WO2014134986A1 - Method and device for secure viewing of shared file - Google Patents

Method and device for secure viewing of shared file Download PDF

Info

Publication number
WO2014134986A1
WO2014134986A1 PCT/CN2014/071273 CN2014071273W WO2014134986A1 WO 2014134986 A1 WO2014134986 A1 WO 2014134986A1 CN 2014071273 W CN2014071273 W CN 2014071273W WO 2014134986 A1 WO2014134986 A1 WO 2014134986A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
users
shared document
document
viewed
Prior art date
Application number
PCT/CN2014/071273
Other languages
French (fr)
Chinese (zh)
Inventor
李建梅
么文琦
陈波
何杰
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2014134986A1 publication Critical patent/WO2014134986A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management

Definitions

  • the present invention relates to the field of communications, and in particular, to a secure and reliable common document viewing method and related device based on multi-user real-time authentication.
  • BACKGROUND OF THE INVENTION With the development of the mobile Internet, the use of mobile phones has been greatly expanded. Among them, the development of data/file encryption is particularly rapid. The most common one is the encrypted transmission and storage of personal data/files.
  • Figure 1 is a private data encryption flowchart provided by the related art.
  • Step 101 The user registers an account with the server and sets a password
  • Step 102 The user uploads the data, and sets a private password
  • Step 103 The user initiates a request to download the document, and inputs a private password
  • Step 104 The server performs a private password identification If the authentication is passed, step 105 is performed, otherwise, step 106 is performed
  • Step 105 After the authentication is passed, the document is downloaded
  • Step 106 End the process. It can be seen that the user cannot perform operations such as viewing, editing or deleting data without a private password, which provides great guarantee for the security of personal data. However, in some special cases, simple personal data encryption can no longer meet the needs of market diversification.
  • Some documents/data are publicly owned and have certain timeliness restrictions. All related parties are required to agree on the time period. And the document/material can be viewed, edited or deleted after a certain agreed condition is met, and the ownership of the document/data is maintained together, and is indispensable. If any of the user authentication fails, the document cannot pass the authentication, and no one else can view/edit the document data, which is based on multi-user control document security; or any one of the users does not request authentication within the agreed time. , then other owners can not view the document, which guarantees the real-time nature of the document.
  • An object of the present invention is to provide a secure shared document viewing method and apparatus, which can better solve the problem of timeliness, security and integrity of a shared document.
  • a secure shared document viewing method including: setting a user who jointly owns the ownership of the shared document to be viewed; acquiring and saving a private password set by the user who shares the ownership of the shared document to be viewed together And using the private password to perform authentication processing on the user; if all the users who share the ownership of the shared document are successfully authenticated, the shared document is delivered to all the users.
  • the step of performing authentication processing on the user by using the private password comprises: receiving a private password input by a user for viewing a document; and the private password and the private password pre-saved by the user Comparing; if the private password is consistent with the private password previously saved by the user, determining that the user authentication is successful; otherwise, determining that the user authentication fails.
  • the shared document is delivered to all the users.
  • the step of delivering the shared document to the all users includes: delivering the shared document to be viewed directly to the all users.
  • the step of delivering the shared document to all the users includes: encrypting the to-be-viewed shared document and delivering the shared document to the all users.
  • the shared document to be viewed is encrypted using a private password of a user who shares the ownership of the shared document to be viewed.
  • a secure shared document viewing apparatus comprising: a user setting module configured to set a user who shares ownership of a shared document to be viewed; a password acquisition module configured to acquire and save the common Private password set by the user who owns the ownership of the shared document; user authentication a module, configured to perform authentication processing on the user by using the private password; and a document delivery module configured to: when all users sharing the ownership of the shared document to be viewed have successful authentication, to the all users The shared document is issued.
  • the user authentication module comprises: a receiving submodule configured to receive a private password input by the user for viewing the document; and a comparison submodule configured to perform the private password with the private password pre-saved by the user
  • the authentication sub-module is configured to determine that the user authentication succeeds when the private password is consistent with the private password previously saved by the user, otherwise, the user authentication is determined to be unsuccessful.
  • the document issuance module includes: a sending sub-module, configured to deliver the to-be-viewed common document to the all users or to send the encrypted shared document to be viewed to all the users.
  • the document issuance module further includes: an encryption submodule, configured to encrypt the to-be-viewed shared document by using a private password of the user who shares the ownership of the shared document to be viewed.
  • an encryption submodule configured to encrypt the to-be-viewed shared document by using a private password of the user who shares the ownership of the shared document to be viewed.
  • the present invention can satisfy the mutual ownership of the shared documents owned by multiple users, and the mutual constraints of the owners are required to view the common data after the real-time authentication is passed, thereby greatly improving the common data.
  • the timeliness, security and integrity of the documentation BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a flow chart of a private data encryption provided by the related art
  • FIG. 2 is a flow chart of a multi-user initial setting according to an embodiment of the present invention
  • FIG. 1 is a flow chart of a private data encryption provided by the related art
  • FIG. 2 is a flow chart of a multi-user initial setting
  • FIG. 3 is a flow chart of real-time viewing of multi-user shared data according to an embodiment of the present invention
  • 4 is a block diagram of a secure shared document viewing apparatus according to an embodiment of the present invention.
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings.
  • a plurality of users who share the common document to be viewed can respectively set their own private passwords (the private passwords are managed by the users themselves, and can be modified later for authentication when viewing the shared documents), and are connected in real time.
  • FIG. 2 is a flowchart of multi-user initialization setting according to an embodiment of the present invention. As shown in FIG.
  • FIG. 3 is a flowchart of real-time viewing of multi-user encrypted data according to an embodiment of the present invention. As shown in FIG. 3, the implementation steps are as follows: Step 301: A user inputs a private password to initiate a request for viewing a shared document/data/data. Step 302: The server performs an authentication process. If the authentication is successful, the user is placed in an access state, and step 303 is performed.
  • Step 306 is performed.
  • Step 303 Determine whether the other user has successfully authenticated, and the user is in the real-time access state. If the other users who share the common document/data/data are authenticated successfully, go to step 304. Otherwise, go to step 305.
  • Step 304 If it is detected that all users access the server, the shared document is directly delivered to the client of each user who owns the ownership of the shared document, and the user can directly view the shared file; or, the shared document is encrypted and sent to each The client of the user who owns the ownership of the shared document, the user can view and edit the shared document through the document interpreter of the client.
  • Step 305 If there are users who fail to authenticate in other users who share the common document/data/data, that is, users who have not accessed in real time, enter a waiting state, and determine whether the agreed waiting time (ie, waiting time) ends. If the agreed waiting time is reached, and other users are not all in the access state, step 306 is executed, and no U is periodically detected during the waiting time to check whether other users have accessed in real time. Step 306: After the user operation is completed, the application is exited and the process ends.
  • the agreed waiting time ie, waiting time
  • the embodiment includes a mobile phone application client and a server of the user, and when the user initiates the operation of viewing the shared document, real-time authentication is performed on all users who jointly own the document, when the agreed real-time (eg, simultaneous or extremely short waiting) Within the time, for example, within 2 minutes, all users sharing the shared data are connected, and each user After the private passwords are authenticated, the common documents can be viewed and edited. When any one of the users is not connected or the private password is incorrect, the shared data cannot be viewed/edited.
  • 4 is a block diagram of a secure shared document viewing apparatus according to an embodiment of the present invention. As shown in FIG.
  • the method includes a user setting module, a password obtaining module configured to acquire a user private password, and is configured to authenticate a user by using a private password.
  • the user authentication module is configured to deliver a document issuing module of the shared document to all users when all the users who share the ownership of the shared document are successfully authenticated, and the modules are all set on the server.
  • the user authentication module includes a receiving submodule, a comparing submodule, and an authentication submodule.
  • the document sending module includes a sending submodule and an encryption submodule.
  • the user setting module described above sets up a user who collectively owns the ownership of the shared document.
  • the password acquisition module acquires and saves a private password set by a user who owns the ownership of the shared document to be viewed.
  • the receiving submodule receives the private password input by the user, and the comparing submodule compares the private password with the private password previously saved by the user, and the authentication submodule determines the private password and the user in advance.
  • the saved private passwords are consistent, it is determined that the user authentication is successful, otherwise, the user authentication failure is determined. If all the users who share the ownership of the shared document are successfully authenticated, the sending sub-module delivers the shared document to be delivered to all users or the encrypted shared document to be delivered to all users.
  • the encryption sub-module After the encryption sub-module encrypts the shared document by using the private password of the user who owns the ownership of the shared document to be viewed, the encrypted sub-module sends the encrypted shared document to be viewed to all users. If the shared document is sent in an encrypted manner, the shared document may be separately encrypted by using a private password set by the user as in the embodiment, and the shared document may be encrypted by using various other encryption methods in the related art.
  • the present invention has the following technical effects: The present invention solves the problem of security, integrity, and real-time authentication of data when multiple users share the ownership of shared data, and achieves the role of mutual constraint between users, meeting the agreed time in real time. Documents can be viewed and edited together when accessing and agreeing conditions for their own private password authentication.
  • a secure shared document viewing method and apparatus provided by an embodiment of the present invention has The following beneficial effects: When multiple users share the ownership of the document to be viewed, the owners mutually restrict each other, and all the real-time authentication is required to view the document, which greatly improves the timeliness, security and integrity of the document.

Abstract

The present invention relates to the field of communications. Disclosed are a method and device for secure viewing of a shared file, comprising: setting up the users jointly owning a to-be-viewed shared file; acquiring and storing the private passwords respectively set by the users jointly owning the to-be-viewed shared file; authenticating the users by using the private passwords; and if all the users jointly owning the to-be-viewed shared file are successfully authenticated, then issuing the shared file to all the users. The present invention ensures mutual restriction among users when multiple users jointly own a to-be-viewed file, and a user can view the file only after all users pass the real-time authentication, thus greatly improving the timeliness, security and integrity of the file.

Description

一种安全的共有文档查看方法及装 技术领域 本发明涉及通讯领域, 特别涉及一种基于多用户实时鉴权的安全可靠的共有文档 查看方法及相关装置。 背景技术 随着移动互联网的发展, 手机的使用范畴得到了极大的扩展。 其中在数据 /文件加 密领域的发展尤为迅速, 最常见的便是个人数据 /文件的加密传输及保存, 图 1是相关 技术提供的私人数据加密流程图, 如图 1所示, 具体实施步骤如下: 步骤 101 : 用户在服务器注册账号, 并设置密码; 步骤 102: 用户上传数据, 并设置私有密码; 步骤 103 : 用户发起下载文档的请求, 并输入私有密码; 步骤 104: 服务器进行私有密码的鉴权, 若鉴权通过, 则执行步骤 105, 否则, 执 行步骤 106; 步骤 105 : 鉴权通过后, 进行文档下载; 步骤 106: 结束流程。 可见, 用户没有私有密码就无法进行数据的查看、 编辑或删除等操作, 为个人数 据的安全提供了极大的保证。 但是,在某些特殊情况下, 简单的个人数据加密已经不能满足市场多样化的需求, 一些文档 /资料是属于公共所有的, 并且具备一定的时效性限制, 需要所有关联者在约 定时间段,并且满足一定的约定条件后才能进行文档 /资料的查看、编辑或者删除操作, 共同维护文档 /资料的所有权, 并且缺一不可。 如果其中任意一个用户鉴权失败, 那么 文档就不能通过鉴权, 其它人都无法查看 /编辑文档资料, 这就属于基于多用户控制文 档安全; 或者其中任意一个用户未在约定时间内请求鉴权, 那么其它所有者也不能查 看文档, 这就保证了文档的实时性。 在当今社会, 人们的法律意识越来越强, 多人共同拥有文档所有权, 并且文档具 备时效性的场景越来越多, 比如遗嘱、 商业合同等场景下, 要求在指定时间, 全部文 档所有者共同在场, 才能进行文档的查看和编辑。 目前, 这种场景下还未使用数字化 技术来支持, 随着移动互联网技术发展, 需要一种强大、 安全、 可靠、 便捷并且实时 的系统来解决此问题, 以保证文档的安全存储、 数据完整及可靠鉴权, 并且达到数据 所有者之间相互制约的目的。 发明内容 本发明的目的在于提供一种安全的共有文档查看方法及装置, 能更好地解决共有 文档的时效性、 安全性及完整性问题。 根据本发明的一个方面, 提供了一种安全的共有文档查看方法, 包括: 设置共同 拥有待查看共有文档所有权的用户; 获取并保存所述共同拥有待查看共有文档所有权 的用户各自设置的私有密码; 利用所述私有密码, 对所述用户进行鉴权处理; 若所述 共同拥有待查看共有文档所有权的全部用户均鉴权成功, 则向所述全部用户下发所述 共有文档。 优选地, 所述的利用所述私有密码, 对所述用户进行鉴权处理的步骤包括: 接收 用户用于查看文档而输入的私有密码; 将所述私有密码与所述用户预先保存的私有密 码进行比较; 若所述私有密码与所述用户预先保存的私有密码一致, 则确定所述用户 鉴权成功, 否则, 确定所述用户鉴权失败。 优选地, 在预设时间内, 若所述共同拥有待查看共有文档所有权的全部用户均鉴 权成功, 则向所述全部用户下发所述共有文档。 优选地,所述向所述全部用户下发所述共有文档的步骤包括: 将所述待查看共有 文档直接下发至所述全部用户。 优选地, 所述向所述全部用户下发所述共有文档的步骤包括: 将所述待查看共有 文档加密后下发至所述全部用户。 优选地, 利用共同拥有待查看共有文档所有权的用户的私有密码, 对所述待查看 共有文档加密。 根据本发明的另一方面, 提供了一种安全的共有文档查看装置, 包括: 用户设置 模块, 设置为设置共同拥有待查看共有文档所有权的用户; 密码获取模块, 设置为获 取并保存所述共同拥有待查看共有文档所有权的用户各自设置的私有密码; 用户鉴权 模块, 设置为利用所述私有密码, 对所述用户进行鉴权处理; 文档下发模块, 设置为 当所述共同拥有待查看共有文档所有权的全部用户均鉴权成功时, 向所述全部用户下 发所述共有文档。 优选地, 所述用户鉴权模块包括: 接收子模块, 设置为接收用户用于查看文档而 输入的私有密码; 比较子模块, 设置为将所述私有密码与所述用户预先保存的私有密 码进行比较; 鉴权子模块, 设置为当所述私有密码与所述用户预先保存的私有密码一 致时, 确定所述用户鉴权成功, 否则, 确定所述用户鉴权失败。 优选地, 所述文档下发模块包括: 发送子模块, 设置为将所述待查看共有文档直 接下发至所述全部用户或将加密的待查看共有文档下发至所述全部用户。 优选地, 所述文档下发模块还包括: 加密子模块, 设置为利用所述共同拥有待查 看共有文档所有权的用户的私有密码, 对所述待查看共有文档加密。 与相关技术相比较, 本发明的有益效果在于: 本发明可以满足多用户共同拥有共有文档所有权时, 所有者间相互制约, 需要全 部实时鉴权通过后才能查看共有数据, 极大的提高了共有文档的时效性、 安全性及完 整性。 附图说明 图 1是相关技术提供的私人数据加密流程图; 图 2是本发明实施例提供的多用户初始化设置流程图; 图 3是本发明实施例提供的多用户共有数据实时查看流程图; 图 4是本发明实施例提供的安全的共有文档查看装置框图。 具体实施方式 以下结合附图对本发明的优选实施例进行详细说明, 应当理解, 以下所说明的优 选实施例仅用于说明和解释本发明, 并不用于限定本发明。 本发明中共同拥有待查看共有文档的多个用户可以分别设置各自的私有密码 (该 私有密码由用户自行管理, 后继可修改, 用于查看共有文档时进行鉴权), 并且实时接 入进行鉴权。 图 2是本发明实施例提供的多用户初始化设置流程图, 如图 2所示, 实 施步骤如下: 步骤 201 : 向服务器上传需要保密的共有文档 /数据 /资料。 步骤 202: 设置该共有文档 /数据 /资料的共同所有的用户。 步骤 203 : 该共有文档 /数据 /资料的共同所有的用户设置各自的私有密码, 并保存 至服务器。 步骤 204: 设置完成。 图 3是本发明实施例提供的多用户加密数据实时查看流程图, 如图 3所示, 实施 步骤如下: 步骤 301 : 用户输入其私有密码, 发起查看共有文档 /数据 /资料的请求。 步骤 302: 服务器进行鉴权处理, 若鉴权成功, 则将该用户置为接入状态, 并执 行步骤 303, 否则, 执行步骤 306。 步骤 303 : 判断其它用户是否已经鉴权成功, 处于实时接入状态, 若共同拥有共 有文档 /数据 /资料的其他用户均鉴权成功, 则执行步骤 304, 否则, 执行步骤 305。 步骤 304: 如果检测到所有用户均接入服务器, 将共有文档直接下发至各个拥有 该共有文档所有权的用户的客户端, 用户可直接查看共有文件; 或者, 将共有文档加 密后下发至各个拥有该共有文档所有权的用户的客户端, 用户可通过其客户端的文档 解释器进行共有文档的查看、 编辑。 步骤 305 : 如果共同拥有共有文档 /数据 /资料的其他用户中有鉴权失败的用户, 即 有未实时接入的用户, 则进入等待状态, 判断约定的等待时间 (即等待时间) 是否结 束, 若到了约定的等待时间, 其它用户并未全部进入接入状态, 则执行步骤 306, 否 贝 U, 在等待时间内定时检测其它用户是否已实时接入。 步骤 306: 用户操作完成后, 退出应用, 结束。 本实施例包括用户的手机应用客户端和服务器, 在用户发起查看共有文档的操作 时, 对共同拥有文档的全部用户进行实时鉴权, 当满足约定的实时性 (如: 同时或者 极短的等待时间内, 例如 2分钟内, 所有共同拥共有数据的用户均接入), 并且各用户 的私有密码均鉴权通过后, 才能进行共有文档的查看、 编辑操作, 当其中任意一个用 户未接入或者私有密码错误时, 将不能进行共有数据的查看 /编辑。 图 4是本发明实施例提供的安全的共有文档查看装置框图, 如图 4所示, 包括用 户设置模块、 设置为获取用户私有密码的密码获取模块、 设置为利用私有密码对用户 进行鉴权处理的用户鉴权模块、 设置为当共同拥有待查看共有文档所有权的全部用户 均鉴权成功时向全部用户下发共有文档的文档下发模块,上述模块均设置在服务器上。 其中, 上述用户鉴权模块包括接收子模块、 比较子模块和鉴权子模块; 上述文档下发 模块包括发送子模块和加密子模块。 上述用户设置模块设置共同拥有待查看共有文档所有权的用户。 上述密码获取模 块获取并保存共同拥有待查看共有文档所有权的用户各自设置的私有密码。 当用户需 要查看文档而输入私有密码时, 接收子模块接收用户输入的私有密码, 比较子模块将 私有密码与用户预先保存的私有密码进行比较, 鉴权子模块在判断上述私有密码与上 述用户预先保存的私有密码一致时, 确定用户鉴权成功, 否则, 确定用户鉴权失败。 在预设时间内, 若共同拥有待查看共有文档所有权的全部用户均鉴权成功, 则发送子 模块将待查看共有文档直接下发至全部用户或将加密的待查看共有文档下发至全部用 户, 或者加密子模块利用共同拥有待查看共有文档所有权的用户的私有密码对待查看 共有文档加密后, 由发送子模块将加密的待查看共有文档下发至全部用户。 如果采用加密方式下发共有文档, 可以如本实施例, 利用用户各自设置的私有密 码对共有文档分别加密, 也可以采用相关技术中的其它各种加密方法对共有文档进行 加密处理。 综上所述, 本发明具有以下技术效果: 本发明解决了多用户共同拥有共有数据所有权时数据的安全、 完整、 及实时鉴权 的问题, 达到用户之间互相制约的作用, 满足约定时间实时接入、 各自私有密码鉴权 通过的约定条件时才能共同查看、 编辑文档。 尽管上文对本发明进行了详细说明, 但是本发明不限于此, 本技术领域技术人员 可以根据本发明的原理进行各种修改。 因此, 凡按照本发明原理所作的修改, 都应当 理解为落入本发明的保护范围。 工业实用性 如上所述, 本发明实施例提供的一种安全的共有文档查看方法及装置具有以 下有益效果: 可以满足多用户共同拥有待查看文档所有权时, 所有者间相互制约, 需要全部实时鉴权通过后才能查看文档, 极大的提高了文档的时效性、 安全性及完 整性。 TECHNICAL FIELD The present invention relates to the field of communications, and in particular, to a secure and reliable common document viewing method and related device based on multi-user real-time authentication. BACKGROUND OF THE INVENTION With the development of the mobile Internet, the use of mobile phones has been greatly expanded. Among them, the development of data/file encryption is particularly rapid. The most common one is the encrypted transmission and storage of personal data/files. Figure 1 is a private data encryption flowchart provided by the related art. As shown in Figure 1, the specific implementation steps are as follows: Step 101: The user registers an account with the server and sets a password; Step 102: The user uploads the data, and sets a private password; Step 103: The user initiates a request to download the document, and inputs a private password; Step 104: The server performs a private password identification If the authentication is passed, step 105 is performed, otherwise, step 106 is performed; Step 105: After the authentication is passed, the document is downloaded; Step 106: End the process. It can be seen that the user cannot perform operations such as viewing, editing or deleting data without a private password, which provides great guarantee for the security of personal data. However, in some special cases, simple personal data encryption can no longer meet the needs of market diversification. Some documents/data are publicly owned and have certain timeliness restrictions. All related parties are required to agree on the time period. And the document/material can be viewed, edited or deleted after a certain agreed condition is met, and the ownership of the document/data is maintained together, and is indispensable. If any of the user authentication fails, the document cannot pass the authentication, and no one else can view/edit the document data, which is based on multi-user control document security; or any one of the users does not request authentication within the agreed time. , then other owners can not view the document, which guarantees the real-time nature of the document. In today's society, people's legal awareness is getting stronger and stronger, many people share document ownership, and there are more and more time-sensitive documents, such as wills, commercial contracts, etc., at the specified time, all document owners Co-presence can be used to view and edit documents. At present, digital technology has not been used in this scenario. With the development of mobile Internet technology, a powerful, secure, reliable, convenient and real-time system is needed to solve this problem to ensure the secure storage and integrity of documents. Reliable authentication and the goal of mutual restraint between data owners. SUMMARY OF THE INVENTION An object of the present invention is to provide a secure shared document viewing method and apparatus, which can better solve the problem of timeliness, security and integrity of a shared document. According to an aspect of the present invention, a secure shared document viewing method is provided, including: setting a user who jointly owns the ownership of the shared document to be viewed; acquiring and saving a private password set by the user who shares the ownership of the shared document to be viewed together And using the private password to perform authentication processing on the user; if all the users who share the ownership of the shared document are successfully authenticated, the shared document is delivered to all the users. Preferably, the step of performing authentication processing on the user by using the private password comprises: receiving a private password input by a user for viewing a document; and the private password and the private password pre-saved by the user Comparing; if the private password is consistent with the private password previously saved by the user, determining that the user authentication is successful; otherwise, determining that the user authentication fails. Preferably, in the preset time, if all the users who share the ownership of the shared document are successfully authenticated, the shared document is delivered to all the users. Preferably, the step of delivering the shared document to the all users includes: delivering the shared document to be viewed directly to the all users. Preferably, the step of delivering the shared document to all the users includes: encrypting the to-be-viewed shared document and delivering the shared document to the all users. Preferably, the shared document to be viewed is encrypted using a private password of a user who shares the ownership of the shared document to be viewed. According to another aspect of the present invention, a secure shared document viewing apparatus is provided, comprising: a user setting module configured to set a user who shares ownership of a shared document to be viewed; a password acquisition module configured to acquire and save the common Private password set by the user who owns the ownership of the shared document; user authentication a module, configured to perform authentication processing on the user by using the private password; and a document delivery module configured to: when all users sharing the ownership of the shared document to be viewed have successful authentication, to the all users The shared document is issued. Preferably, the user authentication module comprises: a receiving submodule configured to receive a private password input by the user for viewing the document; and a comparison submodule configured to perform the private password with the private password pre-saved by the user The authentication sub-module is configured to determine that the user authentication succeeds when the private password is consistent with the private password previously saved by the user, otherwise, the user authentication is determined to be unsuccessful. Preferably, the document issuance module includes: a sending sub-module, configured to deliver the to-be-viewed common document to the all users or to send the encrypted shared document to be viewed to all the users. Preferably, the document issuance module further includes: an encryption submodule, configured to encrypt the to-be-viewed shared document by using a private password of the user who shares the ownership of the shared document to be viewed. Compared with the related art, the beneficial effects of the present invention are as follows: The present invention can satisfy the mutual ownership of the shared documents owned by multiple users, and the mutual constraints of the owners are required to view the common data after the real-time authentication is passed, thereby greatly improving the common data. The timeliness, security and integrity of the documentation. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a flow chart of a private data encryption provided by the related art; FIG. 2 is a flow chart of a multi-user initial setting according to an embodiment of the present invention; FIG. 3 is a flow chart of real-time viewing of multi-user shared data according to an embodiment of the present invention; 4 is a block diagram of a secure shared document viewing apparatus according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings. In the present invention, a plurality of users who share the common document to be viewed can respectively set their own private passwords (the private passwords are managed by the users themselves, and can be modified later for authentication when viewing the shared documents), and are connected in real time. Into the authentication. FIG. 2 is a flowchart of multi-user initialization setting according to an embodiment of the present invention. As shown in FIG. 2, the implementation steps are as follows: Step 201: Upload a shared document/data/data that needs to be kept secret to the server. Step 202: Set a common user of the shared document/data/data. Step 203: The common users of the shared document/data/data set their own private passwords and save them to the server. Step 204: The setting is completed. FIG. 3 is a flowchart of real-time viewing of multi-user encrypted data according to an embodiment of the present invention. As shown in FIG. 3, the implementation steps are as follows: Step 301: A user inputs a private password to initiate a request for viewing a shared document/data/data. Step 302: The server performs an authentication process. If the authentication is successful, the user is placed in an access state, and step 303 is performed. Otherwise, step 306 is performed. Step 303: Determine whether the other user has successfully authenticated, and the user is in the real-time access state. If the other users who share the common document/data/data are authenticated successfully, go to step 304. Otherwise, go to step 305. Step 304: If it is detected that all users access the server, the shared document is directly delivered to the client of each user who owns the ownership of the shared document, and the user can directly view the shared file; or, the shared document is encrypted and sent to each The client of the user who owns the ownership of the shared document, the user can view and edit the shared document through the document interpreter of the client. Step 305: If there are users who fail to authenticate in other users who share the common document/data/data, that is, users who have not accessed in real time, enter a waiting state, and determine