WO2016145680A1 - Data storage method and device - Google Patents

Data storage method and device Download PDF

Info

Publication number
WO2016145680A1
WO2016145680A1 PCT/CN2015/075602 CN2015075602W WO2016145680A1 WO 2016145680 A1 WO2016145680 A1 WO 2016145680A1 CN 2015075602 W CN2015075602 W CN 2015075602W WO 2016145680 A1 WO2016145680 A1 WO 2016145680A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
stored
security level
level identifier
determining
Prior art date
Application number
PCT/CN2015/075602
Other languages
French (fr)
Chinese (zh)
Inventor
李家侃
袁刚
黄瑞
林荣辉
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2016145680A1 publication Critical patent/WO2016145680A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2125Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation

Abstract

Provided in present application are a data storage method and device. The method comprises: upon receiving data to be stored, determining a security level identifier of the data to be stored, and storing the data to be stored in a system corresponding to the security level identifier. It can be seen that the present application can determine different security level identifiers for different data, and store different data to systems with different security levels according to different security level identifiers, thereby providing protection of different security levels to different data.

Description

一种数据存储方法及装置Data storage method and device
本申请要求于2015年03月13日提交中国专利局,申请号为201510111847.1、发明名称为“一种数据存储方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201510111847.1, entitled "A Data Storage Method and Apparatus", which is incorporated herein by reference. .
技术领域Technical field
本申请涉及数据存储技术领域,尤其是一种基于多系统的数据存储方法及装置。The present application relates to the field of data storage technologies, and in particular, to a data storage method and apparatus based on multiple systems.
背景技术Background technique
数据安全,是信息技术中的重要内容,一种具体体现是,电子设备如PC、PAD或手机等会接收到各种不同类型的数据,数据类型不同,需要的安全保护等级也不同。因此,如何为这些数据提供不同程度的保护,是当前需要解决的一项技术问题。Data security is an important part of information technology. One specific embodiment is that electronic devices such as PCs, PADs, or mobile phones receive various types of data. Different types of data require different levels of security protection. Therefore, how to provide different levels of protection for these data is a technical problem that needs to be solved.
发明内容Summary of the invention
有鉴于此,本发明提供了一种数据存储方法及装置,用以为不同类型的数据提供不同安全程度的保护。为实现所述目的,本发明提供的技术方案如下:In view of this, the present invention provides a data storage method and apparatus for providing different levels of security for different types of data. To achieve the object, the technical solution provided by the present invention is as follows:
一种数据存储方法,包括:A data storage method comprising:
在接收到待存储数据后,确定所述待存储数据的安全级别标识;After receiving the data to be stored, determining a security level identifier of the data to be stored;
将所述待存储数据保存在与所述安全级别标识对应的系统中。The data to be stored is saved in a system corresponding to the security level identifier.
可选地,上述的数据存储方法,所述将所述待存储数据保存在与所述安全级别标识对应的系统中包括:Optionally, in the foregoing data storage method, the saving the data to be stored in a system corresponding to the security level identifier includes:
当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中; When the system corresponding to the security level identifier is a system, the data to be stored is saved in the system;
当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别保存在所述两个系统中。When the system corresponding to the security level identifier is two systems, the brief information of the data to be stored is generated, and the brief information and the data to be stored are separately stored in the two systems.
可选地,上述的数据存储方法,所述生成所述待存储数据的简要信息包括:Optionally, in the foregoing data storage method, the generating brief information about the to-be-stored data includes:
复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息。Copying the identifier of the data to be stored and part of the data in the data to be stored, and obtaining brief information.
可选地,上述的数据存储方法,所述确定所述待存储数据的安全级别标识包括:Optionally, in the foregoing data storage method, the determining a security level identifier of the to-be-stored data includes:
将用户输入的安全级别标识确定为所述待存储数据的安全级别标识;Determining, by the user, the security level identifier as the security level identifier of the data to be stored;
或者,or,
依据预设确定规则,确定所述待存储数据的安全级别标识。Determining a security level identifier of the to-be-stored data according to a preset determination rule.
可选地,上述的数据存储方法,所述依据预设确定规则,确定所述待存储数据的安全级别标识包括:Optionally, the foregoing data storage method, the determining the security level identifier of the to-be-stored data according to the preset determining rule includes:
获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;Obtaining a plurality of elements included in the preset determination rule and a first element value of each element, determining a second element value corresponding to the to-be-stored data of each of the elements, and comparing the first of each of the elements The element value and the second element value are obtained as comparison results;
利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果;Using the logical connection relationship included in the preset determination rule, logically determining each of the comparison results to obtain a determination result;
将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别标识。The security level identifier corresponding to the determination result is determined as the security level identifier of the to-be-stored data.
本申请还提供了一种数据存储装置,包括:The application also provides a data storage device, including:
级别确定单元,用于在接收到待存储数据后,确定所述待存储数据的安全级别标识;a level determining unit, configured to determine a security level identifier of the to-be-stored data after receiving the data to be stored;
数据存储单元,用于将所述待存储数据保存在与所述安全级别标识对应的系统中。And a data storage unit, configured to save the to-be-stored data in a system corresponding to the security level identifier.
可选地,上述的数据存储装置中,所述数据存储单元包括:Optionally, in the data storage device, the data storage unit includes:
第一存储子单元,用于当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中;a first storage subunit, configured to save the to-be-stored data in the system when the system corresponding to the security level identifier is a system;
第二存储子单元,用于当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别 保存在所述两个系统中。a second storage subunit, configured to generate brief information of the to-be-stored data when the system corresponding to the security level identifier is two systems, and separately obtain the brief information and the to-be-stored data Saved in the two systems.
可选地,上述的数据存储装置中,所述生成所述待存储数据的简要信息的第二存储子单元包括:Optionally, in the foregoing data storage device, the second storage subunit that generates the brief information of the to-be-stored data includes:
第二存储子单元,用于复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息。And a second storage subunit, configured to copy the identifier of the data to be stored and part of data in the data to be stored, to obtain brief information.
可选地,上述的数据存储装置中,所述级别确定单元包括:Optionally, in the foregoing data storage device, the level determining unit includes:
第一级别确定子单元,用于将用户输入的安全级别标识确定为所述待存储数据的安全级别标识;a first level determining subunit, configured to determine a security level identifier input by the user as a security level identifier of the to-be-stored data;
第二级别确定子单元,用于依据预设确定规则,确定所述待存储数据的安全级别标识。The second level determining subunit is configured to determine a security level identifier of the to-be-stored data according to a preset determining rule.
可选地,上述的数据存储装置中,所述第二级别确定子单元包括:Optionally, in the foregoing data storage device, the second level determining subunit includes:
元素比对结果获取子单元,用于获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;An element comparison result obtaining sub-unit, configured to acquire a plurality of elements included in the preset determination rule and a first element value of each element, and determine a second element value corresponding to the to-be-stored data of each of the elements, Comparing the first element value and the second element value of each of the elements to obtain a comparison result;
逻辑判断结果获得子单元,用于利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果;The logical judgment result obtaining sub-unit is configured to perform logical judgment on each of the comparison results by using the logical connection relationship included in the preset determination rule to obtain a judgment result;
安全级别标识确定子单元,用于将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别标识。The security level identifier determining sub-unit is configured to determine the security level identifier corresponding to the determination result as the security level identifier of the to-be-stored data.
由以上可知,本发明具有如下有益效果:As can be seen from the above, the present invention has the following beneficial effects:
本发明提供的数据存储方法,在接收到待存储数据后,首先确定待存储数据的安全级别标识,进而将该待存储数据保存在与该安全级别标识对应的系统中。可见,本发明可为不同数据确定不同的安全级别标识,并根据不同的安全级别标识将不同数据存储到不同安全等级的系统,从而为不同数据提供不同安全等级的保护。The data storage method provided by the present invention first determines the security level identifier of the data to be stored after receiving the data to be stored, and then saves the to-be-stored data in a system corresponding to the security level identifier. It can be seen that the present invention can determine different security level identifiers for different data, and store different data to different security level systems according to different security level identifiers, thereby providing different security levels for different data protection.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图获得其他的附图。 In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is an embodiment of the present invention, and those skilled in the art can obtain other drawings according to the provided drawings without any creative work.
图1为本发明实施例提供的数据存储方法的流程图;FIG. 1 is a flowchart of a data storage method according to an embodiment of the present invention;
图2为本发明另一实施例提供的数据存储方法的流程图;2 is a flowchart of a data storage method according to another embodiment of the present invention;
图3为本发明实施例提供的数据存储装置的结构示意图;3 is a schematic structural diagram of a data storage device according to an embodiment of the present invention;
图4为本发明另一实施例提供的数据存储装置的结构示意图。FIG. 4 is a schematic structural diagram of a data storage device according to another embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
