HK1228537A1 - Method and system for data desensitization - Google Patents
Method and system for data desensitizationInfo
- Publication number
- HK1228537A1 HK1228537A1 HK17102266.4A HK17102266A HK1228537A1 HK 1228537 A1 HK1228537 A1 HK 1228537A1 HK 17102266 A HK17102266 A HK 17102266A HK 1228537 A1 HK1228537 A1 HK 1228537A1
- Authority
- HK
- Hong Kong
- Prior art keywords
- data
- module
- identification
- desensitization
- sub
- Prior art date
Links
Description
Technical Field
Embodiments of the present disclosure relate generally to the field of data encryption and decryption, and more particularly to data desensitization methods and systems.
Background
Data desensitization refers to data deformation of some sensitive information through a desensitization rule, so that reliable protection of sensitive private data is achieved, and a common data desensitization mode is to encrypt data. Sensitive information is masked by means of a data desensitization technique, and the masked information retains its original data format and attributes to ensure that a system or application can function properly during development and testing using desensitized data.
Due to the requirements of industry supervision and the requirement of protecting the private information of users, the private information in some systems or application programs must be desensitized before being stored in a system log. Moreover, when the system needs to call up the privacy information, the desensitized data needs to be decrypted to obtain the original privacy information. Conventional data desensitization methods typically generate keys locally and encrypt data, and then store the encrypted data locally to meet the data desensitization requirements. However, storing both the key and desensitized data locally increases the risk of data being attacked or stolen. Therefore, the traditional data desensitization method cannot effectively ensure the safety of data.
Disclosure of Invention
In view of this, embodiments of the present disclosure propose a data desensitization method and system. The embodiment of the disclosure physically separates and stores the encryption key and the encrypted desensitized data in the local area network environment, and sets strict access authority for the encryption key and the desensitized data, so that the security of data encryption or decryption can be effectively ensured.
According to an aspect of the present disclosure, there is provided a data desensitization method, the method comprising: generating an identifier corresponding to the original data at the business module; sending original data and an identifier from the service module to the data encryption module; receiving desensitization data from the data encryption module at the traffic module, wherein the desensitization data is generated by the data encryption module encrypting the original data using a key, and the key is generated based on the identification; and sending desensitization data and identification from the service module to the data storage module, wherein the service module, the data encryption module, and the data storage module are located inside the same local area network and are physically separated from each other.
According to another aspect of the present disclosure, a data desensitization system is provided. The system includes a service module, a data encryption module, and a data storage module, wherein the service module, the data encryption module, and the data storage module are located inside a same local area network and are physically separated from each other, and wherein the service module is configured to: generating an identifier corresponding to the original data; sending original data and an identifier to a data encryption module; receiving desensitization data and an identification from a data encryption module; and sending the desensitization data and the identification to a data storage module, the data encryption module configured to encrypt the original data as desensitization data using a key, wherein the key is generated based on the identification; and the data storage module is configured to store desensitization data and the identification.
According to yet another aspect of the disclosure, a computer program product is provided that includes a computer usable or readable medium having a computer readable program. The computer readable program, when executed on a computing device, causes the device to perform various ones, and combinations of, the operations outlined with regard to the method illustrative embodiment.
Drawings
The features, advantages and other aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description in conjunction with the accompanying drawings, in which several embodiments of the present disclosure are shown by way of illustration and not limitation, wherein:
FIG. 1 illustrates an example architecture diagram of a data desensitization system 100 according to an embodiment of the present disclosure;
FIG. 2 illustrates a flow diagram of a process 200 for data desensitization and recovery according to an embodiment of the present disclosure;
FIG. 3 illustrates a flow diagram of a data encryption method 300 according to an embodiment of the present disclosure;
FIG. 4 illustrates a flow diagram of a data desensitization method 400 according to an embodiment of the present disclosure; and
fig. 5 illustrates a schematic block diagram of a device 500 that may be used to implement embodiments of the present disclosure.
