Unlock instant, AI-driven research and patent intelligence for your innovation.

Private cloud encryption storage method based on cloud cipher machine key management

A technology of encrypted storage and key management, applied in the field of data encryption of cloud storage, which can solve the problems of unstable core algorithm and multiple levels of abstraction.

Pending Publication Date: 2022-01-25
BEIJING ELECTRONICS SCI & TECH INST
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Zhang Xiao and others pointed out some shortcomings of Ceph in terms of storage, such as the instability of its core algorithm CRUSH, complex structure and multiple levels of abstraction, etc., and gave improvement strategies such as optimizing data placement methods, optimizing IO logic and other storage engines

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Private cloud encryption storage method based on cloud cipher machine key management
  • Private cloud encryption storage method based on cloud cipher machine key management
  • Private cloud encryption storage method based on cloud cipher machine key management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The private cloud encrypted storage method based on cloud cipher machine key management of the present invention will be further described below in conjunction with the accompanying drawings and specific implementation methods: In this embodiment, for the government cloud environment, the characteristics of high requirements for reading and writing capabilities of massive small files, Conduct stress tests on Ceph and Swift storage components, and compare and select storage components that are more suitable for this application scenario; based on cloud service cipher machines, combined with the idea of ​​threshold sharing and segmentation, design a multi-level key protection mechanism to provide key management services , specifically including key generation, distribution and storage; supported by Ceph components and based on a multi-level key protection mechanism, using the national secret SM4 algorithm to achieve secure storage of government affairs private cloud files, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a private cloud encryption storage method based on secret key management of a cloud cipher machine, and solves the security problem of data in a government affair cloud environment in the prior art. The method comprises the following steps: 1, initializing a key management module; 2, carrying out data encryption; 3, carrying out data storage; 4, carrying out data decryption. According to the technology, when the data key is stored, a multi-level key protection strategy can be realized based on the research, so that the key security of a private cloud platform encryption storage scheme is ensured. In the aspect of data transmission, the Ceph and the key management module carry out ciphertext interaction through a public and private key pair generated in an initialization stage, so that the confidentiality of a communication process is realized, and the security of a key transmission process is guaranteed. In the aspect of data storage, the user data is encrypted by the Ceph gateway to form ciphertext data to be stored in the rear-end database, and plaintext data cannot be obtained even if the user data is subjected to hostile attacks on the database, so that the security of the user data is ensured.

Description

technical field [0001] The invention relates to the field of data encryption of cloud storage, in particular to a private cloud encryption storage method based on key management of a cloud cipher machine. Background technique [0002] The development of cloud storage functions abroad and the combination with actual application scenarios have been very mature, mainly providing external storage services independently, and related security research is limited to data backup to prevent data loss due to hardware failure or other objective reasons , It does not have sufficient security protection capabilities against data loss or damage caused by subjective factors such as hacker attacks. At the same time, due to its rapid development, although some emerging storage backends have some more excellent features, they lack the support of relevant research and practice. Among many private cloud storage backends, Ceph has the characteristics of fast storage speed, multiple storage mode...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L9/08H04L9/06H04L67/1097G06F21/60
CPCH04L9/3247H04L9/08H04L9/0643H04L67/1097G06F21/602
Inventor 池亚平于淼王雄许盛伟张柁苧张健毅王志强尹涛
Owner BEIJING ELECTRONICS SCI & TECH INST