Asset password exporting method used for operation and maintenance audit system

A password and asset technology, applied in the field of information security, to achieve the effect of convenient management, guarantee of security, and resistance to attackers

Active Publication Date: 2019-02-01
CHENGDU DBAPP SECURITY
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to provide a method for exporting asset passwords used in the operation and maintenance audit system, which solves the problem of asset password security in the export process, and the present invention realizes the security protection of exported files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Asset password exporting method used for operation and maintenance audit system
  • Asset password exporting method used for operation and maintenance audit system
  • Asset password exporting method used for operation and maintenance audit system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] A method for deriving asset passwords for an operation and maintenance audit system, mainly comprising the following steps:

[0058] Step S102: The password sharing module matches the information of the divided sub-ciphertext and the plaintext part according to the asset, and sends it as a record to the file analysis module, and the file analysis module encapsulates the data, and outputs n different password export files;

[0059] Step S103: Add the user name to the generated file to get a hash value, and digitally sign the key pair generated by each user; according to the preset authority division, assign files to each user, and use the user's files with the user Reversible file encryption using the login password; use encrypted channels to transfer files to the user's host.

[0060] like figure 2 In the export process, the asset information is read from the asset information database, and then imported into the database analysis module to obtain part of the plaintex...

Embodiment 2

[0063] This embodiment is optimized on the basis of embodiment 1, such as image 3 As shown, in the step S103, the legal identity of the department administrator and the password administrator is first guaranteed through the identity verification system; inside the operation and maintenance audit system, a public key encryption system is used to generate a pair of public key and private keys for each password management user. Key pair, which is stored inside the system and used to digitally sign exported files. In the step S103, the generated file is reversibly encrypted using the password of the password manager to log in to the operation and maintenance audit system; the file is sent to the machine for backup by the password manager using the sftp protocol, and an encrypted channel is used to avoid man-in-the-middle attacks.

[0064] Through the multi-authentication system, it is guaranteed that the user exported using the asset password is a legitimate user. It realizes st...

Embodiment 3

[0067] This embodiment is optimized on the basis of embodiment 1 or 2, as figure 1 As shown, the user in step S103 includes a department administrator and several password administrators, and the password import and recovery can be completed by the total file of the department administrator and one password administrator or the total files of all password administrators. The password export file n is 5, the department administrator is 1, and the password administrator is 3; the department administrator holds 2 sub-passwords, and the password administrators each hold 1 sub-password; when importing passwords, 3 sub-passwords are required.

[0068] like figure 1 As shown, the system administrator sets the division of authority. The default setting is that each department has a department administrator and three password administrators. The department administrator holds two sub-passwords, and each password administrator holds one sub-password. Then the system The administrator...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an asset password exporting method used for an operation and maintenance audit system. A password sharing module matches a divided sub ciphertext with information of a plaintext part and transmits into a file parsing module as one record, and the file parsing module encapsulates data and outputs n different password export files; hash values of generated file additional user names are taken, and a key pair generated for each user is digitally signed; according to preset authority segmentation, the file is distributed for each user, and the file of each user is reversibly encrypted by using a login password of the user; and the file is transmitted to a host of the corresponding user by using an encrypted channel. The method disclosed by the invention realizes safetyprotection on the export files. The method disclosed by the invention performs distribution management on the export files and realizes the authority segmentation of asset information export. By virtue of a digital signature mechanism, source traceability and tamper-proofing are realized. Safety during backup of asset information is guaranteed, and an attacker possibly existing in an intranet is effectively resisted.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an asset password derivation method for an operation and maintenance audit system. Background technique [0002] Secret sharing technology is an important research content in cryptography and information security, and is widely used in key management and digital signature fields. It was first proposed by Shaimir and Blackly in 1979 based on Lagrance interpolation polynomial and vector methods respectively. The basic idea is that the distributor divides the secret s into n shadow secrets through the secret polynomial and distributes to the holders, any information in which is not less than t shadow secrets. His appearance solves the basic problem of key security report, which can not only ensure the security and integrity of secrets, but also prevent the risks caused by excessive concentration of secrets (Rong Huigui, Mo Jinxia, ​​Chang Bingguo, etc. Key ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3247H04L63/0428H04L63/062
Inventor 郭嘉仪范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap