CN-122027273-A - Computer information safe storage method

Abstract

The invention belongs to the technical field of computer information safety storage, and particularly relates to a computer information safety storage method, which comprises the steps of constructing a dynamic obfuscation data set based on computer information set accompaniment, monitoring multi-layer intrusion attacks in real time through an early warning module and generating early warning signals, mixing and disturbing a real data set and the obfuscation data set through pseudo logic sequencing by utilizing a mixed encryption module to form a mixed data set when the early warning signals are triggered, carrying out asymmetric encryption on partial obfuscation data fragments and real information fragments in the mixed data set by adopting an obfuscation key group and a real key in a key management module respectively, requiring a visitor to continuously input an effective obfuscation key through a multi-layer decryption verification module, verifying the real key again, acquiring information, and allowing an administrator to customize a key strategy through a dynamic encryption configuration module and automatically triggering re-encryption after access. The invention realizes dynamic and active defense, can effectively mislead an attacker and improves the data storage safety.

Inventors

• ZHANG CHANGRUI

Assignees

• 正宇创联(重庆)科技有限公司

Dates

Publication Date

20260512

Application Date

20260205

Claims (9)

1. 1. A computer information safe storage method is characterized by comprising the following steps: S1, acquiring a computer information set, and concomitantly constructing a dynamic confusing data set based on the computer information set; S2, deploying an early warning module, and monitoring intrusion attacks by the early warning module in real time to generate attack early warning signals; S3, constructing a hybrid encryption module, wherein when the early warning module does not generate an attack early warning signal, the computer information set and the dynamic confusing data set are independently stored; S4, configuring a key management module, wherein the key management module comprises a obfuscation key group and a real key, the obfuscation key group comprises a plurality of independent obfuscation keys, partial obfuscation data fragments in the mixed data set are respectively encrypted through asymmetric encryption, and partial computer information fragments in the mixed data set are encrypted through the real key; S5, constructing a multi-layer decryption verification module, wherein an administrator needs to continuously input effective confused keys with preset times when accessing, then inputs a real key, and can acquire a computer information set after verification is passed; And S6, setting a dynamic encryption configuration module, wherein an administrator can autonomously define the number of effective confusing keys, a continuous input frequency threshold value, real key complexity and a key updating period, automatically trigger re-encryption after access is completed, and generate a new mixed data set based on updated key parameters.
2. 2. The method for securely storing computer information according to claim 1, wherein said acquired set of computer information comprises structural features, data formats and associated logic, and said intrusion attacks comprise network attack traffic, abnormal rights access, physical access behavior and data manipulation transactions.
3. 3. The method for securely storing computer information according to claim 2, wherein the process of constructing the dynamic confusing dataset comprises: s101, extracting the data field type, field length, association rule and numerical distribution characteristics of a target computer information set; S102, generating pseudo data homologous to a target computer information set by adopting feature mapping, wherein the field matching degree of the pseudo data is 80-60%, and the numerical value distribution deviation is 50-30%; S103, based on business logic of the target computer information set, building an association relation between the pseudo data to form a dynamic confusing data set, wherein the dynamic confusing data set supports automatic updating of the pseudo data content and association rules according to a preset period.
4. 4. The method of claim 1, wherein the encrypted partial confusing data segments and the computer information segments form an error information set, and the error information set is used for inducing an attacker to judge that the computer information has been successfully decoded.
5. 5. The method for securely storing computer information according to claim 1, wherein the attack monitored by the early warning module comprises: monitoring abnormal IP connection, port scanning, DDoS attack flow and encrypted tunnel communication by a network layer; Monitoring an authority layer, namely logging in an unauthorized account, accessing an unauthorized account, and performing abnormal operation on a privileged account; Monitoring a physical layer, namely illegal USB access, equipment disassembling behavior and unauthorized physical access; And the data layer monitoring comprises batch data reading, abnormal data deriving and data tampering operation.
6. 6. The method for securely storing computer information of claim 1, wherein said pseudo-logical ordering comprises: the method comprises the steps of dividing a target computer information set and a dynamic confusing data set into data fragments, wherein each fragment comprises a complete field structure, carrying out cross sequencing on the data fragments based on a preset pseudo logic rule to form a mixed data set with the surface conforming to business logic but being substantially confused, and reserving the integrity of the data fragments in the mixing process to ensure that the single encrypted fragment can be independently decrypted and verified.
7. 7. The method for securely storing computer information according to claim 1, wherein the verification process of the multi-layer decryption verification module comprises: The administrator inputs a first confusing key, and the system confirms the validity of the key through hash check; sequentially inputting other effective confused keys according to preset times, wherein each time of input is less than or equal to 60 seconds, and entering a real key verification link if continuous input is correct; after the verification of the real secret key is passed, the system separates a computer information set from a dynamic confusion data set and outputs a target computer information set; if any confused key is input in error or overtime, the system records the operation log and triggers temporary locking, and the locking duration is increased along with the error times.
8. 8. A computer information secure storage method as defined in claim 1, further comprising a backup module for synchronizing backup of the computer information set upon access by an administrator to prevent false deletion.
9. 9. The system also comprises a computer information security storage system which is applied to the computer information security storage method of any one of claims 1-8, and comprises a data set construction module, an early warning module, a hybrid encryption module, a key management module, a multi-layer decryption verification module and a dynamic configuration module.