whether the agreed waiting time (ie, waiting time) ends. If the agreed waiting time is reached, and other users are not all in the access state, step 306 is executed, and no U is periodically detected during the waiting time to check whether other users have accessed in real time. Step 306: After the user operation is completed, the application is exited and the process ends. The embodiment includes a mobile phone application client and a server of the user, and when the user initiates the operation of viewing the shared document, real-time authentication is performed on all users who jointly own the document, when the agreed real-time (eg, simultaneous or extremely short waiting) Within the time, for example, within 2 minutes, all users sharing the shared data are connected, and each user After the private passwords are authenticated, the common documents can be viewed and edited. When any one of the users is not connected or the private password is incorrect, the shared data cannot be viewed/edited. 4 is a block diagram of a secure shared document viewing apparatus according to an embodiment of the present invention. As shown in FIG. 4, the method includes a user setting module, a password obtaining module configured to acquire a user private password, and is configured to authenticate a user by using a private password. The user authentication module is configured to deliver a document issuing module of the shared document to all users when all the users who share the ownership of the shared document are successfully authenticated, and the modules are all set on the server. The user authentication module includes a receiving submodule, a comparing submodule, and an authentication submodule. The document sending module includes a sending submodule and an encryption submodule. The user setting module described above sets up a user who collectively owns the ownership of the shared document. The password acquisition module acquires and saves a private password set by a user who owns the ownership of the shared document to be viewed. When the user needs to view the document and input the private password, the receiving submodule receives the private password input by the user, and the comparing submodule compares the private password with the private password previously saved by the user, and the authentication submodule determines the private password and the user in advance. When the saved private passwords are consistent, it is determined that the user authentication is successful, otherwise, the user authentication failure is determined. If all the users who share the ownership of the shared document are successfully authenticated, the sending sub-module delivers the shared document to be delivered to all users or the encrypted shared document to be delivered to all users. After the encryption sub-module encrypts the shared document by using the private password of the user who owns the ownership of the shared document to be viewed, the encrypted sub-module sends the encrypted shared document to be viewed to all users. If the shared document is sent in an encrypted manner, the shared document may be separately encrypted by using a private password set by the user as in the embodiment, and the shared document may be encrypted by using various other encryption methods in the related art. In summary, the present invention has the following technical effects: The present invention solves the problem of security, integrity, and real-time authentication of data when multiple users share the ownership of shared data, and achieves the role of mutual constraint between users, meeting the agreed time in real time. Documents can be viewed and edited together when accessing and agreeing conditions for their own private password authentication. Although the invention has been described in detail above, the invention is not limited thereto, and various modifications may be made by those skilled in the art in accordance with the principles of the invention. Therefore, modifications made in accordance with the principles of the invention should be construed as falling within the scope of the invention. Industrial Applicability As described above, a secure shared document viewing method and apparatus provided by an embodiment of the present invention has The following beneficial effects: When multiple users share the ownership of the document to be viewed, the owners mutually restrict each other, and all the real-time authentication is required to view the document, which greatly improves the timeliness, security and integrity of the document.

