Distributed data secret processing system and device based on electronic information
阅读说明:本技术 一种基于电子信息的分布式数据保密处理系统及装置 (Distributed data secret processing system and device based on electronic information ) 是由 何月顺 于 2020-08-24 设计创作,主要内容包括:本发明公开了一种基于电子信息的分布式数据保密处理系统及装置,属于数据处理技术领域,可以实现对数据进行分布式存储和保密,不仅显著降低数据的保密难度,加快保密效率,同时对重要数据实现有效保护,并实时对保密数据进行威胁检测,在访问保密数据时,通过云端授权的方式将权限集中化,并对访问者进行验证考量然后决策授权,向保密数据所分发的多个分布式保密节点下发解密指令,该分布式保密节点针对解密指令对保密数据相应解密,并传输至访问者的介存终端,介存终端具有高保密性可以对数据进行高度防护,并在意外发生时可以自主销毁内部数据,防止保密数据的泄漏,大幅提升保密数据的使用安全性。(The invention discloses a distributed data security processing system and a device based on electronic information, belonging to the technical field of data processing, which can realize distributed storage and security of data, not only remarkably reduce the security difficulty of the data and accelerate the security efficiency, but also effectively protect important data, detect the threat of the secure data in real time, centralize the authority by a cloud authorization mode when accessing the secure data, verify and consider an accessor and then decide the authorization, send a decryption instruction to a plurality of distributed security nodes distributed by the secure data, correspondingly decrypt the secure data by the distributed security nodes aiming at the decryption instruction and transmit the decrypted data to an intermediary terminal of the accessor, the intermediary terminal has high security, can highly protect the data, can independently destroy internal data when an accident happens, and prevent the leakage of the secure data, the use safety of the confidential data is greatly improved.)
1. A distributed data security processing system based on electronic information, comprising a plurality of distributed security nodes (100), characterized in that: the distributed security node (100) comprises a server management module (700) and a double-distributed security module (400), wherein the server management module (700) comprises a state synchronization unit, a domain division management unit, a data processing unit, a data storage unit and a background operation and maintenance unit, a non-difference checking security module (500) is connected between the server management module (700) and the double-distributed security module (400), a communication module (600) is further connected between the server management module (700), the communication module (600) is connected with a security cloud server (200), the security cloud server (200) is connected with a plurality of service terminals and a media terminal (300), and the media terminal (300) comprises a processing unit, an interaction unit, a storage unit, a communication unit and a power supply unit.
2. The distributed data security processing system based on electronic information according to claim 1, wherein: the double-distribution security module (400) comprises an instruction receiving unit, an instruction reading unit, an instruction executing unit and an instruction output unit which are sequentially connected, wherein the instruction receiving unit is further connected with an instruction changing unit and an instruction calling unit.
3. The distributed data security processing system based on electronic information according to claim 2, wherein: the instruction execution unit comprises an encryption instruction, a decryption instruction and a destruction instruction.
4. The distributed data security processing system based on electronic information according to claim 1, wherein: the undifferentiated inspection safety module (500) comprises a daily confidential review unit, a suspicious terminal detection unit, a virus Trojan horse detection unit, an autonomous protection unit and an instruction source authentication unit.
5. The distributed data security processing system based on electronic information according to claim 1, wherein: the security cloud server (200) comprises a cloud application module, a cloud decision module, a cloud authorization module, a cloud communication module, a cloud storage module, a cloud alarm module and a cloud management module.
6. A distributed data security processing device based on electronic information is characterized in that: including the terminal (300) of depositing of mediating, it includes processing unit, interactive unit, memory cell, communication unit and electrical unit to deposit terminal (300) of depositing, interactive unit includes casing (1) and touch screen, embedded circuit control panel (2) of being equipped with in casing (1), and processing unit, memory cell, communication unit and electrical unit all integrate on circuit control panel (2), be connected with a plurality of evenly distributed's economic benefits and social benefits safety ball (3) between casing (1) and circuit control panel (2), and keep vacuum seal state in casing (1), it has heat conduction silica gel (4) to fill between economic benefits and social benefits safety ball (3) and circuit control panel (2).
7. The distributed data security processing apparatus based on electronic information according to claim 6, wherein: double-effect safety ball (3) include one end open-ended heat conduction spherical shell (31), and the opening is towards casing (1) outer edge, the opening in-connection has heat conduction net (33), heat conduction spherical shell (31) in-connection separates flexible membrane (35), separate flexible membrane (35) and separate heat conduction spherical shell (31) for being close to the open-ended vacuum hemisphere and the trigger hemisphere that has the acid solution of packing, trigger hemisphere is close to circuit control board (2) one end and inlays and is connected with trigger composite bed (36), inlay on trigger composite bed (36) and be connected with gas hot stick (32), and gas hot stick (32) run through and separate in flexible membrane (35) extend to the vacuum hemisphere.
8. The distributed data security processing apparatus based on electronic information according to claim 7, wherein: the heat conduction spherical shell (31) is of a composite structure with an interlayer (34) arranged inside, water is filled in the interlayer (34), a waterproof breathable film (38) is connected to one end, close to the opening, of the interlayer (34) in an embedded mode, and an electrifying lead (37) and a positive electrode and a negative electrode which are preset in the interlayer (34) are extended from the circuit control board (2) to be electrically connected.
9. The distributed data security processing apparatus based on electronic information according to claim 7, wherein: the gas heat stick (32) is including self-heating stick (321) and radiation shield (322), and is located the vacuum hemisphere respectively with radiation shield (322) from heat stick (321), it has spontaneous heating material to adhere to on self-heating stick (321), it has heat conduction silk (323) of being connected with self-heating stick (321) to inlay in radiation shield (322), trigger composite bed (36) including hot melt resin layer (361) and thermal-insulated acid-soluble layer (362) of body coupling, and hot melt resin layer (361) and thermal-insulated acid-soluble layer (362) are connected with gas heat stick (32) and circuit control board (2) respectively.
Technical Field
The invention relates to the technical field of data processing, in particular to a distributed data security processing system and device based on electronic information.
Background
"electronic information" is an informatics vocabulary, and its appearance is closely related to the rapid development of computer technology, communication technology and high-density storage technology and its wide application in various fields. Electronic information engineering is a subject of electronic information control and information processing by applying modern technologies such as computers, and mainly researches acquisition and processing of information, design, development, application and integration of electronic equipment and an information system. Electronic information engineering already covers many aspects of society, such as how to process various telephone signals in a telephone exchange, how to transmit data through a network around us, how to keep secret in information transmission of army in the information age, and the like, all relate to application technologies of electronic information engineering.
Distributed database systems typically use smaller computer systems, each of which may be individually located in a single location, each of which may have a complete copy, or a partial copy, of the DBMS, and its own local database, with many computers located at different locations interconnected via a network to form a complete, globally logically centralized, physically distributed, large database.
With the explosive growth of data in the information age and the increasing scale of computer systems, an architecture which deploys all business units on one or a plurality of mainframes in a centralized manner has become unable to meet the rapid development of computer systems, especially large-scale internet systems, and various flexible and changeable system architecture models are developed endlessly. Meanwhile, with the advent of microcomputers, more and more cheap PCs become the first choice for the architecture of each large IT enterprise, and a distributed processing mode is more and more favored by the industry; the centralized system is that one or more host computers form a central distributed security node, data is stored in the central distributed security node in a centralized manner, all service units of the whole system are deployed on the central distributed security node in a centralized manner, and all functions of the system are processed in a centralized manner. That is, in a centralized system, each terminal or client is only responsible for data input and output, and the storage and control processing of data is completely finished by a host; the centralized system has the greatest characteristic of simple deployment structure, and because the centralized system is usually based on a large host with excellent bottom performance, how to deploy a plurality of distributed security nodes for the service does not need to be considered, and the problem of distributed collaboration among the plurality of distributed security nodes does not need to be considered; with the continuous improvement of PC performance and the rapid popularization of network technology, the market share of large hosts becomes smaller and smaller, and many enterprises begin to abandon the original large hosts and build distributed computers by using small computers and ordinary PC servers.
The distributed storage system is used for solving the bottlenecks of capacity, performance and the like of single-machine storage and the problems of usability, expansibility and the like, and provides storage services with high capacity, high performance, high availability and good expansibility for large-scale storage application by dispersedly storing data on a plurality of storage devices. Compared with the conventional distributed storage system, the distributed storage system with the same storage mode has the advantages that the contradiction between data sharing, large data volume accumulation comparison and the distributed storage mode is overcome, so that the safety of the distributed storage system is greatly reduced, the data are easily lost in the transmission and guide process, the distributed storage system is greatly vulnerable due to the lack of special hardware similar to the conventional storage mode, common units are encrypted through an asymmetric encryption algorithm or a symmetric encryption algorithm Hash, the safety performance is low, the leak detection effect cannot be effectively achieved, meanwhile, the common main client built-in system is more and often slow in starting, and the use efficiency of the main client is greatly reduced.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide a distributed data security processing system and a distributed data security processing device based on electronic information, which can realize distributed storage and security of data, wherein the security adopts a coverage ratio form, namely, relevance relation is carried out according to the importance degree of the data, then the data is stored in a partial security mode, so that the security difficulty of the data is obviously reduced, the security efficiency is accelerated, meanwhile, effective protection is realized on important data, threat detection is carried out on the secure data in real time, when accessing the secure data, the authority is centralized in a cloud authorization mode, an accessor is verified and considered and then decision authorization is carried out, a decryption instruction is issued to a plurality of distributed security nodes distributed by the secure data, and the distributed security nodes correspondingly decrypt the secure data according to the decryption instruction, the confidential data is transmitted to the media terminal of the visitor, the media terminal has high confidentiality, can highly protect the data, can autonomously destroy internal data when an accident happens, prevents the leakage of the confidential data, and greatly improves the use safety of the confidential data.
In order to solve the above problems, the present invention adopts the following technical solutions.
A distributed data secrecy processing system based on electronic information comprises a plurality of distributed secrecy nodes, wherein each distributed secrecy node comprises a server management module and a double-distributed secrecy module, each server management module comprises a state synchronization unit, a domain division management unit, a data processing unit, a data storage unit and a background operation and maintenance unit, a non-difference checking safety module is connected between each server management module and the corresponding double-distributed secrecy module, a communication module is further connected between the server management modules, each communication module is connected with a secrecy cloud server, each secrecy cloud server is connected with a plurality of service terminals and a plurality of intermediation terminals, and each intermediation terminal comprises a processing unit, an interaction unit, a storage unit, a communication unit and a power supply unit.
Furthermore, the double-distribution security module comprises an instruction receiving unit, an instruction reading unit, an instruction executing unit and an instruction output unit which are connected in sequence, and the instruction receiving unit is further connected with an instruction changing unit and an instruction calling unit.
Further, the instruction execution unit includes an encryption instruction, a decryption instruction, and a destroy instruction.
Furthermore, the undifferentiated inspection security module comprises a daily secret-related examination unit, a suspicious terminal detection unit, a virus Trojan horse detection unit, an autonomous protection unit and an instruction source authentication unit.
Further, the secret cloud server comprises a cloud application module, a cloud decision module, a cloud authorization module, a cloud communication module, a cloud storage module, a cloud alarm module and a cloud management module.
The distributed data secrecy processing device based on the electronic information comprises the medium storage terminal, wherein the medium storage terminal comprises a processing unit, an interaction unit, a storage unit, a communication unit and a power supply unit, the interaction unit comprises a shell and a touch screen, a circuit control board is embedded in the shell, the processing unit, the storage unit, the communication unit and the power supply unit are all integrated on the circuit control board, a plurality of uniformly distributed double-effect safety balls are connected between the shell and the circuit control board, a vacuum sealing state is kept in the shell, and heat-conducting silica gel is filled between the double-effect safety balls and the circuit control board.
Furthermore, the double-effect safety ball comprises a heat conduction ball shell with an opening at one end, the opening faces the outer edge of the shell, a heat conduction net is connected in the opening, a separation flexible membrane is connected in the heat conduction ball shell and divides the heat conduction ball shell into a vacuum hemisphere close to the opening and a trigger hemisphere filled with an acidic solution, one end, close to the circuit control panel, of the trigger hemisphere is connected with a trigger composite layer in an embedded mode, an air heating rod is connected on the trigger composite layer in an embedded mode and extends into the vacuum hemisphere through the separation flexible membrane, the double-effect safety ball serves as a heat conduction connecting piece in a normal state and can emit heat generated when the circuit control panel works to the outside, when the double-effect safety ball is accidentally lost, when a user illegally dismantles the shell and tries to steal data in the storage unit, air enters the vacuum hemisphere, and the heating characteristic of the air heating rod is utilized, so that the trigger composite layer in the trigger hemisphere is melted, and the acid solution is released to destroy the circuit on the circuit control board, thereby realizing the physical elimination of data.
Further, the heat conduction spherical shell establishes the sandwich composite structure for interior, the interlayer intussuseption is filled with water, the interlayer is close to opening one end and inlays and is connected with waterproof ventilated membrane, extend the circular telegram wire on the circuit control board and predetermine electric connection between the intraformational positive negative pole of clamp, the intraformational water of clamp has higher specific heat capacity, can act as the coolant and carry out effectual cooling to the circuit control board, can pass through remote control's mode simultaneously, to the positive negative pole circular telegram in the interlayer, carry out the electrolysis to water and release oxygen to enter into the action of generating heat that vacuum hemisphere replaced the air and triggered the gas heating rod through waterproof ventilated membrane, can realize for example after the loss under the necessary condition, remote control holds the terminal and carries out the self-destruction, avoids having the phenomenon that the user illegally cracks the stolen data behind the terminal.
Furthermore, the gas-heated rod comprises a self-heating rod and a heat insulation sleeve, the self-heating rod and the heat insulation sleeve are respectively positioned in the vacuum hemisphere and the trigger hemisphere, a self-heating material is attached to the self-heating rod, a heat conduction wire connected with the self-heating rod is embedded in the heat insulation sleeve, the trigger composite layer comprises a hot melt resin layer and a heat insulation acid-soluble layer which are integrally connected, the hot melt resin layer and the heat insulation acid-soluble layer are respectively connected with the gas-heated rod and the circuit control panel, the self-heating material has the characteristic of generating oxidation reaction with air to release heat, the hot melt resin layer can resist acid corrosion but can be melted after absorbing enough heat, the heat insulation acid-soluble layer has a heat insulation effect but is easily subjected to acid corrosion, and the mutual isolation effect is achieved under normal conditions.
Compared with the prior art, the invention has the advantages that:
the scheme can realize distributed storage and confidentiality, the confidentiality adopts a coverage ratio form, namely, correlation relation is carried out according to the importance degree of the data, then the data is stored in a partial confidentiality mode, the confidentiality difficulty of the data is obviously reduced, the confidentiality efficiency is accelerated, meanwhile, the important data is effectively protected, threat detection is carried out on the confidential data in real time, when the confidential data is accessed, the authority is centralized in a cloud authorization mode, an accessor is verified and considered and then makes a decision for authorization, decryption instructions are issued to a plurality of distributed confidentiality nodes distributed by the confidential data, the distributed confidentiality nodes correspondingly decrypt the data aiming at the decryption instructions and transmit the data to an intermediary terminal of the accessor, the intermediary terminal has high confidentiality and can carry out high protection on the data, and the internal data can be independently destroyed when an accident occurs, the leakage of the confidential data is prevented, and the use safety of the confidential data is greatly improved.
Drawings
FIG. 1 is a schematic structural view of the present invention;
FIG. 2 is a block schematic diagram of the present invention;
FIG. 3 is a diagram illustrating an architecture of the media terminal according to the present invention;
FIG. 4 is a schematic structural diagram of the dual-purpose safety ball of the present invention;
fig. 5 is a schematic structural view of a gas heater bar portion according to the present invention.
The reference numbers in the figures illustrate:
the system comprises a shell 1, a
Detailed Description
The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention; it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments, and all other embodiments obtained by those skilled in the art without any inventive work are within the scope of the present invention.
In the description of the present invention, it should be noted that the terms "upper", "lower", "inner", "outer", "top/bottom", and the like indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of description and simplification of description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus should not be construed as limiting the present invention. Furthermore, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "disposed," "sleeved/connected," "connected," and the like are to be construed broadly, e.g., "connected," which may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
- 上一篇:一种医用注射器针头装配设备
- 下一篇:一种USB终端设备