[go: up one dir, main page]

CN108171078B - A data preservation method and device for a third-party cloud platform evaluation system - Google Patents

A data preservation method and device for a third-party cloud platform evaluation system Download PDF

Info

Publication number
CN108171078B
CN108171078B CN201711441199.1A CN201711441199A CN108171078B CN 108171078 B CN108171078 B CN 108171078B CN 201711441199 A CN201711441199 A CN 201711441199A CN 108171078 B CN108171078 B CN 108171078B
Authority
CN
China
Prior art keywords
log
instance
instances
evaluation system
generate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711441199.1A
Other languages
Chinese (zh)
Other versions
CN108171078A (en
Inventor
梁露露
凌晨
杨天识
刘彦钊
姚轶崭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Information Technology Security Evaluation Center
Original Assignee
China Information Technology Security Evaluation Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Information Technology Security Evaluation Center filed Critical China Information Technology Security Evaluation Center
Priority to CN201711441199.1A priority Critical patent/CN108171078B/en
Publication of CN108171078A publication Critical patent/CN108171078A/en
Application granted granted Critical
Publication of CN108171078B publication Critical patent/CN108171078B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本申请公开了一种面向第三方的云平台测评系统的数据保全方法和装置。该方法对云服务平台提供的日志数据和日志证明信息进行加密处理,并以日志链的形式对日志数据进行存储。当第三方评测系统使用采集到的日志数据对一个云服务平台进行评测时,首先需要对日志数据进行日志证明信息的验证和日志链序列验证,防止日志数据在使用过程中遭到非法篡改,从而保证了对日志文件的原始性和完整性进行校验,同时采用加密的手段保护了用户隐私。

Figure 201711441199

The present application discloses a data preservation method and device for a third-party cloud platform evaluation system. The method encrypts the log data and log proof information provided by the cloud service platform, and stores the log data in the form of a log chain. When a third-party evaluation system uses the collected log data to evaluate a cloud service platform, it is first necessary to verify the log proof information and the log chain sequence on the log data to prevent the log data from being illegally tampered with during use. The originality and integrity of log files are guaranteed to be verified, and user privacy is protected by means of encryption.

