CN113114615A - Device, system, method, storage medium, and program product for preventing data hijacking - Google Patents
Device, system, method, storage medium, and program product for preventing data hijacking Download PDFInfo
- Publication number
- CN113114615A CN113114615A CN202110201713.4A CN202110201713A CN113114615A CN 113114615 A CN113114615 A CN 113114615A CN 202110201713 A CN202110201713 A CN 202110201713A CN 113114615 A CN113114615 A CN 113114615A
- Authority
- CN
- China
- Prior art keywords
- server
- evidence
- forensics
- module
- electronic data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 230000008569 process Effects 0.000 claims abstract description 23
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000012550 audit Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 4
- 230000002265 prevention Effects 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 239000000470 constituent Substances 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 210000000056 organ Anatomy 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present disclosure provides a device for preventing data hijacking, the device is connected with a central server, and the device accesses evidence through a forensics server, the communication between the device and the forensics server is encrypted, the device includes: the request module sends an access request to the evidence obtaining server through an encrypted channel when the evidence is accessed, and enables the evidence obtaining server to access the evidence according to the request; a receiving module that receives electronic data obtained by accessing evidence from the forensics server through an encrypted channel; a signature module that generates signature information based on the obtained electronic data; and the sending module is used for sending the signature information to the central server. According to the present disclosure, the integrity, authenticity and reliability in the forensics process can be ensured.
Description
Technical Field
The present disclosure relates to a device, system and method for preventing data hijacking. And more particularly, to an apparatus, system, method, storage medium, and program product for ensuring the integrity, authenticity, and reliability of mobile terminal forensics when the forensics are performed by the mobile terminal.
Background
In recent years, along with the rapid development of computer and internet technologies, various disputes caused by tampering or questioning the effectiveness of electronic data have increased, and some electronic data security products and methods have come to be introduced in the market. But the existing electronic data security products and methods are still not perfect in reliability and safety. As a technique for ensuring reliability and security, a block chain, a hash value, a time stamp (timestamp), and the like can be exemplified. By applying these techniques to products and services for electronic data security, reliability and security of electronic data security can be improved.
However, in the existing electronic data security products and services, the reliability and security of the whole process of electronic data security cannot be reliably ensured. In other words, it is not ensured that the electronic data is not tampered with, and the authenticity of the electronic data cannot be confirmed, which affects the legal effectiveness of the security result. In addition, existing security products and services for electronic data do not adequately ensure that the security process for electronic data is not intentionally forged or tampered with when one wishes to forge the electronic data.
When actually examining the authenticity of the electronic evidence, the judge organ will generally combine the following factors to judge comprehensively: whether the hardware and software environment of a computer system on which the electronic data is generated, stored and transmitted is complete and reliable or not; whether the hardware and software environment of a computer system on which the electronic data is generated, stored and transmitted is in a normal operation state or not has influence on the generation, storage and transmission of the electronic data when the hardware and software environment of the computer system is not in the normal operation state; whether hardware and software environments of a computer system, on which electronic data is generated, stored and transmitted, have effective error-preventing monitoring and checking means; whether the electronic data is completely stored, transmitted and extracted and whether the methods of storage, transmission and extraction are reliable or not; whether electronic data is formed and stored in normal traffic; whether the main body for storing, transmitting and extracting the electronic data is appropriate or not; other factors that affect the integrity and reliability of electronic data.
Therefore, the factors to be considered when judging the authenticity of the electronic evidence are many because the electronic evidence is easy to forge and tamper. The existing electronic evidence security products and services are difficult to fully meet the requirement.
In particular, existing security products and services for electronic data do not recognize that the user may be hijacked when accessing the network using the app of the mobile electronic device.
Disclosure of Invention
According to one aspect of the present disclosure, there is provided a device for preventing data hijacking, the device being connected to a central server, wherein the device accesses evidence through a forensics server, and wherein communication between the device and the forensics server is encrypted, the device comprising: the request module sends an access request to the evidence obtaining server through an encrypted channel when the evidence is accessed, and enables the evidence obtaining server to access the evidence according to the request; a receiving module that receives electronic data obtained by accessing evidence from the forensics server through an encrypted channel; a signature module that generates signature information based on the obtained electronic data; and the sending module is used for sending the signature information to the central server.
According to one aspect of the present disclosure, there is provided a method for preventing data hijacking for a device connected to a central server, wherein the device accesses evidence through a forensics server, wherein communication between the device and the forensics server is encrypted, the method comprising: when accessing the network, sending an access request to the evidence obtaining server through an encrypted channel, and enabling the evidence obtaining server to access the evidence according to the request; a step of receiving electronic data obtained by accessing evidence from the forensic server through an encrypted channel; a step of generating signature information based on the obtained electronic data; and a step of transmitting the signature information to the center server.
According to an aspect of the present disclosure, there is provided a computer storage medium characterized by computer instructions stored thereon that, when executed, cause an apparatus to perform any of the methods described above.
According to an aspect of the present disclosure, there is provided a computer program product stored in a computer storage medium and having computer instructions that, when executed, cause an apparatus to perform any of the methods described above.
According to the present disclosure, the integrity, authenticity and reliability in the forensics process can be ensured.
Drawings
Fig. 1 is a block diagram of an embodiment of the present disclosure.
Fig. 2 is a block diagram of constituent modules of the terminal 101 of the present disclosure.
Detailed Description
Preferred embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While the preferred embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms without being limited to the embodiments described herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.
The term "include" and variations thereof as used herein is meant to be inclusive in an open-ended manner, i.e., "including but not limited to". Unless specifically stated otherwise, the term "or" means "and/or". The term "based on" means "based at least in part on". The terms "one example embodiment" and "one embodiment" mean "at least one example embodiment". The term "another embodiment" means "at least one additional embodiment". The terms "first," "second," and the like may refer to different or the same objects, are used for descriptive purposes only, and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. Other explicit and implicit definitions are also possible below.
The order of sequence of method steps set forth herein does not necessarily imply that the method must be performed in the order in which the steps occur. The order of steps should be limited only if one of ordinary skill in the art (e.g., a programmer) would explicitly recognize, upon reading this disclosure, that the steps of a technique should be performed in a particular order. In modern computer systems, method steps may be performed in parallel, or in a different order than presented herein, as desired.
Fig. 1 is a schematic diagram of an embodiment of the present disclosure. The data hijack prevention system comprises a terminal 101, a forensics server 201, a central server 202 and an auditing server 203, and further comprises an evidence 301. The terminal 101 and the center server 202 are connected via a wired network and/or a wireless network, so that signature information of electronic data acquired by the terminal 101 can be transmitted to the center server 202. The terminal 101 accesses the evidence 301 through the forensics server 201. The forensics server 201 is connected with the auditing server 203 through a wired network and/or a wireless network, so that the auditing server 203 audits the forensics process of the forensics server 201 (for example, communication with the terminal 101).
The terminal 101 may be a general-purpose computer, a special-purpose computer, a mobile phone, a tablet computer, a notebook computer, an Ultra Mobile Personal Computer (UMPC), a netbook, a Personal Digital Assistant (PDA), or other electronic devices. The terminal 101 may include an input device, a processing unit, a storage unit, and a display device. The input device is a device for inputting code by a developer and may be a trackball, mouse, keyboard, microphone, scanner, touch screen device, sensing device, or any other device and any combination thereof. The processing unit is a unit that processes data and may be an Application Processor (AP), a modem processor, a Graphics Processor (GPU), an Image Signal Processor (ISP), a controller, a memory, a video codec, a Digital Signal Processor (DSP), a baseband processor, a neural Network Processor (NPU), or any other unit and any combination thereof. The memory unit is a tangible device that stores instructions for use by the processing unit and may be an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, and any combination thereof. More specific examples include: a portable computer diskette, a hard disk, a flash memory, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a U disk, a memory stick, a Secure Digital (SD) card, a micro SD card, a floppy disk, a mechanical coding device, such as a punch card or an in-groove raised structure having instructions stored thereon, and any combination thereof. The display device is a device for displaying an input code, and may be a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display device, a Cathode Ray Tube (CRT) display device, a projector, or any other device or any combination thereof.
The forensics server 201, the central server 202 and the auditing server 203 may be any network hosts such as a file server, a database server, an application server, a Web server and the like which manage resources and provide services for users, may also be a server cluster formed in a centralized or distributed manner, and may also be a network virtual server. The architecture and the shape of the server are not particularly limited, and may be, for example, a tower server, a rack server, a blade server, a rack server, or the like. The forensics server 201, the central server 202 and the auditing server 203 may be three physically independent servers, or may be one or more integrated servers capable of implementing the above-mentioned 3 functions.
Conventionally, when a user acquires various types of evidence 301, the terminal 101 directly acquires the evidence 301. The evidence 301 may be acquired in various ways, for example, corresponding electronic data may be generated for electronic evidence, or corresponding electronic data may be generated for physical evidence (for example, a document, a picture, a video, etc. in which electronic evidence or physical evidence is recorded). The terminal 101 generates signature information, which can be obtained by signing electronic data in various ways, based on the electronic data of the acquired evidence 301, and transmits the signature information to the center server 202. The center server 202 stores the signature information received from the terminal 101 for future use. For example, the central server 202 may package the signature information with the system time and/or other information with a private key as a certificate and send the certificate to the user as proof.
The prior evidence obtaining method has the following problems: when a user performs forensics using the forensics app of the terminal 101, it is possible to forge the proof by modifying a network packet, DNS, or the like. In other words, when the user acquires the evidence 301 through the forensic app of the terminal 101, traffic in the process may be hijacked, resulting in that the signature information returned by the user to the central server 202 may not be based on the evidence 301. If the forensic process is contaminated, it is difficult to ensure the integrity, authenticity and reliability of the entire forensic process.
The present disclosure provides a novel forensic system and method, storage medium, and program product capable of preventing data from being hijacked based on a previous forensic operation method, and the specific operations thereof are as follows.
Fig. 2 is a block diagram of constituent modules of the terminal 101 of the present disclosure. The terminal 101 includes: a requesting module 1011, a receiving module 1012, a signing module 1013, and a sending module 1014.
The terminal 101 used by the user accesses the proof 301 through the forensics server 201, and the communication between the forensics server 201 and the terminal 101 is encrypted, thereby preventing the communication between the terminal 101 and the forensics server 201 from being hijacked. Further, in the present disclosure, the terminal 101 does not directly access the evidence 301, but requests the forensics server 201 to access the evidence 301 by using the request module 1011. Since the forensic server 201 cannot be tampered with by the user, the integrity, authenticity, and reliability of electronic data acquired by the forensic server 201 from the evidence 301 can be ensured. Meanwhile, since the communication between the terminal 101 and the forensics server 201 is encrypted, the integrity, authenticity, and reliability of the electronic data acquired by the terminal 101 from the forensics server 201 can be ensured. In this way, when the user acquires electronic data from the evidence 301 using the terminal 101, it can be ensured that the process of acquiring the data is not hijacked due to the intervention of the forensics server 201.
Various known or future-appearing ways may be used as to the encryption between the terminal 101 and the forensics server 201. For example, the network request of the terminal 101 may be proxied by using sock5, transmitted to the forensics server 201 through SSL encryption, and then the forensics server 201 is responsible for accessing the network 301 and returning the access result to the terminal 101 through encryption.
As a specific example of forensics, for example, a user may play and fix a suspected infringement video on a network. Since suspected infringement videos are often deleted or tampered after disputes occur, they often need to be obtained and fixed immediately after similar infringement clues are found. The user may access the evidence 301 to perform evidence retrieval and fixing. In this process, the process of accessing the evidence 301 is actually performed by the forensics server 201, ensuring the integrity, authenticity and reliability of the forensics process. In the preferred embodiment, the user does not perceive this as if the evidence 301 was accessed directly through the terminal 101.
After the terminal 101 acquires the electronic data of the proof from the forensic server 201 by using the receiving module 1012, the signature module 1013 may generate signature information of the electronic data, and the transmitting module 1014 may transmit the signature information to the center server 202. The generation of signature information may be performed using a variety of existing or yet to be developed techniques. For example, electronic signature technology, blockchain technology, hash value verification technology, time stamp technology, or the like can be used, or a trusted timestamp of a joint trust company can be used, or authentication can be performed through an electronic evidence obtaining and storing platform. The signature information may include a hash value of the electronic data and associated information such as the name of the creator, the time of creation, etc. Alternatively, the signature information may contain electronic data itself in addition to the above information.
Blockchains can be broadly divided into three types: public, federation, and private chains. A private chain is a fully centralized blockchain into which only the creator of the private chain can write information. Therefore, public or federation chains are mostly used for signing (encryption) and verifying (decryption). In the public chain, all data is publicly visible to anyone, and all transaction information related to a blockchain address can be viewed by the public. Data privacy on the public chain is an issue because some transactions do not want to be visible to all. In the federation chain, the validity of the blockchain blocks and transactions is determined by a predetermined group of verifiers, which form a federation. For example, to make a block in a federation chain valid, more than 50% of the members in the federation are required to sign through before the new block is valid. The information on the federation blockchain may be public or visible only to federation members. When the block chain is used for signature and signature verification, the private key is used for signature, and the public key is used for signature verification. Generally, the public key is public, while the private key is kept secure. Private key signature and public key signature verification are that the private key is used for signing the original data, and only the corresponding public key can verify that the signature string is matched with the original data. The private key is equivalent to a password in the centralized billing system and is a credential for ownership of the asset.
In addition, the signature can be performed by using the time stamp technology. The time stamp signature process comprises the following steps: the user encrypts a file needing time stamping by using Hash codes to form an abstract value, then sends the abstract value and other information to a time stamping server, and the time stamping server encrypts the file (digitally signs) after adding date and time information of receiving the abstract value and then sends the file to the user. Common services using time stamp technology include a time stamp (registered trademark) or a trusted time stamp (registered trademark).
In a preferred embodiment, an audit server 203 is further provided for auditing the forensics process of the forensics server 201. For example, audit server 203 may record the forensics process of forensics server 201. The files obtained from the video recording result are stored locally in the auditing server 203 and used for verifying the integrity of the whole forensics process and the suspected infringement video is not tampered, namely, the authenticity and the reliability. The auditing server 203 may also audit communications between the forensics server 201 and the terminal 101. Preferably, the auditing process of the auditing server 203 is not known to the user, and the auditing process and content of the auditing server 203 are presented only when disputes or disputes occur in the future.
In a preferred embodiment, the technical solution of the present disclosure is applied to the mobile terminal 101 installed with app. As traffic may be hijacked for the app installed on mobile terminal 101. When the evidence 301 is accessed through a browser of the mobile terminal 101 such as a notebook computer or a mobile phone, the traffic is generally difficult to hijack; in this case, the technical solution of the present disclosure may not be applicable.
In the present disclosure, the terminal may be a terminal of a Personal Computer (PC) or may be a terminal of a mobile device. The application program can be a special evidence obtaining APP or a general browser. The operating system may be a desktop operating system, a mobile operating system, a browser operating system, or the like. The secured environment is not limited to a virtual cloud desktop, but shall include all types of remote computer environments, such as a remote desktop, a virtual operating system, a virtual cloud desktop, a virtual browser, and so forth.
The present disclosure may be methods, devices, systems, storage media and program products. The program product may be stored in a readable storage medium having computer instructions for performing various aspects of the present disclosure. Which when executed by a processing unit of a computer or other programmable data processing apparatus, produce an apparatus that implements the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer-readable program instructions described herein may be downloaded to various computing processing devices from a computer-readable storage medium, or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing processing device. The wireless transmission may use a solution for wireless communication such as Wireless Local Area Network (WLAN) of wireless fidelity (Wi-Fi) network, Bluetooth (BT), Global Navigation Satellite System (GNSS), Frequency Modulation (FM), near field wireless communication technology (NFC), infrared technology (IR), and the like.
The computer program instructions for carrying out operations of the present disclosure may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the C language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry that can execute the computer-readable program instructions implements aspects of the present disclosure by utilizing the state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus, systems, storage media and program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
In the embodiments described herein, it should be understood that the disclosed apparatus and methods may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, for example, a module or a unit may be divided into only one logical functional division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another device, or some features may be omitted, or not executed. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed to a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially or partially contributed to by the prior art, or all or part of the technical solutions may be embodied in the form of a software product, where the software product is stored in a storage medium and includes several instructions to enable a device (which may be a single chip microcomputer, a chip, or the like) or a processor to execute all or part of the steps of the methods of the embodiments of the present application.
Having described embodiments of the present disclosure, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the disclosed embodiments. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein. Various modifications and alterations to this disclosure will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Claims (10)
1. A device for preventing the hijacking of data, said device being connected to a central server, characterized in that said device accesses evidence through a forensics server, the communication between said device and said forensics server being encrypted,
the apparatus comprises:
the request module sends an access request to the evidence obtaining server through an encrypted channel when the evidence is accessed, so that the evidence obtaining server accesses the evidence according to the request;
a receiving module that receives electronic data obtained by accessing evidence from the forensics server through an encrypted channel;
a signature module that generates signature information based on the obtained electronic data; and
and the sending module is used for sending the signature information to the central server.
2. The data-hijacking prevention device of claim 1,
the system also comprises an audit server, wherein the audit server is connected with the evidence obtaining server and audits the evidence obtaining process of the evidence obtaining server.
3. The data-hijacking prevention device of claim 1,
the device is installed with a separate forensic app,
the forensic app includes the request module, the receiving module, the signature module, and the sending module.
4. A method for preventing data hijacking, said method being used for a device connected to a central server, characterized in that said device accesses evidence through a forensics server and the communication with said forensics server is encrypted,
the method comprises the following steps:
when accessing the network, sending an access request to the evidence obtaining server through an encrypted channel, and enabling the evidence obtaining server to access the evidence according to the request;
a step of receiving electronic data obtained by accessing evidence from the forensic server through an encrypted channel;
a step of generating signature information based on the obtained electronic data; and
and sending the signature information to the central server.
5. The method of preventing data hijacking according to claim 4,
the method also comprises the step of auditing the forensics process of the forensics server.
6. The method of preventing data hijacking according to claim 4,
the device is installed with an independent forensic app.
7. A computer storage medium comprising, in combination,
computer instructions are stored which, when executed, cause an apparatus to perform the method of any of claims 4 to 6.
8. A computer program product comprising, in a computer readable medium,
the computer program product is stored in a computer storage medium and has computer instructions that, when executed, cause an apparatus to perform the method of any of claims 4 to 6.
9. A system for preventing data hijacking, characterized in that the system comprises a device, a central server and a forensics server, the device is connected with the central server and accesses evidences through the forensics server, and the communication between the device and the forensics server is encrypted,
the apparatus comprises:
the request module sends an access request to the evidence obtaining server through an encrypted channel when the evidence is accessed, and enables the evidence obtaining server to access the evidence according to the request;
a receiving module that receives electronic data obtained by accessing evidence from the forensics server through an encrypted channel;
a signature module that generates signature information based on the obtained electronic data; and
and the sending module is used for sending the signature information to the central server.
10. The system of claim 9,
the system also comprises an audit server, wherein the audit server is connected with the evidence obtaining server and audits the evidence obtaining process of the evidence obtaining server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110201713.4A CN113114615A (en) | 2021-02-23 | 2021-02-23 | Device, system, method, storage medium, and program product for preventing data hijacking |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110201713.4A CN113114615A (en) | 2021-02-23 | 2021-02-23 | Device, system, method, storage medium, and program product for preventing data hijacking |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113114615A true CN113114615A (en) | 2021-07-13 |
Family
ID=76709294
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110201713.4A Pending CN113114615A (en) | 2021-02-23 | 2021-02-23 | Device, system, method, storage medium, and program product for preventing data hijacking |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113114615A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115189935A (en) * | 2022-07-07 | 2022-10-14 | 华北水利水电大学 | Intelligent mobile device centralized investigation and evidence obtaining system and investigation and evidence obtaining method based on same |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090044019A1 (en) * | 2007-08-09 | 2009-02-12 | Hong Fu Jin Precision Industry (Shenzhen) Co., Ltd. | System and method for digitally signing electronic documents |
| CN105007301A (en) * | 2015-06-08 | 2015-10-28 | 杭州猿人数据科技有限公司 | Electronic evidence processing system and method based on social platform |
| CN105046168A (en) * | 2015-01-21 | 2015-11-11 | 上海人科数据科技有限公司 | Network electron evidence processing system and processing method |
| CN107426149A (en) * | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN109819101A (en) * | 2018-12-18 | 2019-05-28 | 法信公证云(厦门)科技有限公司 | A kind of evidence collecting method and Specialised mobile terminal of collecting evidence |
| CN112235323A (en) * | 2020-12-11 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Evidence obtaining method and device based on block chain, electronic equipment and readable storage medium |
-
2021
- 2021-02-23 CN CN202110201713.4A patent/CN113114615A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090044019A1 (en) * | 2007-08-09 | 2009-02-12 | Hong Fu Jin Precision Industry (Shenzhen) Co., Ltd. | System and method for digitally signing electronic documents |
| CN105046168A (en) * | 2015-01-21 | 2015-11-11 | 上海人科数据科技有限公司 | Network electron evidence processing system and processing method |
| CN105007301A (en) * | 2015-06-08 | 2015-10-28 | 杭州猿人数据科技有限公司 | Electronic evidence processing system and method based on social platform |
| CN107426149A (en) * | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN109819101A (en) * | 2018-12-18 | 2019-05-28 | 法信公证云(厦门)科技有限公司 | A kind of evidence collecting method and Specialised mobile terminal of collecting evidence |
| CN112235323A (en) * | 2020-12-11 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Evidence obtaining method and device based on block chain, electronic equipment and readable storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115189935A (en) * | 2022-07-07 | 2022-10-14 | 华北水利水电大学 | Intelligent mobile device centralized investigation and evidence obtaining system and investigation and evidence obtaining method based on same |
| CN115189935B (en) * | 2022-07-07 | 2023-10-13 | 华北水利水电大学 | Intelligent mobile device centralized investigation evidence collection system and investigation evidence collection method based on same |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110879903B (en) | Evidence storage method, evidence verification method, evidence storage device, evidence verification equipment and evidence verification medium | |
| US11088855B2 (en) | System and method for verifying an identity of a user using a cryptographic challenge based on a cryptographic operation | |
| CN112333198B (en) | Secure cross-domain login method, system and server | |
| US10498542B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US20220255920A1 (en) | System and method for proximity-based authentication | |
| US10516662B2 (en) | System and method for authenticating the legitimacy of a request for a resource by a user | |
| US11379771B2 (en) | Management of workflows | |
| CN110677418A (en) | Trusted voiceprint authentication method and device, electronic equipment and storage medium | |
| US9185086B1 (en) | Apparatus, system and method for secure data exchange | |
| CN112801663B (en) | Blockchain certification method, device, system, equipment and medium | |
| CN113498514B (en) | Verifying display of third-party content on a client device | |
| CN110674531B (en) | Residential information management method, device, server and medium based on block chain | |
| CN113610526A (en) | Data trust method and device, electronic equipment and storage medium | |
| CN114500093A (en) | Safe interaction method and system for message information | |
| CN118247093A (en) | Control method, device, equipment, storage medium and product for remains and certificates | |
| CN108900472B (en) | Information transmission method and device | |
| Cho et al. | Guaranteeing the integrity and reliability of distributed personal information access records | |
| CN113114615A (en) | Device, system, method, storage medium, and program product for preventing data hijacking | |
| CN110598374B (en) | Block chain-based work registration method, apparatus and computer-readable storage medium | |
| CN113111283B (en) | Forensic server, forensic server method, storage medium, and program product | |
| CN113285934B (en) | Method and device for detecting IP (Internet protocol) of server cryptographic machine client based on digital signature | |
| US12095927B2 (en) | Signature verification system, verification key management apparatus, verification key management method and program | |
| CN114240399A (en) | Government affair data processing method and system based on block chain platform | |
| CN111783158A (en) | Method for guaranteeing safety of electronic contract | |
| US20220301376A1 (en) | Method and System for Deployment of Authentication Seal in Secure Digital Voting |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210713 |
|
| RJ01 | Rejection of invention patent application after publication |