CN106603510A - Data processing method and terminal - Google Patents
Data processing method and terminal Download PDFInfo
- Publication number
- CN106603510A CN106603510A CN201611078838.8A CN201611078838A CN106603510A CN 106603510 A CN106603510 A CN 106603510A CN 201611078838 A CN201611078838 A CN 201611078838A CN 106603510 A CN106603510 A CN 106603510A
- Authority
- CN
- China
- Prior art keywords
- key
- characteristic information
- data
- client device
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a data processing method and a terminal. The method comprises that characteristic information of client equipment is obtained; a preset algorithm is used to calculate a secret key corresponding to the characteristic information; and the secret key is used to encrypt or decrypt target data. The safety of the secret key can be improved, and thus, the safety of user data encrypted by the secret key is improved.
Description
Technical field
The present invention relates to electronic technology field, more particularly to a kind of data processing method and terminal.
Background technology
Hyper text transfer security protocol (full name:Hyper Text Transfer Protocol over Secure
Socket Layer, HTTPS), it is the HTTP passages with safety as target, it is briefly the safe version of HTTP, for safety
HTTP data transfers.HTTPS is to be developed by Netscape Netscape and be built in its browser Netscape Navigator
In, for being compressed to data and decompression operations, and return the result sent back on network.Main Function can be divided into two
Kind:One kind is the safety for setting up an information security passage to ensure data transfer;Another kind is exactly confirm website true
Property.
Wherein, HTTPS actually applies the SSL SSL of Netscape, used as the sublayer of HTTP application layers.
The foundation for security of HTTPS is SSL, therefore the detailed content encrypted is accomplished by SSL.
At present, HTTPS is widely used in the communication of security sensitive on WWW, such as transaction payment aspect.Work as client
When adopting HTTPS transmission datas with server end, the client that server is registration is needed to pre-set the close of encryption/decryption
Key, and client and server be both needed to pre-save key, so as to client and server all treating with the key of agreement
The data of transmission are encrypted, or the data to receiving are decrypted.
However, because client and server carries out encryption and decryption, and client and server with the key appointed
It is both needed to pre-save key, so same key is all shared using all of user of the server, if in any client
The key of preservation is cracked, and is equivalent to all be cracked using the data of all users of the server, there is data safety hidden
Suffer from.
The content of the invention
The embodiment of the present invention provides a kind of data processing method and terminal, it is possible to increase the safety of key, so as to improve
The safety of the user data encrypted using key.
In a first aspect, embodiments providing a kind of data processing method, the method includes:
Obtain the characteristic information of client device;
The corresponding key of the characteristic information is calculated using preset algorithm;
Target data is encrypted or is decrypted using the key.
On the other hand, a kind of terminal is embodiments provided, the terminal includes:
Acquiring unit, for obtaining the characteristic information of client device;
Computing unit, for calculating the corresponding key of the characteristic information using preset algorithm;
Data processing unit, for being encrypted to target data or decrypting using the key.
The characteristic information that the embodiment of the present invention passes through acquisition client device;Characteristic information correspondence is calculated using preset algorithm
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate guarantor
In there is client device or server, but need to be calculated, be so prevented from the feelings that key is cracked/intercepts
Condition occurs, and improves the safety of key.Further, since the characteristic information of each client is unique, therefore, terminal according to
The getable key of characteristic information calculating of client device is also different, certain data interaction pair of certain client device immediately
The key answered is cracked, and cannot also obtain the corresponding interaction data of other client devices, so as to improve the safety of user data
Property.
Description of the drawings
Technical scheme in order to be illustrated more clearly that the embodiment of the present invention, below will be to making needed for embodiment description
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are some embodiments of the present invention, for ability
For the those of ordinary skill of domain, on the premise of not paying creative work, can be attached to obtain others according to these accompanying drawings
Figure.
Fig. 1 is a kind of schematic diagram of data handling system provided in an embodiment of the present invention;
Fig. 2 is a kind of schematic flow diagram of data processing method provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic flow diagram of data processing method that another embodiment of the present invention is provided;
Fig. 4 is a kind of schematic block diagram of terminal provided in an embodiment of the present invention;
Fig. 5 is a kind of terminal schematic block diagram that another embodiment of the present invention is provided;
Fig. 6 is a kind of terminal schematic block diagram that yet another embodiment of the invention is provided.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is a part of embodiment of the invention, rather than the embodiment of whole.Based on this
Embodiment in bright, the every other enforcement that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to the scope of protection of the invention.
It should be appreciated that when using in this specification and in the appended claims, term " including " and "comprising" are indicated
The presence of described feature, entirety, step, operation, element and/or component, but it is not precluded from one or more of the other feature, whole
The presence or addition of body, step, operation, element, component and/or its set.
It is also understood that mesh of the term used in this description of the invention merely for the sake of description specific embodiment
And be not intended to limit the present invention.As used in description of the invention and appended claims, unless on
Other situations are hereafter clearly indicated, otherwise " one " of singulative, " one " and " being somebody's turn to do " is intended to include plural form.
It will be further appreciated that, the term "and/or" used in description of the invention and appended claims is
Refer to any combinations of one or more in the associated item listed and be possible to combination, and including these combinations.
As in this specification and in the appended claims as use, term " if " can be according to context quilt
Be construed to " when ... " or " once " or " in response to determining " or " in response to detecting ".Similarly, phrase " if it is determined that " or
" if detecting [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to true
It is fixed " or " once detecting [described condition or event] " or " in response to detecting [described condition or event] ".