为了提高数据的安全性,一种方式是采用加密手段,基于这种思想,数据不同,便采用不同的加密算法。但是,该种方式需要进行加密过程,耗费一定的计算资源,本发明并未采用这种方式,而是利用了电子设备自身安装的多个系统。也就是说,本发明应用到的电子设备中需要安装有多个系统,并且不同系统配置不同级别的安全模块,从而为数据提供不同安全等级的保护。本发明的发明思想是利用多系统,对不同类型的数据进行不同类型的存储。In order to improve the security of data, one way is to use encryption. Based on this idea, different data is used, and different encryption algorithms are used. However, this method requires an encryption process and consumes a certain amount of computing resources. The present invention does not adopt this method, but utilizes multiple systems installed by the electronic device itself. That is to say, the electronic device to which the present invention is applied needs to be installed with multiple systems, and different systems are configured with different levels of security modules to provide different levels of security protection for the data. The inventive idea of the present invention is to use different systems to perform different types of storage for different types of data.
参见图1,其示出了本发明实施例提供的数据存储方法的流程,具体包括以下步骤:Referring to FIG. 1 , a flow of a data storage method according to an embodiment of the present invention is shown, which specifically includes the following steps:
步骤S101:在接收到待存储数据后,确定所述待存储数据的安全级别标识。Step S101: After receiving the data to be stored, determine a security level identifier of the to-be-stored data.
其中,电子设备可接收各种类型的数据,例如邮件、文本文档等,这些数据需要保存在电子设备中,可称为待存储数据。在电子设备接收到待存储数据后,为待存储数据确定所对应的安全级别标识。The electronic device can receive various types of data, such as mails, text documents, and the like, and the data needs to be stored in the electronic device, and can be referred to as data to be stored. After the electronic device receives the data to be stored, the corresponding security level identifier is determined for the data to be stored.
需要说明的是,安全级别标识是与存储方式相对应,也就是说,若待存储数据的安全级别标识不同,则以不同的存储方式保存在系统中。其中,存储方式指的是如何使用电子设备中的多个系统存储待存储数据的相关信息。具体地,一是可以选择单独的某个系统来存储数据,当然,选择时可依据安全级别标识,即安全级别标识较高时,使用更为安全的系统,二是可以并非全部情况都选择单个系统存储数据,而是在某些情况下,选择单个系统存储 数据,在另外的情况下,选择多个系统来存储数据,具体说明可参见下文。It should be noted that the security level identifier corresponds to the storage mode, that is, if the security level identifier of the data to be stored is different, it is stored in the system in different storage manners. The storage mode refers to how to use the multiple systems in the electronic device to store related information of the data to be stored. Specifically, one can select a separate system to store data. Of course, the security level identifier can be selected according to the security level, that is, when the security level identifier is high, a more secure system is used, and secondly, not all cases can be selected. The system stores data, but in some cases, selects a single system storage Data, in other cases, select multiple systems to store data, as described below.
步骤S102:将所述待存储数据保存在与所述安全级别标识对应的系统中。Step S102: Save the to-be-stored data in a system corresponding to the security level identifier.
其中,如上所述,系统为具有不同等级保护功能的系统,根据安全级别标识确定出需要存储到的系统后,便可在确定出的系统中保存待存储数据。Wherein, as described above, the system is a system with different levels of protection functions, and after determining the system to be stored according to the security level identifier, the data to be stored can be saved in the determined system.
由以上技术方案可知,本实施例提供的数据存储方法,在接收到待存储数据后,首先确定待存储数据的安全级别标识,进而将该待存储数据保存在与该安全级别标识对应的系统中。可见,本实施例可以根据安全级别标识为数据提供不同类型的存储,存储方式不同,便可被存储到不同安全级别的系统中,从而为不同数据提供不同等级的保护。The data storage method provided in this embodiment first determines the security level identifier of the data to be stored after receiving the data to be stored, and then saves the to-be-stored data in a system corresponding to the security level identifier. . It can be seen that, in this embodiment, different types of storage can be provided for data according to the security level identifier, and the storage manners are different, and can be stored in systems of different security levels, thereby providing different levels of protection for different data.
上述关于存储方式,列举了两种具体实现方式,优选使用第二种,这样,可避免仅单独使用某个系统存储数据带来的新的问题,即资源浪费及数据查看不方便。具体来讲,电子设备默认处在多个系统中的某个系统中,若想要查看的数据全部在其他系统中,则必须将电子设备从当前系统切换到另一系统中,并在查看完后切换回原来的系统,不仅造成切换系统的资源开销,而且造成查看延时用户体验较差。并且,在查看的数据为非重要信息时,这种切换显得更不属必要。For the storage method described above, two specific implementation manners are listed, and the second type is preferably used. This avoids the new problem caused by using only one system to store data separately, that is, resource waste and inconvenient data viewing. Specifically, the electronic device is in a system of multiple systems by default. If the data to be viewed is all in other systems, the electronic device must be switched from the current system to another system, and after viewing. Switching back to the original system not only causes the resource overhead of the switching system, but also causes a poor user experience for viewing delays. Also, when the viewed data is non-critical, this switching is less necessary.
为了便于说明,以电子设备包括两个系统为例进行说明,这两个系统分别称为普通系统及安全系统。电子设备默认处在普通系统中,若使用上述存储方式中的第一种,则不论数据的安全级别标识为何,均仅仅使用一个系统来存储数据,例如,待存储数据为重大会议通知,且其被存储在安全系统中。对于重大会议,会议主题内容较为重要,放在安全系统中可保证其安全性,但是若用户仅仅想要查看会议的时间及地点,则仍需要切换至安全系统,这时便会带来上述问题。因此,优选地,如图2所示,上述实施例中的步骤S102可以具体通过以下方式实现:For convenience of description, the electronic device includes two systems as an example, and the two systems are respectively called an ordinary system and a security system. The electronic device is in the normal system by default. If the first one of the above storage methods is used, only one system is used to store data regardless of the security level identifier of the data. For example, the data to be stored is a major conference notification, and It is stored in the security system. For major conferences, the topic content of the conference is more important, and it can be secured in the security system. However, if the user only wants to check the time and place of the conference, he still needs to switch to the security system, which will bring the above problems. . Therefore, preferably, as shown in FIG. 2, step S102 in the above embodiment may be specifically implemented by:
步骤S201:当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中。Step S201: When the system corresponding to the security level identifier is a system, save the to-be-stored data in the system.
步骤S202:当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别保存在所述两个系统中。 Step S202: When the system corresponding to the security level identifier is two systems, generate brief information of the data to be stored, and save the brief information and the data to be stored in the two systems.
具体来讲,在预先设置安全级别标识与系统的对应关系时,可以将某些安全级别标识对应的系统设置为一个,将某些安全级别标识对应的系统设置为两个,当然,在一对一的关系中,也要符合高级别的标识对应的系统为高安全等级的系统。例如,安全级别标识为三类,即高隐私级别、中隐私级别及低隐私级别,电子设备中包括普通系统及安全系统,其中,高隐私级别对应的系统为安全系统,中隐私级别对应的系统为两个,低隐私级别对应的系统为普通系统。Specifically, when the correspondence between the security level identifier and the system is set in advance, the system corresponding to some security level identifiers may be set to one, and the system corresponding to some security level identifiers may be set to two, of course, in a pair. In the relationship of one, it is also necessary to comply with the system in which the high-level identification system corresponds to a high security level. For example, the security level is identified as three types, that is, a high privacy level, a medium privacy level, and a low privacy level. The electronic device includes a common system and a security system, wherein the system corresponding to the high privacy level is a security system, and the system corresponding to the privacy level. For two, the system corresponding to the low privacy level is a normal system.
进一步地,当安全级别标识对应的系统为两个时,可以将待存储数据存储在安全等级较高的系统中,以保证数据的安全性,并且为待存储数据生成简要信息,将该简要信息存储在安全等级较低的系统中,以方便用户的查看。Further, when the system corresponding to the security level identifier is two, the data to be stored may be stored in a system with a higher security level to ensure data security, and brief information is generated for the data to be stored, and the brief information is generated. Stored in a system with a lower security level for easy viewing by users.
其中,生成简要信息的方式可以是:复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息。具体地,待存储数据可以是邮件、文本文档等,此时,待存储数据的标识指的是邮件的主题,文本文档的名称。待存储数据的部分数据可以是由比例表示,该比例可以是默认值,也可以是用户设置的。例如,为用户提供设置界面,用户在该设置界面中选择比例值,如10%、20%等。另外,若待存储数据自身有摘要,也可将摘要生成简要信息。当然,简要信息还可以是其他内容,或者还包括其他内容,并不局限于本实施例中的标识、部分数据及摘要等。The method for generating the brief information may be: copying the identifier of the data to be stored and part of the data in the data to be stored, and obtaining brief information. Specifically, the data to be stored may be a mail, a text document, or the like. At this time, the identifier of the data to be stored refers to the subject of the mail and the name of the text document. Part of the data to be stored may be represented by a scale, which may be a default value or may be set by a user. For example, the user is provided with a setting interface, and the user selects a scale value in the setting interface, such as 10%, 20%, and the like. In addition, if the data to be stored has a digest, the digest can also generate brief information. Of course, the brief information may also be other content, or include other content, and is not limited to the identifier, partial data, and abstract in the embodiment.
由上述的技术方案可知,在安全级别标识对应的系统为两个系统时,能够生成待存储数据的简要信息,并将简要信息与待存储数据分别保存在不同系统中。这样既可以保证数据的安全性,还可以方便用户的查看,且避免频繁切换系统带来的资源开销。According to the foregoing technical solution, when the system corresponding to the security level identifier is two systems, brief information of the data to be stored can be generated, and the brief information and the data to be stored are separately stored in different systems. In this way, the security of the data can be ensured, and the user can view it conveniently, and avoid the resource overhead caused by frequently switching the system.
在用户选择查看简要信息时,便直接在当前系统中将这部分信息显示给用户,而不必切换系统,若用户在查看简要信息后,还想要继续查看更为全面的内容,才切换至全部待存储数据保存的系统。When the user chooses to view the brief information, the user directly displays the information to the user in the current system without switching the system. If the user wants to continue to view more comprehensive content after viewing the brief information, the user switches to all. The system to store data to be saved.
另外,上述实施例中的步骤S101中确定待存储数据的安全级别标识的具体实现方式可以是:将用户输入的安全级别标识确定为所述待存储数据的安全级别标识;或者,依据预设确定规则,确定所述待存储数据的安全级别标识。 In addition, the specific implementation manner of determining the security level identifier of the data to be stored in the step S101 in the foregoing embodiment may be: determining the security level identifier input by the user as the security level identifier of the data to be stored; or determining according to the preset. A rule determines a security level identifier of the data to be stored.
其一,可以在接收到待存储数据后,为用户提供选择界面,该界面中包括预先设置的多种安全级别标识,如高隐私级别、中隐私级别及低隐私级别,用户便可直接为该数据选择安全级别标识;其二,可以是设备自动为待存储数据设置安全级别标识,具体地:First, after receiving the data to be stored, the user may be provided with a selection interface, where the interface includes multiple security level identifiers set in advance, such as a high privacy level, a medium privacy level, and a low privacy level, and the user may directly The data selection security level identifier; secondly, the device automatically sets a security level identifier for the data to be stored, specifically:
获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果;将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别标识。其中,确定规则可以是用户设置的,即用户分别设置确定规则中的元素、元素的第一元素值及逻辑连接关系,另外,确定规则中的逻辑连接关系包括:“或”及“与”。Obtaining a plurality of elements included in the preset determination rule and a first element value of each element, determining a second element value corresponding to the to-be-stored data of each of the elements, and comparing the first of each of the elements The element value and the second element value are used to obtain a comparison result; using the logical connection relationship included in the preset determination rule, logically determining each of the comparison results to obtain a determination result; and the security corresponding to the determination result The level identifier is determined as the security level identifier of the data to be stored. The determining rule may be set by the user, that is, the user separately sets the first element value and the logical connection relationship of the element in the determining rule, and the logical connection relationship in the determining rule includes: “or” and “and”.
预先设置的确定规则可以包含多个元素,且每个元素具有对应的预设元素值(为了便于描述,将该元素值称为第一元素值),并且,各个元素之间具有逻辑连接关系。因此,在利用确定规则为接收到的数据设置安全级别标识时,首先,依据该确定规则明确需要匹配的元素有哪些,分别确定每个元素与待存储数据相对应的值(为了便于描述,将该元素值称为第一元素值),然后,将第二元素值与第一元素值进行比对,获得比对结果,最后,根据元素间的逻辑连接关系对多个比对结果进行逻辑判断,根据判断结果来确定安全级别标识。The predetermined determination rule may include a plurality of elements, and each element has a corresponding preset element value (the element value is referred to as a first element value for convenience of description), and each element has a logical connection relationship therebetween. Therefore, when the security level identifier is set for the received data by using the determining rule, firstly, according to the determining rule, which elements are needed to be matched, respectively, and each element is determined to have a value corresponding to the data to be stored (for convenience of description, The element value is called the first element value), then the second element value is compared with the first element value to obtain a comparison result, and finally, the logical comparison between the elements is logically determined according to the logical connection relationship between the elements. According to the judgment result, the security level identifier is determined.
例如,确定规则为:关键字与接收时段,该确定规则中包括的元素为两个,分别为关键字及接收时段,关键字的第一元素值为“重要会议”,接收时段的第一元素值为“AM 9:00至AM 11:00”,且元素之间的逻辑连接关系为“与”,且逻辑判断结果为是的情况下对应的安全级别标识为“高隐私级别”。因此,在接收到待存储数据时,在该待存储数据的标识中获取关键字,例如,接收到的待存储数据为邮件,在邮件的主题中获取到的关键字中包括“重要会议”,且接收到的时间点为AM 10:00,可见,关键词的第二元素值与第一元素值匹配,并且接收时段的第二元素值与第一元素值匹配,因此,最终的逻辑判断结果为是,进而,该邮件便会被设置为“高隐私级别”。For example, the determining rule is: a keyword and a receiving period, and the determining rule includes two elements, namely a keyword and a receiving period, and the first element value of the keyword is “important meeting”, and the first element of the receiving period The value is "AM 9:00 to AM 11:00", and the logical connection relationship between the elements is "AND", and the logical level is YES, and the corresponding security level is identified as "high privacy level". Therefore, when receiving the data to be stored, the keyword is obtained in the identifier of the data to be stored, for example, the received data to be stored is an email, and the keyword obtained in the subject of the email includes an “important conference”. And the received time point is AM 10:00, it can be seen that the second element value of the keyword matches the first element value, and the second element value of the receiving period matches the first element value, and therefore, the final logical judgment result To be sure, the message will be set to "high privacy level".
在上述的逻辑判断过程中,若判断结果为否,可以将待存储数据设置为默认的安全级别标识,或者,可以为用户提供选择界面,由用户手工选择对 应的安全级别标识。In the above logical determination process, if the determination result is no, the data to be stored may be set as the default security level identifier, or the user may be provided with a selection interface, which is manually selected by the user. The security level identifier should be.
按照上述实施例保存待存储数据,例如,待存储数据为会议通知,在普通系统中存储会议时间及地点,在安全系统中存储会议通知的全部内容。若用户想要查看会议时间及地点时,可直接在普通系统中获取时间及地点进行显示,当用户想要继续查看时,可在点击后切换至安全系统后,获取全部数据进行显示。The data to be stored is saved according to the above embodiment. For example, the data to be stored is a conference notification, the conference time and location are stored in a common system, and the entire content of the conference notification is stored in the security system. If the user wants to view the time and place of the meeting, the time and place can be directly displayed in the normal system. When the user wants to continue viewing, he can switch to the security system after clicking and obtain all the data for display.
下面对本发明实施例提供的数据存储装置进行介绍,需要说明的是,下文有关数据存储装置的说明可参照上文的数据存储方法,以下并不赘述。The data storage device provided by the embodiment of the present invention is described below. It should be noted that the following description of the data storage device can refer to the above data storage method, which is not described below.
参见图3,其示出了本发明实施例提供的数据存储装置的结构,具体包括:级别确定单元100及数据存储单元200;其中:Referring to FIG. 3, it shows a structure of a data storage device according to an embodiment of the present invention, which specifically includes: a level determining unit 100 and a data storage unit 200; wherein:
级别确定单元100,用于在接收到待存储数据后,确定所述待存储数据的安全级别标识;The level determining unit 100 is configured to determine a security level identifier of the to-be-stored data after receiving the data to be stored;
数据存储单元200,用于将所述待存储数据保存在与所述安全级别标识对应的系统中。The data storage unit 200 is configured to save the to-be-stored data in a system corresponding to the security level identifier.
由以上的技术方案可知,本实施例提供的数据存储装置可以为待存储数据确定其所对应的安全级别标识,并将待存储数据保存在与自身安全级别标识对应的系统中,从而为不同类型的待存储数据提供不同方式的存储。According to the above technical solution, the data storage device provided in this embodiment may determine the security level identifier corresponding to the data to be stored, and save the data to be stored in a system corresponding to the security level identifier thereof, thereby being different types. The data to be stored provides different ways of storing.
如图4所示,上述数据存储装置中的数据存储单元200可以具体包括:As shown in FIG. 4, the data storage unit 200 in the foregoing data storage device may specifically include:
第一存储子单元201,用于当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中;The first storage subunit 201 is configured to save the to-be-stored data in the system when the system corresponding to the security level identifier is a system;
第二存储子单元202,用于当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别保存在所述两个系统中。The second storage sub-unit 202 is configured to generate brief information of the to-be-stored data when the system corresponding to the security level identifier is two systems, and save the brief information and the to-be-stored data in the In the two systems.
上述数据存储装置中,用于生成所述待存储数据的简要信息的第二存储子单元可以具体为这样一种第二存储子单元,即用于复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息的第二存储子单元。In the above data storage device, the second storage subunit for generating the brief information of the data to be stored may be specifically a second storage subunit, that is, an identifier for copying the data to be stored and the to-be-reserved A portion of the data in the data is stored, and a second storage subunit of the brief information is obtained.
上述数据存储装置中的级别确定单元100可以具体包括:The level determining unit 100 in the foregoing data storage device may specifically include:
第一级别确定子单元,用于将用户输入的安全级别标识确定为所述待存 储数据的安全级别标识;a first level determining subunit, configured to determine a security level identifier input by the user as the to-be-stored The security level identifier of the stored data;
第二级别确定子单元,用于依据预设确定规则,确定所述待存储数据的安全级别标识。The second level determining subunit is configured to determine a security level identifier of the to-be-stored data according to a preset determining rule.
上述数据存储装置中的第二级别确定子单元可以具体包括:The second level determining subunit in the foregoing data storage device may specifically include:
元素比对结果获取子单元,用于获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;An element comparison result obtaining sub-unit, configured to acquire a plurality of elements included in the preset determination rule and a first element value of each element, and determine a second element value corresponding to the to-be-stored data of each of the elements, Comparing the first element value and the second element value of each of the elements to obtain a comparison result;
逻辑判断结果获得子单元,用于利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果;The logical judgment result obtaining sub-unit is configured to perform logical judgment on each of the comparison results by using the logical connection relationship included in the preset determination rule to obtain a judgment result;
安全级别标识确定子单元,用于将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别标识。The security level identifier determining sub-unit is configured to determine the security level identifier corresponding to the determination result as the security level identifier of the to-be-stored data.
需要说明的是,本说明书中的各个实施例均采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似的部分互相参见即可。It should be noted that each embodiment in the specification is described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same similar parts between the embodiments are referred to each other. can.
还需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括上述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should also be noted that, in this context, relational terms such as first and second, etc. are used merely to distinguish one entity or operation from another entity or operation, without necessarily requiring or implying such entities or operations. There is any such actual relationship or order between them. Furthermore, the term "comprises" or "comprises" or "comprises" or any other variations thereof is intended to encompass a non-exclusive inclusion, such that a process, method, article, or device that comprises a plurality of elements includes not only those elements but also Other elements, or elements that are inherent to such a process, method, item, or device. An element that is defined by the phrase "comprising a ..." does not exclude the presence of additional elements in the process, method, article, or device that comprises the above described elements.
对所公开的实施例的上述说明,使本领域专业技术人员能够实现或使用本发明。对这些实施例的多种修改对本领域的专业技术人员来说将是显而易见的,本文中所定义的一般原理可以在不脱离本发明的精神或范围的情况下,在其它实施例中实现。因此,本发明将不会被限制于本文所示的这些实施例,而是要符合与本文所公开的原理和新颖特点相一致的最宽的范围。 The above description of the disclosed embodiments enables those skilled in the art to make or use the invention. Various modifications to these embodiments are obvious to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of the invention. Therefore, the present invention is not to be limited to the embodiments shown herein, but the scope of the invention is to be accorded

Claims (10)

  1. 一种数据存储方法,其特征在于,包括:A data storage method, comprising:
    在接收到待存储数据后,确定所述待存储数据的安全级别标识;After receiving the data to be stored, determining a security level identifier of the data to be stored;
    将所述待存储数据保存在与所述安全级别标识对应的系统中。The data to be stored is saved in a system corresponding to the security level identifier.
  2. 根据权利要求1所述的数据存储方法,其特征在于,所述将所述待存储数据保存在与所述安全级别标识对应的系统中包括:The data storage method according to claim 1, wherein the saving the data to be stored in a system corresponding to the security level identifier comprises:
    当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中;When the system corresponding to the security level identifier is a system, the data to be stored is saved in the system;
    当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别保存在所述两个系统中。When the system corresponding to the security level identifier is two systems, the brief information of the data to be stored is generated, and the brief information and the data to be stored are separately stored in the two systems.
  3. 根据权利要求2所述的数据存储方法,其特征在于,所述生成所述待存储数据的简要信息包括:The data storage method according to claim 2, wherein the generating the brief information of the data to be stored comprises:
    复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息。Copying the identifier of the data to be stored and part of the data in the data to be stored, and obtaining brief information.
  4. 根据权利要求1所述的数据存储方法,其特征在于,所述确定所述待存储数据的安全级别标识包括:The data storage method according to claim 1, wherein the determining the security level identifier of the data to be stored comprises:
    将用户输入的安全级别标识确定为所述待存储数据的安全级别标识;Determining, by the user, the security level identifier as the security level identifier of the data to be stored;
    或者,or,
    依据预设确定规则,确定所述待存储数据的安全级别标识。Determining a security level identifier of the to-be-stored data according to a preset determination rule.
  5. 根据权利要求4所述的数据存储方法,其特征在于,所述依据预设确定规则,确定所述待存储数据的安全级别标识包括:The data storage method according to claim 4, wherein the determining the security level identifier of the data to be stored according to the preset determination rule comprises:
    获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;Obtaining a plurality of elements included in the preset determination rule and a first element value of each element, determining a second element value corresponding to the to-be-stored data of each of the elements, and comparing the first of each of the elements The element value and the second element value are obtained as comparison results;
    利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果;Using the logical connection relationship included in the preset determination rule, logically determining each of the comparison results to obtain a determination result;
    将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别 标识。Determining, by the security level identifier corresponding to the determination result, the security level of the data to be stored Logo.
  6. 一种数据存储装置,其特征在于,包括:A data storage device, comprising:
    级别确定单元,用于在接收到待存储数据后,确定所述待存储数据的安全级别标识;a level determining unit, configured to determine a security level identifier of the to-be-stored data after receiving the data to be stored;
    数据存储单元,用于将所述待存储数据保存在与所述安全级别标识对应的系统中。And a data storage unit, configured to save the to-be-stored data in a system corresponding to the security level identifier.
  7. 根据权利要求6所述的数据存储装置,其特征在于,所述数据存储单元包括:The data storage device of claim 6, wherein the data storage unit comprises:
    第一存储子单元,用于当所述安全级别标识对应的系统为一个系统时,将所述待存储数据保存在该系统中;a first storage subunit, configured to save the to-be-stored data in the system when the system corresponding to the security level identifier is a system;
    第二存储子单元,用于当所述安全级别标识对应的系统为两个系统时,生成所述待存储数据的简要信息,并将所述简要信息及所述待存储数据分别保存在所述两个系统中。a second storage subunit, configured to generate brief information of the to-be-stored data when the system corresponding to the security level identifier is two systems, and save the brief information and the to-be-stored data in the In both systems.
  8. 根据权利要求7所述的数据存储装置,其特征在于,所述生成所述待存储数据的简要信息的第二存储子单元包括:The data storage device according to claim 7, wherein the generating the second storage subunit of the brief information of the data to be stored comprises:
    第二存储子单元,用于复制所述待存储数据的标识及所述待存储数据中的部分数据,获得简要信息。And a second storage subunit, configured to copy the identifier of the data to be stored and part of data in the data to be stored, to obtain brief information.
  9. 根据权利要求6所述的数据存储装置,其特征在于,所述级别确定单元包括:The data storage device according to claim 6, wherein the level determining unit comprises:
    第一级别确定子单元,用于将用户输入的安全级别标识确定为所述待存储数据的安全级别标识;a first level determining subunit, configured to determine a security level identifier input by the user as a security level identifier of the to-be-stored data;
    第二级别确定子单元,用于依据预设确定规则,确定所述待存储数据的安全级别标识。The second level determining subunit is configured to determine a security level identifier of the to-be-stored data according to a preset determining rule.
  10. 根据权利要求9所述的数据存储装置,其特征在于,所述第二级别确定子单元包括:The data storage device according to claim 9, wherein the second level determining subunit comprises:
    元素比对结果获取子单元,用于获取预设确定规则中包含的多个元素及每个元素的第一元素值,确定每个所述元素与所述待存储数据对应的第二元素值,比对每个所述元素的第一元素值及第二元素值,获得比对结果;An element comparison result obtaining sub-unit, configured to acquire a plurality of elements included in the preset determination rule and a first element value of each element, and determine a second element value corresponding to the to-be-stored data of each of the elements, Comparing the first element value and the second element value of each of the elements to obtain a comparison result;
    逻辑判断结果获得子单元,用于利用所述预设确定规则中包含的逻辑连接关系,对各个所述比对结果进行逻辑判断,获得判断结果; The logical judgment result obtaining sub-unit is configured to perform logical judgment on each of the comparison results by using the logical connection relationship included in the preset determination rule to obtain a judgment result;
    安全级别标识确定子单元,用于将所述判断结果对应的安全级别标识确定为所述待存储数据的安全级别标识。 The security level identifier determining sub-unit is configured to determine the security level identifier corresponding to the determination result as the security level identifier of the to-be-stored data.
PCT/CN2015/075602 2015-03-13 2015-03-31 Data storage method and device WO2016145680A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510111847.1A CN104657681B (en) 2015-03-13 2015-03-13 A kind of date storage method and device
CN201510111847.1 2015-03-13

