File cloud security management method and system based on CPK

Abstract

The invention discloses a file cloud security management method and system based on a CPK. The method comprises the steps that a file to be stored is encrypted according to pre-configured session keys, and file ciphertext is generated; the session keys are respectively encrypted according to a pre-configured public key of a current user and a public key of a target user assigned by the current user, and a digital envelope set is generated; the digital envelope set and the file ciphertext are bound, a ciphertext file capable of being shared is formed, and the ciphertext file is stored in a cloud server. According to the method and system, a CPK combined public key system is adopted as the basis, the key transmitting technology of the CPK is utilized, the local file of the current user is encrypted, the file capable of being decrypted only by the current user and the target user assigned by the current user is generated, the file is stored in the cloud server, and therefore cloud security storage and sharing of the file are achieved, and automatic controllability of cloud security storage and sharing is built.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a CPK (Combined Public Key, combined public key)-based file cloud security management method and system. Background technique [0002] With the increasing degree of informatization, file storage and sharing are widely used in various fields, especially the storage requirements for sensitive files or important files within the company are also increasing, especially as a new storage mechanism in file storage - cloud storage is more So, among them, cloud storage is a new concept extended and developed from the concept of cloud computing, which refers to the storage of a large number of various applications in the network through functions such as cluster applications, network technology or distributed file systems. A system in which devices work together through application systems to jointly provide data storage and service access functions. [0003] At present, ...

AI Technical Summary

Problems solved by technology

However, this solution also has many shortcomings. For example, due to the adoption of the PKI system, the encryption depends on the third-party CA system, which requires the support of hardware devices such as USB Key based on the security chip, and the cost is relatively high; When making a digital envelope, you need to get the public key, and the public key of the PKI system generally needs the support of the online certificate library

In addition, it is difficult to obtain non-user's own certificates, so it is still impossible to share ciphertext files, and only secure cloud storage of user's own files can be realized

[0006] It can be seen that the security solutions in the prior art either cannot realize cloud storage and cloud sharing, or can only realize cloud storage but not cloud sharing, and for this problem in the prior art, no effective solution has yet been proposed. solution

Images