searches for data, direct search for ciphertext can be performed after a search keyword is encrypted, thereby improving search efficiency; and moreover, before the data is uploaded to the cloud side, a fragile watermarking and a robust watermarking are respectively embedded into the to-be-uploaded data, the purpose of embedding of the fragile watermarking is to prevent illegal modification of the data, so as to achieve authentication for integrity of the data, and the purpose of embedding of the robust watermarking is to protect copyright of the data, so as to achieve authentication for copyright of the data.

The invention discloses a safety dynamic migration method of an Xen virtual machine, which comprises the following steps: generating a key on a source physical server based on an SSL protocol by a symmetric cryptographic algorithm; generating a public key and a private key on a target physical server based on an SSL protocol by an asymmetric cryptographic algorithm, and transmitting the public key to the source physical server; encrypting the key by the public key on the source physical server, and transmitting the encrypted key to the target physical server; decrypting the encrypted key by the private key on the target physical server to obtain the key; encrypting a transfer object by the key on the source physical server, and transmitting the encrypted transfer object to the target physical server; and after the target physical server receives the encrypted transfer object, decrypting the encrypted transfer object so as to complete migration of the transfer object from the source physical server to the target physical server. The safety dynamic migration method effectively prevents a listener from stealing the transmitted data so as to ensure transmission security of the migrated data.

The invention discloses a service processing method, terminal, server and system. The method comprises that after success of handshake authentication based on a certificate encryption key between a cloud-end authentication server and a terminal, a session token of a present cloud-end service request is generated, and sent to the terminal on the basis of the a certificate encryption key; the terminal reads identity card coding information, encrypts the identity card information via the session token and sends the encrypted information to the cloud-end authentication server, so that the cloud-end authentication server obtains the identity card coding information by decryption via the session token, decrypts identity information according to an SAM decryption module, encrypts the identity information via the session token, and sends the encrypted information to the terminal, and the terminal decrypts the information via the session token and displays the decrypted information to a user; and service processing is carried out on the basis of the session token. The method, terminal, server and system are compatible with different using scenes, the hardware cost of the terminal is reduced, and the transmission safety of the identity information is ensured.

The invention discloses a secure transmission method based on relay strategy selection and resource allocation in a relay OFDM (Orthogonal Frequency Division Multiplexing) network. A communication system model employed by the method comprises a sending node S, N destination receiving nodes (D <1>...D <N >), an eavesdropping node Eve and K relay nodes. The method comprises the steps of for data transmission of each time, in a second time slot, after relay strategy selection and resource allocation, sending data to the relay nodes by the sending node S; and in a second time slot, selecting one of the K relay nodes as a forwarding node to forward the data received in the first time slot to the destination node D, and moreover, eavesdropping information sent to N users by the eavesdropping node Eve. Compared with traditional modes of merely employing AF (Amplify-and-Forward) or DF (Decode-and-Forward), the method has the advantages that a lower private interruption probability is obtained in a relay strategy selection mode, and the performance difference between the method and the two traditional modes is more remarkable under a high signal to noise ratio.

The embodiment of the invention discloses a data encryption method and device, a data decryption method and device, a computer device and a readable storage medium, aiming at guaranteeing the transmission security of equipment data. The data encryption method includes the following steps: acquiring equipment data of corresponding industrial equipment; performing symmetric encryption on the equipment data by using a preset symmetric key to obtain encrypted equipment data, and performing asymmetric encryption on a preset symmetric key by using a preset asymmetric public key to obtain key data; and transmitting the encrypted equipment data and the key data to an Internet of things application service system.

The invention relates to an independent encryption based network information safe input system. The system comprises a safe input method client end and a safe input method server end. The safe input method client end comprises an input method module and a content encryption and decryption module. The safe input method server end comprises a business show module, a business service module and a data access module, and a safe input method. The input method is not bound with a third-party application, so that the input method and the third-party application are separated but cooperate with each other. Information that the user needs to encrypt can be encrypted flexibly, namely, a certain passage of dialogue or key content can be encrypted; the user can encrypt and decrypt the information conveniently without through complicated operation; and information and a secret key are managed and transmitted through independent channels, thereby guaranteeing safe transmission of the information.

The invention discloses a maintenance flight service management system. The system comprises a maintenance flight service terminal and a maintenance flight service server. The maintenance flight service terminal has the functions of flight planning, flying management, work recording, data lookup, software setting and data synchronization. The server has the functions of maintenance personnel management, flight plan management, work record management, data lookup management, airplane information management and data synchronization. By the adoption of the technical scheme, a manual entry mode at present is avoided, informationization processing of troop maintenance flight service work is realized, and maintenance flight work is completed smoothly.

The invention discloses a quantum secret key synchronization method for a distribution terminal. Sharing quantum secret keys are separately stored in quantum secret key downloading interfaces A and Bthrough distributing a unique ID for each quantum secret key, the quantum secret keys are transmitted via a method that uses a third-party safe storage medium as a medium, the quantum secret keys needed by the distribution terminal are acquired from the quantum secret key downloading interfaces via the third-party safe storage medium, and then the third-party safe storage medium is connected withthe physical interfaces of the distribution terminal one by one for transmitting the quantum secret keys to the distribution terminal. The quantum secret key synchronization method for the distribution terminal provided by the invention is the method that distributes the secret key pools formed at each distribution terminal based on the quantum secret keys in an off-line manner and negotiates ID based on the quantum secret keys; aiming at the service security protection level requirement, the two quantum secret key synchronization methods are combined, and thus the channel utilization rate isimproved, and the transmission security of the quantum secret key ID during a negotiation synchronization process is ensured.

The invention belongs to the technical field of the Internet of Things, and provides an Internet-of-Things big data security transmission and storage method and system. The method comprises the stepsthat target data is encrypted by adopting a key of a symmetric algorithm to generate encrypted data, and the key of the symmetric algorithm is encrypted by adopting a public key pair of an asymmetricalgorithm to generate an encrypted key; the encrypted data and the encrypted key are transmitted; the encrypted key is decrypted by adopting a private key pair of the asymmetric algorithm to obtain the key of the symmetric algorithm, and the encrypted data is decrypted according to the key obtained through decryption of the symmetric algorithm to obtain the original data; and the trigger mode of astorage is detected, and the original data obtained after decryption is stored in the storage. According to the Internet-of-Things big data security transmission and storage method and system, data security transmission and storage can be guaranteed, data tampering is prevented, and effective data storage is guaranteed.

The present invention relates to a security protocol based on received signal intensity in a wireless sensor network, specifically to secure routing and key management. According to the number of adjacent nodes, the intensity of received signals and the energy value thereof, a convergent node is selected by a convergent node selection equation. According to the number of the adjacent nodes and the throughput of the convergent node, a hot zone is determined by a hot zone selection equation. By comparing the feature similarity between collected data and pre-stored abnormal data, abnormal data is detected. An inter-node session key is generated dynamically, and according to whether a hot zone is determined, different keys are selected to generate a function. The key and data are encrypted in a manner of combining a public key cipher mechanism and a symmetric cipher mechanism. The security protocol improves flexibility of a key, enhances the rationality for selecting a convergent node and well ensures safe transmission of inter-node data.

The invention discloses an electronic file access control method and system based on hierarchical security encryption. The electronic file access control method includes the steps: firstly, setting the security level of an electronic file, then distributing a grading key to an electronic file sender, carrying out grading encryption on the electronic file, carrying out grading access control, and finally updating the key. The electronic file access control system comprises a user registration/management module, an electronic file security classification management module, an electronic file classification encryption module, an electronic file classification decryption module, a key distribution management module, a key calculation recovery module, an electronic file sending/receiving moduleand a database module. According to the invention, the electronic file is encrypted in a graded manner according to the security level of the electronic file, and graded decryption and access controlare performed on the electronic file according to the security level of the user, so that the multi-level security of the electronic file is realized, and the security of the electronic file is effectively protected. Through hierarchical encryption and hierarchical decryption, hierarchical access control of the electronic file is realized.

The invention discloses a high safety communication technology based on two-way time domain waveform aliasing and belongs to the technical field of communication. The existing local signals of two communication parties are fully utilized to perform aliasing and covering on each other's signals. The two communication parties transmit and receive mixed signals. Each communication party receives and separates the signals of the other party and allows the same to be mixed with local signals for transmission. The cooperating parties can separate the signals by using local signals and waveform reconstruction offset to complete normal communication. Non-cooperating parties do not know signal samples of the cooperating parties, the mixed signals cannot be separated, and information transmission safety is guaranteed. The method aiming at the situation that communication information safety faces increasingly large threats has the advantages that the signals transmitted in channels are mixed by two signals, safety communication of the whole communication process can be achieved, and no extra communication bandwidth is needed.

The invention provides an identity traceable Sybil attack detection method in an Internet of Vehicles environment, and belongs to the technical field of Internet of Vehicles security. According to thetechnical scheme, the Sybil attack detection method with the traceable identity in the Internet of Vehicles environment comprises the following steps of system initialization, Sybil attack discovery,malicious node positioning and attacker identity tracing. The method has the advantages that under the condition that the Sybil attack is detected, a concise method is designed to achieve positioningof the position of the attacker, and the real identity of the attacker is traced according to the positioning information.

The invention provides a remote wireless transmitting method for self-adaptively adjusting optimum modulation modes under the precondition that the communication quality is guaranteed. The modulation mode comprises: sending a series of test data to an information sink by an information source, determining to adopt one of QPSK, 16QAM, 64QAM or 126QAM as a transmission system according to the bit error rate and the transmission speed of the test data by the information sink, feeding back to the information source, modulating to a corresponding transmission system according to feedback information of the information sink by the information source, then, sending data to the information sink, selecting a suitable transmission system according to the bit error rate and the transmission speed of received data by the information sink, feeding back to the information source, adjusting a corresponding transmission system and the speed in real time according to the feedback information of the information sink by the information source, sending the data to the information sink, and thereby self-adaptively realizing the optimization of the data transmission efficiency according to the transmission environment and the speed demands. The method is applied in wireless data digital transmission with long distance and high speed.

The invention discloses an internal and external network document interaction method. A document storage service system is deployed in an internal network and a document transfer service system is deployed in an external network, wherein the document storage service system is used for storing user documents, the document transfer service system is used for uploading the documents to the internal network or downloading the documents from the internal network, and a document flow is transmitted through a http request between servers. The internal and external network document interaction method disclosed by the invention has the following advantages: a more comprehensive consideration of the system security is provided; firstly, user accounts are independent, the external network cannot fully access the data of the internal network, and thus the security of each user document can be ensured; the documents that require to transfer from the internal network must be reviewed by document auditors before transfer, and thus a layer of protection is also added to the document security; secondly, an audit function is added, and if the documents are leaked, the leakage personnel can be determined through the function; and the document flow is transmitted through the http request between the servers, the data can be hardly intercepted from outside, and thus the transmission security of the data can be guaranteed.

The invention discloses an intelligent household equipment. The equipment includes a micro control unit (MCU) and a safety chip; the MCU is connected to the safety chip; the safety chip is used for receiving a generation visitor password management instruction sent by a remote server, and verifying the management instruction through a prestored public key certificate; and the safety chip is also used for generating a visitor password and storing after successfully verifying the management instruction, performing encryption on the visitor password through the prestored public key certificate and uploading the visitor password to the remote server. The problems in the prior art, that intelligent household equipment is easy to suffer external attacks so that passwords can be stolen and equipment safety is in danger, can be solved. A visitor password acquisition method, related equipment and a system are also disclosed.

The invention provides a health record information management service system which comprises a cloud service center, a user mobile terminal, a service providing terminal and a data safety management system. The cloud service center comprises an information file storage module, a health analysis module and a health service application module, wherein the information file storage module is used for storing health file information and generating or updating a health file under a user account according to the stored health file information, the health analysis module is used for conducting data analysis on the health file information to obtain a health analysis result and determining a matched service item from the service items provided by the service providing terminal according to the health analysis result, the health service application module is used for pushing the matched service item to the corresponding user mobile terminal according to a service request sent by the user mobile terminal, and the data safety management system is used for guaranteeing storage and transmission safety of the health file information. The health record information management service system is practical, quick, convenient and high in safety.

The invention relates to an information safety transmission method based on homomorphic encryption, and the method comprises the following steps: 1, enabling a service enjoying side to encrypt to-be-processed data, and transmitting an obtained ciphertext to a service provider; 2, enabling the service enjoying side to provide a data processing method for the service provider, wherein the method isexpressed through a function f(); 3, enabling the service provider to process the encrypted data through the function f(), and transmitting a processing result to the service enjoying side; 4, enabling the service enjoying side to carry out the decryption calculation after receiving the data returned by the service provider, and finally obtaining an expected result. The method does not leak any privacy content of original data of a user during the processing of the encrypted data, and guarantees the transmission safety and storage safety of data. The method prevents external attacks, and avoids the sending of wrong instructions.

The embodiment of the invention discloses an implementation method and an implementation device for securely accessing a network, relates to the technical field of the Internet, and solves the problemthat how to improve the security of a website without influencing normal operation of the website. The method comprises the steps of receiving a first-class request message sent by a client, whereinthe first-class request message accords with a communication protocol between the client and a content distribution network (CDN); converting the first-class request message, and acquiring a second-class request message, wherein the second-class request message accords with the communication protocol between the CDN and a service system; and sending the second-class request message to the servicesystem via a load balancing system. The method and device provided by the invention are applicable to HTTPS modification of the total station system.