Publications (1)

Publication Number Publication Date
WO2016145680A1 true WO2016145680A1 (en) 2016-09-22

Family

ID=53248789

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/075602 WO2016145680A1 (en) 2015-03-13 2015-03-31 Data storage method and device

Country Status (2)

Country Link
CN (1) CN104657681B (en)
WO (1) WO2016145680A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636338A (en) * 2018-12-12 2019-04-16 北京光电新创通信技术有限公司 A kind of broad band photoelectrical operation management platform system

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017035758A1 (en) * 2015-08-31 2017-03-09 华为技术有限公司 Sms processing method, apparatus and terminal
CN105278879A (en) * 2015-10-14 2016-01-27 珠海格力电器股份有限公司 Processing method and device of monitoring data
CN107423640A (en) * 2017-03-16 2017-12-01 努比亚技术有限公司 A kind of method, apparatus and terminal of wirelessly transmitting data storage
CN110874185B (en) * 2018-09-04 2021-12-17 杭州海康威视系统技术有限公司 Data storage method and storage device
CN110110551B (en) * 2019-04-19 2021-08-24 中共中央办公厅电子科技学院(北京电子科技学院) Data storage method and device
CN113392062B (en) * 2020-03-12 2023-04-07 Oppo广东移动通信有限公司 Data storage method and device, electronic equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070101436A1 (en) * 2000-11-13 2007-05-03 Redlich Ron M Data Security System and Method
CN102487397A (en) * 2010-12-02 2012-06-06 中兴通讯股份有限公司 Method and node for storing and routing data on basis of node bottom layer security level
CN103620606A (en) * 2013-06-20 2014-03-05 华为技术有限公司 Storage detecting apparatus, system, and method
CN103780622A (en) * 2014-01-24 2014-05-07 华中科技大学 Data classification and encryption method for cloud storage

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1158610C (en) * 2001-03-05 2004-07-21 中国科学院计算技术研究所 Computer system with regional isolation by security classes
CN103441986B (en) * 2013-07-29 2017-05-17 中国航天科工集团第二研究院七〇六所 Data resource security control method in thin client mode

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070101436A1 (en) * 2000-11-13 2007-05-03 Redlich Ron M Data Security System and Method
CN102487397A (en) * 2010-12-02 2012-06-06 中兴通讯股份有限公司 Method and node for storing and routing data on basis of node bottom layer security level
CN103620606A (en) * 2013-06-20 2014-03-05 华为技术有限公司 Storage detecting apparatus, system, and method
CN103780622A (en) * 2014-01-24 2014-05-07 华中科技大学 Data classification and encryption method for cloud storage

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636338A (en) * 2018-12-12 2019-04-16 北京光电新创通信技术有限公司 A kind of broad band photoelectrical operation management platform system

Also Published As

Publication number Publication date
CN104657681B (en) 2018-11-06
CN104657681A (en) 2015-05-27

Similar Documents

Publication Publication Date Title
WO2016145680A1 (en) Data storage method and device
US11722860B2 (en) Messaging system interacting with dynamic extension app
US9648001B2 (en) Secure messaging
US9853820B2 (en) Intelligent deletion of revoked data
US9104768B2 (en) Person-based information aggregation
US20120209921A1 (en) Instant Message Management Method and Apparatus
US10409901B2 (en) Providing collaboration communication tools within document editor
RU2595533C2 (en) System for displaying mail attachments on web mail page
US20090158213A1 (en) Mobile terminal and method of configuring and executing application functions for the same
US20140379821A1 (en) Method and system for synchronizing duplicated contents in multiple terminals
TW201814436A (en) Communication method and device
WO2022161431A1 (en) Display method, apparatus, and electronic device
WO2019007409A1 (en) Display method, device, smart terminal and computer readable storage medium
US20130160049A1 (en) Selective display of messages using information processing devices
WO2020119409A1 (en) List positioning method and apparatus, and device and storage medium
CN108566334B (en) Auxiliary method, terminal and medium based on chat software
US20160283447A1 (en) Providing interactive preview of content within communication
JP2015511749A (en) Synchronizing local and remote data
WO2016106934A1 (en) Method, device and terminal for switching operating system
CN103677517A (en) Method and device for searching pictures
KR102097931B1 (en) Forwarding activity-related information from source electronic devices to companion electronic devices
US11068853B2 (en) Providing calendar utility to capture calendar event
US20190349324A1 (en) Providing rich preview of communication in communication summary
WO2018209462A1 (en) Mail management method and mail server
WO2018149288A1 (en) Office document sending method, terminal and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15885063

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 13/02/2018)

122 Ep: pct application non-entry in european phase

Ref document number: 15885063

Country of ref document: EP

Kind code of ref document: A1