A commercial secret evidence storage system

By using a trade secret evidence storage system to store and trace enterprise data, the problem of insufficient trade secret data security protection is solved, data can be solidified and the source of leakage can be located, thus improving data management efficiency and security.

CN122263166APending Publication Date: 2026-06-23杭州拾义科技有限公司

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
杭州拾义科技有限公司
Filing Date
2026-03-26
Publication Date
2026-06-23

Smart Images

  • Figure CN122263166A_ABST
    Figure CN122263166A_ABST
Patent Text Reader

Abstract

The application provides a business secret evidence storage system and relates to the technical field of data security, and comprises a global security module, a secret point management button is displayed in a page where the global security module is located, and secret point data selected can be stored for evidence in a secret point management page; and a special protection module, a file search box is displayed in a page where the special protection module is located, and the system queries and displays ownership information of a target file according to information input in the file search box. The system provided by the application can store secret point data for evidence, which is convenient for subsequent tracking and tracing, and in addition, the ownership information of the target file can be used to locate a data leakage source.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of data security technology, and more specifically to a trade secret preservation system. Background Technology

[0002] Today, trade secrets are the core assets and lifeline for enterprises to remain invincible in fierce market competition. Currently, enterprises have insufficient security protection for trade secret technology, resulting in the leakage of important data and the inability to trace the source. Summary of the Invention

[0003] The purpose of this invention is to provide a trade secret evidence storage system that solves the problem of insufficient protection of trade secret data by storing selected confidential data.

[0004] To achieve the above objectives, the present invention provides the following technical solution:

[0005] This invention provides a trade secret evidence storage system, including: a global security module, on which a secret point management button is displayed; when the secret point management button is clicked, a secret point management page is displayed, on which selected secret point data can be stored as evidence.

[0006] The special protection module displays a file search box on the page where the special protection module is located. The system queries and displays the ownership information of the target file based on the information entered in the file search box.

[0007] Preferably, the key point management page displays a batch evidence storage button and automatically identified key point data. On the key point management page, the selected key point data can be stored as evidence, including:

[0008] When the key data is selected and the batch evidence storage button is clicked, the system automatically stores the key data.

[0009] Preferably, the dense point management page displays an "Add Dense Point Data" button. When the "Add Dense Point Data" button is clicked, a dense point data search box is displayed. When the system queries based on the information entered in the dense point data search box and displays the selected search result file, the system automatically adds the search result file to the list of files in the current dense point category.

[0010] Preferably, the secret point management page displays a secret point field search box and a search button. When the search button is clicked, the system displays the search results based on the information entered in the secret point field search box.

[0011] Preferably, the key point management page displays an overview view button, and when the overview view button is clicked, the hierarchical information of the key point classification files is displayed.

[0012] Preferably, the dense point management page displays a batch remove button. When the dense point data displayed on the dense point management page is selected and the batch remove button is clicked, the system automatically removes the dense point data.

[0013] Preferably, the key point management page displays an event delivery button. When the event delivery button is clicked, the system sends the event to the delivery target based on the generated runtime information file.

[0014] Preferably, a "View Evidence Records" button is displayed on the page where the global security module is located. When the "View Evidence Records" button is clicked, the evidence record page is displayed, and the evidence data that has been stored is displayed on the evidence record page.

[0015] Preferably, on the evidence storage record page, an "Import Evidence File Query" button is displayed. When the "Import Evidence File Query" button is clicked, the system will display an "Upload Evidence File" interface. When the "OK" button on the "Upload Evidence File" interface is clicked, the system will display evidence storage records related to the uploaded evidence file.

[0016] Preferably, on the evidence storage record page, a search box for evidence storage fields and a query button are displayed. When the query button is clicked, the system displays the search results based on the information entered in the evidence storage field search box.

[0017] Preferably, on the evidence storage record page, each piece of evidence storage data corresponds to a number button. When the number button is clicked, multiple pieces of specific evidence storage information corresponding to each piece of evidence storage data are displayed.

[0018] Preferably, a running strategy setting button is displayed on the page where the global security module is located. When the running strategy setting button is clicked, the running strategy setting page is displayed, and an automatic evidence storage strategy setting button and a parameter input box are displayed on the running strategy setting page.

[0019] Preferably, on the operation strategy setting page, a full discovery strategy button, a full discovery task button, and an incremental discovery strategy button are displayed. The full discovery strategy button is used to set the full discovery strategy parameters; the full discovery task button is used to display the data status of the system running according to the full discovery strategy parameters; and the incremental discovery strategy button is used to set the incremental discovery strategy parameters.

[0020] Preferably, the page containing the global security module displays file discovery and identification information, key point identification information, key point evidence storage information, recent evidence storage information, and systematic protection capability score information.

[0021] Preferably, a "Complete Protection System" button is displayed on the page where the global security module is located. When the "Complete Protection System" button is clicked, the protection system management page is displayed. On the protection system management page, the system template can be downloaded by clicking the download button or the system file can be uploaded by clicking the upload button.

[0022] Preferably, on the protection system management page, a push button for all staff is displayed. When the push button for all staff is clicked, the system automatically pushes the uploaded system files to all staff.

[0023] Preferably, on the protection system management page, a "Save All Evidence" button is displayed. When the "Save All Evidence" button is clicked, the system automatically saves all uploaded system files.

[0024] Preferably, the page containing the global security module displays client online status information and a client management button. When the client management button is clicked, the client management page is displayed.

[0025] Preferably, a "Laws and Regulations" button is displayed on the page where the global security module is located. When the "Laws and Regulations" button is clicked, relevant legal and regulatory information is displayed.

[0026] Preferably, on the page where the special protection module is located, an upload evidence button and an evidence storage button are displayed. The upload evidence button is used to upload evidence files, and when the evidence storage button is clicked, the system stores the uploaded evidence files.

[0027] Preferably, the page containing the special protection module displays a "All Operations" button. When the "All Operations" button is clicked, all operation information of the target file is displayed.

[0028] Preferably, the system further includes a system settings module, on which a system information input box is displayed on the page containing the system settings module.

[0029] Preferably, the system further includes an initialization boot module, and the page containing the initialization boot module displays:

[0030] The basic information module guides users through filling in basic information.

[0031] The security system module is used to guide users through downloading system file templates and uploading system files.

[0032] The execution strategy module is used to guide users in filling in the execution strategy parameters.

[0033] Compared with the prior art, the beneficial effects of the present invention are: the selected sensitive data is stored and secured, which facilitates subsequent tracing and investigation; in addition, by displaying the ownership information of the target file, the data owner can be clearly traced and the source of the data leak can be located. Attached Figure Description

[0034] To more clearly illustrate the technical solutions in the embodiments of this application, the drawings used in the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0035] Figure 1 This is the page containing the basic information module of this invention;

[0036] Figure 2 This is the page containing the confidentiality system module of this invention;

[0037] Figure 3 This is the page where the execution strategy module of this invention is located;

[0038] Figure 4 This is the page where the global security module of this invention is located;

[0039] Figure 5 This is the key point management page of the present invention;

[0040] Figure 6 This refers to the hierarchical information of the dense point classification file in this invention;

[0041] Figure 7 This is the evidence storage record page for this invention;

[0042] Figure 8 This is the page for setting the operating strategy of this invention;

[0043] Figure 9 This is the parameter setting page for the full discovery strategy of this invention;

[0044] Figure 10 This is the full discovery task page for this invention;

[0045] Figure 11 This is the incremental discovery strategy page for this invention;

[0046] Figure 12 This is the management page for the protection system of this invention;

[0047] Figure 13 This is the page containing the special protection module of this invention;

[0048] Figure 14 This is the page containing the special protection module of this invention;

[0049] Figure 15 This is the page where the system settings module of this invention is located;

[0050] Figure 16 This is a schematic diagram illustrating the evidence preservation principle of the present invention;

[0051] Figure 17 This is a schematic diagram of another evidence preservation principle of the present invention;

[0052] Figure 18 This is a schematic diagram of the trade secret evidence preservation system module of the present invention.

[0053] In the diagram: 1. Basic Information Module; 2. Confidentiality System Module; 3. Execution Strategy Module; 4. Global Security Module; 5. Key Point Management Button; 6. Special Protection Module; 7. File Search Box; 8. Batch Evidence Storage Button; 9. Add Key Point Data Button; 10. Key Point Category File List; 11. Overview View Button; 12. View Evidence Storage Records Button; 13. Import Evidence Storage File Query Button; 14. Number Buttons; 15. Run Strategy Settings Button; 16. Full Discovery Strategy Button; 17. Full Discovery Task Button; 18. Incremental Discovery Strategy Button; 19. Improve Protection System Button; 20. Upload Evidence Button; 21. Evidence Storage Button; 22. Ownership Information; 23. All Operation Information; 24. System Settings Module Detailed Implementation

[0054] The technical solutions of various embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments, and the embodiments of the present invention can be combined with each other. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0055] One embodiment of the present invention provides a trade secret preservation system, including an initialization guide module. The page containing the initialization guide module displays:

[0056] like Figure 1 As shown, Basic Information Module 1 has a basic information input box on its page to guide users to fill in basic information, such as: company information including but not limited to: company name, credit code, contact number, etc.; department information and employee information including but not limited to: employee name, employee position, etc.

[0057] like Figure 2As shown, the confidentiality system module 2 has a download button on its page to guide users to download system file templates and upload system files. The system files are categorized, including but not limited to: physical protection system files, internal policy system files, external protocol system files, data encryption system files, access restriction system files, etc. The maximum number of files that can be uploaded for each type of system file is also displayed.

[0058] like Figure 3 As shown, the execution strategy module 3 displays an execution strategy parameter input box on the page where the execution strategy module 3 is located, which guides the filling in of execution strategy parameters, such as: the period for discovering access to hot data, the update frequency of the automatic evidence storage key file, the maximum number of concurrent clients, and the maximum execution time of the task.

[0059] After entering the information on the Basic Information Module 1 page, click the Next button to enter the Confidentiality System Module 2 page. No operation is required on the Confidentiality System Module 2 page. Click the Next button to enter the Execution Strategy Module 3 page. After entering the execution strategy parameters, click the Finish button. At this point, the initialization and guidance tasks are all completed.

[0060] Once the initialization boot tasks are complete, the system interface will display:

[0061] like Figure 4 As shown, the Global Security Module 4 has a Secret Point Management button 5 on its page. When the Secret Point Management button 5 is clicked, the Secret Point Management page is displayed, where the selected secret point data can be stored as evidence.

[0062] Special protection module 6: On the page where special protection module 6 is located, a file search box 7 is displayed. The system queries and displays the ownership information 22 of the target file based on the information entered in the file search box 7.

[0063] Of course, in one embodiment, the above-mentioned initialization and guidance task may be omitted, and the global security module 4 and the special protection module 6 may be displayed directly on the system interface.

[0064] In one embodiment, when the key point management button 5 is clicked, such as Figure 5 As shown, the secret point management page is displayed. This page displays a batch evidence storage button (8) and automatically recognized secret point data. On the secret point management page, selected secret point data can be stored as evidence, including:

[0065] When the key data is selected and the batch evidence storage button 8 is clicked, the system automatically stores the key data.

[0066] In one embodiment, a batch removal button is displayed on the key point management page. When key point data displayed on the key point management page is selected and the batch removal button is clicked, the system automatically removes the key point data.

[0067] In one embodiment, an "Add Secret Data" button 9 is displayed on the secret data management page. When the "Add Secret Data" button 9 is clicked, a secret data search box is displayed. When the system queries based on the information entered in the secret data search box and displays the selected search result file, the system automatically adds the search result file to the current secret data category file list 10. The current secret data file category can be a category set manually by the user or obtained by the system through intelligent identification and analysis of secret data using artificial intelligence technology.

[0068] In one embodiment, a secret field search box and a search button are displayed on the secret field management page. When the search button is clicked, the system displays the search results based on the information entered in the secret field search box. For example, secret fields include: personnel name, department, document name, etc.

[0069] In one embodiment, the key point management page displays an overview view button 11. When the overview view button 11 is clicked, the hierarchical information of the key point classification file is displayed. The hierarchical information of the key point classification file is, for example: technical information (level 1) - raw material information (level 2) - data information (level 2).

[0070] In one embodiment, the confidentiality management page displays an event submission button. When the event submission button is clicked, the system sends an event submission to the recipient based on a generated operational information file. This operational information file may include: a weekly report on commercial confidentiality protection and a system operational risk file. The weekly report on commercial confidentiality protection compiles operational evidence data and is sent to the recipient weekly. The system operational risk file records abnormal system operation information; once an abnormality is detected, the system operational risk file is immediately sent to the recipient. The sending method is not limited to email. Of course, the operational information can also be manually added or deleted by the user. The system uses AI to intelligently learn the logic of user-manual additions and deletions, continuously and autonomously optimizing the recognition logic to more intelligently identify operational information.

[0071] In one embodiment, such as Figure 4 As shown, the page containing the global security module 4 displays a button 12 for viewing evidence records. When the button 12 is clicked, the evidence record page is displayed, showing the evidence data that has been stored.

[0072] In one embodiment, on the evidence storage record page, such as Figure 7As shown, the import evidence file query button 13 is displayed. When the import evidence file query button 13 is clicked, the system will display the upload evidence file interface. When the OK button on the upload evidence file interface is clicked, the system will display the evidence records related to the uploaded evidence file.

[0073] In one embodiment, the evidence record page displays an evidence field search box and a query button. When the query button is clicked, the system displays search results based on the information entered in the evidence field search box. Evidence fields include, but are not limited to, employee names and file names. In one embodiment, on the evidence record page, as... Figure 7 As shown, each piece of evidence data corresponds to a number button 14. When the number button 14 is clicked, multiple pieces of evidence information related to each piece of evidence data are displayed. For example, if the number button 14 for a piece of evidence data displays the number 36, and the evidence data was stored on March 12, then when the number button 14 is clicked, 36 pieces of evidence document information from March 12 will be displayed.

[0074] In one embodiment, on the evidence storage record page, a view button is displayed for each piece of evidence storage data. When the view button is clicked, the evidence storage custody letter corresponding to the evidence storage data is displayed.

[0075] In one embodiment, such as Figure 4 As shown, the page containing the global security module 4 displays a "Running Policy Settings" button 15. When the "Running Policy Settings" button 15 is clicked, the "Running Policy Settings" page is displayed, showing an "Automatic Evidence Preservation Policy Settings" button and a parameter input box. For example, if the "Automatic Evidence Preservation Policy Settings" button is turned on and "Tuesday" is entered in the parameter input box, the system will automatically update the evidence preservation key file every Tuesday.

[0076] In one embodiment, such as Figure 8 As shown, on the running strategy settings page, the full discovery strategy button 16, the full discovery task button 17, and the incremental discovery strategy button 18 are displayed. The full discovery strategy button 16 is used to set the full discovery strategy parameters; the full discovery task button 17 is used to display the data status of the system running according to the full discovery strategy parameters; and the incremental discovery strategy button 18 is used to set the incremental discovery strategy parameters.

[0077] Specifically, when the "Create New Policy" button is clicked on the page containing the "Full Discovery Policy" button 16, the "Full Discovery Policy Parameter Settings" page is displayed, such as... Figure 9 As shown, on the full-discovery strategy parameter settings page, there are "Office Computer Discovery" and "Cloud Drive Discovery" buttons. When the "Office Computer Discovery" button is clicked, the system will identify the secure locations of all office computers; when the "Cloud Drive Discovery" button is clicked, the system will identify the secure locations of all cloud drives.

[0078] The full discovery strategy parameter settings page also displays an "Add Member" button. When you click the "Add Member" button, you can set the effective department. For example, if you select Headquarters, R&D Department, or Design Department to add a member, the system will perform key point identification on members in Headquarters, R&D Department, and Design Department.

[0079] The full discovery strategy parameter settings page also displays a selection box for the effective file types. When a file type selection box is selected, the system will recognize the secret point file type as the selected file type. For example, if the PDF format selection box is selected, the system will recognize the secret point file type as PDF. If the secret point file type you want to select is not in the limited file type selection box, you can click the manual add button to manually edit the file type you want to add.

[0080] The full discovery strategy parameter settings page also displays other configuration parameter input boxes, such as the office computer path input box. When the specified path button is turned on, the system will identify the key based on the information entered in the office computer path input box. For example, if the office computer path input box is entered as C:\A\B, the system will identify the key in file B (folder) in folder A on drive C.

[0081] Once the full discovery strategy parameters are set, the strategy's effectiveness will be displayed on the full discovery strategy page. The full discovery strategy page also displays full discovery strategy field input boxes and a search button. When the search button is clicked, the system will display the corresponding strategy effectiveness result based on the information entered in the full discovery strategy field input boxes. Full discovery strategy fields include, but are not limited to: strategy number, creator's name, department name, creation time, etc.

[0082] Click the "Full Discovery Tasks" button (17), as shown below. Figure 10 As shown, the full discovery task page displays the progress and status of the system identifying key points based on the full discovery strategy parameters.

[0083] Click the incremental discovery strategy button 18, as shown. Figure 11 As shown, the incremental discovery strategy page displays two checkboxes: a global incremental discovery checkbox and a specified directory incremental discovery checkbox. When the global incremental discovery checkbox is selected, the system performs key point identification on all newly added files. When the specified directory incremental discovery checkbox is selected, the system performs key point identification on newly added files in the specified directory. The incremental discovery strategy page also displays a selection box for the effective file type. When a file type selection box is selected, the system identifies the key point file type as that selected file type. For example, if the PDF format selection box is selected, the system identifies the key point file type as PDF.

[0084] In one embodiment, the page containing the global security module 4 displays file discovery and identification information, key point identification information, key point evidence storage information, recent evidence storage information, and systematic protection capability score information.

[0085] The document discovery and identification information includes: the total number of discovered documents, the number of identified documents, the percentage of identified documents in the total number of discovered documents, and trend graphs of the total number of discovered documents and the number of identified documents over time.

[0086] The dense point identification information includes: the number of dense points identified, and a trend chart of the number of dense points identified each day over the past week.

[0087] The information on key points for evidence storage includes: the number of key points that have been stored, the number of key points that need to be stored, the change in the number of key points that have been stored compared to the previous month, and a reminder of the next automatic storage time for the number of key points that need to be stored.

[0088] Recent evidence storage information includes: the name of the recently stored evidence document, the storage time of the recently stored evidence document, and the storage type of the recently stored evidence document (specialized storage or automatic storage).

[0089] The systematic protection capability scoring information includes: scores for each dimension of protection strength calculated based on the system-uploaded system documents, as well as suggestions for improvement of the protection system. For example, if the overall score is 78 points based on the system-uploaded system documents, the scores are distributed as follows: 30% for external protocols, 20% for data encryption, 20% for access restrictions, 20% for physical protection, and 10% for internal regulations. Because the score for internal regulations is relatively low, it will suggest that the internal regulations system documents need to be improved.

[0090] In one embodiment, such as Figure 4 As shown, the page containing the global security module 4 displays a "Strengthen Protection System" button 19. When the "Strengthen Protection System" button 19 is clicked, as shown... Figure 12 As shown, the protection system management page is displayed. On the protection system management page, you can download the system template by clicking the download button or upload the system file by clicking the upload button.

[0091] In one embodiment, a push button for all staff is displayed on the protection system management page. When the push button is clicked, the system automatically pushes the uploaded system files to all staff.

[0092] In one embodiment, a "Save All Evidence" button is displayed on the protection system management page. When the "Save All Evidence" button is clicked, the system automatically saves all uploaded system files.

[0093] In one embodiment, the page containing the global security module 4 displays client online status information and a "Manage Clients" button. When the "Manage Clients" button is clicked, the client management page is displayed. The client online status information includes, but is not limited to, the number of online users, the number of offline users, and the client version.

[0094] In one embodiment, a "Laws and Regulations" button is displayed on the page where the global security module 4 is located. When the "Laws and Regulations" button is clicked, relevant legal and regulatory information is displayed.

[0095] In one embodiment, the page containing the global security module 4 displays information and a "View All Information" button. Clicking the "View All Information" button displays more comprehensive information.

[0096] In one embodiment, on the page where the special protection module 6 is located, such as Figure 13 As shown, the system displays an "Upload Evidence" button (20) and an "Evidence Preservation" button (21). The "Upload Evidence" button (20) is used to upload evidence files. When the "Evidence Preservation" button (21) is clicked, the system will preserve the uploaded evidence files. For example, when the "Upload Evidence" button (20) is clicked, evidence files such as the rights holder's lost profits, licensing fees, and commercial value can be uploaded.

[0097] In one embodiment, a historical evidence storage button is displayed on the page where the special protection module 6 is located. When the historical evidence storage button is clicked, the page displays the evidence files that have been stored in the past.

[0098] In one embodiment, such as Figure 13 As shown, on the page containing the special protection module 6, a file search box 7 is displayed. The system queries and displays the ownership information 22 of the target file based on the information entered in the file search box 7. Specifically:

[0099] For example, if you enter the keyword "precision parts" in the file search box 7, the search box will display multiple target files related to "precision parts" (such as target file 1, target file 2, etc.). The system will query and display the ownership information 22 of the selected target file (such as target file 1). The ownership information 22 includes the creator node information of the target file and one or more target file owner node information. The creator node information includes the name of the target file creator and may also include the IP address of the creator's client. The owner node information includes the name of the target file owner and may also include the IP address of the owner's client.

[0100] In one embodiment, an arrow exists between the creator node and the owner node to indicate the chronological order of ownership of the target file. For example, if creator A created target file 1 first, and owner B subsequently acquired target file 1, then the creator A node points to the owner B node. Additionally, the creator A node displays the creator A's name and the IP address of the creator A's client, and similarly, the owner B node displays the owner B's name and the IP address of the owner B's client.

[0101] In another embodiment, there is an arrow between the creator node and the owner node to indicate the flow relationship of the target file. For example, if creator A creates target file 1 and sends target file 1 to receiver B, the interface will display the creator A node and the receiver B node. There is a file flow arrow between the creator A node and the receiver B node, and the arrow direction is from the creator A node to the receiver B node.

[0102] In one embodiment, a target file evidence storage button is displayed on the page where the special protection module 6 is located. When the target file evidence storage button is clicked, the system will store the currently displayed target file as evidence.

[0103] In one embodiment, the page containing the special protection module 6 displays a target file evidence record button. When the target file evidence record button is clicked, the page displays evidence record information for all target files that have been historically evidenced.

[0104] In one embodiment, the page containing the special protection module 6 displays an "All Operations" button. When the "All Operations" button is clicked, as shown below... Figure 14 As shown, all operation information for the target file is displayed (23). Specifically:

[0105] Taking the above embodiment as an example, the system queries and displays the ownership information 22 of one of the selected target files (such as target file 1). When all operation buttons are clicked, the system will display all the information about the operation on target file 1, such as when owner A created target file 1, when owner A previewed target file 1, and the client system version number information of the operation.

[0106] In one embodiment, such as Figure 4 As shown, the system also includes a system settings module 24. On the page containing the system settings module 24, as shown... Figure 15 As shown, there are system information input boxes, such as: username input box, mobile phone number input box, email input box, password input box, etc. In addition, you can also set enterprise information, organizational structure, system configuration, service support, etc.

[0107] One principle of evidence preservation in this invention is:

[0108] like Figure 16 As shown, when the above-mentioned evidence storage button is clicked, the system calculates the HASH value of each file to be stored, concatenates the calculated HASH value of each file into a text file, and performs blockchain evidence storage and notarization on the text file.

[0109] For example, if there are documents 1, 2, and 3 that need to be documented:

[0110] Step S1601: The system calculates the HASH value of each file to be stored, and obtains HASH value 1, HASH value 2 and HASH value 3 respectively;

[0111] Step S1602: Concatenate HASH value 1, HASH value 2, and HASH value 3 according to a predetermined format (JSON list) and encapsulate them into a text file (e.g., text file A). Then, perform blockchain notarization and notarization on the text file (text file A) to obtain a notarization custody letter for the text file (text file A), solidify the notarization timestamp, and ensure that the content of the file cannot be tampered with.