In implementing, the terminal described in the embodiment of the present invention including but not limited to such as has touch sensitive surface
Other of the mobile phone of (for example, touch-screen display and/or touch pad), laptop computer or tablet PC etc are just
Portable device.It is to be further understood that in certain embodiments, the equipment not portable communication device, but with touching
Touch the desk computer of sensing surface (for example, touch-screen display and/or touch pad).
In discussion below, the terminal for including display and touch sensitive surface is described.It is, however, to be understood that
It is that terminal can include one or more of the other physical user-interface device of such as physical keyboard, mouse and/or control-rod.
Terminal supports various application programs, such as it is following in one or more:Drawing application program, demonstration application journey
Sequence, word-processing application, website create application program, disk imprinting application program, spreadsheet applications, game application
Program, telephony application, videoconference application, email application, instant messaging applications, exercise
Support application program, photo management application program, digital camera application program, digital camera application program, web-browsing application
Program, digital music player application and/or video frequency player application program.
The various application programs that can be performed in terminal can be public using at least one of such as touch sensitive surface
Physical user-interface device.Can adjust among applications and/or in corresponding application programs and/or change and touch sensitive table
The corresponding information shown in the one or more functions and terminal in face.So, the public physical structure of terminal (for example, is touched
Sensing surface) can support that there are the various application programs of user interface directly perceived and transparent for a user.
Fig. 1 is referred to, Fig. 1 is a kind of schematic diagram of data handling system provided in an embodiment of the present invention.Data processing system
System includes at least one client device 110 and a server 120.Client device 110 can be mutual with server 120
Communication, carries out data interaction.Wherein, user can also may be used by client device 110 to the application for registration account of server 120
Not register.During client device 110 carries out data interaction with server 120, using HTML (Hypertext Markup Language)
(Hyper Text Transfer Protocol, HTTP) transmission data.
Client device 110 is used to obtain client device 110 characteristic information of itself.Characteristic information can include but not
It is limited to Internet protocol (Internet Protocol, IP) address and/or identification information.Identification information can be that client sets
Standby 110 unique mark, or the field/character string for identifying the identity of client device 110, for example, user agent
(User Agent, UA).UA is a special string head so that server 120 is capable of identify that the behaviour that client device is used
Make system and version, central processing unit (Central Processing Unit, CPU) type, browser type and browser version
Sheet, browser renders engine, browser language, browser plug-in etc..
Characteristic information can also be the instantaneous eigenvalues for identifying user identity or client device.Here, not to wink
Between eigenvalue limit, specifically can be configured according to practical situation, as long as guaranteeing from purpose information to be decrypted to obtain
Get the instantaneous eigenvalues adopted when encrypting to it.
Client device 110 calculates characteristic information corresponding after the characteristic information for getting itself using preset algorithm
Key.
Wherein, it is previously stored with preset algorithm information in client device 110 and server 120.Preset algorithm can be with
Field/character string is converted into into the algorithm of unique definite value, for example, preset algorithm includes but is not limited to Message Digest Algorithm 5
(Message Digest Algorithm, MD5) or hash algorithm etc..Wherein, unique definite value can be digital and/or character,
It is not limited herein.
Client device 110 is encrypted to target data or is decrypted using calculated key.Wherein, target data
Can be the data for needing the data sent to server 120, or server 120 to send to client device 110.Should
Data can be user data, solicited message or the data sent according to solicited message.
When target data is the data that needs send to server 120, the target data carries client device 110
Characteristic information, client device 110 is encrypted characteristic information waiting for transmission using calculated key, and using super literary
This host-host protocol HTTP transmits the target data after encryption to server 120.Wherein, the visitor that the target data after encryption is carried
The characteristic information of family end equipment 110 need not decrypt by direct access.
When target data is the data that server 120 sends to client device 110, client device 110 adopts root
Target data is decrypted according to the characteristic information of client device 110 calculated key, to obtain user data.Its
In, server 120 can carry the characteristic information of this client device 110 to the target data that client device 110 sends,
This feature information can not be carried, is not limited herein.
When server 120 carries the spy of the client device 110 for receiving the data to the data that client device 110 sends
When reference ceases, this feature information is used to receive the client device 110 of the data and recognizes that whether the data are the data of local terminal.
When the data that the data are non-local terminal, the client device 110 cannot be decrypted to it.
Server 120 receive client device 110 transmission encryption after target data when, from the target of the encryption
The characteristic information of the client device 110 is read in data, and should using calculating with the identical preset algorithm of client device 110
The corresponding decruption key of characteristic information, and the target data of the encryption using the key to receiving is decrypted, therefrom to obtain
Take user data.
Wherein, server 120 can direct access target data carry client device 110 characteristic information, that is, service
Device 120 is in the target data after the encryption for receiving the transmission of client device 110, it is not necessary to which the target data after encryption is entered
Row decryption is obtained its characteristic information for carrying.
Server 120 obtains the feature letter of the client device 110 when needing to send data to client device 110
Breath, and encryption key is calculated according to this feature information, and target data waiting for transmission is encrypted using the encryption key, and
By the target data after encryption using HTML (Hypertext Markup Language) to the client device 110.
Because the characteristic information of each client is unique, and preset algorithm causes the corresponding key of characteristic information
Uniqueness, the no matter key all same that transmitting terminal or receiving terminal are obtained according to same characteristic information can be unique close using this
Key is encrypted to target data waiting for transmission or the target data that receives is decrypted.Due to each client device 110
Characteristic information be unique, the corresponding characteristic information of each data interaction is also not quite similar, so can at random generate key,
Immediately the data of the single transmission of same client device 110 are cracked, and also cannot crack the client device using same key
110 all data, ensure that the secure user data of client device 110.
Fig. 2 is referred to, Fig. 2 is a kind of schematic flow diagram of data processing method provided in an embodiment of the present invention.This enforcement
The executive agent of data processing method is terminal in example.Terminal is client device or server, and client device can be handss
The mobile terminals such as machine, panel computer or desktop computer.Data processing method as shown in Figure 2 may include following steps:
S101:Obtain the characteristic information of client device.
When terminal is client device, client device obtains the characteristic information of itself.
When terminal is server, the feature letter of client device is obtained in the message that server sends from client device
Breath;Or its corresponding characteristic information that reception client device sends.The characteristic information of each client device is unique.
Characteristic information can be the instantaneous eigenvalues for identifying user identity or client device.Here, not to moment
Eigenvalue is limited, and specifically can be configured according to practical situation, as long as guaranteeing to be obtained from purpose information to be decrypted
The instantaneous eigenvalues adopted when encrypting to it.
S102:The corresponding key of the characteristic information is calculated using preset algorithm.
Terminal calculates characteristic information corresponding after the characteristic information for getting itself using the preset algorithm for prestoring
Key.
Wherein, preset algorithm can be the algorithm that field/character string is converted into unique definite value, not limit in the present embodiment
The type of preset algorithm, specifically can be selected according to actual needs.Unique definite value can be digital and/or character, herein not
It is limited.
It is understood that client device is identical with the preset algorithm that server is adopted.
When the preset algorithm prestored in client device and server is at least two, client device and service
Device needs offered agreement both sides to carry out the preset algorithm adopted during data interaction.
It is understood that because the characteristic information of each client device is unique, therefore, terminal is according to client
It is also different that the characteristic information of equipment calculates getable key.
S103:Target data is encrypted or is decrypted using the key.
Wherein, target data can be client device need to server send data, or server to
The data that client device sends.The data can be user data, solicited message or the data sent according to solicited message.
When terminal is client device, and client device is needed to server transmission target data, client device is adopted
It is encrypted to sent target data with calculated key, the target data encrypted is sent to server.Or
Person, client device receive server transmission encrypted target data when, using calculated key to receiving
The target data encrypted be decrypted, so as to obtain target data.
When terminal be server when, server receive client device transmission encrypted target data when, adopt
Calculated key is decrypted to the target data encrypted for receiving, so as to obtain target data;Or, server
When needing to client device transmission target data, server is carried out using calculated key to sent target data
Encryption, the target data encrypted is sent to client device.
Such scheme, terminal obtains the characteristic information of client device;Characteristic information is calculated using preset algorithm corresponding
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate preservation
In client device or server, but need to be calculated, be so prevented from the situation that key is cracked/intercepts
Occur, improve the safety of key.Further, since the characteristic information of each client is unique, the spy of each client
Reference breath is different, therefore, terminal is also different according to the getable key of the characteristic information of client device calculating, i.e.,
Make the corresponding key of certain client device certain data interaction be cracked, cannot also obtain the corresponding interaction of other client devices
Data, so as to improve the safety of user data.
Fig. 3 is referred to, Fig. 3 is a kind of schematic flow diagram of data processing method provided in an embodiment of the present invention.This enforcement
The executive agent of data processing method is terminal in example.Terminal is client device or server, and client device can be handss
The mobile terminals such as machine, panel computer or desktop computer.Data processing method as shown in Figure 3 may include following steps:
S201:Receive the first object data that opposite equip. is sent using HTML (Hypertext Markup Language).
When terminal is client device, opposite equip. is server;When terminal is server, opposite equip. is client
End equipment.
For example, when terminal is client device, client device the reception server adopts HTML (Hypertext Markup Language)
The first object data encrypted that (Hyper Text Transfer Protocol, HTTP) sends.Wherein, server is to visitor
The first object data encrypted that family end equipment sends can carry the characteristic information of this client device, it is also possible to not carry
This feature information, is not limited herein.When first object data carry the spy of the client device for receiving the first object data
When reference ceases, the client device of the first object data for receiving can according to its characteristic information for carrying verify this first
Whether target data is the corresponding target data of this client device.Characteristic information and this visitor when first object data carrying
When the characteristic information of family end equipment is incomplete same, this client device abandons the first object data or does not process first mesh
Mark data.
When terminal is server, server is received client device and has been encrypted using what HTML (Hypertext Markup Language) sent
First object data.Wherein, first object data carry the characteristic information of the client device.
Because the first object data encrypted are transmitted using HTML (Hypertext Markup Language), opposite equip. is receiving
During one target data, it is not necessary to the characteristic information of direct access client device by decryption.
S202:Obtain the characteristic information of client device.
When terminal is client device, client device obtains the characteristic information of itself.
When terminal is server, visitor is obtained in the message (or first object data) that server sends from client device
The characteristic information of family end equipment;Or its corresponding characteristic information that reception client device sends.
Wherein, the characteristic information of each client device is unique.
Characteristic information can be the instantaneous eigenvalues for identifying user identity or client device.Here, not to moment
Eigenvalue is limited, and specifically can be configured according to practical situation, as long as guaranteeing to be obtained from purpose information to be decrypted
The instantaneous eigenvalues adopted when encrypting to it.
Further, characteristic information can include Internet protocol (Internet Protocol, IP) address and/or knowledge
Other information.Identification information can be the unique mark of client device, or the word for identifying client device identity
Section/character string, for example, user agent (User Agent, UA).UA is a special string head so that server can be known
Operating system and version, central processing unit (Central Processing Unit, CPU) type, browser that other client uses
Type and browser version, browser renders engine, browser language, browser plug-in etc..S203:Calculated using preset algorithm
The corresponding key of the characteristic information.
Terminal calculates characteristic information corresponding after the characteristic information for getting itself using the preset algorithm for prestoring
Key.
Wherein, preset algorithm can be the algorithm that field/character string is converted into unique definite value, not limit in the present embodiment
The type of preset algorithm, specifically can be selected according to actual needs.Unique definite value can be digital and/or character, herein not
It is limited.
For example, preset algorithm include but is not limited to Message Digest Algorithm 5 (Message Digest Algorithm,
) or hash algorithm etc. MD5.
It is understood that client device is identical with the preset algorithm that server is adopted.
When the preset algorithm prestored in client device and server is at least two, client device and service
Device needs offered agreement both sides to carry out the preset algorithm adopted during data interaction.
Further, step S203 can include:The corresponding key of the characteristic information is calculated using Message Digest 5.
Terminal calculates the corresponding key of characteristic information using Message Digest 5.
Message Digest 5 can be (Message Digest Algorithm, MD5), but be not limited to this, can be with
It is the Message Digest 5 of other versions.
It is understood that because the characteristic information of each client device is unique, therefore, terminal is according to client
It is also different that the characteristic information of equipment calculates getable key.When characteristic information include user agent (User Agent,
When UA), characteristic information is random and changes that carrying out the corresponding characteristic information of data interaction every time can be different, i.e. client
Operating system and version, central processing unit (Central Processing that end equipment is used when carrying out data interaction every time
Unit, CPU) type, browser type and browser version, browser renders engine, browser language, browser plug-in etc. have
May be different.
Because the corresponding characteristic information of each data interaction is also possible to difference, now this feature information is random and changes
, it is also every time random and change according to the calculated key of characteristic information, even so enabling to same client
Hold the corresponding key of certain data interaction to be cracked, cannot also crack the data produced in addition to certain data interaction.
S204:Target data is encrypted or is decrypted using the key.
Wherein, target data can be client device need to server send data, or server to
The data that client device sends.The data can be user data, solicited message or the data sent according to solicited message.
When terminal is client device, and client device is needed to server transmission target data, client device is adopted
It is encrypted to sent target data with calculated key, the target data encrypted is sent to server.Or
Person, client device receive server transmission encrypted target data when, using calculated key to receiving
The target data encrypted be decrypted, so as to obtain target data.
When terminal be server when, server receive client device transmission encrypted target data when, adopt
Calculated key is decrypted to the target data encrypted for receiving, so as to obtain target data;Or, server
When needing to client device transmission target data, server is carried out using calculated key to sent target data
Encryption, the target data encrypted is sent to client device.
Further, step S204 includes:S2041 is solved using the key to the first object data for receiving
It is close;Or S2042:The second target data waiting for transmission is encrypted using the key.
For example, terminal is decrypted using calculated key to the first object data encrypted for receiving, with
Obtain first object data;Wherein, the first object data encrypted by equipment send.Terminal can also to it is to be transmitted extremely
To the second target data of equipment be encrypted.
When local device (terminal) is client device, opposite equip. is server;When local device (terminal) is clothes
During business device, opposite equip. is client device.
Further, terminal can adopt calculated key, by Advanced Encryption Standard (Advanced
Encryption Standard, AES) target data is encrypted/is decrypted.
S205:The second target data of the encryption is sent to the opposite equip. using HTML (Hypertext Markup Language).
When local device is client device, the second target that client device will be encrypted using HTML (Hypertext Markup Language)
Data is activation is to server.
When local device is server, server is sent the second target data encrypted using HTML (Hypertext Markup Language)
To client device.
Such scheme, terminal obtains the characteristic information of client device;Characteristic information is calculated using preset algorithm corresponding
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate preservation
In client device or server, but need to be calculated, be so prevented from the situation that key is cracked/intercepts
Occur, improve the safety of key.Further, since the characteristic information of each client is unique, the spy of each client
Reference breath is different, therefore, terminal is also different according to the getable key of the characteristic information of client device calculating, i.e.,
Make the corresponding key of certain client device certain data interaction be cracked, cannot also obtain the corresponding interaction of other client devices
Data, so as to improve the safety of user data.Every time the corresponding characteristic information of data interaction is also possible to difference, now the spy
Reference breath is random and changes, even so enable to the corresponding key of same client certain data interaction being broken
Solution, cannot also crack the data produced in addition to certain data interaction.
During data interaction, although the characteristic information of client device participates in transmission, the method for generating key
Transmission is not involved in, the key of generation is not also directly transmitted so that although Web Grafiti molecule can get the spy of client device
Reference ceases, and real key cannot be also obtained, it is impossible to crack the data of transmission, so as to ensure that the safety of user.
When characteristic information includes user agent UA, characteristic information is random and changes, and data interaction pair is carried out every time
The characteristic information answered can be different, and each data interaction is different according to the calculated key of characteristic information.Due to close
Key is random and changes, even so enable to the corresponding key of same client certain data interaction being cracked,
The data produced in addition to certain data interaction cannot be cracked, the safety of target data is improved.
Referring to Fig. 4, Fig. 4 is a kind of schematic block diagram of terminal provided in an embodiment of the present invention.Terminal can be set with client
It is standby, or server, client device can be the mobile terminal such as mobile phone, panel computer, but be not limited to this, can be with
For other-end, it is not limited herein.The each unit that the terminal of the present embodiment includes is used to perform in the corresponding embodiments of Fig. 2
Each step, specifically refers to the associated description in the corresponding embodiments of Fig. 2 and Fig. 2, does not repeat herein.The terminal of the present embodiment
400 include:Acquiring unit 410, computing unit 420 and data processing unit 430.
Acquiring unit 410 is used to obtain the characteristic information of client device.Such as, acquiring unit 410 obtains client and sets
Standby characteristic information.Acquiring unit 410 sends characteristic information to computing unit 420.
Computing unit 420 is used to receive the characteristic information of the transmission of acquiring unit 410, and using preset algorithm the feature is calculated
The corresponding key of information.
Such as, computing unit 420 receives the characteristic information that acquiring unit 410 sends, and using preset algorithm the spy is calculated
Reference ceases corresponding key.
Computing unit 420 sends calculated key to data processing unit 430.
Data processing unit 430 is used to receive the key of the transmission of computing unit 420, and target data is entered using the key
Row encryption is decrypted.
Such as, data processing unit 430 receives the key that computing unit 420 sends, using the key to target data
It is encrypted or decrypts.
Such scheme, terminal obtains the characteristic information of client device;Characteristic information is calculated using preset algorithm corresponding
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate preservation
In client device or server, but need to be calculated, be so prevented from the situation that key is cracked/intercepts
Occur, improve the safety of key.Further, since the characteristic information of each client is unique, the feature of each client
Information is different, therefore, terminal is also different according to the getable key of the characteristic information of client device calculating, even if
The corresponding key of certain data interaction of certain client device is cracked, and cannot also obtain the corresponding interactive number of other client devices
According to so as to improve the safety of user data.Every time the corresponding characteristic information of data interaction is also possible to difference, now this feature
Information is random and changes, even so enable to the corresponding key of same client certain data interaction being cracked,
Also the data produced in addition to certain data interaction cannot be cracked.
Referring to Fig. 5, Fig. 5 is a kind of schematic block diagram of terminal that another embodiment of the present invention is provided.Terminal can be with client
End equipment, or server, client device can be the mobile terminals such as mobile phone, panel computer, but be not limited to this, also
Can be other-end, not be limited herein.The each unit that the terminal of the present embodiment includes is used to perform the corresponding embodiments of Fig. 3
In each step, specifically refer to the associated description in the corresponding embodiments of Fig. 3 and Fig. 3, do not repeat herein.The present embodiment
Terminal 500 includes:Receiving unit 510, acquiring unit 520, computing unit 530, data processing unit 540, transmitting element 550.
Data processing unit includes that 540 include ciphering unit 541 and decryption unit 542.
Receiving unit 510 is used to receive the first object data that opposite equip. is sent using HTML (Hypertext Markup Language).Receive
Unit 510 sends first object data to acquiring unit 520 or data processing unit 540.
Acquiring unit 520 is used to obtain the characteristic information of client device.Such as, acquiring unit 520 obtains client and sets
Standby characteristic information.
Further, the characteristic information includes internet protocol address or identification information.
Acquiring unit 520 sends characteristic information to computing unit 530.
Computing unit 530 is used to receive the characteristic information of the transmission of acquiring unit 520, and using preset algorithm the feature is calculated
The corresponding key of information.
Such as, computing unit 530 receives the characteristic information that acquiring unit 520 sends, and using preset algorithm the spy is calculated
Reference ceases corresponding key.
Further, computing unit 530 is corresponding close specifically for calculating the characteristic information using Message Digest 5
Key.
Computing unit 530 sends calculated key to data processing unit 540.
Data processing unit 540 is used to receive the key of the transmission of computing unit 530, and target data is entered using the key
Row encryption is decrypted.
Such as, data processing unit 540 receives the key that computing unit 530 sends, using the key to target data
It is encrypted or decrypts.
Further, ciphering unit 541 is used to be encrypted the second target data waiting for transmission using the key;Solution
Close unit 542 is used to receive the first object data of the transmission of receiving unit 510, using the key to the first object that receives
Data are decrypted.
Data processing unit 540 by encryption after the second target data send to transmitting element 550.
The second target data that transmitting element 550 is used for after the encryption that receiving data processing unit 54 sends, using described
HTML (Hypertext Markup Language) sends the second target data of the encryption to opposite equip..
Such as, transmitting element 550 using the HTML (Hypertext Markup Language) by the second target data of the encryption send to
Opposite equip..
Such scheme, terminal obtains the characteristic information of client device;Characteristic information is calculated using preset algorithm corresponding
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate preservation
In client device or server, but need to be calculated, be so prevented from the situation that key is cracked/intercepts
Occur, improve the safety of key.Further, since the characteristic information of each client is unique, therefore, terminal is according to visitor
The getable key of characteristic information calculating of family end equipment is also different, even if certain data interaction of certain client device is corresponding
Key be cracked, the corresponding interaction data of other client devices cannot be also obtained, so as to improve the safety of user data.
Every time the corresponding characteristic information of data interaction is also possible to difference, and now this feature information is random and changes, and so can
Even so that the corresponding key of certain data interaction of same client is cracked, also cannot crack in addition to certain data interaction
The data of generation.
During data interaction, although the characteristic information of client device participates in transmission, the method for generating key
Transmission is not involved in, key is not directly transmitted yet so that although Web Grafiti molecule can get the characteristic information of client device,
Also real key cannot be obtained, it is impossible to crack the data of transmission, so as to ensure that the safety of user.
When characteristic information includes user agent UA, characteristic information is random and changes, and data interaction pair is carried out every time
The characteristic information answered can be different, and each data interaction is different according to the calculated key of characteristic information.Due to close
Key is random and changes, even so enable to the corresponding key of same client certain data interaction being cracked,
The data produced in addition to certain data interaction cannot be cracked, the safety of target data is improved.
Referring to Fig. 6, Fig. 6 is a kind of terminal schematic block diagram that yet another embodiment of the invention is provided.This reality as depicted
The terminal 600 applied in example can include:One or more processors 610;One or more input equipments 620, one or more
Outut device 630 and memorizer 640.Above-mentioned processor 610, input equipment 620, outut device 630 and memorizer 640 are by total
Line 650 connects.
Memorizer 640 is for storage program instruction.
Processor 610 is used to perform following operation according to the programmed instruction of the storage of memorizer 640:
Processor 610 is used to obtain the characteristic information of client device.
Processor 610 is additionally operable to calculate the corresponding key of the characteristic information using preset algorithm.
Processor 610 is additionally operable to be encrypted target data or decrypted using the key.
Alternatively, processor 610 using Message Digest 5 specifically for calculating the corresponding key of the characteristic information.
Alternatively, the characteristic information includes internet protocol address or identification information.
Alternatively, processor 610 to the first object data for receiving using the key specifically for being decrypted;Or
The second target data waiting for transmission is encrypted using the key.
Alternatively, processor 610 is additionally operable to receive described that the opposite equip. is sent using HTML (Hypertext Markup Language)
One target data;Or the second target data of the encryption is sent to opposite equip. using the HTML (Hypertext Markup Language).
Such scheme, terminal obtains the characteristic information of client device;Characteristic information is calculated using preset algorithm corresponding
Key;Target data is encrypted using key or is decrypted.Due to the corresponding key of each data interaction and non-immediate preservation
In client device or server, but need to be calculated, be so prevented from the situation that key is cracked/intercepts
Occur, improve the safety of key.Further, since the characteristic information of each client is unique, therefore, terminal is according to visitor
The getable key of characteristic information calculating of family end equipment is also different, even if certain data interaction of certain client device is corresponding
Key be cracked, the corresponding interaction data of other client devices cannot be also obtained, so as to improve the safety of user data.
Every time the corresponding characteristic information of data interaction is also possible to difference, and now this feature information is random and changes, and so can
Even so that the corresponding key of certain data interaction of same client is cracked, also cannot crack in addition to certain data interaction
The data of generation.
During data interaction, although the characteristic information of client device participates in transmission, the method for generating key
It is not involved in transmission so that although Web Grafiti molecule can get the characteristic information of client device, also cannot obtain just genuine
Key, it is impossible to crack the data of transmission, so as to ensure that the safety of user.
When characteristic information includes user agent UA, characteristic information is random and changes, and data interaction pair is carried out every time
The characteristic information answered can be different, and each data interaction is different according to the calculated key of characteristic information.Due to close
Key is random and changes, even so enable to the corresponding key of same client certain data interaction being cracked,
The data produced in addition to certain data interaction cannot be cracked, the safety of target data is improved.
It should be appreciated that in embodiments of the present invention, alleged processor 610 can be CPU (Central
Processing Unit, CPU), the processor can also be other general processors, digital signal processor (Digital
Signal Processor, DSP), special IC (Application Specific Integrated Circuit,
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other FPGAs
Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at
Reason device can also be any conventional processor etc..
Input equipment 620 can include that Trackpad, fingerprint adopt sensor (for gathering the finger print information and fingerprint of user
Directional information), mike etc., outut device 630 can include display (LCD etc.), speaker etc..
The memorizer 640 can include read only memory and random access memory, and to processor 610 provide instruction and
Data.The a part of of memorizer 640 can also include nonvolatile RAM.For example, memorizer 640 can also be deposited
The information of storage device type.
In implementing, processor 610, input equipment 620 described in the embodiment of the present invention, outut device 630 can
The implementation described in the first embodiment and second embodiment of data processing method provided in an embodiment of the present invention is performed,
Also the implementation of the terminal described by the embodiment of the present invention is can perform, is will not be described here.
Those of ordinary skill in the art are it is to be appreciated that the list of each example with reference to the embodiments described herein description
Unit and algorithm steps, can with electronic hardware, computer software or the two be implemented in combination in, in order to clearly demonstrate hardware
With the interchangeability of software, according to function the composition and step of each example have been generally described in the above description.This
A little functions are performed with hardware or software mode actually, depending on the application-specific and design constraint of technical scheme.Specially
Industry technical staff can use different methods to realize described function to each specific application, but this realization is not
It is considered as beyond the scope of this invention.
Those skilled in the art can be understood that, for convenience of description and succinctly, the end of foregoing description
End and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
In several embodiments provided herein, it should be understood that disclosed terminal and method, it can be passed through
Its mode is realized.For example, device embodiment described above is only schematic, for example, the division of the unit, and only
Only a kind of division of logic function, can there is other dividing mode when actually realizing, such as multiple units or component can be tied
Close or be desirably integrated into another system, or some features can be ignored, or do not perform.In addition, shown or discussed phase
Coupling or direct-coupling or communication connection between mutually can be INDIRECT COUPLING or the communication by some interfaces, device or unit
Connection, or electricity, machinery or other forms connections.
Step in present invention method can according to actual needs carry out order adjustment, merge and delete.
Unit in embodiment of the present invention terminal can according to actual needs be merged, divides and deleted.
The unit as separating component explanation can be or may not be it is physically separate, it is aobvious as unit
The part for showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be according to the actual needs selected to realize embodiment of the present invention scheme
Purpose.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, it is also possible to
It is that unit is individually physically present, or two or more units are integrated in a unit.It is above-mentioned integrated
Unit both can be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.
If the integrated unit is realized using in the form of SFU software functional unit and as independent production marketing or used
When, during a computer read/write memory medium can be stored in.Based on such understanding, technical scheme is substantially
Prior art is contributed part in other words, or all or part of the technical scheme can be in the form of software product
Embody, the computer software product is stored in a storage medium, including some instructions are used so that a computer
Equipment (can be personal computer, server, or network equipment etc.) performs the complete of each embodiment methods described of the invention
Portion or part steps.And aforesaid storage medium includes:USB flash disk, portable hard drive, read only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey
The medium of sequence code.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, various equivalent modifications can be readily occurred in or replaced
Change, these modifications or replacement all should be included within the scope of the present invention.Therefore, protection scope of the present invention should be with right
The protection domain of requirement is defined.
Claims (10)
1. a kind of data processing method, it is characterised in that the data processing method includes:
Obtain the characteristic information of client device;
The corresponding key of the characteristic information is calculated using preset algorithm;
Target data is encrypted or is decrypted using the key.
2. method according to claim 1, it is characterised in that the employing preset algorithm calculates the characteristic information correspondence
Key include:
The corresponding key of the characteristic information is calculated using Message Digest 5.
3. method according to claim 1, it is characterised in that the characteristic information includes internet protocol address or knowledge
Other information.
4. the method according to any one of claims 1 to 3, it is characterised in that it is described using the key to target data
Being encrypted or decrypting includes:
The first object data for receiving are decrypted using the key;Or
The second target data waiting for transmission is encrypted using the key.
5. method according to claim 4, it is characterised in that methods described also includes:
Receive the first object data that opposite equip. is sent using HTML (Hypertext Markup Language);Or
The second target data of the encryption is sent to the opposite equip. using the HTML (Hypertext Markup Language).
6. a kind of terminal, it is characterised in that the terminal includes:
Acquiring unit, for obtaining the characteristic information of client device;
Computing unit, for calculating the corresponding key of the characteristic information using preset algorithm;
Data processing unit, for being encrypted to target data or decrypting using the key.
7. terminal according to claim 6, it is characterised in that the computing unit is specifically for adopting Message Digest 5
Calculate the corresponding key of the characteristic information.
8. terminal according to claim 7, it is characterised in that the characteristic information includes internet protocol address or knowledge
Other information.
9. the terminal according to any one of claim 6 to 8, it is characterised in that the data processing unit includes:
Decryption unit, for being decrypted to the first object data for receiving using the key;
Ciphering unit, for being encrypted to the second target data waiting for transmission using the key.
10. terminal according to claim 9, it is characterised in that the terminal also includes:
Receiving unit, for receiving the first object data that the opposite equip. is sent using HTML (Hypertext Markup Language);
Transmitting element, is set for the second target data of the encryption being sent to opposite end using the HTML (Hypertext Markup Language)
It is standby.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611078838.8A CN106603510A (en) | 2016-11-28 | 2016-11-28 | Data processing method and terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611078838.8A CN106603510A (en) | 2016-11-28 | 2016-11-28 | Data processing method and terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106603510A true CN106603510A (en) | 2017-04-26 |
Family
ID=58594124
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611078838.8A Withdrawn CN106603510A (en) | 2016-11-28 | 2016-11-28 | Data processing method and terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106603510A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108540836A (en) * | 2018-05-03 | 2018-09-14 | 网宿科技股份有限公司 | A kind of method, system and CDN node, client playing video |
CN108769037A (en) * | 2018-06-04 | 2018-11-06 | 厦门集微科技有限公司 | A kind of method, apparatus of data processing, computer storage media and terminal |
CN109947803A (en) * | 2019-03-12 | 2019-06-28 | 北京奇虎科技有限公司 | A kind of data processing method, system and storage medium |
CN111083681A (en) * | 2019-11-20 | 2020-04-28 | 广州小鹏汽车科技有限公司 | Near field communication data encryption method, terminal device and vehicle |
CN112346870A (en) * | 2020-11-18 | 2021-02-09 | 脸萌有限公司 | Model processing method and system |
CN113794706A (en) * | 2021-09-06 | 2021-12-14 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103428691A (en) * | 2012-05-24 | 2013-12-04 | 希姆通信息技术(上海)有限公司 | Mobile phone bank safety certificating method and system |
CN103581899A (en) * | 2012-07-30 | 2014-02-12 | 中国移动通信集团公司 | Data transmission method, device and system and relevant equipment |
CN104065624A (en) * | 2013-03-21 | 2014-09-24 | 北京百度网讯科技有限公司 | Security verification method, system and apparatus of request message |
CN104253801A (en) * | 2013-06-28 | 2014-12-31 | 中国电信股份有限公司 | Method, device and system for realizing login authentication |
CN104348610A (en) * | 2013-07-31 | 2015-02-11 | 中国银联股份有限公司 | Method and system for securely transmitting transaction sensitive data based on cloud POS |
CN105681279A (en) * | 2015-12-28 | 2016-06-15 | 上海瀚银信息技术有限公司 | Application data transmission method and mobile terminal |
-
2016
- 2016-11-28 CN CN201611078838.8A patent/CN106603510A/en not_active Withdrawn
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103428691A (en) * | 2012-05-24 | 2013-12-04 | 希姆通信息技术(上海)有限公司 | Mobile phone bank safety certificating method and system |
CN103581899A (en) * | 2012-07-30 | 2014-02-12 | 中国移动通信集团公司 | Data transmission method, device and system and relevant equipment |
CN104065624A (en) * | 2013-03-21 | 2014-09-24 | 北京百度网讯科技有限公司 | Security verification method, system and apparatus of request message |
CN104253801A (en) * | 2013-06-28 | 2014-12-31 | 中国电信股份有限公司 | Method, device and system for realizing login authentication |
CN104348610A (en) * | 2013-07-31 | 2015-02-11 | 中国银联股份有限公司 | Method and system for securely transmitting transaction sensitive data based on cloud POS |
CN105681279A (en) * | 2015-12-28 | 2016-06-15 | 上海瀚银信息技术有限公司 | Application data transmission method and mobile terminal |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108540836A (en) * | 2018-05-03 | 2018-09-14 | 网宿科技股份有限公司 | A kind of method, system and CDN node, client playing video |
CN108769037A (en) * | 2018-06-04 | 2018-11-06 | 厦门集微科技有限公司 | A kind of method, apparatus of data processing, computer storage media and terminal |
CN108769037B (en) * | 2018-06-04 | 2020-11-10 | 厦门集微科技有限公司 | Data processing method and device, computer storage medium and terminal |
CN109947803A (en) * | 2019-03-12 | 2019-06-28 | 北京奇虎科技有限公司 | A kind of data processing method, system and storage medium |
CN109947803B (en) * | 2019-03-12 | 2021-11-19 | 成都全景智能科技有限公司 | Data processing method, system and storage medium |
CN111083681A (en) * | 2019-11-20 | 2020-04-28 | 广州小鹏汽车科技有限公司 | Near field communication data encryption method, terminal device and vehicle |
CN111083681B (en) * | 2019-11-20 | 2023-08-29 | 广州小鹏汽车科技有限公司 | Close-range communication data encryption method, terminal equipment and vehicle |
CN112346870A (en) * | 2020-11-18 | 2021-02-09 | 脸萌有限公司 | Model processing method and system |
CN112346870B (en) * | 2020-11-18 | 2024-04-16 | 脸萌有限公司 | Model processing method and system |
CN113794706A (en) * | 2021-09-06 | 2021-12-14 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and readable storage medium |
CN113794706B (en) * | 2021-09-06 | 2023-08-15 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10491379B2 (en) | System, device, and method of secure entry and handling of passwords | |
CA3027741C (en) | Blockchain systems and methods for user authentication | |
CN106603510A (en) | Data processing method and terminal | |
US9946895B1 (en) | Data obfuscation | |
CN107786328A (en) | A kind of method, service node device and computer-readable medium for generating key | |
US9965645B2 (en) | Field level data protection for cloud services using asymmetric cryptography | |
US8176324B1 (en) | Method and system for a secure virtual keyboard | |
CN104982005B (en) | Implement the computing device and method of the franchise cryptographic services in virtualized environment | |
CN107704765A (en) | A kind of interface access method, server and computer-readable recording medium | |
US10616209B2 (en) | Preventing inter-application message hijacking | |
US11449624B2 (en) | Secure data processing in untrusted environments | |
US10362023B2 (en) | Authentication information encryption server apparatuses, systems non-transitory computer readable mediums and methods for improving password security | |
CN107169343A (en) | A kind of method and terminal of control application program | |
US8867743B1 (en) | Encryption of large amounts of data using secure encryption methods | |
CN108400868A (en) | Storage method, device and the mobile terminal of seed key | |
CN108062461A (en) | A kind of software authorization method, apparatus and system | |
CN114363088A (en) | Method and device for requesting data | |
KR20140070408A (en) | A method and device for preventing logging of computer on-screen keyboard | |
JP2022501671A (en) | Improve data integrity with trusted code proof tokens | |
Yue et al. | SessionMagnifier: A simple approach to secure and convenient kiosk browsing | |
CN117751551A (en) | System and method for secure internet communications | |
Alshboul et al. | Text mining to discover design features for cybersecurity tools: The case of password management systems | |
US12002019B2 (en) | Data structure, transmission device, receiving device, settlement device, method, and computer program | |
Pituxcoosuvarn et al. | Secure Agents for Supporting Best-Balanced Multilingual Communication | |
EP3627420A1 (en) | Data structure, transmission device, receiving device, settlement device, method, and computer program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20170426 |
|
WW01 | Invention patent application withdrawn after publication |