CN104252605B - A kind of file transparent encrypting and deciphering system of Android platform and method - Google Patents
A kind of file transparent encrypting and deciphering system of Android platform and method Download PDFInfo
- Publication number
- CN104252605B CN104252605B CN201410475391.2A CN201410475391A CN104252605B CN 104252605 B CN104252605 B CN 104252605B CN 201410475391 A CN201410475391 A CN 201410475391A CN 104252605 B CN104252605 B CN 104252605B
- Authority
- CN
- China
- Prior art keywords
- file
- key
- user
- encryption
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0484—Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Abstract
The invention discloses a kind of file transparent encipher-decipher method of Android platform, comprises the following steps:Select to need the path of document to be protected place file and arrange password;According to path and the password of user input, encryption path catalogue listing and authentication file is generated respectively;Scanning encryption path catalogue listing, if opening operating system for the first time, will carry out first time initialization encryption to agent-protected file according to list item, then carry out next step;When user's triggering unblock screen event, then receive the pass phrase of user input, pass phrase is carried out to compare with the authentication file of generation in step 2 after hash algorithm computing, if it does not match, unblock failure;If it does, then pass phrase is carried out sha1 algorithms generates key, the key is stored;Key is called to can achieve to carry out encryption and decryption to file;The invention also discloses a kind of file transparent encrypting and deciphering system of Android platform, little to user operation interference on the premise of realize the protection to file.
Description
Technical field
The present invention relates to field of information security technology, the file transparent encrypting and deciphering system of particularly a kind of Android platform
And method.
Background technology
With the fast development of information age, internet deepen continuously popular life and work every aspect, become not
The part that can or lack.The popularization of computer application and the development of internet and movable storage device, former paper document by
Gradually it is changed into electronics, e-file has small volume, checks many advantages such as convenient, while the easy change of e-file, easily
The characteristic of propagation, can also badly influence e-file storage and the security for exchanging.
Transparent encryption technology is to develop a kind of more rapid file ciphering technology in recent years.So-called transparent, refer to for
Authorized user, encryption process are automatically performed, and realize that principle is in disk to deposit file with encrypted test mode, during reading certainly
Dynamic decryption, is saved in internal memory, after user has changed the copy in internal memory, then encrypts automatically and write back disk.In Windows thoroughly
Bright encryption realizes that technology mainly has two classes:The hook transparent encryption technology of client layer and the filtration drive encryption technology of inner nuclear layer,
And the realization of inner nuclear layer is realized better than client layer in performance, compatibility and stability, while technical difficulty is also compared with client layer
Realize big.
The android system being based on is embodied using the linux kernel that is cut out for embedded device, its design
The thought of Structured Design, with very strong level, from bottom to user interface, level mainly includes:Linux kernel,
HAL (hardware abstraction layer), system services layer, application framework layer and application program.The operation of the file system of linux kernel is by having
Several groups of operation tables of body file system maintenance are provided, and its list item is function pointer, points to specific operation code.Transparent encryption needs
Change the behavior of certain operations (such as read-write operation).It is demonstrated experimentally that only replacement operation table is technically feasible, but system is caused to tie
Structure is chaotic, maintainable and poor expandability.Stacking-type file system is a kind of incremental development pattern, for expanding original text
The function of part system.Code of the which without modification original file system, but cover it, filter the operation such as read-write,
During add the processing method of oneself, such as encrypt and compress etc., to strengthen the function of original file system.The model is by Erez
Zadok is proposed, and is included FiST frameworks and is constructed such file system to facilitate.Due to FiST framework establishments in 2 years it
Before, lack maintenance, and only support 2.4 to 2.6 kernel version.
The thought of PC file protecting system is directly applied and is being moved by existing part Android file protecting systems
On dynamic equipment, the difference of platform is have ignored:Mobile device mainly emphasizes Consumer's Experience, not exclusively functional realiey.These files
Protection system frequently requires user input password, selects encryption and decryption file, reduces the convenience degree of equipment.On the other hand, existing
The transparent encrypting and deciphering system having, reduces the impact to user operation habits, but protects work not comprehensive:Such as due to authority
Problem can not protect particular category, it is impossible to protect the file (and important deposit position of SD card regular user data) in SD card;
Or the file of certain specified format can only be protected;Or it is low to system conjugation vulnerable;Or compatibility and autgmentability
Low, such as can only support section particular version system.