Detailed Description
Various exemplary embodiments of the present disclosure are described in detail below with reference to the accompanying drawings. The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and systems according to various embodiments of the present disclosure. It should be noted that each block in the flowchart or block diagrams may represent a module, a segment, or a portion of code, which may comprise one or more executable instructions for implementing the logical function specified in the respective embodiment. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As used herein, the terms "include," "include," and similar terms are to be construed as open-ended terms, i.e., "including/including but not limited to," meaning that additional content can be included as well. The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment," and so on.
In embodiments of the present disclosure, the term "data" means any indicia, signals, marks, symbols, fields, sets of symbols, and any other physical form or forms representing information, whether permanent or temporary, visual, audible, acoustic, electrical, magnetic, electromagnetic, or explicit. The term "data" as used to represent predetermined information in physical form should be considered to encompass any and all representations of the same predetermined information in one or more different physical forms. In embodiments of the present disclosure, the term "key" may specifically denote a piece of information that controls the operation of an encryption algorithm or cipher. In encryption, the key may specifically represent the specific transformation of plaintext into ciphertext, and in decryption, the key may specifically represent the specific transformation of ciphertext into plaintext.
It should be understood that these exemplary embodiments are given solely for the purpose of enabling those skilled in the art to better understand and thereby implement the embodiments of the present disclosure, and are not intended to limit the scope of the invention in any way.
Fig. 1 illustrates an example architecture diagram of a data desensitization system 100 according to an embodiment of the present disclosure. As shown, the system 100 includes a service module 110, a data encryption module 120, and a data storage module 130. The service module 110 is connected with the data encryption module 120 through the network 140 in a wired or wireless manner, the service module 110 is connected with the data storage module 130 through the network 150 in a wired or wireless manner, and the data encryption module 120 is not directly connected with or communicated with the data storage module 130. In some embodiments, to ensure the security of the data encryption module 120 and/or the data storage module 130, the data encryption module 120 and/or the data storage module 130 are only accessible by the business module 110.
In some embodiments, the service module 110, the data encryption module 120, and the data storage module 130 are located within the same local area network, such as an internal network of the same company, and the networks 140 and 150 may be local area networks, VPN networks, and the like. In addition, the service module 110, the data encryption module 120, and the data storage module 130 are physically separated from each other. That is, the service module 110, the data encryption module 120, and the data storage module 130 are devices separate from each other.
In some embodiments, one or more of the traffic module 110, the data encryption module 120, and the data storage module 130 may be a server, including but not limited to application servers, data encryption servers, network storage devices, and other switching and communication devices. In other embodiments, the data encryption module 120 may be a computer with internet access capability, hosting various operating systems, and having various functions that may be customized to the needs of the user.
In some embodiments, the business module 110 is used to develop and maintain various application systems, such as a P2P (peer to peer) service financial system, a ticketing system, etc., and receives personal information of a user, such as the user's name, phone number, identification number, bank card number, etc., during operation. The service module 110 may send the user personal information therein to the data encryption module 120 for encryption, and send the encrypted desensitization information to the data storage module 130 for storage. The data encryption module can realize encryption and decryption for data. The data storage module may enable storage and retrieval of encrypted desensitized data.
Although only the traffic module 110, the data encryption module 120, and the data storage module 130 are shown in fig. 1, the system 100 may include one or more other devices not shown, such as network elements like routers, switches, etc.
Fig. 2 illustrates a flow diagram of a process 200 for data desensitization and recovery according to an embodiment of the present disclosure. To ensure the security of the data, the business module 110 does not locally store the user's personal information. In act 202, when it is desired to store raw data related to the user's personal information (e.g., a log or data record associated with the user's personal information), the business module 110 generates an Identification (ID) corresponding to the raw data, e.g., a global identification of D001 may be generated for the raw first data. Meanwhile, the service module 110 stores the correspondence between the original data and the ID.
In act 204, the traffic module 110 sends the original data and the identification ID to the data encryption module 120. Since the service module 110, the data encryption module 120, and the data storage module 130 are located inside the same lan and physically separated from each other, these devices are trusted with each other, and communication between the devices is also performed only inside the lan, the service module 110 can directly transmit plain-text raw data to the data encryption module 120 without worrying about the raw data being intercepted or stolen.