Claims

权 利 要 求 书 、 一种安全的共有文档查看方法, 包括: A claim for rights, a secure method for viewing common documents, including:
设置共同拥有待查看共有文档所有权的用户;  Set up users who share ownership of the shared documents to be viewed;
获取并保存所述共同拥有待查看共有文档所有权的用户各自设置的私有密 码;  Acquiring and saving the private password set by the users who share the ownership of the shared document to be viewed;
利用所述私有密码, 对所述用户进行鉴权处理;  Using the private password, performing authentication processing on the user;
若所述共同拥有待查看共有文档所有权的全部用户均鉴权成功, 则向所述 全部用户下发所述共有文档。 、 根据权利要求 1所述的方法, 其中, 所述的利用所述私有密码, 对所述用户进 行鉴权处理的步骤包括:  If the all users who share the ownership of the shared document are successfully authenticated, the shared document is delivered to the all users. The method according to claim 1, wherein the step of performing authentication processing on the user by using the private password comprises:
接收用户用于查看文档而输入的私有密码;  Receiving a private password entered by the user to view the document;
将所述私有密码与所述用户预先保存的私有密码进行比较;  Comparing the private password with a private password previously saved by the user;
若所述私有密码与所述用户预先保存的私有密码一致, 则确定所述用户鉴 权成功, 否则, 确定所述用户鉴权失败。 、 根据权利要求 2所述的方法, 其中, 在预设时间内, 若所述共同拥有待查看共 有文档所有权的全部用户均鉴权成功, 则向所述全部用户下发所述共有文档。 、 根据权利要求 1-3任意一项所述的方法, 其中, 所述向所述全部用户下发所述 共有文档的步骤包括:  If the private password is consistent with the private password previously saved by the user, it is determined that the user authentication is successful, otherwise, the user authentication is determined to be unsuccessful. The method according to claim 2, wherein, in a preset time, if all the users who share the ownership of the shared document are successfully authenticated, the shared document is delivered to all the users. The method according to any one of claims 1-3, wherein the step of delivering the shared document to all users includes:
将所述待查看共有文档直接下发至所述全部用户。 、 根据权利要求 3所述的方法, 其中, 所述向所述全部用户下发所述共有文档的 步骤包括:  The shared document to be viewed is directly delivered to the all users. The method according to claim 3, wherein the step of delivering the shared document to all users includes:
将所述待查看共有文档加密后下发至所述全部用户。 、 根据权利要求 5所述的方法, 其中, 利用共同拥有待查看共有文档所有权的用 户的私有密码, 对所述待查看共有文档加密。 、 一种安全的共有文档查看装置, 包括- 用户设置模块, 设置为设置共同拥有待查看共有文档所有权的用户; 密码获取模块, 设置为获取并保存所述共同拥有待查看共有文档所有权的 用户各自设置的私有密码; The shared document to be viewed is encrypted and delivered to all the users. The method according to claim 5, wherein the shared document to be viewed is encrypted by using a private password of a user who shares the ownership of the shared document to be viewed. , a secure shared document viewing device, including - a user setting module, configured to set a user who shares the ownership of the shared document to be viewed; a password obtaining module, configured to acquire and save a private password set by the user who owns the ownership of the shared document to be viewed;
用户鉴权模块, 设置为利用所述私有密码, 对所述用户进行鉴权处理; 文档下发模块, 设置为当所述共同拥有待查看共有文档所有权的全部用户 均鉴权成功时, 向所述全部用户下发所述共有文档。 、 根据权利要求 7所述的装置, 其中, 所述用户鉴权模块包括: 接收子模块, 设置为接收用户用于查看文档而输入的私有密码; 比较子模块, 设置为将所述私有密码与所述用户预先保存的私有密码进行 比较;  a user authentication module, configured to perform authentication processing on the user by using the private password; and a document delivery module configured to: when all the users who jointly own the ownership of the shared document are successfully authenticated, All the users are issued the shared document. The device according to claim 7, wherein the user authentication module comprises: a receiving submodule configured to receive a private password input by the user for viewing the document; and a comparison submodule configured to set the private password with Comparing the private passwords previously saved by the user;
鉴权子模块, 设置为当所述私有密码与所述用户预先保存的私有密码一致 时, 确定所述用户鉴权成功, 否则, 确定所述用户鉴权失败。 、 根据权利要求 8所述的装置, 其中, 所述文档下发模块包括:  The authentication sub-module is configured to determine that the user authentication succeeds when the private password is consistent with the private password previously saved by the user, otherwise, the user authentication is determined to be unsuccessful. The device according to claim 8, wherein the document issuance module comprises:
发送子模块, 设置为将所述待查看共有文档直接下发至所述全部用户或将 加密的待查看共有文档下发至所述全部用户。 0、 根据权利要求 9所述的装置, 其中, 所述文档下发模块还包括:  The sending sub-module is configured to deliver the shared document to be viewed directly to the all users or to deliver the encrypted shared document to be viewed to all the users. 0. The device according to claim 9, wherein the document issuance module further comprises:
加密子模块, 设置为利用所述共同拥有待查看共有文档所有权的用户的私 有密码, 对所述待查看共有文档加密。  The encryption sub-module is configured to encrypt the to-be-viewed shared document by using the private password of the user who shares the ownership of the shared document to be viewed.
PCT/CN2014/071273 2013-10-09 2014-01-23 Method and device for secure viewing of shared file WO2014134986A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310468105.5 2013-10-09
CN201310468105.5A CN104580062A (en) 2013-10-09 2013-10-09 Safe shared document viewing method and device

