CN115562573B - Method for storing data, communication system, electronic equipment and storage medium - Google Patents

Abstract

The application discloses a method for storing data, a communication system, electronic equipment and a storage medium, relating to the field of data storage, after receiving the first instruction, the first device sends a first request to the second device, and requests the second device to generate a first key, wherein the first key is used for encrypting the target data. The second device receives the first request, generates a first key, and then sends the first key to the first device. After the first device receives the first key from the second device, encrypting the target data by using the first key; the first device then stores the encrypted target data to the third device. The application can realize the user to the transfer of private data in the electronic equipment and the encryption and decryption management, is convenient to operate, ensures the safe storage of user data and realizes the intelligent management of the secret key.

Description

A method for storing data, a communication system, an electronic device and a storage medium

Technical Field

The present application relates to the field of data storage, and in particular to a method for storing data, a communication system, an electronic device and a storage medium.

Background Art

At present, mobile terminals such as mobile phones and tablet computers have become common tools in people's daily lives. Mobile terminals can be used to take pictures, chat instantly, browse websites, watch videos, make mobile payments, etc., and various applications can be installed to achieve different functions. Therefore, a lot of information is stored in mobile terminals, such as contact information, call records, account passwords, photos, text messages, files, etc. With the increase of information stored in mobile terminals such as mobile phones and tablet computers, the storage space of mobile terminals is becoming increasingly tight.

Summary of the invention

The present application provides a method for storing data, a communication system, an electronic device and a storage medium, which can alleviate the problem of increasingly tight storage space in mobile terminals. The technical solution is as follows:

In a first aspect, an embodiment of the present application provides a method for storing data, which is applied to a first device, and the method includes:

After receiving the first instruction, sending a first request to the second device, where the first instruction is used to instruct to encrypt and store the target data, and the first request is used to request the second device to generate a first key;

receiving a first key from a second device, and encrypting target data using the first key;

The encrypted target data is stored in the third device, and the locally encrypted target data is deleted.

The method provided in the embodiment of the present application can delete the target data in the first device after transferring the encrypted target data to the third device, thereby indirectly expanding the storage space of the first device and alleviating the problem of increasingly tight storage space. The first device encrypts the target data according to the first key to ensure the security of the target data. The first device only stores the encrypted target data to the third device, and does not store the first key to the third device, thereby realizing the separate storage of the first key and the target data, which can reduce the risk of the target data being decrypted after the third device is lost, improve the security of data storage, and the third device is a user's private device, which can avoid the risk of target data being leaked online. In addition, the first key is generated by the second device, and the user does not need to manage the key himself, thereby improving the user experience.

In conjunction with the first aspect, in certain implementations of the first aspect, the first request includes a first identifier of the target data and a second identifier of the target data. In this implementation, the first identifier is a content identifier of the target data, and the second identifier is an identifier of a user corresponding to the target data. The content of the target data is different, and the first key generated each time the data is encrypted is different. When decrypting, the same first identifier and second identifier as used for encryption need to be used, and other users cannot decrypt the data of this user, thereby improving the security of stored data.

In combination with the first aspect, in some implementations of the first aspect, storing the encrypted target data in a third device includes: storing the encrypted target data and a first identifier of the target data in the third device.

In some implementations, the first device may compress and store the encrypted target data and the first identifier of the target data in a third device, thereby saving storage space of the third device and facilitating searching for the first identifier of the target data and decrypting the encrypted target data.

In combination with the first aspect, in certain implementations of the first aspect, the above method also includes: after receiving the second instruction, sending a second request to the second device, the second instruction instructing to decrypt the encrypted target data, and the second request is used to request to obtain the first key; receiving the first key from the second device; obtaining the encrypted target data in the third device; and decrypting the encrypted target data using the first key.

In combination with the first aspect, in some implementations of the first aspect, the second request includes a first identifier of the target data and a second identifier of the target data. That is, the information required when obtaining the first key corresponds to the information used when generating the first key, thereby improving the security of the stored data.

If the first request includes the first identifier of the target data, for example, the first identifier of the target data is an MD5 value, the second device generates a first key based on the MD5 value, and correspondingly, the second request includes the MD5 value, and the cloud server queries the first key based on the MD5 value.

If the first request includes the second identifier of the target data, the second device generates the first key according to the second identifier of the target data. Correspondingly, the second request includes the second identifier of the target data, and the cloud server queries the first key according to the second identifier of the target data.

In combination with the first aspect, in some implementations of the first aspect, the first instruction or the second instruction is an instruction from a fourth device, and the target data is sent by the fourth device to the first device.

In this implementation, the storage space of the fourth device is tight, and the user chooses to transfer part of the data stored in the fourth device to the third device for storage. The fourth device determines the part of the data selected by the user as the target data and sends the target data to the first device. In this implementation, the fourth device transfers data through the first device to relieve the storage space of the fourth device. The first device is a transfer device. During the process of the fourth device transferring data, other devices can also transfer data to the third device through the first device. It can be realized that data from multiple devices can be transferred to the third device in the same time period, which can improve the efficiency of storing data.

In combination with the first aspect, in certain implementations of the first aspect, the first instruction is sent by the fourth device to the first device after detecting a first operation from the first interface, the first operation is an operation instructing encrypted storage of target data, and the first interface is an interface for managing data to be encrypted.

In combination with the first aspect, in certain implementations of the first aspect, the second instruction is sent by the fourth device to the first device after detecting a second operation from the second interface, the second operation is an operation instructing to decrypt the encrypted target data, and the second interface is an interface for managing encrypted data.

In this implementation, the fourth device displays the first interface and the second interface, providing the user with a channel to manage data through the first device, facilitating user operation, thereby improving user experience.

In combination with the first aspect, in certain implementations of the first aspect, the above method also includes: sending progress information of encrypting the target data to a fourth device, or sending progress information of decrypting the encrypted target data to the fourth device, so that the user can understand the current progress of encryption or decryption in real time and estimate the completion time. When the time is long, the user can deal with other things first, thereby improving the user experience.

In a second aspect, an embodiment of the present application provides a method for storing data, which is applied to a second device, and the method includes:

Receiving a first request from a first device, the first request is used to request a second device to generate a first key, the first key is used to encrypt target data, and the target data is data stored in the first device;

generating a first key according to the first request;

A first key is sent to the first device.

In the method provided by the embodiment of the present application, the first key generated by the second device can reduce the amount of calculation of other devices and improve the efficiency of storing data. The second device can generate keys for multiple devices, thereby improving the versatility of the method. The second device generates and stores the first key, and then obtains the first key from the second device during decryption. The user does not need to manage the key himself, and intelligent key management can be achieved, thereby improving the user experience.

In combination with the second aspect, in some implementations of the second aspect, the first request includes a first identifier of the target data and a second identifier of the target data, and generating a first key includes: generating the first key according to the first identifier of the target data and the second identifier of the target data.

In combination with the second aspect, in certain implementations of the second aspect, the above method also includes: saving the first key, and the correspondence between the first key and the first identifier of the target data and the second identifier of the target data, so as to facilitate the second device to find the first key, and during decryption, determine whether the first identifier of the target data and the second identifier of the target data are correct, thereby improving the security of the stored data.

In combination with the second aspect, in some implementations of the second aspect, the method further includes: receiving a second request from the first device, the second request being used to request obtaining the first key; querying the first key according to the second request; and sending the first key to the first device.

In conjunction with the second aspect, in some implementations of the second aspect, the second request includes a first identifier of the target data and a second identifier of the target data, and querying the first key includes: querying the first key according to the first identifier of the target data and the second identifier of the target data. That is, the information required when querying the first key corresponds to the information used when generating the first key, thereby ensuring data security.

In a third aspect, an embodiment of the present application provides a storage data communication system, which includes a first device, a second device and a third device, and the first device has established connections with the second device and the third device.

When some data stored in the first device needs to be transferred, the user can perform a first operation on the interface displayed by the first device to input a first instruction to the first device. After receiving the first instruction, the first device sends a first request to the second device in response to the first operation. The first instruction is used to instruct the encrypted storage of the target data, and the first request is used to request the second device to generate a first key, and the first key is used to encrypt the target data.

The second device receives the first request from the first device, generates a first key in response to the first request, and then sends the first key to the first device.

After receiving the first key from the second device, the first device uses the first key to encrypt the target data; then the first device stores the encrypted target data to the third device and deletes the locally encrypted target data.

The first key may be stored on the first device or on the second device. If the first key is stored on the first device, when the user needs to view the encrypted target data, the user may perform a second operation on the first device to input a second instruction to the first device. After receiving the second instruction, the first device searches for the first key inside the device and uses the first key to decrypt the encrypted target data.

If the first key is stored on the second device, after receiving the second instruction, the first device sends a second request to the second device, and the second request is used to request to obtain the first key. The second device receives the second request from the first device, and in response to the second request, the second device searches for the first key inside the device, and then sends the first key to the first device. After receiving the first key, the first device uses the first key to decrypt the encrypted target data.