Description

Computer information safe storage method Technical Field The invention belongs to the technical field of computer information safety storage, and particularly relates to a computer information safety storage method. Background With the rapid development of information technology, secure storage of computer information faces an increasingly serious challenge. Traditional secure storage methods rely primarily on static encryption and access control, however, in the face of persistent, variable intrusion attacks (e.g., advanced persistent threats, insider abuses, etc.), all protected information will be fully exposed once static encryption is broken through. In addition, a single encryption means is difficult to cope with complex attacks of the network layer, the authority layer, the physical layer and the data layer. An attacker often has enough time to perform offline cracking after stealing the encrypted data, and the system cannot perform effective active defense and misleading when the attack occurs. The existing partial schemes introduce decoy data, but the decoy data is always statically existing, is obviously separated from real data, lacks a mechanism of dynamic confusion and attack linkage, and cannot effectively consume attacker resources and early warn. Therefore, a secure storage method capable of sensing threats in real time, dynamically confusing real information, and providing a multi-layer interactive verification mechanism is needed to improve the active defense and survivability of information in a storage state. Disclosure of Invention Aiming at the defects existing in the prior art, the invention provides a computer information security storage method, which constructs a dynamic obfuscation data set through accompaniment, carries out mixed encryption on real information and obfuscation information under the triggering of an early warning module, and combines a multi-layer key verification mechanism to construct a dynamic, active and highly deceptive information security storage system. In order to solve the technical problems, the invention adopts the following technical scheme that a computer information safe storage method is adopted, S1, acquiring a computer information set, and concomitantly constructing a dynamic confusing data set based on the computer information set; S2, deploying an early warning module, and monitoring intrusion attacks by the early warning module in real time to generate attack early warning signals; S3, constructing a hybrid encryption module, wherein when the early warning module does not generate an attack early warning signal, the computer information set and the dynamic confusing data set are independently stored; S4, configuring a key management module, wherein the key management module comprises a obfuscation key group and a real key, the obfuscation key group comprises a plurality of independent obfuscation keys, partial obfuscation data fragments in the mixed data set are respectively encrypted through asymmetric encryption, and partial computer information fragments in the mixed data set are encrypted through the real key; S5, constructing a multi-layer decryption verification module, wherein an administrator needs to continuously input effective confused keys with preset times when accessing, then inputs a real key, and can acquire a computer information set after verification is passed; And S6, setting a dynamic encryption configuration module, wherein an administrator can autonomously define the number of effective confusing keys, a continuous input frequency threshold value, real key complexity and a key updating period, automatically trigger re-encryption after access is completed, and generate a new mixed data set based on updated key parameters. The obtained computer information set comprises structural characteristics, data formats and associated logic, and the intrusion attack comprises network attack traffic, abnormal authority access, physical access behaviors and data operation transaction. Further, the process of constructing the dynamic confusing dataset includes: s101, extracting the data field type, field length, association rule and numerical distribution characteristics of a target computer information set; S102, generating pseudo data homologous to a target computer information set by adopting feature mapping, wherein the field matching degree of the pseudo data is 80-60%, and the numerical value distribution deviation is 50-30%; S103, based on business logic of the target computer information set, building an association relation between the pseudo data to form a dynamic confusing data set, wherein the dynamic confusing data set supports automatic updating of the pseudo data content and association rules according to a preset period. Further, the encrypted partial obfuscation data segment and the computer information segment form an error information set, and the error information set is used for inducing an attacker to judge that th