Publications (1)

Publication Number Publication Date
WO2014134986A1 true WO2014134986A1 (en) 2014-09-12

Family

ID=51490613

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/071273 WO2014134986A1 (en) 2013-10-09 2014-01-23 Method and device for secure viewing of shared file

Country Status (2)

Country Link
CN (1) CN104580062A (en)
WO (1) WO2014134986A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111464499A (en) * 2020-03-06 2020-07-28 深圳壹账通智能科技有限公司 Electronic warehouse receipt tracing method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7136489B1 (en) * 2002-09-12 2006-11-14 Novell, Inc. Method and system for enhancing network security using a multilateral authorization mechanism
CN101997684A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Authorization authentication method, device and system
CN102810141A (en) * 2011-06-01 2012-12-05 哈尔滨市和协岛数码科技有限公司 Software lease authorization method based on attribute encryption

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101364984B (en) * 2008-08-13 2011-10-05 西安鼎蓝通信技术有限公司 Method for guarantee safety of electronic file
CN101872436A (en) * 2009-04-22 2010-10-27 上海幻维数码创意科技有限公司 Multi-user synchronous fingerprint authentication method
CN101706933A (en) * 2009-12-01 2010-05-12 中国建设银行股份有限公司 Method and background system for realizing joint account service operation
CN101764800A (en) * 2009-12-02 2010-06-30 深圳市融创天下科技发展有限公司 Method for dynamic password multi-terminal combined authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7136489B1 (en) * 2002-09-12 2006-11-14 Novell, Inc. Method and system for enhancing network security using a multilateral authorization mechanism
CN101997684A (en) * 2009-08-10 2011-03-30 北京多思科技发展有限公司 Authorization authentication method, device and system
CN102810141A (en) * 2011-06-01 2012-12-05 哈尔滨市和协岛数码科技有限公司 Software lease authorization method based on attribute encryption

Also Published As

Publication number Publication date
CN104580062A (en) 2015-04-29

Similar Documents

Publication Publication Date Title
CN109347835B (en) Information transmission method, client, server, and computer-readable storage medium
US11153085B2 (en) Secure distributed storage of encryption keys
EP3723399A1 (en) Identity verification method and apparatus
US9038138B2 (en) Device token protocol for authorization and persistent authentication shared across applications
US9385996B2 (en) Method of operating a computing device, computing device and computer program
US9356994B2 (en) Method of operating a computing device, computing device and computer program
CN113572614B (en) Security method and system for data transmission
CN109274652B (en) Identity information verification system, method and device and computer storage medium
US20170063827A1 (en) Data obfuscation method and service using unique seeds
WO2018113437A1 (en) Authentication device-based electronic identity card authentication service system
WO2017177435A1 (en) Identity authentication method, terminal and server
US9319219B2 (en) Method of operating a computing device, computing device and computer program
US20150271146A1 (en) Methods and systems for the secure exchange of information
US8904504B2 (en) Remote keychain for mobile devices
JP2016510962A (en) Encrypted network storage space
CN102638568A (en) Cloud storage system and data management method thereof
CN102638346A (en) Method and device for authorizing subscriber digital certificate
CN107819766B (en) Security authentication method, system and computer readable storage medium
JP2020078067A5 (en)
CN110866999A (en) Control method and device for intelligent door lock and storage medium
WO2018014785A1 (en) System, method, and device for processing sub-account information
EP3063920B1 (en) Method for setting up, via an intermediate entity, a secure session between a first and a second entity, and corresponding entities and computer program products
CN107818255B (en) Method for enhancing system security based on fingerprint identification encryption
WO2014134986A1 (en) Method and device for secure viewing of shared file
CN109361706A (en) A kind of data transmission method based on block chain, apparatus and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14759962

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14759962

Country of ref document: EP

Kind code of ref document: A1