Content of the invention
The technical problem to be solved is to overcome the deficiencies in the prior art and provide a kind of text of Android platform
The transparent encrypting and deciphering system of part and method, the present invention realize technology using stacking-type file system, using to the greatest extent may be used with reference to frequency locking interface
Impact of the energy minimizing to user operation, operating system of combining closely itself, realization is externally obstructed, internally nothing serious, and encryption and decryption is protected
Shield.
The present invention is employed the following technical solutions for solving above-mentioned technical problem:
According to a kind of file transparent encipher-decipher method of Android platform proposed by the present invention, comprise the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to protected according to list item
File carries out first time initialization encryption, then carries out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, pass phrase carried out
Compare with the authentication file of generation in step 2 after hash algorithm computing:If it does not match, unblock failure;If
Coupling, then be converted into key by pass phrase using sha1 algorithms, the key stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, work as user
Write request is sent, the key-pair file stored by invocation step four is encrypted;When user sends read request, key is called to text
Part is decrypted;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
As a kind of scheme for further optimizing of the file transparent encipher-decipher method of Android platform of the present invention, institute
Hash algorithm is stated for MD5 hash algorithms.
According to a kind of file transparent encrypting and deciphering system of Android platform proposed by the present invention, including line module and interior
Core module, line module include that dispensing unit and screen locking unit, kernel module include key management unit unit and stacking-type file
System unit;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu path
Table, the password generate first key through sha1 algorithms and are stored;Authentication file is input into key management unit unit, encryption
Directory path table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using carrying out with authentication file after hash algorithm computing
Match somebody with somebody:Unblock failure if mismatching;If coupling is consistent while lock screen is solved, pass phrase is converted using shal algorithms
Stored into the second key, when screen locking unit screen locking, removed the second key;
Stacking-type file system elements, open operating system when first time, call the when receiving encryption menu routing table
The file in catalogue corresponding to one key pair encryption directory path table carries out initialization encryption;And it is covered in operating system support
And on the All Files system of carry, the second key in key management unit is called when user sends read request, to file
It is decrypted;The second key in key management unit is called when user sends write request, and file is encrypted.
As a kind of scheme for further optimizing of the file transparent encrypting and deciphering system of Android platform of the present invention, institute
The strategy for stating user's formulation also includes whether to enable encrypting and deciphering system.
As a kind of scheme for further optimizing of the file transparent encrypting and deciphering system of Android platform of the present invention, institute
Hash algorithm is stated for MD5 hash algorithms.
The present invention adopts above technical scheme compared with prior art, with following technique effect:(1)The present invention utilizes heap
Stacked file systems realize technology, reduce the impact to user operation as far as possible using with reference to frequency locking interface, operation of combining closely
System itself, encryption and decryption protection that realization is externally obstructed, internally nothing serious;(2)Protection Android terminal user stores in a device
Private data, while not changing user operation habits, do not affect Consumer's Experience;(3)From kernel level cipher mode, strengthen system
System security and encryption and decryption efficiency, are tightly combined with system, and anti-attack ability is strong, with higher security;Due to system core
Heart encryption/decryption module is operated in the bottom, and is top with the interface of user mutual, and system setup middleware aids in kernel mould
Block and the communication of upper layer application;By JNI (Java local IP access interfaces) and interlayer communication, intermediate layer is again by ioctl's
Mode completes to communicate with kernel module;(4)The present invention can support the 3.x kernels that currently a popular Android4.x is used, this
System design document system, reads in file and is processed in write operation, and other file operations are directly directed to bottom
Layer file system, flexibly easily transplants;(5)Encryption and decryption is transparent to user, little to user operation interference, and Consumer's Experience is good;It is easy to portion
Administration and transplanting;There is higher performance;File format is not differentiated between, user can be used to encrypt any form of file;Do not differentiate between and deposit
Storage space is put, and can encrypt information in application program of mobile phone information and storage expansion card, realize the protection to SD card file data.
Description of the drawings
Fig. 1 is the interaction of each intermodule of the system.
Fig. 2 is transparent encryption and decryption file system fundamental diagram of the invention.
Fig. 3 is the schematic diagram between upper strata stack encryption and decryption file system and lower floor's actual file system.
Fig. 4 is screen locking cell operation flow chart.
Specific embodiment
Below in conjunction with the accompanying drawings technical scheme is described in further detail:
A kind of file transparent encipher-decipher method of Android platform, comprises the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to protected according to list item
File carries out first time initialization encryption, then carries out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, pass phrase carried out
Compare with the authentication file of generation in step 2 after hash algorithm computing:If it does not match, unblock failure;If
Coupling, then be converted into key by pass phrase using sha1 algorithms, the key stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, work as user
Write request is sent, the key-pair file stored by invocation step four is encrypted;When user sends read request, key is called to text
Part is decrypted;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
The hash algorithm is MD5 hash algorithms.
It is the interaction of each intermodule of the system as shown in Figure 1, a kind of file transparent encryption and decryption of Android platform
System, including line module and kernel module, line module includes that dispensing unit and screen locking unit, kernel module include key pipe
Reason device unit and stacking-type file system elements;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu path
Table, the password generate first key through sha1 algorithms and are stored;Authentication file is input into key management unit unit, encryption
Directory path table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using carrying out with authentication file after hash algorithm computing
Match somebody with somebody:Unblock failure if mismatching;If coupling is consistent while lock screen is solved, pass phrase is converted using shal algorithms
Stored into the second key, when screen locking unit screen locking, removed the second key;
Stacking-type file system elements, open operating system when first time, call the when receiving encryption menu routing table
The file in catalogue corresponding to one key pair encryption directory path table carries out initialization encryption;And it is covered in operating system support
And on the All Files system of carry, the second key in key management unit is called when user sends read request, to file
It is decrypted;The second key in key management unit is called when user sends write request, and file is encrypted.
The strategy that the user formulates also includes whether to enable encrypting and deciphering system.The hash algorithm is MD5 hash algorithms.
Fig. 2 is transparent encryption and decryption file system fundamental diagram of the invention.Read the process of agent-protected file:If user
For unauthorized user(User without locking screen interface authentication), operation failure.For authorized user, then transmit read request
To underlying file system, the file content for returning is obtained, now content is ciphertext.To key management unit unit requests key, profit
Ciphertext is decrypted with the key.The plaintext of acquisition is copied to user's space from kernel spacing.
Modification corresponding document attribute, completes read operation.
The process of write agent-protected file:If user is unauthorized user(Use without locking screen interface authentication
Family), operation failure.
For authorized user, key is asked, using buffering zone encryption that the data that user's space is transmitted by key are located.
Buffer contents are delivered to underlying file system, disk is written to by which.
Modification corresponding document attribute, completes write operation.
File system module is registered to kernel, needs the file system operation method that realizes to have:Superblock method of operating, section
Point method of operating, file operation method.
The system file system forms a stack architecture, and topmost paper system is exactly the stacking-type encryption and decryption file of exploitation
System.Underlying file system is actual file system(But it could also be possible that another stacking-type file system, if the storehouse
File system is enough " transparent ", it is also possible to think actual file system).
As topmost paper system depends on the method for operating and data structure of underlying file system, so the first step answers structure
Build the relation between levels file system data structures.
It is the schematic diagram between upper strata stack encryption and decryption file system and lower floor's actual file system as shown in Figure 3, with
As a example by file structures:Here upper_file is the object of this layer of file system, and lower_file is corresponding lower floor
The object of file system.Both are contacted by the private_date pointers of upper_file.Upper_ is called during file operation
The function in file_ops file operation tables in file.Because at the operation requests for issuing stacking-type file system upper strata are passed through
After reason, lower floor can be passed to.Specifically, the function in upper strata file_ops operations table can call corresponding in lower floor's file_ops tables
Function.Similar, dentry, inode and address_space structure of this layer of file system, with underlying file system
Respective data structures contact, transmit respective operation requests.
The structure of relation between levels key data structure is completed, is that following operation lays the foundation.
In addition to file read-write operations, the work of remaining paper system operatio is only to call the corresponding letter of underlying file system
Number, or universal function is used, to realize that " passes through ".If desired, will also update underlying file system data structure
The domain of dependence, such as file access time, file current read position etc..As a example by reading catalogue file:Now levels file system
System relation builds and completes, since it is desired that calling the operation of underlying file system, is searched out and this layer by the relation first
Data structure lower_file of the corresponding underlying file systems of file.The mesh that lower_file is read by VFS layers general purpose function
Record information.Here directory information is the directory information of underlying file system, but due to processing to the operation, can be with
Directory information directly as this layer is returned.VFS_readdir can automatically update the access of lower_file after having read information
Time, but the file access times on upper strata need renewal manually.Synchronization is reached here by copy underlying file access information
Both purposes.
It is similar that remaining needs " to realize by the file operation of ".
As follows to file read-write operations particular content:After calling underlying file systems to read in data, content is returned
To before user's space, buffering area is decrypted.Equally, in write operation, before underlying file systems write operation is called,
Encrypted buffer area.
Wherein encryption process can be realized using kernel encryption and decryption framework, to save space-time expense, reduce development cost.
The realization of dispensing unit:Tactful configuration interface is the system control core. above, content of the invention one is saved its function
Description has been given.It safeguards two files:For the password md5 files that compare during authentication and encryption menu list file.It
As common Android application programs, but need to hold administrator right, automatic when needing to start shooting, then scanning encryption
Catalogue listing, one by one for table in catalogue carry encryption and decryption file system.
The realization of kernel key management unit unit:
Kernel key management unit unit, effect are similar to and kernel key ring.Which is not because using kernel key ring directly
Excessively complicated, the limited time resource of embedded device and space resources of kernel occupancy should be reduced as far as possible.The close manager of kernel
Mainly can be by the global buffer of other module accesses, for depositing key including one.The module is directly locked with application layer
Screen interface is communicated by ioctl modes.It is to receive from the close of user input to define TRANSPARENT_IOCAUTHEN orders
Code, after md5 computings, is compared with the authentication file that locally deposits, and returns and be verified if consistent, and will be close
Code is converted into 128bit keys through sha1 computings and is stored in global buffer.TRANSPARENT_ is defined simultaneously
The task of removing key in key management unit for completing is needed when IOCCLEARKEY orders are lock screen.
Fig. 4 is screen locking cell operation flow chart.The realization of screen locking unit:The password that screen locking application receives user input is short
Language, and read the switching value for whether opening encryption and decryption service.
These information are copied into kernel spacing, and pass phrase is hashed algorithm calculating here, with authentication file
The MD5 values of middle storage compare to confirm user identity.Such as do not correspond, then prompting unblock failure, user can carry out tasting for limited number of time
Examination;If be consistent, turn next step.
If authentication success, judge whether the switching value for opening encryption and decryption service;If service is not turned on, turn
Next step;If service is opened, key is entered line translation and is stored in key management unit, execute next step.
Solution lock screen.
Screen locking unit provides the set of controls of two and user mutual:Code input control group and a binary switch.The former
For recording the key of user input, the latter determines it is only to unlock mobile phone operating system or i.e. unblock operating system and unlock again to add
Ciphertext part.Screen locking unit itself only receives and cache user password, not responsible authentication.It is in security consideration, authentication
Completed by kernel cipher key management unit.Screen locking unit is communicated with intermediate layer dynamic base by JNI (Java local IP access interfaces), in
Key is delivered to kernel spacing from user's space by way of ioctl and kernel communication by interbed.Consider trial edition system
The user of system is divided into two kinds of mobile phone operating system customization business and personal user, so JNI deployment both can be carried in application framework layer
For upper strata calling interface, it is employed routine call as system API, or is extended by third party application, accomplishes and system
Combine closely, program loading can be employed as independent dynamic library file using direct compilation again so that personal user disposed
It is the message that is transmitted with BroadCast forms that screen locking is conciliate in the simple and convenient screen locking in android system of journey.The system screen locking should
The message is monitored with module, corresponding process is made.OpenScreen and closeScreen in code is unblock/screen of unlocking
The action executed during curtain, mainly calls JNI interfaces, and unblock is to complete authentication and key transmission, removes key during screen locking.
Specific embodiments described above, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect
Detailed description, be should be understood that the foregoing is only specific embodiments of the present invention, be not limited to this
Bright scope, any those skilled in the art, the equivalent that is made on the premise of the design without departing from the present invention and principle
Change and modification, all should belong to the scope of protection of the invention.
Claims (5)
1. the file transparent encipher-decipher method of a kind of Android platform, it is characterised in that comprise the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to agent-protected file according to list item
First time initialization encryption is carried out, the key for being used is first key, and first key is the password during user is generated strategy
Generate through shal algorithms, then carry out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, Hash carried out to pass phrase
Compare with the authentication file of generation in step 2 after algorithm computing:If it does not match, unblock failure;If
Match somebody with somebody, then pass phrase is converted into key using sha1 algorithms, the key is stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, when user sends
Write request, the key-pair file stored by invocation step four are encrypted;When user sends read request, key-pair file is called to enter
Row decryption;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
2. the file transparent encipher-decipher method of a kind of Android platform according to claim 1, it is characterised in that described
Hash algorithm is MD5 hash algorithms.
3. the file transparent encrypting and deciphering system of a kind of Android platform, including line module and kernel module, it is characterised in that
Line module includes that dispensing unit and screen locking unit, kernel module include key management unit unit and stacking-type file system list
Unit;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu routing table, should
Password generates first key through sha1 algorithms and is stored;Authentication file is input into key management unit unit, encryption menu
Routing table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using being mated with authentication file after hash algorithm computing:If
Mismatch then unblock failure;If coupling is consistent while lock screen is solved, pass phrase is converted into the using shal algorithms
Two keys are stored, and when screen locking unit screen locking, remove the second key;
Stacking-type file system elements, open operating system when first time, call first close when receiving encryption menu routing table
Key carries out initialization encryption to the file in the catalogue corresponding to encryption menu routing table;And be covered in operating system and support and hang
On the All Files system of load, the second key in key management unit is called when user sends read request, file is carried out
Decryption;The second key in key management unit is called when user sends write request, and file is encrypted.
4. the file transparent encrypting and deciphering system of a kind of Android platform according to claim 3, it is characterised in that described
The strategy that user formulates also includes whether to enable encrypting and deciphering system.
5. the file transparent encrypting and deciphering system of a kind of Android platform according to claim 3, it is characterised in that described
Hash algorithm is MD5 hash algorithms.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410475391.2A CN104252605B (en) | 2014-09-17 | 2014-09-17 | A kind of file transparent encrypting and deciphering system of Android platform and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410475391.2A CN104252605B (en) | 2014-09-17 | 2014-09-17 | A kind of file transparent encrypting and deciphering system of Android platform and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104252605A CN104252605A (en) | 2014-12-31 |
CN104252605B true CN104252605B (en) | 2017-03-15 |
Family
ID=52187488
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410475391.2A Active CN104252605B (en) | 2014-09-17 | 2014-09-17 | A kind of file transparent encrypting and deciphering system of Android platform and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104252605B (en) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104539627B (en) * | 2015-01-16 | 2017-02-22 | 努比亚技术有限公司 | Safety access method, device and terminal |
CN104866778A (en) * | 2015-01-30 | 2015-08-26 | 武汉华工安鼎信息技术有限责任公司 | Document safety access control method and device based on Linux kernel |
CN106326733A (en) * | 2015-06-26 | 2017-01-11 | 中兴通讯股份有限公司 | Method and apparatus for managing applications in mobile terminal |
CN105373744A (en) * | 2015-10-29 | 2016-03-02 | 成都卫士通信息产业股份有限公司 | Method for encrypting extended file system based on Linux |
CN107305606A (en) * | 2016-04-20 | 2017-10-31 | 中兴通讯股份有限公司 | The processing method and processing device of application file and the access method of file and device |
CN106060010A (en) * | 2016-05-11 | 2016-10-26 | 广东七洲科技股份有限公司 | Android platform transparent encryption and decryption system |
CN106127078A (en) * | 2016-07-11 | 2016-11-16 | 北京鼎源科技有限公司 | Cryptographic key protection method under a kind of Android environment and system |
CN109145623A (en) * | 2018-08-24 | 2019-01-04 | 深圳竹云科技有限公司 | A kind of equipment Id encryption technology based on Android kernel |
CN109492417A (en) * | 2018-11-13 | 2019-03-19 | 熊予舒 | Data ciphering method and system |
CN110209428B (en) * | 2018-12-28 | 2023-08-29 | 深圳市泰衡诺科技有限公司 | Terminal screen awakening method and device, terminal and storage medium |
CN111062049A (en) * | 2019-11-21 | 2020-04-24 | 视联动力信息技术股份有限公司 | File protection method and device, terminal equipment and storage medium |
CN111079159B (en) * | 2019-12-03 | 2021-04-27 | 北京元心科技有限公司 | Encrypted communication method and system for Hypervisor multi-domain architecture |
CN111143879A (en) * | 2019-12-26 | 2020-05-12 | 厦门市美亚柏科信息股份有限公司 | Android platform SD card file protection method, terminal device and storage medium |
CN112182611A (en) * | 2020-09-27 | 2021-01-05 | 中孚安全技术有限公司 | File transparent encryption and decryption method and system based on Linux kernel layer |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101674575A (en) * | 2009-09-17 | 2010-03-17 | 中兴通讯股份有限公司 | Method for protecting security of mobile communication terminal data and device thereof |
CN103078866A (en) * | 2013-01-14 | 2013-05-01 | 成都西可科技有限公司 | Transparent encryption method for mobile platform |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW591630B (en) * | 2002-06-04 | 2004-06-11 | Key Technology Corp | Data security device of storage medium and data security method |
-
2014
- 2014-09-17 CN CN201410475391.2A patent/CN104252605B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101674575A (en) * | 2009-09-17 | 2010-03-17 | 中兴通讯股份有限公司 | Method for protecting security of mobile communication terminal data and device thereof |
CN103078866A (en) * | 2013-01-14 | 2013-05-01 | 成都西可科技有限公司 | Transparent encryption method for mobile platform |
Non-Patent Citations (1)
Title |
---|
基于Android平台的文件透明加密的设计与实现;唐铭若;《中国优秀硕士论文全文数据库》;20130215(第02期);第I138-905页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104252605A (en) | 2014-12-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104252605B (en) | A kind of file transparent encrypting and deciphering system of Android platform and method | |
US11263020B2 (en) | System and method for wiping encrypted data on a device having file-level content protection | |
CN101853363B (en) | File protection method and system | |
CN101420427B (en) | Cryptographic module selection apparatus | |
CN102254124B (en) | A kind of information of mobile terminal security protection system and method | |
CN101547199B (en) | Electronic document safety guarantee system and method | |
CN105426775B (en) | A kind of method and system for protecting smart mobile phone information security | |
US20110252236A1 (en) | System and method for synchronizing encrypted data on a device having file-level content protection | |
US20130159699A1 (en) | Password Recovery Service | |
US20110252233A1 (en) | System and method for backing up and restoring files encrypted with file-level content protection | |
CN103595730A (en) | Ciphertext cloud storage method and system | |
CN103106372A (en) | Lightweight class privacy data encryption method and system for Android system | |
US7315859B2 (en) | Method and apparatus for management of encrypted data through role separation | |
CN104123506B (en) | Data access method, device, data encryption, storage and access method, device | |
CN101371259A (en) | File management system and method, and mobile terminal | |
CN101827101A (en) | Information asset protection method based on credible isolated operating environment | |
JP2009087035A (en) | Encryption client device, encryption package distribution system, encryption container distribution system, encryption management server device, solftware module management device and software module management program | |
CN103686716A (en) | Android access control system for enhancing confidentiality and integrality | |
CN110489996A (en) | A kind of database data method for managing security and system | |
US20020172363A1 (en) | Data security on a mobile device | |
CN109977039A (en) | HD encryption method for storing cipher key, device, equipment and readable storage medium storing program for executing | |
CN114050915B (en) | Fine granularity authority access synchronization method, device and equipment under isolated network | |
CN105279453B (en) | It is a kind of to support the partitions of file for separating storage management to hide system and method | |
CN108399341B (en) | Windows dual file management and control system based on mobile terminal | |
CN106127078A (en) | Cryptographic key protection method under a kind of Android environment and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20190820 Address after: Room 1009, Building B, Dongshou Software Industrial Park, Yingbin Avenue, Shuyang County, Suqian City, Jiangsu Province Patentee after: SUQIAN XINCHAO INFORMATION TECHNOLOGY CO., LTD. Address before: Zhongshan road Wuzhong District Mudu town of Suzhou city in Jiangsu province 215101 No. 70 Wuzhong Science Park Building 2 room 2310 Patentee before: Nanjing University of Information Science and Technology |
|
TR01 | Transfer of patent right |