In some embodiments, the data encryption module 120 may be configured to be accessible only by the traffic module 110, that is, only traffic modules 110 having an Internet Protocol (IP) address that may be allowed can access the data encryption module 120. In addition, a token (token) may be provided to control access to the data encryption module 120, the token having a validity period, i.e., the token is only usable during the validity period. In one embodiment, the token requires manual application and distribution to the business module 110. In some embodiments, the traffic module 110 may verify whether the token used to access the data encryption module 120 is valid; and in response to the token for accessing the data encryption module being valid, sending the original data and the ID to the data encryption module 120. Accordingly, by setting an accessible IP address and a valid token in a local area network environment, secure access to the data encryption module 120 can be effectively ensured, so that other devices that are not authorized or in the permission list cannot access the data encryption module 120.
In act 206, the data encryption module 120, after receiving the raw data and the corresponding ID, generates an encryption key based on the ID (e.g., the ID is a factor of the generated key), and encrypts the raw data with the generated key as desensitized data. In some embodiments, the data encryption module 120 may apply multiple encryption algorithms, and may use different encryption algorithms and encryption keys for different raw data. In some embodiments, the encryption algorithm may be a symmetric encryption algorithm (such as a Data Encryption Algorithm (DEA), CAST5 algorithm, advanced encryption standard Algorithm (AES), ttofosh algorithm, etc.) and an asymmetric encryption algorithm. By using different encryption algorithms, even if the encryption key is stolen or cracked, the original data cannot be decrypted because the encryption algorithm is not known. Further, the data encryption module 120 stores the correspondence between the encryption key and the identification ID, and thus the encryption key used for the original data corresponding to the ID can be found by the ID.
The data encryption module 120 then sends the encrypted desensitization data and the ID to the traffic module 110 in act 208. After receiving the desensitization data and ID, the traffic module 110 does not store the desensitization data locally, but rather sends the desensitization data and identification ID to the data storage module 130 for storage in act 210. In act 212, the data storage module 130, after receiving the desensitization data and the ID, stores the desensitization data and the ID and stores the correspondence between the desensitization data and the ID in act 212. In some embodiments, to increase the access speed of desensitization data, desensitization data and ID may be initially stored in a CACHE (CACHE) of the data storage module 130, and the desensitization data in the CACHE is periodically stored in storage devices (e.g., disks) of the data storage module 130.
In some embodiments, the data storage module 130 may also be configured to be accessible only by the business module 110. In addition, a token (token) may also be set to control access to the data storage module 130, and therefore, secure access to the data storage module 130 can be effectively ensured, so that other devices that are not authorized or in the permission list cannot access the data storage module 130.
To this end, the original data in the traffic module 110 has been encrypted as desensitized data and stored in the data storage module 130. Since the data storage module 130 stores only the desensitized data and the data encryption module 120 stores only the encryption key used for encryption, the original content in the desensitized data cannot be decrypted even if the encryption key or the desensitized data is stolen.
In addition, process 200 also includes a set of actions for recovering desensitization data. In act 214, when the business module 110 needs to invoke the raw data, the corresponding ID of the needed raw data is sent to the data storage module 130. The data storage module 130 then retrieves the corresponding desensitization data according to the ID, and in act 216 the traffic module 110 receives desensitization data corresponding to the ID from the data storage module 130. The traffic module 110 then sends the desensitization data and corresponding ID to the data encryption module 120 in act 218.
In act 220, the data encryption module 120, after receiving the desensitization data and corresponding ID, looks up the corresponding key or symmetric key with the ID and decrypts the desensitization data into the original data using the key. In some embodiments, the ID may also be used to determine the encryption algorithm used. In act 222, the data encryption module 120 sends the raw data and the corresponding ID to the traffic module 110. Therefore, the original data is decrypted and recovered, so that the original content in the desensitized data cannot be decrypted even if the encryption key or the desensitized data is stolen in the local area network environment, and therefore, the requirement for monitoring desensitized storage of sensitive information is met, and the safety and the integrity of the data are also guaranteed.