In an embodiment of the present application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, thereby indirectly expanding the storage space of the first device and alleviating the problem of increasingly tight storage space.

The first device encrypts the target data according to the first key, which ensures the security of the target data. The first device only stores the encrypted target data in the third device, and does not store the first key in the third device, which realizes the separate storage of the first key and the target data, and can reduce the risk of the target data being decrypted after the third device is lost, improve the security of data storage, and the third device is a user's private device, which can avoid the risk of target data being leaked online. In addition, the first key is generated by the second device, and the user does not need to manage the key himself, thereby improving the user experience.

In some implementations, the first device may be a mobile phone or a tablet computer, the second device may be a cloud server, and the third device may be a mobile hard disk.

In some implementations, the first device may be a mobile phone or a tablet computer, the second device may be a router, and the third device may be a USB flash drive.

In some implementations, the communication system includes four devices: a first device, a second device, a third device, and a fourth device. For example, the first device is a router, the second device is a cloud server, the third device is a mobile hard disk, and the fourth device is a mobile phone. The mobile phone is connected to the router via Wi-Fi, the router communicates with the cloud server, and the mobile hard disk is connected to the router via a USB interface. The mobile phone can control the router and the mobile hard disk. The user selects the target data to be transferred, such as local photos, videos, documents, etc., through the first interface displayed on the mobile phone, and determines to encrypt the target data. In response to the user operation, the mobile phone sends a first instruction and target data to the router. After receiving the target data, the router stores the target data, and after receiving the first instruction, sends a first request to the cloud server. After receiving the first request from the router, the cloud server generates a first key and sends the first key to the router. The router encrypts the target data according to the first key and stores the encrypted target data in the mobile hard disk.

After storing the encrypted target data in the mobile hard disk, the router can delete the target data and the related records of the first key. The cloud server stores the first key after generating it, that is, the first key is stored by the cloud server, thereby avoiding the situation where there may be problems with the mobile phone and the router, and reducing the risk of losing the first key.

In this implementation, the first device (router) is a transfer device. During the process of transferring data from a mobile phone, other devices can also transfer data to a mobile hard disk through the router. This allows data from multiple devices to be transferred to a third device within the same time period. In addition, the cloud server has strong computing power, and using the cloud server to generate the first key can improve the efficiency of storing data.

It can be understood that, in actual implementation, the system for storing data may also include more or fewer devices.

In a fourth aspect, the present application provides a device for storing data, the device comprising a unit for executing the method in the first aspect or the second aspect. The device may correspond to executing the method described in the first aspect or the second aspect, and the relevant description of the unit in the device can refer to the description of the first aspect or the second aspect, which will not be repeated here for the sake of brevity.

The method described in the first aspect or the second aspect above can be implemented by hardware, or by hardware executing corresponding software. The hardware or software includes one or more modules or units corresponding to the above functions. For example, a processing module or unit, a display module or unit, a communication module or unit, etc.

In a fifth aspect, an embodiment of the present application provides an electronic device, comprising: one or more processors; one or more memories; the memory stores one or more programs, and when one or more programs are executed by the processor, the electronic device executes the above-mentioned first aspect and any possible method in the first aspect.

In the sixth aspect, an embodiment of the present application provides an electronic device, comprising: one or more processors; one or more memories; the memory stores one or more programs, and when one or more programs are executed by the processor, the electronic device executes the above-mentioned second aspect and any possible method in the second aspect.

In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium on which computer program instructions are stored. When the computer program instructions are executed by an electronic device, the electronic device implements a method for storing data as described in any one of the first aspect or possible implementations of the first aspect; or, when the computer program instructions are executed by an electronic device, the electronic device implements a method for storing data as described in any one of the second aspect or possible implementations of the second aspect.

In an eighth aspect, an embodiment of the present application provides a device (for example, the device may be a chip system), which includes a processor for supporting a first device to implement the functions involved in the first aspect above; or, for supporting a second device to implement the functions involved in the second aspect above. When the device is a chip system, it may be composed of a chip, or may include a chip and other discrete devices. Optionally, the chip system also includes a memory, and the memory is connected to the processor via a circuit or wire.

In a ninth aspect, an embodiment of the present application provides a computer program product, comprising a computer readable code, which, when the computer readable code is executed in an electronic device, enables the electronic device to implement a method for storing data as described in the first aspect or any possible implementation of the first aspect; or, when the computer readable code is executed in an electronic device, enables the electronic device to implement a method for storing data as described in the second aspect or any possible implementation of the second aspect.

The technical effects obtained in the above-mentioned second to ninth aspects are similar to the technical effects obtained by the corresponding technical means in the above-mentioned first aspect, and will not be repeated here.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a schematic diagram of a system used in a method for storing data provided in an embodiment of the present application;

FIG2 shows a schematic diagram of a system used in another method for storing data provided in an embodiment of the present application;

FIG3 shows a schematic structural diagram of a fourth device (mobile phone 100) provided in an embodiment of the present application;

FIG4 shows a schematic diagram of the structure of a first device (router 200) provided in an embodiment of the present application;

FIG5 shows a schematic diagram of the structure of a second device (cloud server 300) provided in an embodiment of the present application;

FIG6 is a schematic diagram showing a flow chart of a method for storing data provided in an embodiment of the present application;

FIG. 7 shows one of the schematic diagrams of an interface for storing data provided in an embodiment of the present application;

FIG8 shows a second schematic diagram of an interface for storing data provided in an embodiment of the present application;

FIG9 shows a third schematic diagram of an interface for storing data provided in an embodiment of the present application;

FIG10 is a schematic diagram showing a flow chart of an encryption process in a method for storing data provided in an embodiment of the present application;

FIG11 shows a fourth schematic diagram of an interface for storing data provided in an embodiment of the present application;

FIG12 shows a fifth schematic diagram of an interface for storing data provided in an embodiment of the present application;

FIG13 is a schematic diagram showing a flow chart of a decryption process in a method for storing data provided in an embodiment of the present application;

FIG14 shows a sixth schematic diagram of an interface for storing data provided in an embodiment of the present application;

FIG. 15 shows a schematic diagram of the structure of a device provided in an embodiment of the present application.

FIG. 16 shows a schematic structural diagram of another device provided in an embodiment of the present application.

FIG. 17 shows a schematic diagram of the software structure of the electronic device provided in an embodiment of the present application.

DETAILED DESCRIPTION

In order to make the purpose, technical scheme and advantages of the present application clearer, the implementation mode of the present application will be further described in detail below with reference to the accompanying drawings. Hereinafter, the terms "first" and "second" are used for descriptive purposes only and cannot be understood as indicating or implying relative importance or implicitly indicating the number of indicated technical features. Thus, the features defined as "first" and "second" may explicitly or implicitly include one or more of the features. In the description of the present embodiment, unless otherwise specified, the meaning of "multiple" is two or more.

At present, mobile terminals such as mobile phones and tablet computers have become common tools in people's daily lives. Mobile terminals can be used to take pictures, chat instantly, browse websites, watch videos, make mobile payments, etc., and various applications can be installed to achieve different functions. Therefore, a lot of information is stored in mobile terminals, such as contact information, call records, account passwords, photos, text messages, data, etc. With the increase of information stored in mobile terminals such as mobile phones and tablet computers, the storage space of mobile terminals is becoming increasingly tight.

Normally, users can delete some data to free up storage space, but users may not want to delete some precious photos, videos and other data. If users do not want to delete data, they can upload the data to the cloud space for storage. However, the free capacity of the cloud space is small. If users want to expand the capacity of the cloud space, they need to pay extra fees, and the cloud space is vulnerable to malicious attacks. Alternatively, users can copy the data to a mobile hard disk for storage, but the operation of copying data to a mobile hard disk is cumbersome. In addition, mobile hard disks generally store data in plain text. If the mobile hard disk is lost, there is a risk of data leakage and security cannot be guaranteed. In order to improve security, users can encrypt the data stored in the mobile hard disk by themselves. In this case, users need to record the encryption key. If the key is forgotten or lost, the data stored in the mobile hard disk will be difficult to decrypt.

In view of this, an embodiment of the present application provides a method for storing data and a system for storing data. Through the scheme of the present application, when the storage space of a first device or other devices is tight, a user can choose to encrypt some data and then transfer it to a third device, wherein the encryption key is generated by a second device, and the key and the data are stored on different devices respectively, thereby alleviating the problem of increasingly tight storage space of mobile terminals and achieving safe, reliable, long-term and easy-to-operate data transfer.

Among them, the key is a parameter that must be input in the process of converting plaintext to ciphertext or ciphertext to plaintext. The process of encoding plaintext into ciphertext using an encryption algorithm is called encryption, and correspondingly, the process of decoding ciphertext into plaintext using a decryption algorithm is called decryption.

The following is an introduction to the systems, devices and methods provided in the embodiments of the present application.

Fig. 1 shows a schematic diagram of a system for storing data according to an embodiment of the present application. As shown in Fig. 1, the communication system for storing data may include a first device, a second device and a third device.

The first device can establish a wireless connection with the second device through wireless communication technology, and the wireless communication technology includes but is not limited to: global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), wideband code division multiple access (WCDMA), time division code division multiple access (TD-SCDMA), long term evolution (LTE), fifth generation mobile communication technology (English: 5th generation mobile networks or 5th generation wireless systems, referred to as 5G), global navigation satellite system (GNSS), wireless local area networks (WLAN), wireless fidelity (Wi-Fi) network, Bluetooth (BT), frequency modulation (FM), near field communication technology (NFC), infrared technology (IR), etc. The GNSS may include a global positioning system (GPS), a global navigation satellite system (GLONASS), a Beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS) and/or a satellite based augmentation system (SBAS).

The first device can be connected to the third device in a wired manner. For example, the first device can be connected to the third device via a Universal Serial Bus (USB) interface. After the third device is connected to the first device, the first device can display data in the third device.

The first device may be a mobile terminal or a non-mobile terminal. For example, the first device may be a mobile phone, a wearable device (such as a smart watch or a smart bracelet), a tablet computer, a handheld computer, a notebook computer, an ultra-mobile personal computer (UMPC), a netbook, a cellular phone, a personal digital assistant (PDA), an augmented reality (AR) or virtual reality (VR) device, a router, or other device with processing and storage capabilities.

The second device may be a router, a desktop computer, an edge server, a cloud server, or other device with processing and storage capabilities.

The third device may be a storage medium such as a USB flash drive, a mobile hard disk, or other device with storage capabilities.

The embodiment of the present application does not limit the device types of the first device, the second device and the third device. For example, in some implementations, as shown in FIG1 , the first device may be a mobile phone or a tablet computer, the second device may be a cloud server, and the third device may be a mobile hard disk.

When some data stored in the first device needs to be transferred, the user can perform a first operation on the first device to input a first instruction to the first device. After receiving the first instruction, the first device sends a first request to the second device in response to the first operation. The first instruction is used to instruct the target data to be encrypted and stored. The first request is used to request the second device to generate a first key, and the first key is used to encrypt the target data.

The second device receives the first request from the first device, generates a first key in response to the first request, and then sends the first key to the first device.

After receiving the first key from the second device, the first device uses the first key to encrypt the target data; then the first device stores the encrypted target data to the third device and deletes the locally encrypted target data.

The first key may be stored on the first device or on the second device. If the first key is stored on the first device, when the user needs to view the encrypted target data, the user may perform a second operation on the first device to input a second instruction to the first device. After receiving the second instruction, the first device searches for the first key inside the device and uses the first key to decrypt the encrypted target data.

If the first key is stored on the second device, after detecting the second instruction, the first device sends a second request to the second device, and the second request is used to request to obtain the first key. The second device receives the second request from the first device, and in response to the second request, the second device searches for the first key inside the device, and then sends the first key to the first device. After receiving the first key, the first device uses the first key to decrypt the encrypted target data.

In some implementations, the first device may also be connected to the third device wirelessly, and the second device may be connected to the third device in a wired manner. For example, the first device may be a mobile phone, the second device may be a router, and the third device may be a USB flash drive, which is connected to the router via a USB interface. After the mobile phone encrypts the target data using the first key, the mobile phone sends the encrypted target data to the router, and the router stores the encrypted target data in the USB flash drive.

The method provided in the embodiment of the present application can delete the target data in the first device after transferring the encrypted target data to the third device, thereby indirectly expanding the storage space of the first device and alleviating the problem of increasingly tight storage space.

In the embodiment of the present application, the first device encrypts the target data according to the first key, thereby ensuring the security of the target data. The first device only stores the encrypted target data in the third device, and does not store the first key in the third device, thereby realizing the separate storage of the first key and the target data, which can reduce the risk of the target data being decrypted after the third device is lost, improve the security of data storage, and the third device is a user's private device, which can avoid the risk of target data being leaked online. In addition, the first key is generated by the second device, and the user does not need to manage the key himself, thereby improving the user experience.

It should be noted that the communication system for storing data includes three devices as an example for exemplary description, which does not limit the embodiments of the present application. It can be understood that in actual implementation, the system for storing data may also include more or fewer devices. For example, in some implementations, the system for storing data includes two devices: a first device and a third device, and the first device is connected to the third device by wire. For example, the first device is a mobile phone, and the third device is a mobile hard disk. The user performs a first operation on the first device to input a first instruction to the first device. After detecting the first instruction, the first device generates a first key in response to the first operation, and then uses the first key to encrypt the target data, and stores the target data encrypted by the first key to the third device.

For example, in some implementations, a communication system for storing data may include four devices: a first device, a second device, a third device, and a fourth device, wherein the fourth device may be a mobile phone, a wearable device (such as a smart watch, a smart bracelet), a tablet computer, a handheld computer, a laptop computer, an ultra-mobile personal computer (UMPC), a netbook, as well as a cellular phone, a personal digital assistant (PDA), an augmented reality (AR) device, a virtual reality (VR) device, etc.

For example, Figure 2 shows a schematic diagram of a user (fourth device) and a first device in a close proximity scenario. The first device can establish a wireless connection with the second device and the fourth device, and the first device can communicate with the third device via a wired connection.

As shown in Figure 2, the first device is a router, the second device is a cloud server, the third device is a mobile hard disk, and the fourth device is a mobile phone. The mobile phone is connected to the router via Wi-Fi, the router communicates with the cloud server, and the mobile hard disk is connected to the router via a USB interface. The user uses the mobile phone to control the router, selects the target data to be transferred on the mobile phone, such as local photos, videos, documents, etc., and determines to encrypt the target data. In response to the user operation, the mobile phone sends the first instruction and the target data to the router.

After receiving the target data, the router stores the target data, and after receiving the first instruction, sends a first request to the cloud server. After receiving the first request from the router, the cloud server generates a first key and sends the first key to the router. The router encrypts the target data according to the first key and stores the encrypted target data in the mobile hard disk.

After storing the encrypted target data in the mobile hard disk, the router can delete the relevant records of the target data and the first key. The cloud server stores the first key after generating the first key, that is, the first key is stored by the cloud server, thereby avoiding possible problems with the mobile phone and the router and reducing the risk of losing the first key.

In the implementation shown in FIG2 , the fourth device transfers data through the first device, thereby alleviating the storage space of the fourth device. The first device (router) is a transfer device. During the process of transferring data by the mobile phone, other devices can transfer data to the mobile hard disk through the router, so that data in multiple devices can be transferred to the third device in the same time period. The cloud server has strong computing power, and using the cloud server to generate the first key can improve the efficiency of storing data.

Next, the hardware structure diagrams of the first device, the second device and the fourth device are introduced in conjunction with the accompanying drawings.

Taking the fourth device as a mobile phone as an example, FIG3 shows a schematic structural diagram of the mobile phone 100 provided in an embodiment of the present application.

The mobile phone 100 may include a processor 110, an external memory interface 120, an internal memory 121, a USB interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, a button 190, a motor 191, an indicator 192, a camera 193, a display screen 194, and a second identification module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, etc.

The processor 110 may include one or more processing units, for example, the processor 110 may include an application processor (AP), a modem processor, a graphics processor (GPU), an image signal processor (ISP), a controller, a video codec, a digital signal processor (DSP), a baseband processor, and/or a neural-network processing unit (NPU), etc. Different processing units may be independent devices or integrated into one or more processors.

The controller can generate operation control signals according to the instruction operation code and timing signal to complete the control of instruction fetching and execution.

The processor 110 may also be provided with a memory for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may store instructions or data that the processor 110 has just used or cyclically used. If the processor 110 needs to use the instruction or data again, it may be directly called from the memory. This avoids repeated access, reduces the waiting time of the processor 110, and thus improves the efficiency of the system.

In some embodiments, the processor 110 may include one or more interfaces. The interface may include an inter-integrated circuit (I2C) interface, an inter-integrated circuit sound (I2S) interface, a pulse code modulation (PCM) interface, a universal asynchronous receiver/transmitter (UART) interface, a mobile industry processor interface (MIPI), a general-purpose input/output (GPIO) interface, a second identification module (Subscriber Identity Module, SIM) interface, and/or a universal serial bus (USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus, including a serial data line (SDA) and a serial clock line (SCL). In some embodiments, the processor 110 may include multiple groups of I2C buses. The processor 110 may be coupled to the touch sensor 180K, the charger, the flash, the camera 193, etc. through different I2C bus interfaces. For example: the processor 110 may be coupled to the touch sensor 180K through the I2C interface, so that the processor 110 communicates with the touch sensor 180K through the I2C bus interface, thereby realizing the touch function of the electronic device 100.

The UART interface is a universal serial data bus for asynchronous communication. The bus can be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, the UART interface is generally used to connect the processor 110 and the wireless communication module 160. For example, the processor 110 communicates with the Bluetooth module in the wireless communication module 160 through the UART interface to implement the Bluetooth function.

The USB interface 130 is an interface that complies with the USB standard specification, and can be a Mini USB interface, a Micro USB interface, a USB Type C interface, etc. The USB interface 130 can be used to connect a charger to charge the mobile phone 100, and can also be used to transfer data between the mobile phone 100 and peripheral devices. It can also be used to connect headphones to play audio through the headphones. The interface can also be used to connect other electronic devices, such as AR devices, etc.

It is understandable that the interface connection relationship between the modules illustrated in the embodiment of the present invention is only a schematic illustration and does not constitute a structural limitation on the electronic device 100. In other embodiments of the present application, the electronic device 100 may also adopt different interface connection methods in the above embodiments, or a combination of multiple interface connection methods.

The wireless communication function of the mobile phone 100 can be realized by antenna 1, antenna 2, mobile communication module 150, wireless communication module 160, modem processor and baseband processor, etc. Antenna 1 and antenna 2 are used to transmit and receive electromagnetic wave signals.

The mobile communication module 150 can provide solutions for wireless communications including 2G/3G/4G/5G, etc., applied to the mobile phone 100. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a low noise amplifier (LNA), etc. The mobile communication module 150 can receive electromagnetic waves from the antenna 1, and filter, amplify, and process the received electromagnetic waves, and transmit them to the modulation and demodulation processor for demodulation. The mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor, and convert it into electromagnetic waves for radiation through the antenna 1. In some embodiments, at least some of the functional modules of the mobile communication module 150 can be set in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 can be set in the same device as at least some of the modules of the processor 110.

The modem processor may include a modulator and a demodulator. Among them, the modulator is used to modulate the low-frequency baseband signal to be sent into a medium-high frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then transmits the demodulated low-frequency baseband signal to the baseband processor for processing. After the low-frequency baseband signal is processed by the baseband processor, it is passed to the application processor. The application processor outputs a sound signal through an audio device (not limited to a speaker 170A, a receiver 170B, etc.), or displays an image or video through a display screen 194. In some embodiments, the modem processor may be an independent device. In other embodiments, the modem processor may be independent of the processor 110 and be set in the same device as the mobile communication module 150 or other functional modules.

The wireless communication module 160 can provide wireless communication solutions including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), infrared (IR), etc., which are applied to the mobile phone 100. The wireless communication module 160 can be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, modulates the frequency of the electromagnetic wave signal and performs filtering, and sends the processed signal to the processor 110. The wireless communication module 160 can also receive the signal to be sent from the processor 110, modulate the frequency of it, amplify it, and convert it into electromagnetic waves for radiation through the antenna 2.

In some embodiments, the antenna 1 of the mobile phone 100 is coupled to the mobile communication module 150, and the antenna 2 is coupled to the wireless communication module 160, so that the mobile phone 100 can communicate with the network and other devices through wireless communication technology.

The mobile phone 100 implements the display function through a GPU, a display screen 194, and an application processor. The GPU is a microprocessor for image processing, which is connected to the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs, which execute program instructions to generate or change display information. The display screen 194 is used to display images, videos, etc.

The external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to implement a data storage function, such as storing music, video and other files in the external memory card.

The internal memory 121 can be used to store computer executable program codes, which include instructions. The internal memory 121 may include a program storage area and a data storage area. Among them, the program storage area may store an operating system, an application required for at least one function (such as a sound playback function, an image playback function, etc.), etc. The data storage area may store data created during the use of the mobile phone 100 (such as audio data, a phone book, etc.), etc. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one disk storage device, a flash memory device, a universal flash storage (UFS), etc. The processor 110 executes various functional applications and data processing of the mobile phone 100 by running instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.

The pressure sensor 180A is used to sense the pressure signal and can convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A can be set on the display screen 194. There are many types of pressure sensors 180A, such as resistive pressure sensors, inductive pressure sensors, capacitive pressure sensors, etc. The capacitive pressure sensor can be a parallel plate including at least two conductive materials. When a force acts on the pressure sensor 180A, the capacitance between the electrodes changes. The mobile phone 100 determines the intensity of the pressure according to the change in capacitance. When a touch operation acts on the display screen 194, the mobile phone 100 detects the touch operation intensity according to the pressure sensor 180A. The mobile phone 100 can also calculate the touch position according to the detection signal of the pressure sensor 180A. In some embodiments, touch operations acting on the same touch position but with different touch operation intensities can correspond to different operation instructions. For example: when a touch operation with a touch operation intensity less than the first pressure threshold acts on the short message application icon, an instruction to view the short message is executed. When a touch operation with a touch operation intensity greater than or equal to the first pressure threshold acts on the short message application icon, an instruction to create a new short message is executed.

The touch sensor 180K is also called a "touch control device". The touch sensor 180K can be set on the display screen 194. The touch sensor 180K and the display screen 194 form a touch screen, also called a "touch control screen". The touch sensor 180K is used to detect touch operations acting on or near it. The touch sensor can pass the detected touch operation to the application processor to determine the type of touch event. Visual output related to the touch operation can be provided through the display screen 194. In other embodiments, the touch sensor 180K can also be set on the surface of the mobile phone 100, which is different from the position of the display screen 194.

Taking the first device as a router as an example, FIG4 shows a schematic structural diagram of a router 200 provided in an embodiment of the present application.

As shown in FIG. 4 , the router 200 may include: a processor 210 , a wireless communication module 220 , a memory 230 , a power module 240 , a communication interface 250 , a switch 260 , and an antenna.

The processor 210 may include one or more processing units, for example, the processor 210 may include a CPU, a GPU, a DSP, an ISP, an AP, an NPU, a modem processor, a controller, a video codec, a baseband processor, etc. In some embodiments, different processing units may be independent devices or integrated into one or more processors. Among them, the CPU is the final execution unit for information processing and program running, and its main tasks include processing instructions, executing operations, controlling time, and processing data. The CPU may include a controller, an arithmetic unit, a cache memory, and a bus for connecting these components.

The wireless communication module 220 can provide wireless communication such as Wi-Fi, frequency modulation (FM), Bluetooth or NFC. The wireless communication module 220 can be one or more devices integrating at least one communication processing module. The wireless communication module 220 receives electromagnetic waves via an antenna, modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 210. The wireless communication module 220 can also receive the signal to be sent from the processor 210, modulate and amplify it, and convert it into electromagnetic waves for radiation through the antenna.

The memory 230 can be used to store computer executable program codes, and the executable program codes include computer instructions. The processor 210 executes various functions and data processing by running the instructions stored in the memory 230. The memory 230 may include a program storage area and a data storage area. Among them, the program storage area may store at least one application required for a function (such as generating a key, sending a request, etc.). The data storage area may store target data, keys, etc. received from other devices. In addition, the memory 230 may include a high-speed random access memory, and may also include a non-volatile memory, etc.

The power module 240 can be used to receive power input, store electrical energy, and provide power to the processor 210, the wireless communication module 220, the memory 230, etc.

The communication interface 250 can be used to communicate with external devices such as electronic devices, mobile hard disks, and USB flash drives. The communication interface 250 can be any possible interface such as a network port or a universal serial bus (USB) interface.

The switch 260 is used to trigger the router to be turned on or off.

Taking the second device as a cloud server as an example, FIG5 shows a schematic diagram of the structure of the cloud server 300 provided in an embodiment of the present application.

As shown in FIG. 5 , the cloud server 300 may include a processor 310 , a memory 320 , and a communication module 330 .

The processor 310 can be used to read and execute computer-readable instructions. Specifically, the processor 310 may include a controller, an arithmetic unit, and a register. Among them, the controller is mainly responsible for decoding instructions and issuing control signals for operations corresponding to the instructions. The arithmetic unit is mainly responsible for saving register operands and intermediate operation results temporarily stored during the execution of instructions. In a specific implementation, the hardware architecture of the processor 310 may be an application specific integrated circuit (ASIC) architecture, a MIPS (microprocessor without interlocked piped stages) architecture, an ARM (advanced RISC machines) architecture, or a network processor (NP) architecture, etc.

The memory 320 is coupled to the processor 310 and is used to store various software programs and/or multiple sets of instructions. In a specific implementation, the memory 320 may include a high-speed random access memory, and may also include a non-volatile memory, such as one or more disk storage devices, flash memory devices or other non-volatile solid-state storage devices. The memory 320 may store an operating system, such as an embedded operating system such as uCOS, VxWorks, RTLinux, etc.

The communication module 330 may be used to establish a communication connection between the cloud server 300 and other communication terminals through a network, and to send and receive data through a network.

It is understood that the structure shown in this embodiment does not constitute a specific limitation on the mobile phone 100, the router 200, and the cloud server 300. In other embodiments, the mobile phone 100, the router 200, and the cloud server 300 may include more or fewer components than shown in the figure, or combine some components, or split some components, or arrange the components differently. The components shown in the figure may be implemented in hardware, software, or a combination of software and hardware.

The following describes a method for storing data provided in an embodiment of the present application.

Figure 6 is a flow chart of a method for storing data provided by an embodiment of the present application. Continuing to take the first device as a router, the second device as a cloud server, the third device as a mobile hard disk, and the fourth device as a mobile phone as an example for schematic description, as shown in Figure 6, the user can first transfer the target data to the mobile hard disk, and the method includes the following S601-S606.

S601, the mobile phone establishes a connection with the router.

The embodiment of the present application does not limit the connection method between the first device and the fourth device. A wired connection can be established between the mobile phone and the router, such as a connection can be established through USB, and USB communication can be performed between the mobile phone and the router. A wireless connection can also be established between the mobile phone and the router, wherein the wireless connection can be a connection established through the Bluetooth protocol or a connection established through the Wi Fi protocol.

Among them, when the mobile phone establishes a wireless connection with the router, the router monitors the information from the mobile phone through a port, such as the 80http web port.

S602, the mobile hard disk establishes a connection with the router.

The router is equipped with a USB interface, and the mobile hard drive can be inserted into the router through the USB interface to establish a connection.

S603, the mobile phone detects a transfer operation from the user.

In an embodiment of the present application, the mobile phone can display multiple preset interfaces for managing data. The user can choose to transfer data, encrypt data, and decrypt data through the preset interface. When selecting data to transfer through the preset interface, the mobile phone can send different types of data to the router in batches.

Exemplarily, FIG7 shows a schematic diagram of an interface for managing data provided in an embodiment of the present application. In an embodiment of the present application, a developer can pre-create a public account, which can implement many functions. As shown in (a) in FIG7 , after the user enters the public account, the mobile phone displays the main interface of the public account, which includes articles published by the public account, and some controls for user interaction, such as the device management control 71. As shown in (b) in FIG7 , after the user clicks the device management control 71, the device management interface is entered, and the mobile phone displays the devices that are currently connected to the mobile phone. For example, the connected devices include a router 72, a computer 73, a watch 74, a USB flash drive 75, etc. The mobile phone displays the icons of the connected devices, and the user can also search for other connectable devices through the search control 76.

The user can select one of the connected devices to store data. For example, as shown in (c) of FIG. 7 , after the user clicks the icon of the router 72, the mobile phone enters the router login interface, which includes a router icon, an input box for entering an account and password, and a control for triggering login. After the user enters the login account and password of the router in the input box, clicks "Login", and after verification, the mobile phone displays the router management interface. As shown in (d) of FIG. 7 , the user can set the router's password, Internet settings, WIFI settings, etc. The user can click control 77 in the router management interface to enter the router's transfer function, and then the mobile phone displays the interface shown in (a) of FIG. 8 .

As shown in (a) of FIG8 , the transfer function of the router may include two parts: transferring to the hard disk and viewing the hard disk. Transferring to the hard disk refers to transferring the data stored in the mobile phone to the mobile hard disk for storage through the router, and viewing the hard disk refers to obtaining the data stored in the mobile hard disk through the router, viewing the data in the mobile hard disk, modifying the data in the mobile hard disk, etc.

After the user clicks "Transfer to Hard Drive" and authorizes the mobile phone to read local data, as shown in (b) of Figure 8, the mobile phone displays locally stored photos, videos, documents and other data. The user can select one or multiple files at the same time. After selecting the data to be transferred to the mobile hard drive for storage, the user can click "Save". The mobile phone determines the data selected by the user as the target data and then starts transferring the data.

S604, in response to the user's transfer operation, the mobile phone sends the target data to the router.

Among them, the mobile phone can use Hyper Text Transfer Protocol (HTTP) to send target data to the router.

S605, the router receives the target data through a port, such as 80http web port.

S606, the router stores the target data in the mobile hard disk.

After the router receives the target data, it can store the target data directly in the mobile hard disk. When storing the target data in the mobile hard disk, the router can create a new folder 1 in the mobile hard disk according to the date, and store the target data received this time in the new folder 1.

After S606, the router may send a notification of data transmission completion to the mobile phone. After confirming that the router has received the target data, the mobile phone may delete the target data from the storage space of the mobile phone.

After the router stores the target data in the mobile hard disk, the user can choose to encrypt the target data in the mobile hard disk. For example, the mobile phone displays the interface shown in (a) of Figure 9. After the user clicks "View Hard Disk", the mobile phone can obtain the data stored in the mobile hard disk and arrange the data in the format of name, date, type, etc., and display it to the user. As shown in (b) of Figure 9, the mobile phone displays data such as file 1, document 1, document 2, compressed package 2022-22-23, etc. The user finds folder 1 storing the target data and clicks the "Encrypt" button to request encryption of the target data in folder 1. It can be understood that the display method shown in (b) of Figure 9 is only an example, and different devices can adaptively display different formats.

Fig. 10 shows a schematic flow chart of a method for storing data provided in an embodiment of the present application. As shown in Fig. 10, the encryption process includes the following S1001-S1007.

S1001, the mobile phone detects an encryption operation from the user and sends a first instruction to the router, where the first instruction instructs to encrypt the target data.

For example, the encryption operation (first operation) may be an operation of clicking an “encryption” button or an operation of clicking an “encrypted storage” button.

S1002: The router receives the first instruction and obtains information for encryption.

After receiving the first instruction, the router parses the first instruction, obtains an indication that the target data needs to be encrypted, obtains information used for encryption, and then sends a first request to the cloud server, where the first request is used to request the cloud server to generate a first key.

S1003, the router sends a first request to the cloud server.

In some implementations, the first request may include a first identifier of the target data, and the first identifier of the target data uniquely corresponds to the data to be encrypted. The first identifier is a content identifier of the target data, for example, the first identifier of the target data may be a message digest MD5 value (Message Digest Algorithm MD5). After receiving the first instruction, the router reads the content of the target data in folder 1 and calculates the MD5 value based on the content of all the data.

In other implementations, the first request may include a second identifier of the target data, and the second identifier is an identifier of the user corresponding to the target data. For example, if the public account is a WeChat public account, the second identifier may be a WeChat identifier. After the mobile phone detects the encryption operation, it obtains the WeChat identifier appid. An appid uniquely corresponds to a WeChat account. When the mobile phone sends the first instruction to the router, the WeChat identifier appid may be carried in the first instruction, so that the router may obtain the WeChat identifier appid after parsing the first instruction. For example, the second identifier may also be a mobile equipment identifier (MEID), which is a unique identifier of the mobile phone.

In some other implementations, the first request may include a first identifier of the target data and a second identifier of the target data.

S1004: The cloud server receives the first request and generates a first key.

The cloud server generates a first key based on the information carried in the first request. For example, the cloud server generates a unique Advanced Encryption Standard (AES) symmetric encryption key corresponding to the target data based on the WeChat identifier appid and the MD5 value. In this implementation, the first key generated each time the data is encrypted is different depending on the content of the target data. Decryption requires the use of a device or WeChat with the same second identifier as used for encryption. Other users cannot decrypt the user's data, thereby improving the security of stored data.

After generating the first key, the cloud server stores the first key and the first identifier of the target data used when generating the first key, or the second identifier, or the first identifier and the second identifier of the target data.

S1005, the cloud server sends the first key to the router.

S1006, the router receives the first key from the cloud server and encrypts the target data according to the first key.

S1007, the router sends information including encryption progress to the mobile phone.

During the encryption process, the router can send information containing the encryption progress to the mobile phone, and the mobile phone displays the current encryption progress to the user. As shown in (a) of FIG11 , when the encryption progress of the router is 80%, the mobile phone can display the encryption progress as 80%. As shown in (b) of FIG11 , after the encryption is completed, the mobile phone displays to the user that the encryption is completed.

In some implementations, after the encryption is completed, the router can directly compress and store the encrypted target data to save storage space. For example, the interface after the encryption is completed is shown in (a) of FIG. 12 , and the router compresses the encrypted target data into a compressed package 2, which can be in a zip format and can be named 2022-08-26 according to the current date.

In some implementations, the router compresses the encrypted folder 1 and the first identifier of the target data into the compressed package 2 at the same time, as shown in (b) in Figure 12, so that the first identifier of the target data can be obtained from the compressed package when decrypting the data, which facilitates the search for the first identifier of the target data.

In other implementations, the router can also store the second identifier in the compressed package. In this way, when the user views the content in the mobile hard disk, the router shows the user which user the compressed package comes from, so that the user can find the encrypted target data easily. When decrypting, the router can compare the user identifier obtained this time with the second identifier in the compressed package. When the two do not match, the encrypted data cannot be operated.

In some implementations, the first key may also be stored by the router, or the router sends the first key to the mobile phone, and the mobile phone stores the first key.

In the above embodiment, the mobile phone determines some files selected by the user as target data, first sends the target data to the router, and the router stores it in the mobile hard disk, and then sends the first instruction to the router according to the user's instructions. In other words, if unencrypted data is already stored in the mobile hard disk, the user can view the data in the mobile hard disk, and the mobile phone can also determine the unencrypted data in the mobile hard disk as target data according to the user's selection, and send the first instruction to the router. Then, after the router determines the target data that needs to be encrypted, it sends the first request to the cloud server.

In some implementations, in the interface shown in (b) of FIG. 8 , after the user selects the target data, he can click “encrypted storage”. After the transfer operation from the user is detected in step S603, the mobile phone responds to the user's transfer operation and sends a first instruction and target data to the router, wherein the target data can be carried in the first instruction. After the router receives the first instruction, it executes step S1002 and subsequent steps. Among them, the mobile phone can also send the target data to the router first and then send the first instruction, or the mobile phone can also send the target data to the router first and then send the first instruction. After the router receives the target data, it can temporarily store the target data in the router's memory, and after encrypting the target data, store the encrypted target data in the mobile hard disk. After storing the encrypted target data in the mobile hard disk, the router deletes the local target data.

The method provided in the embodiment of the present application can delete the target data in the mobile phone after transferring the encrypted target data to the mobile hard disk, thereby indirectly expanding the storage space of the mobile phone and alleviating the problem of increasingly tight storage space of the mobile phone.

In the embodiment of the present application, the router encrypts the target data according to the first key, thereby ensuring the security of the target data. The router only stores the target data encrypted by the first key to the mobile hard disk, and does not store the first key to the mobile hard disk, thereby realizing the separate storage of the first key and the target data, which can reduce the risk of the target data being decrypted after the mobile hard disk is lost. The mobile hard disk is a private device of the user, which can avoid the risk of the target data being leaked on the Internet, thereby improving the security of data storage.

In addition, in the process of transferring data from a mobile phone, other devices, such as a tablet computer, can also be used to transfer data to a mobile hard disk through a router, so that data from multiple devices can be transferred to a third device within the same time period. In addition, the method provided in the embodiment of the present application uses a cloud server to generate a first key, which can improve the efficiency of storing data. The first key is generated by the cloud server, and the user does not need to manage the key himself, thereby improving the user experience.

The method provided by the present application can also decrypt the encrypted target data. Figure 13 shows a schematic flow chart of the method for storing data provided by an embodiment of the present application. As shown in Figure 13, the encryption process includes the following S1301-S1307.

S1301, the mobile phone detects a decryption operation (second operation) from the user, and sends a second instruction to the router, where the second instruction instructs to decrypt the encrypted target data.

For example, when the mobile phone displays the interface shown in (a) of FIG. 12 , the user can select compressed package 2 and click the “decrypt” button to request decryption of the data in compressed package 2 .

S1302: After receiving the second instruction, the router obtains information for decryption.

The information used for decryption corresponds to the information used for encryption.

For example, taking the example of the first key being generated by the second identifier and the MD5 value, after receiving the second instruction, the router decompresses the compressed package 2, extracts the MD5 value in the compressed package 2, and obtains the second identifier. The second identifier can be carried in the second instruction and sent to the router, and the router parses the second instruction to obtain the second identifier. Alternatively, after receiving the second instruction, the router can send a request to obtain the second identifier to the mobile phone, and the mobile phone then sends the second identifier to the router.

S1303, the router sends a second request to the cloud server, where the second request is used to request to obtain the first key.

The second request includes an MD5 value and a second identifier, that is, the information required to obtain the first key corresponds to the information used to generate the first key.

S1304: After receiving the second request, the cloud server queries the first key from the cloud server.

The cloud server queries the first key according to the information in the second request, that is, according to the MD5 value and the second identifier.

It can be understood that when the first key is generated by an MD5 value, the second request includes the MD5 value, and the cloud server queries the first key according to the MD5 value. When the first key is generated by a second identifier, the second request includes the second identifier, and the cloud server queries the first key according to the second identifier.

S1305, the cloud server sends the first key to the router.

S1306: The router decrypts the target data encrypted by the first key according to the first key.

That is, after the router decompresses the compressed package 2, it also obtains the encrypted folder 1. After obtaining the first key, the router decrypts the folder 1 according to the first key. After the decryption is completed, the router can delete the compressed package 2.

S1307, the router sends information including decryption progress to the mobile phone.

During the decryption process, the router can send information containing the decryption progress to the mobile phone. After receiving the progress information, the mobile phone displays the current decryption progress to the user. As shown in (a) of FIG14, when the decryption progress of the router is 50%, the mobile phone can display the decryption progress as 50%. As shown in (b) of FIG14, after the decryption is completed, the mobile phone displays the information that the decryption is completed to the user, and then displays the interface shown in (b) of FIG9.

In some other implementations, the mobile phone (the fourth device) and the router (the first device) are in a long-distance scenario, the distance between the mobile phone and the router exceeds the coverage range of the router, and the router is connected to the mobile hard disk (the third device).

In this scenario, when the mobile phone enters the interface shown in (b) in Figure 7, the bound router can also be displayed, where the bound router is a router that has been logged in using this mobile phone. The user clicks the icon of the bound router to log in to the bound router. The mobile phone can remotely manage data through the bound router.

For example, when a user chooses to encrypt unencrypted data stored in a mobile hard disk, the mobile phone responds to the user's encryption operation and sends a first instruction, a second identifier, and an identifier of a bound router to the cloud server, wherein the identifier of the bound router uniquely corresponds to the bound router, and is used by the cloud server to determine the bound router and establish communication with the bound router.

After receiving the first instruction, the cloud server sends the first instruction to the bound router. After receiving the first instruction, the bound router generates an MD5 value corresponding to the target data, and then sends the MD5 value to the cloud server. After receiving the MD5 value, the cloud server generates a first key based on the MD5 value and the second identifier, and then sends the first key to the bound router. After receiving the first key, the bound router uses the first key to encrypt the target data. Depending on the information used when generating the first key, in some implementations, after receiving the first instruction, the cloud server generates a first key and sends the first key and the first instruction to the bound router. After receiving the first instruction, the bound router uses the first key to encrypt the target data.

For some data in the mobile phone with low confidentiality requirements and small data size, remote data transfer can also be achieved through the bound router.

For example, a mobile phone sends a first instruction to a cloud server, and the first instruction includes target data, a second identifier, and an identifier of a bound router. After receiving the first instruction, the cloud server generates an MD5 value corresponding to the target data according to the content of the target data, generates a first key according to the MD5 value and the second identifier, and uses the first key to encrypt the target data. The cloud server sends the encrypted target data and MD5 value to the bound router, and deletes the target data on the cloud server. After receiving the encrypted target data and MD5 value, the bound router compresses the encrypted target data and MD5 value and stores them in a mobile hard disk.

During decryption, the mobile phone sends the second instruction, the second identifier, and the identifier of the bound router to the cloud server. After receiving the second instruction, the cloud server sends the second instruction to the bound router. After receiving the second instruction, the bound router obtains the MD5 value corresponding to the target data, and then sends the MD5 value to the cloud server. After receiving the MD5 value, the cloud server queries the first key based on the MD5 value and the second identifier, and then sends the queried first key to the bound router. After receiving the first key, the bound router uses the first key to decrypt the encrypted target data.

The embodiment of the present application provides a method for storing data. The USB interface of the router is inserted into an external storage medium such as a USB flash drive or a mobile hard disk. Through the interaction between the mobile phone, the router and the cloud server, the user can transfer and encrypt and decrypt private data in the mobile phone. The operation is convenient, which not only ensures the secure storage of user data, but also realizes the intelligent management of keys.

In addition to the above method, in some other implementations, the key can be generated locally on the mobile phone or by a router. For example, in the interface shown in (b) of Figure 7, the user can click on the icon of any connected device, such as clicking on the icon of the USB flash drive 75, and then the mobile phone displays an interface similar to that shown in (d) of Figure 7 to manage the data in the USB flash drive 75. When the user chooses to transfer the data in the mobile phone to the USB flash drive 75, the mobile phone generates an MD5 value of the target data in response to the user operation, and generates a first key based on the MD5 value of the target data. The mobile phone uses the first key to encrypt the target data, stores the encrypted target data in the USB flash drive 75, and stores the first key in the mobile phone.

The method provided in the embodiment of the present application can delete the target data in the first device after transferring the encrypted target data to the third device, thereby indirectly expanding the storage space of the first device and alleviating the problem of increasingly tight storage space.

The first device encrypts the target data according to the first key, which ensures the security of the target data. The first device only stores the target data encrypted by the first key to the third device, and does not store the first key to the third device, which realizes the separate storage of the first key and the target data, and can reduce the risk of the target data being decrypted after the third device is lost, improve the security of data storage, and the third device is a user's private device, which can avoid the risk of target data being leaked online. In addition, the first key is generated by the second device, and the user does not need to manage the key himself, thereby improving the user experience.

When the first device is a transfer device, it is possible to transfer data from multiple devices to a third device within the same time period. The embodiment of the present application also provides a public account that is convenient for users to operate, which is convenient for users to manage data, and has convenient operation and specific versatility. In short, the method provided by the embodiment of the present application can manage data in electronic devices safely, reliably, long-term, and easily in the case of insufficient storage space in electronic devices.

The various implementations described in this document may be independent solutions or may be combined according to internal logic, and all of these solutions fall within the protection scope of this application.

It can be understood that the methods and operations implemented by electronic devices in the above-mentioned various method embodiments can also be implemented by components (such as chips or circuits) that can be used in electronic devices.

The embodiment of the present application can divide the functional modules of the electronic device according to the above method example. For example, each functional module can be divided corresponding to each function, or two or more functions can be integrated into one processing module. The above integrated module can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of modules in the embodiment of the present application is schematic and is only a logical function division. There may be other feasible division methods in actual implementation. The following is an example of dividing each functional module corresponding to each function.

FIG15 is a schematic block diagram of an apparatus 1500 provided in an embodiment of the present application. The apparatus 1500 can be used to execute the action executed by the first device in the above method embodiment. The apparatus 1500 includes a receiving unit 1510, a sending unit 1520 and a processing unit 1530.

The receiving unit 1510 is used to receive a first instruction from a fourth device, where the first instruction instructs to encrypt and store the target data.

The sending unit 1520 is configured to send a first request to the second device, wherein the first request is used to request the second device to generate a first key, and the first key is used to encrypt the target data. In some implementations, the first request includes an identifier of the target data and a second identifier corresponding to the target data.

The receiving unit 1510 is further configured to receive a first key from a second device.

The processing unit 1530 is configured to encrypt the target data according to the first key from the second device.

The processing unit 1530 is further configured to store the encrypted target data in a third device.

In some implementations, the processing unit 1530 compresses the encrypted target data and the first identifier of the target data and stores them in a third device.

The receiving unit 1510 is further configured to receive a second instruction from a fourth device, where the second instruction instructs decrypting the target data encrypted by the first key.

The processing unit 1520 is further configured to obtain the encrypted target data in the third device.

The sending unit 1520 is further configured to send a second request to the second device, where the second request is used to request to obtain the first key. In some implementations, the second request includes the first identifier of the target data and the second identifier of the target data.

The processing unit 1520 is further configured to decrypt the target data encrypted by the first key.

The sending unit 1520 is further configured to send progress information of encrypting the target data to the fourth device, or send progress information of decrypting the target data encrypted by the first key to the fourth device.

The apparatus 1500 further includes a communication unit, and the communication unit is used to establish a connection between the apparatus 1500 and the second device, the third device, and the fourth device.

In other possible implementations, the receiving unit 1510 is used to receive a first operation from a user, where the first operation is used to instruct to encrypt and store target data.

The receiving unit 1510 is further used to receive a second operation from the user, where the second operation is used to instruct an operation of decrypting the encrypted target data.

The device 1500 further includes a display unit, which is used to display a first interface to receive a first operation from a user and a second interface to receive a second operation from a user.

The display unit is also used to display the progress of encrypting the target data. The display unit is also used to display the progress of decrypting the target data encrypted by the first key.

According to the solution of the present application, after the encrypted target data is transferred to the third device, the target data in the first device can be deleted, thereby indirectly expanding the storage space of the first device and alleviating the problem of increasingly tight storage space.

The first device encrypts the target data according to the first key, which ensures the security of the target data. The first device only stores the target data encrypted by the first key to the third device, and does not store the first key to the third device, which realizes the separate storage of the first key and the target data, and can reduce the risk of the target data being decrypted after the third device is lost, improve the security of data storage, and the third device is a user's private device, which can avoid the risk of target data being leaked online. In addition, the first key is generated by the second device, and the user does not need to manage the key himself, thereby improving the user experience.

According to the embodiment of the present application, the device 1500 may correspond to executing the method described in the embodiment of the present application, and the above and other operations and/or functions of the units in the device 1500 are respectively for implementing the corresponding processes of the method, which will not be repeated here for the sake of brevity.

The embodiment of the present application also provides an apparatus 1600, which can be used to perform the action performed by the second device in the above method embodiment. Figure 16 is a schematic block diagram of the apparatus 1600 provided in the embodiment of the present application. The apparatus 1600 includes a receiving unit 1610, a sending unit 1620 and a processing unit 1630.

The receiving unit 1610 is configured to receive a first request from a first device. In some implementations, the first request includes a first identifier of the target data and a second identifier of the target data.

The processing unit 1630 is configured to generate a first key according to the first request.

The sending unit 1620 is configured to send the first key to the first device.

The receiving unit 1610 is further configured to receive a second request from the first device. In some implementations, the second request includes a first identifier of the target data and a second identifier of the target data.

The processing unit 1630 is further configured to query the first key according to the second request.

In addition, the apparatus 1600 further includes a storage unit for storing the first key.

The apparatus 1600 further includes a communication unit, configured to establish a connection with the first device.

In the solution of the present application, the first key generated by the second device can reduce the amount of calculation of other devices and improve the efficiency of storing data. The second device can generate keys for multiple devices, which improves the versatility of the solution. The second device generates and stores the first key, and then obtains the first key from the second device during decryption. The user does not need to manage the key himself, and intelligent key management is realized, thereby improving the user experience.

In addition, an embodiment of the present application also provides a device, which may specifically be a chip, component or module, and the device may include a connected processor and memory; wherein the memory is used to store computer-executable instructions, and when the device is running, the processor may execute the computer-executable instructions stored in the memory so that the chip executes the methods in the above-mentioned method embodiments.

It should be noted that the chip can be implemented using the following circuits or devices: one or more field programmable gate arrays (FPGA), programmable logic devices (PLD), controllers, state machines, gate logic, discrete hardware components, any other suitable circuits, or any combination of circuits that can perform the various functions described throughout this application.

Optionally, in some embodiments, the present application provides an electronic device, which includes a chip, and the chip is used to read and execute a computer program or instruction stored in a memory, so that the method in each embodiment is executed.

Optionally, in some embodiments, the present application provides an electronic device, which includes a chip, and the chip is used to read and execute a computer program or instruction stored in a memory, so that the method in each embodiment is executed.

An embodiment of the present application further provides a computer-readable storage medium, wherein the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the steps in the above-mentioned method embodiments can be implemented.

An embodiment of the present application provides a computer program product. When the computer program product runs on a mobile terminal, the electronic device can implement the steps in the above-mentioned method embodiments when executing the computer program product.

In an embodiment of the present application, the electronic device includes a hardware layer, an operating system layer running on the hardware layer, and an application layer running on the operating system layer. Among them, the hardware layer may include hardware such as a central processing unit (CPU), a memory management unit (MMU), and a memory (also called main memory). The operating system of the operating system layer can be any one or more computer operating systems that implement business processing through processes, such as Linux operating systems, Unix operating systems, Android operating systems, iOS operating systems, or Windows operating systems. When the operating system is an Android operating system, the electronic device can have a software structure as shown in Figure 17.

The layered architecture divides the software into several layers, each with clear roles and division of labor. The layers communicate with each other through software interfaces. In some embodiments, the Android system is divided into four layers, from top to bottom: the application layer, the application framework layer, the Android runtime and system library, and the kernel layer.

The application layer can include a series of application packages.

As shown in FIG. 17 , the application package may include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, short message, etc.

The application framework layer provides an application programming interface (API) and a programming framework for the applications in the application layer. The application framework layer includes some predefined functions.

As shown in FIG. 17 , the application framework layer may include a window manager, a content provider, a view system, a telephony manager, a resource manager, a notification manager, and the like.

The window manager is used to manage window programs. The window manager can obtain the display screen size, determine whether there is a status bar, lock the screen, capture the screen, etc.

Content providers are used to store and retrieve data and make it accessible to applications. The data may include videos, images, audio, calls made and received, browsing history and bookmarks, phone books, etc.

The view system includes visual controls, such as controls for displaying text, controls for displaying images, etc. The view system can be used to build applications. A display interface can be composed of one or more views. For example, a display interface including a text notification icon can include a view for displaying text and a view for displaying images.

The phone manager is used to provide communication functions for electronic devices, such as the management of call status (including answering, hanging up, etc.).

The resource manager provides various resources for applications, such as localized strings, icons, images, layout files, video files, and so on.

The notification manager enables applications to display notification information in the status bar. It can be used to convey notification-type messages and can disappear automatically after a short stay without user interaction. For example, the notification manager is used to notify download completion, message reminders, etc. The notification manager can also be a notification that appears in the system top status bar in the form of a chart or scroll bar text, such as notifications of applications running in the background, or a notification that appears on the screen in the form of a dialog window. For example, a text message is displayed in the status bar, a prompt sound is emitted, an electronic device vibrates, an indicator light flashes, etc.

Android Runtime includes core libraries and virtual machines. Android runtime is responsible for scheduling and management of the Android system.

The core library consists of two parts: one part is the function that needs to be called by the Java language, and the other part is the Android core library.

The application layer and the application framework layer run in a virtual machine. The virtual machine executes the Java files of the application layer and the application framework layer as binary files. The virtual machine is used to perform functions such as object life cycle management, stack management, thread management, security and exception management, and garbage collection.

The system library may include multiple functional modules, such as surface manager, media library, 3D graphics processing library (such as OpenGL ES), 2D graphics engine (such as SGL), etc.

The surface manager is used to manage the display subsystem and provide the fusion of 2D and 3D layers for multiple applications.

The media library supports playback and recording of a variety of commonly used audio and video formats, as well as static image files, etc. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing.

A 2D graphics engine is a drawing engine for 2D drawings.

The kernel layer is the layer between hardware and software. The kernel layer contains at least display driver, camera driver, audio driver, and sensor driver.

The electronic device, computer-readable storage medium, computer program product and chip provided in the above-mentioned embodiments of the present application are all used to execute the methods provided above. Therefore, the beneficial effects that can be achieved can refer to the corresponding beneficial effects of the methods provided above, and will not be repeated here.

In the embodiments provided in the present application, it should be understood that the disclosed devices/electronic devices and methods can be implemented in other ways. For example, the device/electronic device embodiments described above are merely schematic. For example, the division of the modules or units is only a logical function division. There may be other division methods in actual implementation, such as multiple units or components can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be through some interfaces, indirect coupling or communication connection of devices or units, which can be electrical, mechanical or other forms.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.

If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the present application implements all or part of the processes in the above-mentioned embodiment method, which can be completed by instructing the relevant hardware through a computer program, and the computer program can be stored in a computer-readable storage medium, and the computer program can implement the steps of the above-mentioned various method embodiments when executed by the processor. Among them, the computer program includes computer program code, and the computer program code can be in source code form, object code form, executable file or some intermediate form. The computer-readable medium may at least include: any entity or device that can carry the computer program code to the terminal device, a recording medium, a computer memory, a read-only memory (ROM), a random access memory (RAM), an electric carrier signal, a telecommunication signal, and a software distribution medium. For example, a USB flash drive, a mobile hard disk, a magnetic disk or an optical disk. In some jurisdictions, according to legislation and patent practice, computer-readable media cannot be electric carrier signals and telecommunication signals.

The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In the above description, specific details such as specific system structures, technologies, etc. are provided for the purpose of illustration rather than limitation, so as to provide a thorough understanding of the embodiments of the present application. However, it should be clear to those skilled in the art that the present application may also be implemented in other embodiments without these specific details. In other cases, detailed descriptions of well-known systems, devices, circuits, and methods are omitted to prevent unnecessary details from obstructing the description of the present application.

It should be understood that when used in the present specification and the appended claims, the term "comprising" indicates the presence of described features, wholes, steps, operations, elements and/or components, but does not exclude the presence or addition of one or more other features, wholes, steps, operations, elements, components and/or combinations thereof.

It should also be understood that the "multiple" mentioned in the specification and the appended claims of this application refers to two or more. In the description of this application, unless otherwise specified, "/" means or, for example, A/B can mean A or B; "and/or" in this article is only a description of the association relationship of associated objects, which means any combination of one or more of the items listed in the association and all possible combinations, and includes these combinations, for example, A and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone.

As used in the specification and appended claims of this application, the term "if" can be interpreted as "when" or "uponce" or "in response to determining" or "in response to detecting", depending on the context. Similarly, the phrase "if it is determined" or "if [described condition or event] is detected" can be interpreted as meaning "uponce it is determined" or "in response to determining" or "uponce [described condition or event] is detected" or "in response to detecting [described condition or event]", depending on the context.

In addition, in order to clearly describe the technical solution of the present application, words such as "first" and "second" are used to distinguish between identical or similar items with substantially the same functions and effects. Those skilled in the art can understand that words such as "first" and "second" do not limit the quantity and execution order, and cannot be understood as indicating or implying relative importance, and words such as "first" and "second" do not necessarily limit differences.

References to "one embodiment" or "some embodiments" etc. described in the specification of this application mean that one or more embodiments of the present application include specific features, structures or characteristics described in conjunction with the embodiment. Therefore, the statements "in one embodiment", "in some embodiments", "in some other embodiments", "in some other embodiments", etc. that appear in different places in this specification do not necessarily refer to the same embodiment, but mean "one or more but not all embodiments", unless otherwise specifically emphasized in other ways. The terms "including", "comprising", "having" and their variations all mean "including but not limited to", unless otherwise specifically emphasized in other ways.

The embodiments described above are only used to illustrate the technical solutions of the present application, rather than to limit them. Although the present application has been described in detail with reference to the aforementioned embodiments, a person skilled in the art should understand that the technical solutions described in the aforementioned embodiments may still be modified, or some of the technical features may be replaced by equivalents. Such modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the present application, and should all be included in the protection scope of the present application.

Claims (6)

1. A method for storing data, characterized in that the method is applied to a communication system, the communication system comprises a first device, a second device, a third device and a fourth device, the third device is a mobile hard disk, and the method comprises: The fourth device displays an interface for managing the first device, wherein the interface for managing the first device includes a transfer function control; In response to a user clicking operation on the transfer function control, the fourth device displays a data management interface, wherein the data management interface includes a transfer to hard disk control and a view hard disk control; In response to the user clicking the transfer to hard disk control, the fourth device displays a local storage interface, the local storage interface including at least one first file icon to be selected, and also including an encrypted storage control and a storage control, the at least one first file icon respectively representing at least one first file stored in the fourth device; After the user selects a storage file in the at least one first file, in response to a click operation of the user on the storage control, the fourth device sends the storage file to the first device, and the first device stores the storage file in the third device; After the user selects a target file from the at least one first file, in response to a click operation of the user on the encrypted storage control, the fourth device sends a first instruction to the first device; After receiving the first instruction, the first device sends a first request to the second device, the first instruction is used to instruct to encrypt and store the target data stored in the first device, the first request includes a second identifier of the target data, the second identifier is used to identify a user corresponding to the target data, the first request is used to request the second device to generate a first key, the first instruction is an instruction from the fourth device, the target data is sent by the fourth device to the first device, and the target data is data in the target file; The first device receives the first key from the second device, and encrypts the target data using the first key; The first device compresses the encrypted target data and the second identifier of the target data to obtain a target compressed package, stores the target compressed package in a third device, and deletes the encrypted target data locally; After the first device compresses and stores the encrypted target data and the second identifier of the target data to the third device, when the fourth device displays the management data interface, in response to the user's click operation on the view hard disk control, a first hard disk storage interface is displayed, the first hard disk storage interface includes a plurality of second file icons, the plurality of second file icons respectively represent a plurality of second files stored by the third device, the plurality of second files include the target compressed package, the first hard disk storage interface also includes a user corresponding to the target compressed package, the plurality of second files also include at least one unencrypted file, and the first hard disk storage interface also includes an encryption control and a decryption control; After the user selects a target compressed package from the plurality of second files, in response to the user clicking the decryption control among the encryption control and the decryption control, the fourth device sends a second instruction to the first device; After receiving the second instruction, the first device obtains the encrypted target data and the second identifier of the target data in the third device, wherein the second instruction is used to instruct to decrypt the encrypted target data, and the second instruction includes a user identifier; When the user identifier matches the second identifier obtained from the third device, the first device sends a second request to the second device, where the second request is used to request to obtain the first key; The first device receives the first key from the second device; The first device decrypts the encrypted target data using the first key; After decryption by the first device, the fourth device displays a second hard disk storage interface, wherein the second hard disk storage interface includes multiple third file icons, wherein the multiple third file icons respectively represent multiple third files stored in the third device, and the multiple third files include a target decrypted file, wherein the target decrypted file includes data obtained by decrypting the encrypted target data. 2 . The method according to claim 1 , wherein the first request comprises a first identifier of the target data, and the first identifier is used to identify the content of the target data. 3. The method according to claim 2, wherein the first device compresses the encrypted target data and the second identifier of the target data to obtain a target compressed package, comprising: The first device compresses the encrypted target data and the first identifier of the target data and the second identifier of the target data in the first request to obtain the target compressed package. 4. The method according to claim 2 or 3, characterized in that the second request includes a first identifier of the target data. 5. The method according to any one of claims 1 to 3, characterized in that the method further comprises: The first device sends progress information of encrypting the target data to the fourth device, or sends progress information of decrypting the encrypted target data to the fourth device. 6. A communication system for storing data, characterized in that the communication system comprises: a first device, a second device, a third device and a fourth device according to any one of claims 1 to 5.