Encryption/decryption method, system and device
First Claim
1. An encryption method, comprising:
- performing, by a terminal, an encryption operation for data of the terminal according to information of an encryption sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a local Device Management (DM) tree when receiving an encryption instruction sent from a DM server;
wherein the EADMO node is a node added to the DM tree of the terminal;
reporting to the DM server, by the terminal, encrypted data state information generated after the encryption succeeds;
updating, by the terminal according to an updating instruction sent from the DM server, information of a Store Uniform Resource Locator (URL) sub-node of the EADMO node of the DM tree into a URL for the DM server to locally store the encrypted data state information.
1 Assignment
0 Petitions
Accused Products
Abstract
An encryption/decryption method are described, which includes that a terminal performs an encryption operation according to information of an encryption sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a local Device Management (DM) tree and reports to a DM server encrypted data state information generated after the encryption succeeds; and the terminal performs a decryption operation according to the encrypted data state information sent from the DM server. An encryption/decryption system and device are also described. By means of technical solutions of embodiments of the disclosure, operations are simple without causing data loss, and a problem that data of a non-local terminal cannot be encrypted is solved.
-
Citations
21 Claims
-
1. An encryption method, comprising:
-
performing, by a terminal, an encryption operation for data of the terminal according to information of an encryption sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a local Device Management (DM) tree when receiving an encryption instruction sent from a DM server;
wherein the EADMO node is a node added to the DM tree of the terminal;reporting to the DM server, by the terminal, encrypted data state information generated after the encryption succeeds;
updating, by the terminal according to an updating instruction sent from the DM server, information of a Store Uniform Resource Locator (URL) sub-node of the EADMO node of the DM tree into a URL for the DM server to locally store the encrypted data state information. - View Dependent Claims (2, 15, 20, 21)
-
-
3. A decryption method, comprising:
-
requesting a Device Management (DM) server, by a terminal, for encrypted data state information to which a Uniform Resource Locator (URL) stored by a Store URL sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a DM tree of the terminal is directed, when receiving a decryption instruction sent from the DM server;
wherein the EADMO node is a node added to the DM tree of the terminal;performing, by the terminal, a decryption operation for data of the terminal according to the encrypted data state information sent from the DM server further comprising;
before the DM server sends the decryption instruction to the terminal,obtaining, by the DM server, a decryption key held by a user from the terminal or a terminal currently used by a user;
verifying whether the decryption key can be matched with a locally stored decryption key;
if yes, sending the decryption instruction to the terminal;
otherwise, sending a key verification failure message to the corresponding terminal or the terminal currently used by the user. - View Dependent Claims (4, 16)
-
-
5. A terminal, comprising:
- a first receiving unit, a first encrypting unit, a first sending unit, and a first storing unit, wherein
the first receiving unit is configured to receive an encryption instruction sent from a Device Management (DM) server;
to receive an updating instruction sent from the DM server, wherein the instruction updates information of a Store Uniform Resource Locator (URL) sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a Device Management (DM) tree of the first storing unit into a URL, wherein the URL is a URL for the DM server to locally store encrypted data state information sent from the first sending unit;
wherein the EADMO node is a node added to the DM tree of the terminal;the first encrypting unit is configured, when the first receiving unit receives the encryption instruction, to perform an encryption operation for data of the terminal according to information of an encryption sub-node of the EADMO node of the DM tree, wherein the information of the encryption sub-node of the EADMO node of the DM tree is stored by the first storing unit; and
to generate the encrypted data state information after the encryption succeeds;the first sending unit is configured to send the DM server the encrypted data state information generated after the first encrypting unit performs the encryption successfully; the first storing unit is configured to store information of the EADMO node of the DM tree, to update, according to the updating instruction received by the first receiving unit, the information of the Store URL sub-node of the EADMO node of the DM tree into the URL for the DM server to locally store the encrypted data state information. - View Dependent Claims (6, 17)
- a first receiving unit, a first encrypting unit, a first sending unit, and a first storing unit, wherein
-
7. A terminal, wherein the terminal includes:
- a second receiving unit, a first decrypting unit, a second sending unit and a second storing unit, wherein
the second receiving unit is configured to receive a decryption instruction sent from a Device Management (DM) server, and to receive encrypted data state information sent from the DM server; the first decrypting unit is configured, when the second receiving unit receives the encrypted data state information sent from the DM server, to perform a decryption operation for data of the terminal according to the encrypted data state information; the second sending unit is configured, when the second receiving unit receives the decryption instruction, to send the DM server an instruction for obtaining the encrypted data state information, wherein the encrypted data state information is encrypted data state information to which a Uniform Resource Locator (URL) in information of a Store URL sub-node is directed, and the Store URL sub-node is located in an Encrypt And Decrypt Management Object (EADMO) node of a DM tree of the second storing unit;
wherein the EADMO node is a node added to the DM tree of the terminal;the second storing unit is configured to store information of the EADMO node of the DM tree; the second receiving unit is further configured to receive an instruction for obtaining a decryption key held by a user, wherein the instruction is sent from the DM server; the second sending unit is further configured, when the second receiving unit receives the instruction for obtaining the decryption key held by the user, to send the decryption key held by the user to the DM server. - View Dependent Claims (8, 18)
- a second receiving unit, a first decrypting unit, a second sending unit and a second storing unit, wherein
-
9. A Device Management (DM) server, comprising:
- a third sending unit, a third receiving unit and a third storing unit, wherein
the third sending unit is configured to send an encryption instruction to a terminal;
when the third receiving unit receives encrypted data state information generated and sent after the terminal performs encryption successfully, to indicate the terminal to update information of a Store Uniform Resource Locator (URL) sub-node of an Encrypt And Decrypt Management Object (EADMO) node of a local DM tree of the terminal, wherein the updated information of the Store URL sub-node is a URL for the third storing unit to store the encrypted data state information;
wherein the EADMO node is a node added to the DM tree of the terminal;the third receiving unit is configured to generate and send the encrypted data state information after the terminal performs the encryption successfully; the third storing unit is configured to store the encrypted data state information received by the third receiving unit. - View Dependent Claims (10, 11, 19)
- a third sending unit, a third receiving unit and a third storing unit, wherein
-
12. A Device Management (DM) server, comprising:
- a fourth sending unit, a fourth receiving unit, and a fourth storing unit, wherein
the fourth sending unit is configured to send a decryption instruction to a terminal; and
when the fourth receiving unit receives from the terminal an instruction for requesting for encrypted data state information to which a Uniform Resource Locator (URL) is directed and which is stored by the fourth storing unit, to send the terminal the encrypted data state information to which the URL is directed;the fourth receiving unit is configured to receive from the terminal the instruction for requesting for the encrypted data state information to which the URL is directed, wherein the URL is located in a Store URL of an Encrypt And Decrypt Management Object (EADMO) node of a DM tree of the terminal;
wherein the EADMO node is a node added to the DM tree of the terminal;the fourth storing unit is configured store the encrypted data state information; further comprising; a first verifying unit, configured to verify whether a decryption key held by a user and received by the fourth receiving unit can be matched with a decryption key stored by the fourth storing unit; the fourth sending unit is further configured to send the terminal or a terminal currently used by a user an instruction for obtaining the decryption key held by the user;
when a verifying result of the first verifying unit is yes, to send a decryption instruction to the terminal; and
when a verifying result of the first verifying unit is no, to send the corresponding terminal or the terminal currently used by the user a key verification failure message;the fourth receiving unit is further configured to receive the decryption key sent from the terminal or the terminal currently used by the user; the fourth storing unit is further configured to store the decryption key. - View Dependent Claims (13, 14)
- a fourth sending unit, a fourth receiving unit, and a fourth storing unit, wherein
Specification