Fig. 3 illustrates a flow diagram of a data encryption method 300 according to an embodiment of the present disclosure, which method 300 may be performed, for example, by the traffic module 110 described with reference to fig. 1, and which method 300 may be a sub-action of action 210 described with reference to fig. 2. At step 302, the desensitization data is randomly sliced into sub-data, for example, the original data is sliced into 5 sub-data. In step 304, a plurality of sub-identifiers corresponding to a plurality of sub-data are generated, that is, each sub-data has a corresponding sub-identifier, and the sub-identifiers are, for example, D0011, D0012, D0013, D0014, and D0015. At step 306, a plurality of sub-keys semi-specific to the plurality of sub-data are generated based on the plurality of sub-identifications, for example, different sub-keys are generated for each sub-data to ensure that each sub-data is independently encrypted.
Then, in step 308, the corresponding relationship among the plurality of sub identifiers, the plurality of sub data, and the plurality of sub keys is stored. For example, the service module 110 may store a plurality of sub identifiers, a plurality of sub data, and a corresponding relationship between a plurality of sub keys, so as to obtain corresponding sub keys when decrypting. Next, in step 310, the plurality of sub-data are encrypted using the plurality of sub-keys, respectively, and in step 312, the plurality of encrypted sub-data and the plurality of sub-identifications are transmitted to the data storage module.
In addition, the corresponding relationship between the identifier and the plurality of sub identifiers can be stored in the service module 110. When the desensitization data needs to be restored, a plurality of sub-identifications can be obtained through the identification, the encrypted sub-data corresponding to the sub-identifications are retrieved from the data storage module 130, and the encrypted sub-data are decrypted into sub-data by using a plurality of sub-keys corresponding to the sub-identifications. The multiple sub-data are then merged to generate desensitized data. Next, desensitization data may be sent to the data encryption module 120 to obtain the original data, as described with reference to act 218 and 222 depicted in FIG. 2.
By the method 300 of the embodiment of the present disclosure, the desensitization data that has been encrypted may be further segmented and different sub-data after segmentation may be encrypted using different keys, so that the security of the original data may be further ensured.
Fig. 4 illustrates a flow diagram of a data desensitization method 400 according to an embodiment of the present disclosure, which method 300 may be performed, for example, by the service module 110 described with reference to fig. 1, wherein the service module 110, the data encryption module 120, and the data storage module 130 are located inside the same local area network and are physically separated from each other. At step 402, an identification corresponding to the raw data is generated at the business module 110. In step 404, the original data and the identification are sent from the service module 110 to the data encryption module 120. Next, at step 406, desensitization data is received from the data encryption module 120 at the traffic module 110, wherein the desensitization data is generated by the data encryption module 120 encrypting the original data using a key, and the key is generated based on the identification. Then, at step 408, desensitization data and identification are sent from the service module to the data storage module. In one embodiment, in response to the original data being modified, the modified original data and the ID are sent from the business module to the data encryption module. That is, when the original data is changed, even if the original data is updated by encryption.
According to the embodiment of the disclosure, the encryption key and the encrypted desensitization data are stored in a local area network environment physically and separately, and strict access rights are set for the encryption key and the desensitization data, so that the security of data encryption or decryption can be effectively ensured. In addition, by setting a globally uniform Identifier (ID), corresponding original data, a key and desensitized data can be effectively searched according to the ID. Meanwhile, strict access rights are set for the data encryption module and the data storage module through the IP address or the token, so that other devices which are not authorized or in the permission list cannot acquire the encryption key and desensitized data. In addition, the desensitization data is further segmented, and different segmented subdata is encrypted by using different keys, so that the security of the original data can be further ensured.
Fig. 5 illustrates a schematic block diagram of a device 500 that may be used to implement embodiments of the present disclosure, the device 500 may represent, for example, the traffic module 110, the data encryption module 120, and the data storage module 130 described in fig. 1. As shown, device 500 includes a Central Processing Unit (CPU)501 that may perform various appropriate actions and processes in accordance with computer program instructions stored in a Read Only Memory (ROM)502 or loaded from a storage unit 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data required for the operation of the device 500 can also be stored. The CPU 501, ROM502, and RAM 503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
A number of components in the device 500 are connected to the I/O interface 505, including: an input unit 506 such as a keyboard, a mouse, or the like; an output unit 507 such as various types of displays, speakers, and the like; a storage unit 508, such as a magnetic disk, optical disk, or the like; and a communication unit 509 such as a network card, modem, wireless communication transceiver, etc. The communication unit 509 allows the device 500 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
The various processes and processes described above, such as processes or methods 200, 300, and 400, may be performed by processing unit 501. For example, in some embodiments, the processes or methods 200, 300, and 400 may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as the storage unit 508. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 500 via the ROM502 and/or the communication unit 509. When loaded into RAM 503 and executed by CPU 501, the computer programs may perform one or more of the acts or steps of processes or methods 200, 300, and 400 described above.