Figure 201711441199

Description

Data preservation method and device of cloud platform evaluation system facing third party
Technical Field
The application relates to the field of cloud services, in particular to a data preservation method and device of a third-party-oriented cloud platform evaluation system.
Background
The rapid development of cloud services provides great convenience for users, but also brings some security problems. In the using process of the virtualization terminal, since the account becomes the only control mode for controlling whether the resource is allowed to be used, if the security and management measures of the cloud platform are not proper, potential safety hazards such as unauthorized use, illegal access, data leakage and the like can be caused. For users, real-time auditing and evaluation of the cloud platform through a third-party evaluation system are effective ways for acquiring credibility of infrastructure and a cloud system of a cloud service provider. But in the process of collecting log data, security risks such as illegal interception, tampering and the like can be faced. In addition, the cloud service provider needs to consider privacy protection of the user, and generally cannot directly provide data with user information.
Disclosure of Invention
In view of this, the present application provides a data preservation method and apparatus for a third-party-oriented cloud platform evaluation system, which can ensure that the third-party evaluation system verifies the originality and integrity of a log file, and protect user privacy from the perspective of a cloud service provider.
In order to achieve the above object, the following solutions are proposed:
a data preservation method for a cloud platform third party evaluation system is provided, and the method for the third party evaluation system comprises the following steps:
acquiring log data of a cloud platform, and analyzing the log data to generate a plurality of first log instances;
encrypting the plurality of first log instances to generate a plurality of second log instances;
arranging the plurality of second log instances according to the last modification time of the log instances and the sequence to generate a log chain;
acquiring log certification information of the second log instance provided by the cloud platform, and generating a log certification information instance;
retrieving a second log instance of each virtual IP and a log certification instance corresponding to the second log instance;
and encrypting the second log instance and the log certification instance corresponding to the second log instance to generate a third log instance containing certification information.
Preferably, the encrypting the plurality of first log instances to generate a plurality of second log instances includes:
and encrypting the plurality of first log instances by adopting a public key of a third party evaluation system to generate a plurality of second log instances.
Preferably, the encrypting the second log instance and the log certification instance corresponding to the second log instance to generate a third log instance containing certification information includes:
and encrypting the second log instance and the log certification instance corresponding to the second log instance by adopting a private key of the cloud platform to generate a third log instance containing certification information.
Preferably, the method further comprises the following steps: and storing the second log instance and the log chain to a log database of a third-party evaluation system.
Preferably, the method further comprises the following steps: and storing the third log instance to a log certification database of the third party evaluation system.
A data security device facing a cloud platform third party evaluation system comprises:
the system comprises a first data acquisition unit, a second data acquisition unit and a data processing unit, wherein the first data acquisition unit is used for acquiring log data of a cloud platform and analyzing the log data to generate a plurality of first log instances;
a first encryption unit, configured to encrypt the plurality of first log instances and generate a plurality of second log instances;
the log chain generating unit is used for arranging the plurality of second log instances according to the last modification time of the log instances and the sequence order to generate a log chain;
the second data acquisition unit is used for acquiring the log certification information of the second log instance provided by the cloud platform and generating a log certification information instance;
the retrieval unit is used for retrieving a second log instance of each virtual IP and a log certification instance corresponding to the second log instance;
and the second encryption unit is used for encrypting the second log instance and the log certification instance corresponding to the second log instance to generate a third log instance containing certification information.
Preferably, the first encryption unit encrypts the plurality of first log instances by using a public key of the third party evaluation system to generate a plurality of second log instances.
