一個建構在Web上的整合式檔案加密系統

Abstract

在現今Dropbox、Onedrive、Google雲端硬碟等免費儲存空間服務平台盛行的時空背景下，透過網路儲存空間來傳遞或分享檔案的行為模式越見頻繁，然而近年來資訊安全的重要性逐漸為人們所呼籲著重，加上網路使用者對於隱私權重視的抬頭，透過網路進行的檔案傳輸分享是否真的安全無虞便成為一個值得探討的議題，加上前述的3種檔案儲存服務平台都是將檔案儲放在個人帳號申請之後提供的網路空間中，除非使用者手動刪除，不然一旦上傳的分享檔案便會永久的儲放在網路上，以檔案傳輸的角度來說，並不是所有的檔案都適合永久的儲放在網路上，時間越久檔案便越有被非適當者取走的風險。本論文試研究並提出一種讓使用者可透過Web介面輕鬆且有效率並安全的交換電子檔案，跨平台、跨裝置並且設計人性化、直覺式簡潔的操作畫面，支援跨瀏覽器的單檔、多檔全面上、下載，並且採用AES-256加密等級的檔案加密壓縮功能，透過SHA雜湊產生每位使用者獨立的取檔URL以及SSL加密通道提升整體系統的安全性，適用於以下的情境：1.暫時性檔案傳輸與取用；2.機密性檔案傳輸與分享;3.臨時性檔案傳輸與分享；當然也適合一般平常的檔案傳輸與分享。

In today Dropbox, Onedrive, Google Drive storage service platform and other free popular space-time background, patterns of behavior through the Internet storage space to pass or share files more frequently see, however, the importance of information security in recent years, people gradually called for focusing, plus Internet users to pay attention to the rise of privacy, file transfers conducted through the Internet sharing is really safe and secure has become a topic worth exploring, with the aforementioned three kinds of file storage services platforms are The file storing in the personal account after application provides web space, unless the user manually delete, or share files once uploaded will be a permanent storage on the network to file transmission point of view, not all Archives are suitable for permanent storage on the network, the longer the more risk archives by non fit taken away. This paper tries to study and propose a way to let users can easily through the Web interface and efficient and secure exchange of electronic files, cross-platform, cross-device and design user-friendly, simple and intuitive operation screen, support cross browser single file, more comprehensive file on, download, and uses AES-256 encryption level file encryption compression, Minato produce each user a separate URL and SSL encryption unarchiver channel to enhance the security of the overall system through SHA miscellaneous, applies to the following situations: 1. The temporary file transfer and access; 2. file transfer and share confidential; 3. temporary file transfer and sharing; of course, the usual for general file transfer and sharing.