Encryption protection method and device for sensitive information in Shell script
A technology of sensitive information and encryption algorithm, applied in digital data protection, computer security devices, instruments, etc., can solve problems such as leakage of user sensitive information
Pending Publication Date: 2021-01-15
BANK OF CHINA
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0006] An encryption protection method for sensitive information in a Shell script is provided in an embodiment of the present invention to solve the problem of writing user sensitive information into a Shell script as a parameter of a Shell command in the existing Linux / Unix system environment, which will cause the user to be sensitive. The technical problem of information being leaked, the method includes: encrypting the sensitive information to be written in the Shell script to obtain the ciphertext information of the sensitive information; storing the ciphertext information of the sensitive information in the ciphertext configuration file; defining the corresponding sensitive information Sensitive information variable, write the sensitive information variable into the Shell script; wherein, the sensitive information variable is used to obtain the ciphertext information of the sensitive information in the ciphertext configuration file, and decrypt the ciphertext information of the sensitive information to obtain the corresponding plaintext information; Use the parent process to read Shell scripts containing sensitive information variables; use child processes to execute Shell scripts containing sensitive information variables
[0007] In the embodiment of the present invention, an encryption protection device for sensitive information in a Shell script is also provided to solve the problem that in the existing Linux / Unix system environment, user sensitive information is written in the Shell script as a parameter of the Shell command, which will cause the user to The technical problem of sensitive information being leaked, the device includes: a sensitive information encryption module, which is used to encrypt the sensitive information to be written in the Shell script, to obtain the ciphertext information of the sensitive information; a sensitive information storage module, which is used to store the sensitive information The ciphertext information is stored in the ciphertext configuration file; the sensitive information variable definition module is used to define the sensitive information variable corresponding to the sensitive information, and write the sensitive information variable into the Shell script; among them, the sensitive information variable is used to obtain the ciphertext configuration file The ciphertext information of the sensitive information, decrypt the ciphertext information of the sensitive information to obtain the corresponding plaintext information; the parent process module is used to use the parent process to read the Shell script containing sensitive information variables; the child process module is used to use the child process module The process executes a shell script containing sensitive information variables
[0008] In the embodiment of the present invention, a computer device is also provided to solve the technical problem that user sensitive information is written into the Shell script as parameters of the Shell command in the existing Linux / Unix system environment, which will cause the user sensitive information to be leaked , the computer device includes a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the computer program, the method for encrypting and protecting sensitive information in the above-mentioned Shell script is realized
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0017] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings. Here, the exemplary embodiments and descriptions of the present invention are used to explain the present invention, but not to limit the present invention.
[0018] An encryption protection method for sensitive information in a Shell script is provided in an embodiment of the present invention, figure 1 It is a flowchart of an encryption protection method for sensitive information in a shell script provided in an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:
[0019] S101. Encrypt the sensitive information to be written into the Shell script to obtain ciphertext information of the sensitive information.
[0020] It should be noted that the Shell script in the emb...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses an encryption protection method and device for sensitive information in a Shell script, and the method comprises the steps: encrypting the sensitive information to be written in the Shell script, and obtaining ciphertext information of the sensitive information; storing ciphertext information of the sensitive information into a ciphertext configuration file; defining a sensitive information variable corresponding to the sensitive information, and writing the sensitive information variable into the Shell script; and reading the Shell script containing the sensitive information variable by utilizing the parent process, and executing the Shell script containing the sensitive information variable by utilizing the child process so as to decrypt the sensitive informationvariable in the Shell script in the parent process and execute plaintext information corresponding to the sensitive information variable in the Shell script in the child process. Only the sensitive information variable corresponding to the sensitive information is written into the Shell script, and the sensitive information can be encrypted on the premise that the original grammar and format of the Shell script are not damaged.
Description
technical field [0001] The invention relates to the field of software development, in particular to an encryption protection method and device for sensitive information in Shell scripts. Background technique [0002] This section is intended to provide a background or context to embodiments of the invention that are recited in the claims. The descriptions herein are not admitted to be prior art by inclusion in this section. [0003] In the Linux / Unix system environment, in order to improve the automation of system operation and maintenance management, a series of command operations are often written into a shell script. In this case, it is inevitable that some sensitive information such as user names and passwords will be written into the shell script as parameters of some shell commands. [0004] Since the shell script itself is a plain text file, when a shell script is opened with a text editor, all information is in plain text, so sensitive information such as user name...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/62
CPCG06F21/6218G06F2221/2107
Inventor张文通齐书增陈天白
OwnerBANK OF CHINA