Preferably, the second encryption unit encrypts the second log instance and the log certification instance corresponding to the second log instance by using a private key of a cloud platform, and generates a third log instance containing certification information.
Preferably: the log chain generating unit is also used for storing the second log instance and the log chain to a log database of a third-party evaluation system.
Preferably, the second encryption unit is further configured to store the third log instance in a log certification database of the third party evaluation system.
According to the technical scheme, the data preservation method and device for the third-party-oriented cloud platform evaluation system are disclosed. The method encrypts the log data and the log certification information provided by the cloud service platform and stores the log data in a log chain form. When a third-party evaluation system uses collected log data to evaluate a cloud service platform, log authentication information verification and log chain sequence verification need to be carried out on the log data at first, and the log data is prevented from being illegally tampered in the using process, so that the originality and integrity of a log file are verified, and meanwhile, the privacy of a user is protected by adopting an encryption means.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic flow chart illustrating a data preservation method of a third-party-oriented cloud platform evaluation system according to an embodiment of the present invention;
FIG. 2 is a certification information verification process;
FIG. 3 is a log chain sequence verification flow;
fig. 4 shows a schematic structural diagram of a data security device of a cloud platform evaluation system for a third party according to another embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 shows a flow diagram of a data preservation method for a cloud platform third party evaluation system according to an embodiment of the present invention.
In this embodiment, the method includes:
s101: the method comprises the steps of obtaining log data of a cloud platform, and analyzing the log data to generate a plurality of first log instances.
First, communication is established with a cloud platform to collect different types of log data (including weblogs, process logs, and operating system logs), and the log data is parsed to generate a first log instance, which is described below with respect to weblogs.
One weblog instance is defined as follows:
LE=<FromIP,ToIP,TL,Port,UserID,Content>
wherein fromlp is a source IP, ToIP is a destination IP, TL is UTC time of network operation, Port is a Port number, UserID is an ID of a cloud platform user, and Content is other contents of an operation record.
S102: and encrypting the plurality of first log instances to generate a plurality of second log instances.
In order to protect data security, a public key PKA of a third-party evaluating system is used for encrypting data information in a Log instance, and a second Encrypted Log instance (ELE) is generated and is represented as follows:
ELE=<EPKA(ToIP,Port,UserID,FromIP,TL,Content)>
s103: and arranging the plurality of second log instances according to the last modification time of the log instances and the sequence to generate a log chain.
After the ELE is generated, the file is arranged into a Log chain (Log chain, LC) according to the sequence according to the last modification time of the file (contained in the timestamp information of the file), and the Log chain is rearranged if illegal tampering occurs. The log chain is represented as follows:
LC=<ELE,LCprev>
LCprev is the prior log instance of the current log instance.
Further, a second log instance and log chain are stored to a log database, denoted DBLE, consisting of ELE and LC:
DBLE=<ELE,LC>
s104: and acquiring the log certification information of the second log instance provided by the cloud platform, and generating a log certification information instance.
Acquiring log certification information provided by a cloud service provider and generating a log certification information example, wherein the log certification information example comprises a check value of an original log file and various timestamp information, and is represented as pro:
Pro=<H(LE),time-stamp 1,time-stamp 2,...>
and sending the updated log certification instance to a log certification database for storage.
S105: and retrieving a second log instance of each virtual IP and a log certification instance corresponding to the second log instance.
And searching the log database and the log certification database at preset time, and acquiring a second log instance of each virtual IP and log certification information corresponding to the second log instance, wherein the log certification information is represented as an AED:
AED=<ELE,Pro>
s106: and encrypting the second log instance and the log certification instance corresponding to the second log instance to generate a third log instance containing certification information.
Encrypting the second log instance and the log certification instance corresponding to the second log instance by using a private key of the cloud platform to generate a third log instance containing certification information, which is expressed as follows:
LogPro=<AED,Tp,SigSKC(AED,Tp)>
tp represents the generation time of the file, SigSKC (AED, Tp) is a digital signature generated by encrypting (AED, Tp) using the private key SKC of the cloud facilitator.
