A method and system for cloud storage security control based on key pool

A technology of security control and cloud storage, which is applied in the field of cloud storage, can solve problems such as key monitoring, data worries, and the inability to realize true randomness of keys, so as to achieve the effect of improving security and ensuring true randomness

Active Publication Date: 2018-12-28
RUBAN QUANTUM TECH CO LTD
View PDF12 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Public cloud customers have worries about data migration to the cloud
[0007] (2) If the file key is a pseudo-random key, the true randomness of the key cannot be realized, it may be predicted, an

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for cloud storage security control based on key pool
  • A method and system for cloud storage security control based on key pool
  • A method and system for cloud storage security control based on key pool

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0064] A cloud storage security control method based on a key pool, applied to a cloud storage system, such as image 3 As shown, the specific steps are as follows:

[0065] Step 1.1: The Hash value calculation module of the client calculates the Hash value of the data file and uploads the Hash value and each algorithm ID to the judgment module of the server.

[0066] Before uploading the data file, the user end first calculates the Hash value of the data file, uploads the Hash value to the server, and uploads each algorithm ID at the same time, where each algorithm ID includes the ID of the key selection algorithm fp, the primary key generation algorithm fg and the ID of the self-selected key generation algorithm ff. Of course, according to the needs of the user, the self-selected key generation algorithm ff can be selected unique to the user end, or ff0 can be selected.

[0067] In this embodiment, the self-selected key generation algorithm ff selects the function ff(x)=x,...

Embodiment 2

[0090] A cloud storage security control method based on a key pool, applied to a cloud storage system, such as Figure 4 As shown, the specific steps are as follows:

[0091] Step 2.1: The Hash value calculation module calculates the Hash value of the data file and sends the Hash value and each algorithm ID to the server.

[0092] Specifically, before uploading the data file, the user terminal first calculates the Hash value of the data file, and uploads the Hash value to the server, and also uploads the ID of each algorithm. Among them, the self-selected key generation algorithm ff is unique to the user, instead of ff0, that is, ff(x)≠x, that is, the user uses the privacy and confidentiality function that belongs only to the user, and the file is unique to the user and does not participate in the encryption. The text is deduplicated.

[0093] Step 2.2: the storage module saves the Hash value and each algorithm ID, and the key authorization module sends the information that ...

Embodiment 3

[0101] A cloud storage security control method based on a key pool is applied to a cloud storage system. Based on the above-mentioned embodiment, the specific steps for a client to read a file are as follows, as follows: Figure 5 Shown:

[0102] Step 3.1: The Hash value calculation module uploads the Hash value of the read file and each algorithm ID to the server.

[0103] The client uploads the Hash value of the data file to be read and the ID of each algorithm to the server.

[0104] Step 3.2: The server sends the ciphertext and private key to the client.

[0105] In this embodiment, after receiving the Hash value and the algorithm ID of the file, the server finds the information corresponding to the Hash value and the algorithm ID, and sends the ciphertext and the personal key to the client.

[0106] Step 3.3: The client uses the private key to decrypt the personal key to obtain a true random number R, and further obtains the file key kf from the true random number R.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a cloud storage security control method and system based on key pool, the user end uploads the data file encrypted by the file key to the server, the user end is provided witha quantum key card, the file key is generated by using the true random number generated by the quantum key card, and the user end also uploads the true random number to the server. A server receives and stores data files and true random numbers from a client. The user terminal downloads the true random number and the data file encrypted by the file key, and the user terminal uses the true random number to generate the file key in the quantum key card configured by the user terminal to decrypt the data file. In the cloud storage process, the server can not access the file key and the decrypteddata file, which solves the security concerns of the client for the cloud storage data, and uses the true random number generated by the quantum key card to generate the true random file key, so as toimprove the security of the key and ensure the security of the execution environment of the encrypted program at the client.

Description

technical field [0001] The present invention relates to the field of cloud storage, in particular to a cloud storage security control method and system based on a key pool. Background technique [0002] With the development of science and technology, cloud storage has increasingly become a trend, and various cloud storage technologies emerge in endlessly. In order to ensure the security of cloud storage data, various encryption methods are usually used to ensure data security. For example, through Asymmetric key encryption is used to ensure the security of data. Asymmetric key encryption requires the use of different keys to complete the encryption and decryption operations. One is publicly released, that is, the public key, and the other is kept secretly by the user, that is, the private key. . The information sender uses the public key to encrypt, and the information receiver uses the private key to decrypt; or the information sender uses the private key to encrypt, and t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/08H04L29/06H04L29/08
CPCH04L9/0852H04L9/0869H04L9/0877H04L9/0897H04L63/0428H04L67/06H04L67/1097
Inventor 富尧钟一民杨羽成
Owner RUBAN QUANTUM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap