CN104252605B - A kind of file transparent encrypting and deciphering system of Android platform and method - Google Patents

A kind of file transparent encrypting and deciphering system of Android platform and method Download PDF

Info

Publication number
CN104252605B
CN104252605B CN201410475391.2A CN201410475391A CN104252605B CN 104252605 B CN104252605 B CN 104252605B CN 201410475391 A CN201410475391 A CN 201410475391A CN 104252605 B CN104252605 B CN 104252605B
Authority
CN
China
Prior art keywords
file
key
user
encryption
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410475391.2A
Other languages
Chinese (zh)
Other versions
CN104252605A (en
Inventor
王金伟
张正宇
赵波
徐凌云
周宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SUQIAN XINCHAO INFORMATION TECHNOLOGY CO., LTD.
Original Assignee
Nanjing University of Information Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Information Science and Technology filed Critical Nanjing University of Information Science and Technology
Priority to CN201410475391.2A priority Critical patent/CN104252605B/en
Publication of CN104252605A publication Critical patent/CN104252605A/en
Application granted granted Critical
Publication of CN104252605B publication Critical patent/CN104252605B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0484Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Abstract

The invention discloses a kind of file transparent encipher-decipher method of Android platform, comprises the following steps:Select to need the path of document to be protected place file and arrange password;According to path and the password of user input, encryption path catalogue listing and authentication file is generated respectively;Scanning encryption path catalogue listing, if opening operating system for the first time, will carry out first time initialization encryption to agent-protected file according to list item, then carry out next step;When user's triggering unblock screen event, then receive the pass phrase of user input, pass phrase is carried out to compare with the authentication file of generation in step 2 after hash algorithm computing, if it does not match, unblock failure;If it does, then pass phrase is carried out sha1 algorithms generates key, the key is stored;Key is called to can achieve to carry out encryption and decryption to file;The invention also discloses a kind of file transparent encrypting and deciphering system of Android platform, little to user operation interference on the premise of realize the protection to file.

Description

A kind of file transparent encrypting and deciphering system of Android platform and method
Technical field
The present invention relates to field of information security technology, the file transparent encrypting and deciphering system of particularly a kind of Android platform And method.
Background technology
With the fast development of information age, internet deepen continuously popular life and work every aspect, become not The part that can or lack.The popularization of computer application and the development of internet and movable storage device, former paper document by Gradually it is changed into electronics, e-file has small volume, checks many advantages such as convenient, while the easy change of e-file, easily The characteristic of propagation, can also badly influence e-file storage and the security for exchanging.
Transparent encryption technology is to develop a kind of more rapid file ciphering technology in recent years.So-called transparent, refer to for Authorized user, encryption process are automatically performed, and realize that principle is in disk to deposit file with encrypted test mode, during reading certainly Dynamic decryption, is saved in internal memory, after user has changed the copy in internal memory, then encrypts automatically and write back disk.In Windows thoroughly Bright encryption realizes that technology mainly has two classes:The hook transparent encryption technology of client layer and the filtration drive encryption technology of inner nuclear layer, And the realization of inner nuclear layer is realized better than client layer in performance, compatibility and stability, while technical difficulty is also compared with client layer Realize big.
The android system being based on is embodied using the linux kernel that is cut out for embedded device, its design The thought of Structured Design, with very strong level, from bottom to user interface, level mainly includes:Linux kernel, HAL (hardware abstraction layer), system services layer, application framework layer and application program.The operation of the file system of linux kernel is by having Several groups of operation tables of body file system maintenance are provided, and its list item is function pointer, points to specific operation code.Transparent encryption needs Change the behavior of certain operations (such as read-write operation).It is demonstrated experimentally that only replacement operation table is technically feasible, but system is caused to tie Structure is chaotic, maintainable and poor expandability.Stacking-type file system is a kind of incremental development pattern, for expanding original text The function of part system.Code of the which without modification original file system, but cover it, filter the operation such as read-write, During add the processing method of oneself, such as encrypt and compress etc., to strengthen the function of original file system.The model is by Erez Zadok is proposed, and is included FiST frameworks and is constructed such file system to facilitate.Due to FiST framework establishments in 2 years it Before, lack maintenance, and only support 2.4 to 2.6 kernel version.
The thought of PC file protecting system is directly applied and is being moved by existing part Android file protecting systems On dynamic equipment, the difference of platform is have ignored:Mobile device mainly emphasizes Consumer's Experience, not exclusively functional realiey.These files Protection system frequently requires user input password, selects encryption and decryption file, reduces the convenience degree of equipment.On the other hand, existing The transparent encrypting and deciphering system having, reduces the impact to user operation habits, but protects work not comprehensive:Such as due to authority Problem can not protect particular category, it is impossible to protect the file (and important deposit position of SD card regular user data) in SD card; Or the file of certain specified format can only be protected;Or it is low to system conjugation vulnerable;Or compatibility and autgmentability Low, such as can only support section particular version system.
Content of the invention
The technical problem to be solved is to overcome the deficiencies in the prior art and provide a kind of text of Android platform The transparent encrypting and deciphering system of part and method, the present invention realize technology using stacking-type file system, using to the greatest extent may be used with reference to frequency locking interface Impact of the energy minimizing to user operation, operating system of combining closely itself, realization is externally obstructed, internally nothing serious, and encryption and decryption is protected Shield.
The present invention is employed the following technical solutions for solving above-mentioned technical problem:
According to a kind of file transparent encipher-decipher method of Android platform proposed by the present invention, comprise the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to protected according to list item File carries out first time initialization encryption, then carries out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, pass phrase carried out Compare with the authentication file of generation in step 2 after hash algorithm computing:If it does not match, unblock failure;If Coupling, then be converted into key by pass phrase using sha1 algorithms, the key stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, work as user Write request is sent, the key-pair file stored by invocation step four is encrypted;When user sends read request, key is called to text Part is decrypted;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
As a kind of scheme for further optimizing of the file transparent encipher-decipher method of Android platform of the present invention, institute Hash algorithm is stated for MD5 hash algorithms.
According to a kind of file transparent encrypting and deciphering system of Android platform proposed by the present invention, including line module and interior Core module, line module include that dispensing unit and screen locking unit, kernel module include key management unit unit and stacking-type file System unit;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu path Table, the password generate first key through sha1 algorithms and are stored;Authentication file is input into key management unit unit, encryption Directory path table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using carrying out with authentication file after hash algorithm computing Match somebody with somebody:Unblock failure if mismatching;If coupling is consistent while lock screen is solved, pass phrase is converted using shal algorithms Stored into the second key, when screen locking unit screen locking, removed the second key;
Stacking-type file system elements, open operating system when first time, call the when receiving encryption menu routing table The file in catalogue corresponding to one key pair encryption directory path table carries out initialization encryption;And it is covered in operating system support And on the All Files system of carry, the second key in key management unit is called when user sends read request, to file It is decrypted;The second key in key management unit is called when user sends write request, and file is encrypted.
As a kind of scheme for further optimizing of the file transparent encrypting and deciphering system of Android platform of the present invention, institute The strategy for stating user's formulation also includes whether to enable encrypting and deciphering system.
As a kind of scheme for further optimizing of the file transparent encrypting and deciphering system of Android platform of the present invention, institute Hash algorithm is stated for MD5 hash algorithms.
The present invention adopts above technical scheme compared with prior art, with following technique effect:(1)The present invention utilizes heap Stacked file systems realize technology, reduce the impact to user operation as far as possible using with reference to frequency locking interface, operation of combining closely System itself, encryption and decryption protection that realization is externally obstructed, internally nothing serious;(2)Protection Android terminal user stores in a device Private data, while not changing user operation habits, do not affect Consumer's Experience;(3)From kernel level cipher mode, strengthen system System security and encryption and decryption efficiency, are tightly combined with system, and anti-attack ability is strong, with higher security;Due to system core Heart encryption/decryption module is operated in the bottom, and is top with the interface of user mutual, and system setup middleware aids in kernel mould Block and the communication of upper layer application;By JNI (Java local IP access interfaces) and interlayer communication, intermediate layer is again by ioctl's Mode completes to communicate with kernel module;(4)The present invention can support the 3.x kernels that currently a popular Android4.x is used, this System design document system, reads in file and is processed in write operation, and other file operations are directly directed to bottom Layer file system, flexibly easily transplants;(5)Encryption and decryption is transparent to user, little to user operation interference, and Consumer's Experience is good;It is easy to portion Administration and transplanting;There is higher performance;File format is not differentiated between, user can be used to encrypt any form of file;Do not differentiate between and deposit Storage space is put, and can encrypt information in application program of mobile phone information and storage expansion card, realize the protection to SD card file data.
Description of the drawings
Fig. 1 is the interaction of each intermodule of the system.
Fig. 2 is transparent encryption and decryption file system fundamental diagram of the invention.
Fig. 3 is the schematic diagram between upper strata stack encryption and decryption file system and lower floor's actual file system.
Fig. 4 is screen locking cell operation flow chart.
Specific embodiment
Below in conjunction with the accompanying drawings technical scheme is described in further detail:
A kind of file transparent encipher-decipher method of Android platform, comprises the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to protected according to list item File carries out first time initialization encryption, then carries out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, pass phrase carried out Compare with the authentication file of generation in step 2 after hash algorithm computing:If it does not match, unblock failure;If Coupling, then be converted into key by pass phrase using sha1 algorithms, the key stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, work as user Write request is sent, the key-pair file stored by invocation step four is encrypted;When user sends read request, key is called to text Part is decrypted;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
The hash algorithm is MD5 hash algorithms.
It is the interaction of each intermodule of the system as shown in Figure 1, a kind of file transparent encryption and decryption of Android platform System, including line module and kernel module, line module includes that dispensing unit and screen locking unit, kernel module include key pipe Reason device unit and stacking-type file system elements;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu path Table, the password generate first key through sha1 algorithms and are stored;Authentication file is input into key management unit unit, encryption Directory path table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using carrying out with authentication file after hash algorithm computing Match somebody with somebody:Unblock failure if mismatching;If coupling is consistent while lock screen is solved, pass phrase is converted using shal algorithms Stored into the second key, when screen locking unit screen locking, removed the second key;
Stacking-type file system elements, open operating system when first time, call the when receiving encryption menu routing table The file in catalogue corresponding to one key pair encryption directory path table carries out initialization encryption;And it is covered in operating system support And on the All Files system of carry, the second key in key management unit is called when user sends read request, to file It is decrypted;The second key in key management unit is called when user sends write request, and file is encrypted.
The strategy that the user formulates also includes whether to enable encrypting and deciphering system.The hash algorithm is MD5 hash algorithms.
Fig. 2 is transparent encryption and decryption file system fundamental diagram of the invention.Read the process of agent-protected file:If user For unauthorized user(User without locking screen interface authentication), operation failure.For authorized user, then transmit read request To underlying file system, the file content for returning is obtained, now content is ciphertext.To key management unit unit requests key, profit Ciphertext is decrypted with the key.The plaintext of acquisition is copied to user's space from kernel spacing.
Modification corresponding document attribute, completes read operation.
The process of write agent-protected file:If user is unauthorized user(Use without locking screen interface authentication Family), operation failure.
For authorized user, key is asked, using buffering zone encryption that the data that user's space is transmitted by key are located.
Buffer contents are delivered to underlying file system, disk is written to by which.
Modification corresponding document attribute, completes write operation.
File system module is registered to kernel, needs the file system operation method that realizes to have:Superblock method of operating, section Point method of operating, file operation method.
The system file system forms a stack architecture, and topmost paper system is exactly the stacking-type encryption and decryption file of exploitation System.Underlying file system is actual file system(But it could also be possible that another stacking-type file system, if the storehouse File system is enough " transparent ", it is also possible to think actual file system).
As topmost paper system depends on the method for operating and data structure of underlying file system, so the first step answers structure Build the relation between levels file system data structures.
It is the schematic diagram between upper strata stack encryption and decryption file system and lower floor's actual file system as shown in Figure 3, with As a example by file structures:Here upper_file is the object of this layer of file system, and lower_file is corresponding lower floor The object of file system.Both are contacted by the private_date pointers of upper_file.Upper_ is called during file operation The function in file_ops file operation tables in file.Because at the operation requests for issuing stacking-type file system upper strata are passed through After reason, lower floor can be passed to.Specifically, the function in upper strata file_ops operations table can call corresponding in lower floor's file_ops tables Function.Similar, dentry, inode and address_space structure of this layer of file system, with underlying file system Respective data structures contact, transmit respective operation requests.
The structure of relation between levels key data structure is completed, is that following operation lays the foundation.
In addition to file read-write operations, the work of remaining paper system operatio is only to call the corresponding letter of underlying file system Number, or universal function is used, to realize that " passes through ".If desired, will also update underlying file system data structure The domain of dependence, such as file access time, file current read position etc..As a example by reading catalogue file:Now levels file system System relation builds and completes, since it is desired that calling the operation of underlying file system, is searched out and this layer by the relation first Data structure lower_file of the corresponding underlying file systems of file.The mesh that lower_file is read by VFS layers general purpose function Record information.Here directory information is the directory information of underlying file system, but due to processing to the operation, can be with Directory information directly as this layer is returned.VFS_readdir can automatically update the access of lower_file after having read information Time, but the file access times on upper strata need renewal manually.Synchronization is reached here by copy underlying file access information Both purposes.
It is similar that remaining needs " to realize by the file operation of ".
As follows to file read-write operations particular content:After calling underlying file systems to read in data, content is returned To before user's space, buffering area is decrypted.Equally, in write operation, before underlying file systems write operation is called, Encrypted buffer area.
Wherein encryption process can be realized using kernel encryption and decryption framework, to save space-time expense, reduce development cost.
The realization of dispensing unit:Tactful configuration interface is the system control core. above, content of the invention one is saved its function Description has been given.It safeguards two files:For the password md5 files that compare during authentication and encryption menu list file.It As common Android application programs, but need to hold administrator right, automatic when needing to start shooting, then scanning encryption Catalogue listing, one by one for table in catalogue carry encryption and decryption file system.
The realization of kernel key management unit unit:
Kernel key management unit unit, effect are similar to and kernel key ring.Which is not because using kernel key ring directly Excessively complicated, the limited time resource of embedded device and space resources of kernel occupancy should be reduced as far as possible.The close manager of kernel Mainly can be by the global buffer of other module accesses, for depositing key including one.The module is directly locked with application layer Screen interface is communicated by ioctl modes.It is to receive from the close of user input to define TRANSPARENT_IOCAUTHEN orders Code, after md5 computings, is compared with the authentication file that locally deposits, and returns and be verified if consistent, and will be close Code is converted into 128bit keys through sha1 computings and is stored in global buffer.TRANSPARENT_ is defined simultaneously The task of removing key in key management unit for completing is needed when IOCCLEARKEY orders are lock screen.
Fig. 4 is screen locking cell operation flow chart.The realization of screen locking unit:The password that screen locking application receives user input is short Language, and read the switching value for whether opening encryption and decryption service.
These information are copied into kernel spacing, and pass phrase is hashed algorithm calculating here, with authentication file The MD5 values of middle storage compare to confirm user identity.Such as do not correspond, then prompting unblock failure, user can carry out tasting for limited number of time Examination;If be consistent, turn next step.
If authentication success, judge whether the switching value for opening encryption and decryption service;If service is not turned on, turn Next step;If service is opened, key is entered line translation and is stored in key management unit, execute next step.
Solution lock screen.
Screen locking unit provides the set of controls of two and user mutual:Code input control group and a binary switch.The former For recording the key of user input, the latter determines it is only to unlock mobile phone operating system or i.e. unblock operating system and unlock again to add Ciphertext part.Screen locking unit itself only receives and cache user password, not responsible authentication.It is in security consideration, authentication Completed by kernel cipher key management unit.Screen locking unit is communicated with intermediate layer dynamic base by JNI (Java local IP access interfaces), in Key is delivered to kernel spacing from user's space by way of ioctl and kernel communication by interbed.Consider trial edition system The user of system is divided into two kinds of mobile phone operating system customization business and personal user, so JNI deployment both can be carried in application framework layer For upper strata calling interface, it is employed routine call as system API, or is extended by third party application, accomplishes and system Combine closely, program loading can be employed as independent dynamic library file using direct compilation again so that personal user disposed It is the message that is transmitted with BroadCast forms that screen locking is conciliate in the simple and convenient screen locking in android system of journey.The system screen locking should The message is monitored with module, corresponding process is made.OpenScreen and closeScreen in code is unblock/screen of unlocking The action executed during curtain, mainly calls JNI interfaces, and unblock is to complete authentication and key transmission, removes key during screen locking.
Specific embodiments described above, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect Detailed description, be should be understood that the foregoing is only specific embodiments of the present invention, be not limited to this Bright scope, any those skilled in the art, the equivalent that is made on the premise of the design without departing from the present invention and principle Change and modification, all should belong to the scope of protection of the invention.

Claims (5)

1. the file transparent encipher-decipher method of a kind of Android platform, it is characterised in that comprise the following steps:
Step one, selection need the path of document to be protected place file and arrange password;
Step 2, the path according to user input and password, generate encryption path catalogue listing and authentication file respectively;
Step 3, scanning encryption path catalogue listing, if opening operating system for the first time, will be to agent-protected file according to list item First time initialization encryption is carried out, the key for being used is first key, and first key is the password during user is generated strategy Generate through shal algorithms, then carry out next step;
Step 4, when user triggering unblock screen event, then receive the pass phrase of user input, Hash carried out to pass phrase Compare with the authentication file of generation in step 2 after algorithm computing:If it does not match, unblock failure;If Match somebody with somebody, then pass phrase is converted into key using sha1 algorithms, the key is stored;
Step 5, when user access file when, if operation file or catalogue in encryption path catalogue listing, when user sends Write request, the key-pair file stored by invocation step four are encrypted;When user sends read request, key-pair file is called to enter Row decryption;
Step 6, the key simultaneously screen locking for when user triggers lock-screen event, then removing storage.
2. the file transparent encipher-decipher method of a kind of Android platform according to claim 1, it is characterised in that described Hash algorithm is MD5 hash algorithms.
3. the file transparent encrypting and deciphering system of a kind of Android platform, including line module and kernel module, it is characterised in that Line module includes that dispensing unit and screen locking unit, kernel module include key management unit unit and stacking-type file system list Unit;Wherein,
Dispensing unit, generates strategy for receive user, and strategy includes password, authentication file, encryption menu routing table, should Password generates first key through sha1 algorithms and is stored;Authentication file is input into key management unit unit, encryption menu Routing table is input into stacking-type file system elements;
Screen locking unit, the pass phrase of user input is exported to key management unit unit;
Key management unit unit, for by pass phrase using being mated with authentication file after hash algorithm computing:If Mismatch then unblock failure;If coupling is consistent while lock screen is solved, pass phrase is converted into the using shal algorithms Two keys are stored, and when screen locking unit screen locking, remove the second key;
Stacking-type file system elements, open operating system when first time, call first close when receiving encryption menu routing table Key carries out initialization encryption to the file in the catalogue corresponding to encryption menu routing table;And be covered in operating system and support and hang On the All Files system of load, the second key in key management unit is called when user sends read request, file is carried out Decryption;The second key in key management unit is called when user sends write request, and file is encrypted.
4. the file transparent encrypting and deciphering system of a kind of Android platform according to claim 3, it is characterised in that described The strategy that user formulates also includes whether to enable encrypting and deciphering system.
5. the file transparent encrypting and deciphering system of a kind of Android platform according to claim 3, it is characterised in that described Hash algorithm is MD5 hash algorithms.
CN201410475391.2A 2014-09-17 2014-09-17 A kind of file transparent encrypting and deciphering system of Android platform and method Active CN104252605B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410475391.2A CN104252605B (en) 2014-09-17 2014-09-17 A kind of file transparent encrypting and deciphering system of Android platform and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410475391.2A CN104252605B (en) 2014-09-17 2014-09-17 A kind of file transparent encrypting and deciphering system of Android platform and method

Publications (2)

Publication Number Publication Date
CN104252605A CN104252605A (en) 2014-12-31
CN104252605B true CN104252605B (en) 2017-03-15

Family

ID=52187488

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410475391.2A Active CN104252605B (en) 2014-09-17 2014-09-17 A kind of file transparent encrypting and deciphering system of Android platform and method

Country Status (1)

Country Link
CN (1) CN104252605B (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104539627B (en) * 2015-01-16 2017-02-22 努比亚技术有限公司 Safety access method, device and terminal
CN104866778A (en) * 2015-01-30 2015-08-26 武汉华工安鼎信息技术有限责任公司 Document safety access control method and device based on Linux kernel
CN106326733A (en) * 2015-06-26 2017-01-11 中兴通讯股份有限公司 Method and apparatus for managing applications in mobile terminal
CN105373744A (en) * 2015-10-29 2016-03-02 成都卫士通信息产业股份有限公司 Method for encrypting extended file system based on Linux
CN107305606A (en) * 2016-04-20 2017-10-31 中兴通讯股份有限公司 The processing method and processing device of application file and the access method of file and device
CN106060010A (en) * 2016-05-11 2016-10-26 广东七洲科技股份有限公司 Android platform transparent encryption and decryption system
CN106127078A (en) * 2016-07-11 2016-11-16 北京鼎源科技有限公司 Cryptographic key protection method under a kind of Android environment and system
CN109145623A (en) * 2018-08-24 2019-01-04 深圳竹云科技有限公司 A kind of equipment Id encryption technology based on Android kernel
CN109492417A (en) * 2018-11-13 2019-03-19 熊予舒 Data ciphering method and system
CN110209428B (en) * 2018-12-28 2023-08-29 深圳市泰衡诺科技有限公司 Terminal screen awakening method and device, terminal and storage medium
CN111062049A (en) * 2019-11-21 2020-04-24 视联动力信息技术股份有限公司 File protection method and device, terminal equipment and storage medium
CN111079159B (en) * 2019-12-03 2021-04-27 北京元心科技有限公司 Encrypted communication method and system for Hypervisor multi-domain architecture
CN111143879A (en) * 2019-12-26 2020-05-12 厦门市美亚柏科信息股份有限公司 Android platform SD card file protection method, terminal device and storage medium
CN112182611A (en) * 2020-09-27 2021-01-05 中孚安全技术有限公司 File transparent encryption and decryption method and system based on Linux kernel layer

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674575A (en) * 2009-09-17 2010-03-17 中兴通讯股份有限公司 Method for protecting security of mobile communication terminal data and device thereof
CN103078866A (en) * 2013-01-14 2013-05-01 成都西可科技有限公司 Transparent encryption method for mobile platform

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW591630B (en) * 2002-06-04 2004-06-11 Key Technology Corp Data security device of storage medium and data security method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674575A (en) * 2009-09-17 2010-03-17 中兴通讯股份有限公司 Method for protecting security of mobile communication terminal data and device thereof
CN103078866A (en) * 2013-01-14 2013-05-01 成都西可科技有限公司 Transparent encryption method for mobile platform

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于Android平台的文件透明加密的设计与实现;唐铭若;《中国优秀硕士论文全文数据库》;20130215(第02期);第I138-905页 *

Also Published As

Publication number Publication date
CN104252605A (en) 2014-12-31

Similar Documents

Publication Publication Date Title
CN104252605B (en) A kind of file transparent encrypting and deciphering system of Android platform and method
US11263020B2 (en) System and method for wiping encrypted data on a device having file-level content protection
CN101853363B (en) File protection method and system
CN101420427B (en) Cryptographic module selection apparatus
CN102254124B (en) A kind of information of mobile terminal security protection system and method
CN101547199B (en) Electronic document safety guarantee system and method
CN105426775B (en) A kind of method and system for protecting smart mobile phone information security
US20110252236A1 (en) System and method for synchronizing encrypted data on a device having file-level content protection
US20130159699A1 (en) Password Recovery Service
US20110252233A1 (en) System and method for backing up and restoring files encrypted with file-level content protection
CN103595730A (en) Ciphertext cloud storage method and system
CN103106372A (en) Lightweight class privacy data encryption method and system for Android system
US7315859B2 (en) Method and apparatus for management of encrypted data through role separation
CN104123506B (en) Data access method, device, data encryption, storage and access method, device
CN101371259A (en) File management system and method, and mobile terminal
CN101827101A (en) Information asset protection method based on credible isolated operating environment
JP2009087035A (en) Encryption client device, encryption package distribution system, encryption container distribution system, encryption management server device, solftware module management device and software module management program
CN103686716A (en) Android access control system for enhancing confidentiality and integrality
CN110489996A (en) A kind of database data method for managing security and system
US20020172363A1 (en) Data security on a mobile device
CN109977039A (en) HD encryption method for storing cipher key, device, equipment and readable storage medium storing program for executing
CN114050915B (en) Fine granularity authority access synchronization method, device and equipment under isolated network
CN105279453B (en) It is a kind of to support the partitions of file for separating storage management to hide system and method
CN108399341B (en) Windows dual file management and control system based on mobile terminal
CN106127078A (en) Cryptographic key protection method under a kind of Android environment and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20190820

Address after: Room 1009, Building B, Dongshou Software Industrial Park, Yingbin Avenue, Shuyang County, Suqian City, Jiangsu Province

Patentee after: SUQIAN XINCHAO INFORMATION TECHNOLOGY CO., LTD.

Address before: Zhongshan road Wuzhong District Mudu town of Suzhou city in Jiangsu province 215101 No. 70 Wuzhong Science Park Building 2 room 2310

Patentee before: Nanjing University of Information Science and Technology

TR01 Transfer of patent right