The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied thereon for carrying out various aspects of the present disclosure. The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
The computer program instructions for carrying out operations of the present disclosure may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry can execute computer-readable program instructions to implement aspects of the present disclosure by utilizing state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
It should be noted that although in the above detailed description several means or sub-means of the device are mentioned, this division is only exemplary and not mandatory. Indeed, the features and functions of two or more of the devices described above may be embodied in one device in accordance with embodiments of the present disclosure. Conversely, the features and functions of one apparatus described above may be further divided into embodiments by a plurality of apparatuses.
The above description is only an alternative embodiment of the present disclosure and is not intended to limit the embodiments of the present disclosure, and various modifications and changes may be made to the embodiments of the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the embodiments of the present disclosure should be included in the scope of protection of the embodiments of the present disclosure.
While embodiments of the present disclosure have been described with reference to several particular embodiments, it should be understood that embodiments of the present disclosure are not limited to the particular embodiments disclosed. The embodiments of the disclosure are intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims. The scope of the following claims is to be accorded the broadest interpretation so as to encompass all such modifications and equivalent structures and functions.
Claims (16)
1. A method of data desensitization, comprising:
generating an identifier corresponding to the original data at the business module;
sending the original data and the identification from the service module to a data encryption module;
receiving desensitization data at the traffic module from the data encryption module, the desensitization data generated by the data encryption module encrypting the original data using a key, and the key generated based on the identification; and
sending the desensitization data and the identification from the traffic module to a data storage module,
wherein the service module, the data encryption module, and the data storage module are located inside the same local area network and are physically separated from each other.
2. The method of claim 1, further comprising:
verifying, at the traffic module, whether a token for accessing the data encryption module is valid; and
sending, at the traffic module, the original data and the identification to the data encryption module in response to the token for accessing the data encryption module being valid.
3. The method of claim 1, wherein the data encryption module stores a correspondence between the key and the identity and is capable of applying a plurality of encryption algorithms.
4. The method of claim 3, wherein the desensitization data and the identification are initially stored in a cache of the data storage module, and the desensitization data and the identification in the cache are periodically stored in storage of the data storage module.
5. The method of any of claims 1-4, further comprising:
sending the identification from the service module to the data storage module;
receiving, at the business module, the desensitization data corresponding to the identification from the data storage module;
sending the desensitization data and the identification from the service module to the data encryption module; and
receiving, at the traffic module, the original data and the identification from the data encryption module.
6. The method of claim 5, further comprising:
in response to the original data being modified, sending the modified original data and the identification from the traffic module to a data encryption module.
7. The method of claim 1, the data encryption module and/or the data storage module being accessible only by the business module.
8. The method of any of claims 1-4, wherein sending the desensitization data and the identification from the traffic module to a data storage module comprises:
randomly cutting the desensitization data into a plurality of sub-data at the traffic module;
generating, at the traffic module, a plurality of sub-identifications corresponding to the plurality of sub-data;
generating, at the traffic module, a plurality of subkeys for the plurality of subdata, respectively, based on the plurality of subidentifications;
storing, at the business module, a correspondence between the plurality of sub-identifiers, the plurality of sub-data, and the plurality of sub-keys;
encrypting the plurality of sub-data respectively at the traffic module using the plurality of sub-keys; and
and sending the plurality of encrypted subdata and the plurality of encrypted sub-identifications from the service module to a data storage module.
9. A data desensitization system, comprising:
a service module, a data encryption module, and a data storage module, wherein the service module, the data encryption module, and the data storage module are located inside a same local area network and are physically separated from each other, and
the traffic module is configured to:
generating an identifier corresponding to the original data;
sending the original data and the identification to the data encryption module;
receiving desensitization data and an identification from the data encryption module; and
sending the desensitization data and the identification to the data storage module,
the data encryption module is configured to:
encrypting the original data as the desensitized data using a key, wherein the key is generated based on the identification; and
the data storage module is configured to:
storing the desensitization data and the identification.
10. The system of claim 9, wherein the traffic module is further configured to:
verifying whether a token for accessing the data encryption module is valid; and
in response to the token for accessing the data encryption module being valid, sending the original data and the identification to the data encryption module.
11. The system of claim 9, wherein the data encryption module stores a correspondence between the key and the identification and is capable of applying a plurality of encryption algorithms.
12. The system of claim 11, wherein the desensitization data and the identification are initially stored in a cache of the data storage module, and the desensitization data and the identification in the cache are periodically stored in storage of the data storage module.
13. The system of any of claims 9-12, wherein the traffic module is further configured to:
sending the identification to the data storage module;
receiving the desensitization data corresponding to the identification from the data storage module;
sending the desensitization data and the identification to the data encryption module; and
receiving the original data and the identification from the data encryption module.
14. The system of claim 13, wherein the traffic module is further configured to:
in response to the original data being modified, sending the modified original data and the identification to a data encryption module.
15. The system of claim 9, the data encryption module and/or the data storage module being accessible only by the business module.
16. The system of any of claims 9-12, wherein the traffic module is further configured to:
randomly cutting the desensitization data into a plurality of subdata;
generating a plurality of sub identifiers corresponding to the plurality of sub data;
generating a plurality of sub-keys respectively for the plurality of sub-data based on the plurality of sub-identifications;
storing the corresponding relation among the plurality of sub identifiers, the plurality of sub data and the plurality of sub keys;
encrypting the plurality of subdata respectively by using the plurality of subkeys; and
and sending the plurality of encrypted subdata and the plurality of encrypted sub-identifications to a data storage module.
Publications (3)
| Publication Number | Publication Date |
|---|---|
| HK1228537A HK1228537A (en) | 2017-11-03 |
| HK1228537A1 true HK1228537A1 (en) | 2017-11-03 |
| HK1228537B HK1228537B (en) | 2019-08-16 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220158832A1 (en) | Systems and Methods for Deployment, Management and Use of Dynamic Cipher Key Systems | |
| CN105975870B (en) | Data desensitization method and system | |
| US8732462B2 (en) | Methods and apparatus for secure data sharing | |
| JP6546144B2 (en) | Secure removable storage for aircraft systems | |
| EP3860036B1 (en) | Key management method, security chip, service server and information system | |
| CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
| US10298390B2 (en) | Integrity protected trusted public key token with performance enhancements | |
| CN112740615B (en) | Key Management for Multi-Party Computation | |
| CN113849847B (en) | Method, apparatus and medium for encrypting and decrypting sensitive data | |
| CN110708291B (en) | Data authorization access method, device, medium and electronic equipment in distributed network | |
| KR101648364B1 (en) | Method for improving encryption/decryption speed by complexly applying for symmetric key encryption and asymmetric key double encryption | |
| US12058257B2 (en) | Data storage method, data read method, electronic device, and program product | |
| KR101311059B1 (en) | Revocation information management | |
| Bomma | Navigating the challenges of data encryption and compliance regulations: Ftp vs. sftp | |
| US10382199B2 (en) | Keyword to set minimum key strength | |
| CN113672973A (en) | Database system of embedded equipment based on RISC-V architecture of trusted execution environment | |
| Srikanth et al. | Proxy-Based Re-Encryption Design for the IoT Ecosystem | |
| US11575507B1 (en) | Sharing access to data | |
| HK1228537A1 (en) | Method and system for data desensitization | |
| HK1228537A (en) | Method and system for data desensitization | |
| US9178855B1 (en) | Systems and methods for multi-function and multi-purpose cryptography | |
| US9189638B1 (en) | Systems and methods for multi-function and multi-purpose cryptography | |
| HK1228537B (en) | Method and system for data desensitization | |
| EP3051770A1 (en) | User opt-in computer implemented method for monitoring network traffic data, network traffic controller and computer programs | |
| Das et al. | Towards a novel cross-media encryption-cum-obfuscation technique |