[0112] Step S1603: When a trade secret is leaked, enter the file search box 7 according to the leaked content to quickly locate the relevant secret file (e.g., file 1) and download the secret file (file 1).

[0113] Step S1604: Calculate the HASH value of the dense dot file (file 1), assuming the value is A;

[0114] Step S1605: Retrieve text file A through the aforementioned evidence custody letter, and open text file A;

[0115] Step S1606: Locate the position of the JSON string in text file A that has the same name as file 1, and obtain the HASH value corresponding to that position. Let's assume that the value is B.

[0116] Step S1607: Compare screenshots of value A and value B as electronic evidence. If value A and value B are the same, it means that the leaked content comes from file 1. At the same time, the ownership information 22 of file 1 can be found through the special protection module 6, which makes it easier to locate the source of the leak.

[0117] The above-mentioned evidence preservation methods achieve the following technical effects:

[0118] 1. By using the strategy of "fingerprint collection into file", all key point files are condensed into a lightweight file to be stored. No matter how many key point files are at the bottom layer, only this one file needs to be stored and notarized on the blockchain, changing "batch storage" to "single storage", and the cost decreases exponentially.

[0119] 2. The on-chain document to be stored only contains the hash value of the encrypted file. The hash value has one-way irreversibility and cannot be used to deduce the original file content. Even if the content of the document to be stored is made public, the substantive content of the trade secret remains safe, truly achieving "only verifying authenticity, not disclosing content".

[0120] 3. By encapsulating the files, confidential documents from the same batch and case are logically bundled into a single entity. The file to be stored serves as a "catalog index" or "seal" for this batch of evidence. Once needed, simply opening this single file allows access to view the fingerprints of all related files, significantly improving management efficiency.

[0121] 4. Combining technical evidence preservation with national notarization reduces the difficulty of cross-examining evidence and greatly increases the acceptance rate of electronic data as the basis for judgment.

[0122] Another principle of evidence preservation in this invention, such as Figure 17 As shown:

[0123] Step S1701: Adaptive Sharding and Metadata Injection

[0124] When the above-mentioned evidence preservation button is clicked, the system performs logical slicing on each file to be preserved (such as file 1, file 2, file 3), generates a data block sequence {d1, d2, ..., dn}, and takes the archiving environment factor (including server UUID, hardware random number and high-precision timestamp T) as a random salt value and injects it into each data block.

[0125] Step S1702: Construct a multi-level feature Merkle tree

[0126] For each data block with an injected salt value, calculate the underlying hash, which serves as a leaf node. Construct a Merkle tree using a recursive hashing approach until a unique root hash value, Root_Hash, is generated.

[0127] Step S1703: Cross-period spatiotemporal anchoring calculation

[0128] Retrieve the feature fingerprint H from the previous evidence storage period prev Using chaotic encryption functions or weighted hash algorithms, the current Root_Hash and H are... prev and the current physical environment characteristics Signature env (For example: hardware characteristics, network parameters, and other environmental characteristics) are fused together to calculate and generate the final evidence storage characteristic value H. final :

[0129] H final =Hash(Root_Hash⊕H prev ⊕Signature env )

[0130] Step S1704: Asynchronous bidirectional evidence storage

[0131] H final The data is encapsulated and written into a text file (e.g., text file A). The text file (text file A) is then stored and notarized on the blockchain to obtain a certificate of storage for the text file (text file A). At the same time, the system internally retains the hash values ​​of all non-leaf nodes of the Merkle tree as path indexes for subsequent local integrity proofs.

[0132] Step S1705: Processing the leaked documents

[0133] When a file is leaked, the file search box 7 is entered based on the leaked content to quickly locate the relevant sensitive file (e.g., file 1), download the sensitive file (file 1), and calculate the HASH value of the sensitive file (file 1), assuming that the value is A.

[0134] Step S1706: Cascade Operation

[0135] Retrieve text file A using the aforementioned evidence preservation letter, open text file A, locate the Merkle tree in text file A, and perform concatenation operations on the hash values ​​of nodes adjacent to the preserved key point file (file 1) along the Merkle tree path to obtain value B. The specific operation method is not limited to this.

[0136] Step S1707: Local verification

[0137] Compare screenshots of values ​​A and B as electronic evidence. If values ​​A and B are the same, it means that the leaked content originated from file 1. At the same time, the ownership information 22 of file 1 can be found through the special protection module 6, which makes it easier to locate the source of the leak.

[0138] The above-mentioned evidence preservation methods achieve the following technical effects:

[0139] 1. Ultra-fast verification: Verify a single piece of data from trillions of data records, reducing the time complexity from O(N) to O(logN), achieving verification in seconds.

[0140] 2. Anti-counterfeiting and anti-deletion: Any deletion of historical archived data or replacement of the entire evidence package will cause the entire anchoring chain to break, and the system can detect this in real time.

[0141] 3. Storage optimization: Compared with full backup for evidence storage, the feature data submitted to the third party in this solution is extremely small (only 256 bits), which greatly reduces the cost of evidence storage.

[0142] 4. High credibility: Using physical attribute features (hardware ID, timestamp) as hash salt values ​​in the evidence storage calculation results in higher credibility of the evidence storage feature values.

[0143] It should be noted that, in this document, relational terms such as "first" and "second" are used only to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such process, method, article, or apparatus.

[0144] Although embodiments of the invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made to these embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims and their equivalents, and the description and accompanying drawings serve an explanatory purpose.

Claims

1. A trade secret preservation system, characterized in that, include: The Global Security Module displays a Secret Point Management button on its page. When the Secret Point Management button is clicked, the Secret Point Management page is displayed, where selected secret point data can be stored as evidence. The special protection module displays a file search box on the page where the special protection module is located. The system queries and displays the ownership information of the target file based on the information entered in the file search box.

2. The trade secret evidence storage system according to claim 1, characterized in that, The key point management page displays a batch evidence storage button and automatically identified key point data. On this page, selected key point data can be stored as evidence, including: When the key data is selected and the batch evidence storage button is clicked, the system automatically stores the key data.

3. The trade secret evidence storage system according to claim 1, characterized in that, The dense point management page displays an "Add Dense Point Data" button. When the "Add Dense Point Data" button is clicked, a dense point data search box is displayed. When the system queries based on the information entered in the dense point data search box and displays the selected search result file, the system automatically adds the search result file to the list of files in the current dense point category.

4. The trade secret evidence preservation system according to claim 1, characterized in that, The page containing the global security module displays a button to view evidence storage records. When the button is clicked, the evidence storage record page is displayed, showing the stored evidence data.

5. The trade secret evidence preservation system according to claim 4, characterized in that, On the evidence storage record page, an "Import Evidence File Query" button is displayed. When the "Import Evidence File Query" button is clicked, the system will display an interface for uploading evidence files. When the "OK" button on the upload evidence file interface is clicked, the system will display evidence storage records related to the uploaded evidence files.

6. The trade secret evidence storage system according to claim 1, characterized in that, The page containing the global security module displays a running policy setting button. When the running policy setting button is clicked, the running policy setting page is displayed, which includes an automatic evidence storage policy setting button and a parameter input box.

7. The trade secret evidence preservation system according to claim 6, characterized in that, On the operation strategy settings page, a full discovery strategy button, a full discovery task button, and an incremental discovery strategy button are displayed. The full discovery strategy button is used to set the full discovery strategy parameters; the full discovery task button is used to display the data status of the system running according to the full discovery strategy parameters; and the incremental discovery strategy button is used to set the incremental discovery strategy parameters.

8. The trade secret evidence storage system according to claim 1, characterized in that, The page containing the global security module displays a "Complete Protection System" button. When the "Complete Protection System" button is clicked, the protection system management page is displayed. On the protection system management page, users can download a system template by clicking the download button or upload a system file by clicking the upload button.

9. The trade secret preservation system according to claim 1, characterized in that, On the page containing the special protection module, there are "Upload Evidence" and "Evidence Preservation" buttons. The "Upload Evidence" button is used to upload evidence files. When the "Evidence Preservation" button is clicked, the system will preserve the uploaded evidence files.

10. The trade secret evidence storage system according to claim 1, characterized in that, On the page containing the special protection module, there is a "All Operations" button. When the "All Operations" button is clicked, all operation information of the target file is displayed.