When a third-party evaluation system uses collected log data to evaluate a cloud service platform, verification of certification information and log chain sequence verification are firstly carried out on the log data. Fig. 2 is a certification information verification process, in which a cloud platform public key and a third party evaluation system private key are used to decrypt the third log instance and the log certification instance corresponding to the third log instance, the decrypted log certification instance is used to verify the third log instance if decryption is successful, and the log chain sequence is verified if verification is passed to verify the integrity of the log file. Fig. 3 is a log chain sequence verification process, assuming there is one log chain: (ELE0, LC0) (ELE1, LC1) …
Because LC1 is the first in order of the second log instance, i.e. (ELE0, LC0), if the log chain has been illegally tampered with, the sequence will change (because it is arranged according to the last modification timestamp), if (ELE0, LC0) and LC1 are the same, indicating that it has not been illegally tampered with. The verification method can verify the originality of the log file and prevent illegal tampering in the use process.
Compared with the prior art, the method has the advantages that the cloud service provider provides log certification information, and a private key of the cloud service provider is used for generating a digital signature, so that the privacy of a cloud platform user is protected; the log file is stored in a log chain form, and illegal tampering in the use process is prevented through sequence verification.
Fig. 4 is a schematic structural diagram of a data security device of a cloud platform evaluation system for a third party according to another embodiment of the present invention.
As can be seen from fig. 4, the apparatus includes: the system comprises a first data acquisition unit 1, a first encryption unit 2, a log chain generation unit 3, a second data acquisition unit 4, a retrieval unit 5 and a second encryption unit 6.
The first data acquisition unit 1 is configured to acquire log data of a cloud platform, and parse the log data to generate a plurality of first log instances.
For a network instance, the network instance may be represented as
LE=<FromIP,ToIP,TL,Port,UserID,Content>
Wherein fromlp is a source IP, ToIP is a destination IP, TL is UTC time of network operation, Port is a Port number, UserID is an ID of a cloud platform user, and Content is other contents of an operation record.
Further, the first encryption unit 2 encrypts the data information in the first log instance by using the public key PKA of the third party evaluation system, and generates an encrypted second log instance (encrypted log Entry, ELE), which is expressed as follows:
ELE=<EPKA(ToIP,Port,UserID,FromIP,TL,Content)>
the log chain generating unit 3 is configured to arrange the second log instances according to the last modification time of the log instances and the sequence order, and generate a log chain. Wherein the log chain is represented as follows:
LC=<ELE,LCprev>
LCprev is the prior log instance of the current log instance.
Further, a second log instance and log chain are stored to a log database, denoted DBLE, consisting of ELEs and LCs.
The second data acquisition unit 4 is configured to acquire the log certification information of the second log instance provided by the cloud platform, generate a log certification information instance, and store the updated log certification information instance in a log certification database of the third-party evaluation system.
At a fixed point in time each day, the retrieval unit 5 retrieves a second log instance of each virtual IP and a corresponding log-certification instance of said second log instance in a log database and a log-certification database, denoted as AED:
AED=<ELE,Pro>
wherein ELE is a second log instance, and Pro is a log certificate corresponding to the second log instance.
The second encryption unit 6 encrypts the second log instance and the log certification instance corresponding to the second log instance by using a private key of the cloud platform to generate a third log instance containing certification information, and sends the third log instance to a log certification database of a third-party evaluation system for storage, wherein the third log instance is represented as follows:
LogPro=<AED,Tp,SigSKC(AED,Tp)>
tp represents the generation time of the file, SigSKC (AED, Tp) is a digital signature generated by encrypting (AED, Tp) using the private key SKC of the cloud facilitator.
It should be noted that the system embodiment corresponds to the method embodiment, and the execution process and the execution principle are the same, which are not described herein again.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1.一种面向云平台第三方测评系统的数据保全方法,其特征在于,包括:1. a data preservation method for a cloud platform third-party evaluation system, is characterized in that, comprising: 获取云平台的日志数据,并对所述日志数据进行解析以生成多个第一日志实例;Obtain log data of the cloud platform, and parse the log data to generate multiple first log instances; 对所述多个第一日志实例进行加密,生成多个第二日志实例;Encrypting the multiple first log instances to generate multiple second log instances; 根据日志实例的最后一次修改时间,按照先后顺序对所述多个第二日志实例进行排列,生成日志链;According to the last modification time of the log instance, the plurality of second log instances are arranged in sequence to generate a log chain; 获取云平台提供的所述第二日志实例的日志证明信息,生成日志证明信息实例;Obtain the log certification information of the second log instance provided by the cloud platform, and generate a log certification information instance; 检索每一个虚拟IP的第二日志实例以及所述第二日志实例对应的日志证明实例;Retrieve the second log instance of each virtual IP and the log proof instance corresponding to the second log instance; 对所述第二日志实例以及所述第二日志实例对应的日志证明实例进行加密,生成包含有证明信息的第三日志实例。The second log instance and the log proof instance corresponding to the second log instance are encrypted to generate a third log instance containing proof information. 2.根据权利要求1所述的方法,其特征在于,所述对所述多个第一日志实例进行加密,生成多个第二日志实例,包括:2. The method according to claim 1, wherein the encrypting the multiple first log instances to generate multiple second log instances, comprising: 采用第三方测评系统的公钥对所述多个第一日志实例进行加密,生成多个第二日志实例。The multiple first log instances are encrypted by using the public key of the third-party evaluation system to generate multiple second log instances. 3.根据权利要求1所述的方法,其特征在于,所述对所述第二日志实例以及所述第二日志实例对应的日志证明实例进行加密,生成包含有证明信息的第三日志实例,包括:3. The method according to claim 1, wherein the second log instance and the log certificate instance corresponding to the second log instance are encrypted, and the third log instance containing the certification information is generated, include: 采用云平台的私钥对所述第二日志实例以及所述第二日志实例对应的日志证明实例进行加密,生成包含有证明信息的第三日志实例。The second log instance and the log proof instance corresponding to the second log instance are encrypted by using the private key of the cloud platform, and a third log instance containing proof information is generated. 4.根据权利要求1所述的方法,其特征在于,还包括:将所述第二日志实例和所述日志链存储至第三方测评系统的日志数据库。4 . The method according to claim 1 , further comprising: storing the second log instance and the log chain in a log database of a third-party evaluation system. 5 . 5.根据权利要求1所述的方法,其特征在于,还包括:将所述第三日志实例存储至所述第三方测评系统的日志证明数据库。5 . The method according to claim 1 , further comprising: storing the third log instance in a log certification database of the third-party evaluation system. 6 . 6.一种面向云平台第三方测评系统的数据保全装置,所述装置面向第三方测评系统,其特征在于,包括:6. A data preservation device for a third-party evaluation system on a cloud platform, the device for a third-party evaluation system, characterized in that, comprising: 第一数据采集单元,用于获取云平台的日志数据,并对所述日志数据进行解析以生成多个第一日志实例;a first data collection unit, configured to acquire log data of the cloud platform, and parse the log data to generate a plurality of first log instances; 第一加密单元,用于对所述多个第一日志实例进行加密,生成多个第二日志实例;a first encryption unit, configured to encrypt the multiple first log instances to generate multiple second log instances; 日志链生成单元,用于根据日志实例的最后一次修改时间,按照先后顺序对所述多个第二日志实例进行排列,生成日志链;a log chain generation unit, configured to arrange the plurality of second log instances in sequence according to the last modification time of the log instance to generate a log chain; 第二数据采集单元,用于获取云平台提供的所述第二日志实例的日志证明信息,生成日志证明信息实例;A second data collection unit, configured to obtain log certification information of the second log instance provided by the cloud platform, and generate a log certification information instance; 检索单元,用于检索每一个虚拟IP的第二日志实例以及所述第二日志实例对应的日志证明实例;a retrieval unit for retrieving the second log instance of each virtual IP and the log proof instance corresponding to the second log instance; 第二加密单元,用于对所述第二日志实例以及所述第二日志实例对应的日志证明实例进行加密,生成包含有证明信息的第三日志实例。The second encryption unit is configured to encrypt the second log instance and the log proof instance corresponding to the second log instance, and generate a third log instance containing proof information. 7.根据权利要求6所述的装置,其特征在于,所述第一加密单元采用第三方测评系统的公钥对所述多个第一日志实例进行加密,生成多个第二日志实例。7 . The apparatus according to claim 6 , wherein the first encryption unit encrypts the multiple first log instances by using a public key of a third-party evaluation system to generate multiple second log instances. 8 . 8.根据权利要求6所述的装置,其特征在于,所述第二加密单元采用云平台的私钥对所述第二日志实例以及所述第二日志实例对应的日志证明实例进行加密,生成包含有证明信息的第三日志实例。8. The apparatus according to claim 6, wherein the second encryption unit encrypts the second log instance and the log proof instance corresponding to the second log instance by using the private key of the cloud platform, and generates A third log instance containing attestation information. 9.根据权利要求6所述的装置,其特征在于,所述日志链生成单元还用于将所述第二日志实例和所述日志链存储至第三方测评系统的日志数据库。9 . The apparatus according to claim 6 , wherein the log chain generation unit is further configured to store the second log instance and the log chain in a log database of a third-party evaluation system. 10 . 10.根据权利要求6所述装置,其特征在于,所述第二加密单元还用于将所述第三日志实例存储至所述第三方测评系统的日志证明数据库。10 . The apparatus according to claim 6 , wherein the second encryption unit is further configured to store the third log instance in a log certification database of the third-party evaluation system. 11 .
CN201711441199.1A 2017-12-27 2017-12-27 A data preservation method and device for a third-party cloud platform evaluation system Active CN108171078B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711441199.1A CN108171078B (en) 2017-12-27 2017-12-27 A data preservation method and device for a third-party cloud platform evaluation system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711441199.1A CN108171078B (en) 2017-12-27 2017-12-27 A data preservation method and device for a third-party cloud platform evaluation system

