电子证据属于敏感信息,且种类繁多,数量巨大,如何对电子证据提供安全保障对网络取证的有效性尤为关键。文章提出了一种电子证据保护方法可防范入侵并容忍入侵。该方法主要对证据数据进行编码并分散存储,利用用户密钥自动生成编码矩阵,并采用累积校验来对分片的完整性进行保证。该方法在证据数据被部分破坏的情况下可完全恢复原始信息,并防止假冒,具有较好的安全性,而自动生成编码矩阵又大大提高了可用性。该方法也适用于大数据环境中其他敏感数据的安全存储需求。%Digital evidence belongs to sensitive information which is always varied and massive. It is especially important to protect digital evidences during process of network forensics. A novel evidences preservation mechanism is proposed which can prevent intrusion and tolerant intrusion. The core ideas of this mechanism consist of information encodeing and fragment, creating coding matrix by secret key and cumulate checksum for integrity of formation. The original information could recover from damage and prevent fake. This mechanism not only obtains securtiy but also improves usability. Further more, it also meet the security storage demand of sensitive information of big data.
展开▼
