公开(公告)号：US09203614B2

公开(公告)日：2015-12-01

申请号：US14141849

申请日：2013-12-27

Applicant: HUAWEI TECHNOLOGIES CO.,LTD.

Inventor： Jingbin Zhang ,  Chengdong He

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14

CPC classification number: H04L9/083 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/14 ,  H04L63/0471

Abstract: The present invention relates to a method, an apparatus, and a system for protecting cloud data security. A key management center encrypts original data M sent by a first terminal using a key K, and uploads encrypted data C1 to a cloud server. When the key management center receives a request from a second terminal for the data M, it generates encrypted data C2, which is generated by first encrypting C1 with a key Kb of the second terminal and then decrypted by the key K that was used to encrypt the original data M to generate C1. The key management center then sends the encrypted data C2 to the second terminal. The second terminal decrypts the encrypted data C2 using its own key Kb to obtain the original data M.

Abstract translation: 本发明涉及一种保护云数据安全性的方法，装置和系统。 密钥管理中心使用密钥K对由第一终端发送的原始数据M进行加密，并将加密数据C1上传到云服务器。 当密钥管理中心从数据M的第二终端接收到请求时，生成加密数据C2，该加密数据C2通过用第二终端的密钥Kb首先加密C1，然后由用于加密的密钥K进行解密 原始数据M生成C1。 密钥管理中心然后将加密数据C2发送到第二终端。 第二终端使用其自己的密钥Kb解密加密数据C2以获得原始数据M.