Publications (2)

Publication Number Publication Date
CN108171078A CN108171078A (en) 2018-06-15
CN108171078B true CN108171078B (en) 2021-08-31

Family

ID=62521695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711441199.1A Active CN108171078B (en) 2017-12-27 2017-12-27 A data preservation method and device for a third-party cloud platform evaluation system

Country Status (1)

Country Link
CN (1) CN108171078B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109697605A (en) * 2019-01-11 2019-04-30 深圳讼融通网络科技有限公司 Generation method, system and the readable storage medium storing program for executing of property preservation data record
EP3683712B1 (en) * 2019-01-16 2021-10-20 Siemens Aktiengesellschaft Protecting integrity of log data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6339828B1 (en) * 1997-05-28 2002-01-15 Symantec Corporation System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record
CN101039186A (en) * 2007-05-08 2007-09-19 中国科学院软件研究所 Method for auditing safely system log
CN107104804A (en) * 2017-05-10 2017-08-29 成都麟成科技有限公司 A kind of platform integrity verification method and device
CN107395355A (en) * 2017-06-12 2017-11-24 广东工业大学 A kind of cloud storage data integrity verification method based on implicit trusted third party

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2011128985A (en) * 2009-12-18 2011-06-30 Toshiba Corp Account aggregation system, information processing apparatus and encryption key management method of the account aggregation system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6339828B1 (en) * 1997-05-28 2002-01-15 Symantec Corporation System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record
CN101039186A (en) * 2007-05-08 2007-09-19 中国科学院软件研究所 Method for auditing safely system log
CN107104804A (en) * 2017-05-10 2017-08-29 成都麟成科技有限公司 A kind of platform integrity verification method and device
CN107395355A (en) * 2017-06-12 2017-11-24 广东工业大学 A kind of cloud storage data integrity verification method based on implicit trusted third party

Also Published As

Publication number Publication date
CN108171078A (en) 2018-06-15

Similar Documents

Publication Publication Date Title
JP7295068B2 (en) Federated key management
KR102055116B1 (en) Data security service
Sundareswaran et al. Promoting distributed accountability in the cloud
US9070112B2 (en) Method and system for securing documents on a remote shared storage resource
US20110276490A1 (en) Security service level agreements with publicly verifiable proofs of compliance
CN105027130A (en) Delayed data access
CN105122265A (en) Data security service system
JP2014134799A (en) Method and device for privacy respecting data processing
CN108171078B (en) A data preservation method and device for a third-party cloud platform evaluation system
KR20120091507A (en) Data access privilege managing method and apparatus
CN110493011B (en) Block chain-based certificate issuing management method and device
CN110188545B (en) Data encryption method and device based on chained database
Lee et al. How to securely record logs based on ARM TrustZone
CN113360924B (en) Data processing method, device, electronic device and medium
JP2019047334A (en) Data processing apparatus, data processing method, and data processing program
CN112699085B (en) Audit log management method and device
CN106650492B (en) A kind of multiple device file guard method and device based on security catalog
AU2021103828A4 (en) A novel system and auditing technique for cloud based digital forensic readiness with integrity and privacy preservation of health care data
CN112035891B (en) A decentralized electronic contract certification platform
KR101458929B1 (en) A log black box device in online service provider server of log information authentication system using third party certification and its methods of operation.
KR20190027207A (en) System and method for verifying integrity of personal information
Apirajitha et al. On developing Block‐Chain based Secure Storage Model (BSSM) with auditing and integrity analysis in the cloud
CN112769784A (en) Text processing method and device, computer readable storage medium and processor
Vanitha et al. Data sharing: Efficient distributed accountability in cloud using third party auditor
Anju et al. Publicly verifiable vibrant digital medical information systems

Legal Events

Date Code Title Description
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant