CN107241364A - Document down loading method and device - Google Patents

Document down loading method and device Download PDF

Info

Publication number
CN107241364A
CN107241364A CN201710679533.0A CN201710679533A CN107241364A CN 107241364 A CN107241364 A CN 107241364A CN 201710679533 A CN201710679533 A CN 201710679533A CN 107241364 A CN107241364 A CN 107241364A
Authority
CN
China
Prior art keywords
information
fileinfo
file
checking
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710679533.0A
Other languages
Chinese (zh)
Other versions
CN107241364B (en
Inventor
谭巍
魏西鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Jie Liang Software Co Ltd
Original Assignee
Guangzhou Jie Liang Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Jie Liang Software Co Ltd filed Critical Guangzhou Jie Liang Software Co Ltd
Priority to CN201710679533.0A priority Critical patent/CN107241364B/en
Publication of CN107241364A publication Critical patent/CN107241364A/en
Application granted granted Critical
Publication of CN107241364B publication Critical patent/CN107241364B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a kind of document down loading method and device, it is related to Internet technical field.This document method for down loading is applied to the server of file download system, and this document method for down loading includes:The download request that user terminal is sent according to the operation of user is received, the download request includes address information, checking information, identity information and fileinfo;The address information is judged whether in preset address range of information, if the address information is in preset address range of information, authentication is carried out to the user according to the checking information, authentication result is got;If authentication result is authentication success, judge whether the fileinfo can be downloaded according to the identity information;If it is determined that can be downloaded for the fileinfo, then acquisition encryption file the corresponding file content of the fileinfo is encrypted, and send to the user terminal.This document method for down loading has stronger safety and reliability.

Description

Document down loading method and device
Technical field
The present invention relates to Internet technical field, in particular to a kind of document down loading method and device.
Background technology
With developing rapidly for science and technology, Internet technology also reaches its maturity.At present, file biography is carried out using internet interaction Defeated is file essential during people's routine work is lived.But when carrying out file download, generally to user The content such as address information, identity information, checking information and fileinfo do not judged, the safety for causing file to transmit Property is not high.
The content of the invention
In view of this, the embodiments of the invention provide a kind of document down loading method and device, to solve the above problems.
To achieve these goals, the technical solution adopted by the present invention is as follows:
A kind of document down loading method, applied to the server of file download system, methods described includes:Receive user terminal The download request sent according to the operation of user, the download request includes address information, checking information, identity information and text Part information;The address information is judged whether in preset address range of information, if the address information is in preset address information In the range of, then authentication is carried out to the user according to the checking information, get authentication result;If authentication As a result it is authentication success, then judges whether the fileinfo can be downloaded according to the identity information;If it is determined that for institute Stating fileinfo can download, then acquisition encryption file the corresponding file content of the fileinfo is encrypted, and send To the user terminal.
A kind of file downloading device, applied to the server of file download system, described device include request receiving module, First judge module, the second judge module and file sending module, wherein, the request receiving module is used to receive user's end Hold according to user operation send download request, the download request include address information, checking information, identity information and Fileinfo;First judge module is used to judge the address information whether in preset address range of information, if described Address information then carries out authentication to the user according to the checking information, got in preset address range of information Authentication result;If it is authentication success that second judge module, which is used for authentication result, according to the identity Information judges whether the fileinfo can be downloaded;The file sending module is used for if it is determined that can be with for the fileinfo Download, then acquisition encryption file the corresponding file content of the fileinfo is encrypted, and send to the user terminal.
Document down loading method and device provided in an embodiment of the present invention, include address information, checking information, body by receiving The download request of part information and fileinfo;Then address information is judged whether in preset address range of information, if address Information then carries out authentication to user according to checking information, gets authentication result in preset address range of information; If authentication result is authentication success, judge whether fileinfo can be downloaded according to identity information;Finally, if It is determined as that fileinfo can be downloaded, then acquisition encryption file the corresponding file content of fileinfo is encrypted, and send To user terminal.So as to realize in file download process to address information, checking information, identity information and fileinfo, make Security is improved, the problem of solution security that file is transmitted in the prior art is not high.
To enable the above objects, features and advantages of the present invention to become apparent, preferred embodiment cited below particularly, and coordinate Appended accompanying drawing, is described in detail below.
Brief description of the drawings
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is A part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
Fig. 1 shows the server of present pre-ferred embodiments offer and the interaction figure of user terminal;
Fig. 2 shows the block diagram for the user terminal that present pre-ferred embodiments are provided;
Fig. 3 shows the flow chart for the document down loading method that present pre-ferred embodiments are provided;
Fig. 4 shows the step S130 for the document down loading method that present pre-ferred embodiments are provided flow chart;
Fig. 5 shows the functional block diagram for the file downloading device that present pre-ferred embodiments are provided.
Embodiment
Below in conjunction with accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Ground is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Generally exist The component of the embodiment of the present invention described and illustrated in accompanying drawing can be arranged and designed with a variety of configurations herein.Cause This, the detailed description of the embodiments of the invention to providing in the accompanying drawings is not intended to limit claimed invention below Scope, but it is merely representative of the selected embodiment of the present invention.Based on embodiments of the invention, those skilled in the art are not doing The every other embodiment obtained on the premise of going out creative work, belongs to the scope of protection of the invention.
It should be noted that:Similar label and letter represents similar terms in following accompanying drawing, therefore, once a certain Xiang Yi It is defined in individual accompanying drawing, then it further need not be defined and explained in subsequent accompanying drawing.Meanwhile, the present invention's In description, term " first ", " second " etc. are only used for distinguishing description, and it is not intended that indicating or implying relative importance.
Fig. 1 shows server 110 and multiple user terminals in file download system 100 provided in an embodiment of the present invention 120 schematic diagrames interacted.The server 110 is communicatively coupled by network with one or more user terminals 120, To enter row data communication or interaction.The server 110 can be the webserver, database server etc..The user is whole End 120 can be PC (personal computer, PC), tablet personal computer, smart mobile phone, personal digital assistant (personal digital assistant, PDA) etc..Server 110 and user terminal 120 in Fig. 1 are only to illustrate, and Not as specific restriction.
Fig. 2 shows a kind of structured flowchart for the server that can be applied in the embodiment of the present invention.As shown in Fig. 2 service Device 110 includes memory 102, storage control 104, one or more (one is only shown in figure) processors 106, Peripheral Interface 108th, radio-frequency module 110, audio-frequency module 112, display unit 114 etc..These components pass through one or more communication bus/signal Line 116 is mutually communicated.
Document down loading method that memory 102 can be used in storage software program and module, such as embodiment of the present invention and Corresponding programmed instruction/the module of device, processor 106 is stored in software program and module in memory 102 by operation, So as to perform various function application and data processing, such as file downloading device provided in an embodiment of the present invention.
Memory 102 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic Property storage device, flash memory or other non-volatile solid state memories.Processor 106 and other possible components are to storage The access of device 102 can be carried out under the control of storage control 104.
Various input/output devices are coupled to processor 106 and memory 102 by Peripheral Interface 108.In some implementations In example, Peripheral Interface 108, processor 106 and storage control 104 can be realized in one single chip.In some other reality In example, they can be realized by independent chip respectively.
Radio-frequency module 110 is used to receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, so that with Communication network or other equipment are communicated.
Audio-frequency module 112 provides a user COBBAIF, and it may include one or more microphones, one or more raises Sound device and voicefrequency circuit.
Display unit 114 provides a display interface between server 110 and user.Specifically, display unit 114 to User shows file output, and the content of these files output may include word, figure, file and its any combination.
It is appreciated that the structure shown in Fig. 2 is only signal, server 110 may also include more more than shown in Fig. 2 or more Few component, or with the configuration different from shown in Fig. 2.Each component shown in Fig. 2 can use hardware, software or its group Close and realize.
First embodiment
As Fig. 3 shows the flow chart of document down loading method provided in an embodiment of the present invention.This document method for down loading application In the server of file download system, Fig. 3 is referred to, this method includes:
Step S110:The download request that logical user terminal is sent according to the operation of user is received, the download request includes Address information, checking information, identity information and fileinfo.
User can send download request when needing to carry out file download by user's terminal to server.It is corresponding, Server receives the download request of user terminal transmission.
Specifically, download request includes address information, checking information, identity information and fileinfo.Wherein, address Information can be MAC Address for the physical address of user terminal.Certainly, address information can also be IP address.Checking information can Think the authentication information for authentication, specifically can include finger print information, face information, unblock image information and Encrypted message etc., user terminal can be by external camera, fingerprint collecting equipment and external when obtaining checking information The peripheral hardwares such as keyboard are completed.Identity information can be the id information of user, and id information and the authority information of user have corresponding relation, Also, be stored with the id information of user and the corresponding relation of authority information in server.Fileinfo can be under user's request The file identification of load, such as file name.Certainly, in embodiments of the present invention address information, checking information, identity information and The particular type and content of fileinfo are not intended as limiting.
Step S120:The address information is judged whether in preset address range of information, if the address information is pre- If in the range of address information, then carrying out authentication to the user according to the checking information, getting authentication result.
In embodiments of the present invention, because presence server is only the situation of specific user service, therefore in server Can be stored with multiple preset address information that can be serviced.Multiple preset address information that can be serviced can constitute default ground Location range of information.
After address information is got, it can first judge that address information whether there is in multiple preset address information.Example Such as, preset address information includes B8-03-05-04-A6-1E, B8-03-05-04-A5-1E, B8-03-05-04-A4-1E, B8- Multiple preset address such as 03-05-04-A3-1E, B8-03-05-04-A2-1E, the address information of acquisition is B8-03-05-04- A4-1E, then be determined as the address information obtained in preset address range of information;If the address information obtained is B8-03-05- 04-A9-1E, then be determined as the address information obtained not in preset address range of information.It should be noted that above defaultly Location information and the address information of acquisition are only for example, and do not represent actual preset address information.
Verified when being determined as that address information is in preset address range of information, then to the identity of user.Can root Authentication is carried out to the user according to checking information, authentication result is got.Specifically, can include:Tested described in judging Whether card information matches with default checking information;If the checking information is matched with the default checking information, authentication Success;If the checking information is mismatched with the default checking information, authentication is unsuccessful.
Can be stored with default checking information in server, and each default checking information is corresponding with each user.It will obtain Checking information matched with default checking information, matching result as authentication result foundation.
Specifically, judging whether checking information matches with default checking information, it can include:The fingerprint letter is judged respectively Whether breath matches with preset fingerprint information, judges whether the face information matches with default face information, judges the unblock Whether image information matches with default unblock image information, and judge the encrypted message and preset password information whether Match somebody with somebody;If the finger print information and preset fingerprint information matches, the face information are matched with default face information, the unblock figure Picture information is matched with default unblock image information, and the encrypted message is matched with preset password information, then the checking information Matched with default checking information.
Specifically, judging the finger print information can be with whether preset fingerprint information matches, by finger print information with presetting Finger print information is matched, if matching degree is more than predetermined threshold value, it is believed that the finger print information of acquisition and the fingerprint of storage are believed Cease for the finger print information of same user, be determined as finger print information and preset fingerprint information matches.Wherein, for judging that fingerprint is believed It can be real based on the micro- positive algorithm for recognizing fingerprint MZFinger5.0 in Guangzhou to cease with the method whether preset fingerprint information matches It is existing.Certainly, judge finger print information and the default specific method for interrogating the method whether information matches in embodiments of the present invention simultaneously Not as restriction or other method.
In embodiments of the present invention, judge face information can be with whether default face information matches, by face information Matched with the face information of storage, if matching degree is more than predetermined threshold value, it is believed that the face information of acquisition and storage Face information be same user face information, be determined as that face information is matched with default face information.Wherein, people is judged The specific method for the method whether face information matches with default face information can be the algorithm based on camshift.Certainly, sentence The specific method for the method whether disconnected face information matches with default face information is not intended as limiting in embodiments of the present invention, It can also be other method.
Judge whether the unblock image information matches with default unblock image information, can include:To the unblock figure As information is parsed, multistage gesture path is got;Extract the vector value of every section of gesture path;According to every section of institute State the corresponding vector row of the vector value generation unblock image information of gesture path;Judge that the unblock image information is corresponding Whether vector row vector row corresponding with default unblock image information match;If it is described unblock image information it is corresponding vector row with It is default to unlock the corresponding vector row matching of image information, then it is determined as that unblock image information is matched with presetting unblock image information. Conversely, then unblock image information is mismatched with default unblock image information.
Judge encrypted message can be with whether preset password information matches, by the password and preset password in encrypted message Password in information is contrasted, if the password in encrypted message is consistent with the password in preset password information, is determined as close Code information is matched with preset password information.Conversely, then encrypted message is mismatched with preset password information.
In embodiments of the present invention, unblock image information is to include the image information of multistage gesture path.It is possible, firstly, to will Unblock image information resolves to multistage gesture path.Coordinate system is set up in unblock image, every section of gesture path pair can be calculated The vector value answered.Then can be according to position relationship generation vector row of the gesture path in unblock image.Finally, it can read Vector corresponding with default unblock image in the vector row of storage is arranged, and judges vector row and the storage of unblock image information generation The corresponding vector row of default unblock image it is whether identical, if identical, be determined as unblock image and default unblock image Match somebody with somebody, if it is not the same, being then determined as that unblock image is mismatched with default unblock image.
It therefore, it can get finger print information and the matching result of preset fingerprint information, face information and default face letter Matching result, the matching result and encrypted message and preset password of unblock image information and default unblock image information of breath are believed The matching result of breath, when four kinds of matching results are matching, is then determined as that checking information is matched with default checking information.
So as to the matching result of checking information and default checking information.According to of checking information and default checking information The result of authentication is determined with result, when checking information is matched with default checking information, is then determined as authentication success;When Checking information is mismatched with default checking information, then is determined as that authentication is unsuccessful.
Step S130:If authentication result is authentication success, the file is judged according to the identity information Whether information can be downloaded.
After authentication result is got, when authentication result is authentication success, then it can be believed according to identity Breath is judged fileinfo.Due to there is a situation where that the authority of each user is different, some files pair of server storage It can be downloaded in a user, and the other file of server storage cannot then be downloaded.For example, server storage has " member " And " non-member " list, the content that " member " can download is the contents of all storages, and " non-member " can download is Partial content.
It therefore, it can judge whether the fileinfo in download request can be downloaded according to the identity information of acquisition.Specifically , Fig. 4 is referred to, step S130 can include:
Step S131:Obtain authority information corresponding with the identity information.
In embodiments of the present invention, the identity information of each user can be to that should have different authority informations.Also, it is each The corresponding authority information of identity information of user can be stored in server.It therefore, it can search the use for sending download request The corresponding authority information of identity information at family.
Can be specifically that the identity information of each user is ID account numbers, the corresponding authority of each ID accounts is stored in service Device.Server directly can find corresponding authority information according to ID account numbers.
Further, authority can be divided into different brackets, for example, the multiple grades such as L1, L2, L3, L4, L5.
Step S132:According to the authority information, file download list corresponding with the authority information is searched.
In embodiments of the present invention, different authority informations can be to that should have different download files, i.e., different authorities The content of the Downloadable file of information is different.Server can be stored with file download list, include in file download list Send the corresponding all download fileinfos of authority of the user of download request.It is thus possible to search the use for sending download request The corresponding authority information in family, corresponding file download list.
For example, the multiple grades such as L1, L2, L3, L4, L5 are respectively to that there should be multiple download file names, downloaded if sent The grade of the user of request is L2, then according to the corresponding multiple download file name generation file download lists of L2.
Step S133:Judge that the fileinfo whether there is in the file download list.
After file download list is got, then judge that fileinfo whether there is in file download list.For example, literary Part download list is that downloading file name includes according to the corresponding multiple file download lists for downloading file name generation of L2 The file names such as A1, A2, A3, A4, if fileinfo is A2, are determined as that the fileinfo obtained is present in file download list In, if fileinfo is A5, it is determined as that the fileinfo obtained is not present in file download list.
Step S144:If the fileinfo is present in the file download list, it is determined as the fileinfo It can download.
When fileinfo is present in file download list, then it represents that this document information is to send the user of download request The file that can be downloaded corresponding to corresponding authority, therefore, it is determined that can be downloaded for this document information.
Step S140:If it is determined that can be downloaded for the fileinfo, then to the corresponding file content of the fileinfo Acquisition encryption file is encrypted, and sends to the user terminal.
After the judged result of fileinfo is got, when the fileinfo being determined as in download request can be downloaded, then Search the corresponding file content of fileinfo being stored in server.Acquisition encryption file is encrypted in file content again. Specifically, can include:The address information and identity information are generated into encryption key according to preset algorithm;Added according to described The corresponding file content of the fileinfo, which is encrypted, for key and predetermined encryption algorithm gets encryption file.
Further, by address information and identity information according to preset algorithm generate encryption key can be will be described Location information and identity information are separately converted to the first numerical data and the second numerical data;According to first numerical data And second numerical data combine generation encryption key.
Specifically, address information is converted into numerical data.If address information is MAC Address, MAC Address is hexadecimal The form of expression, MAC Address can be converted to metric numeral and be used as corresponding first numerical data of address information.Example Such as, 08:00:20:0A:8C:6D, then can be converted into metric numerical data 803210140109.If address information For IP address, IP address is the metric form of expression, can be by IP address directly as corresponding first numeral of address information Data.For example, 192.168.0.1, then it is 19216801 to be converted to numerical data.
Further, identity information is converted into numerical data.Identity information is ID account numbers, when ID account numbers are metric During the form of expression, then directly ID account numbers can be regard as corresponding second numerical data of identity information.For example, ID account numbers are 35367, then the corresponding numerical data of identity information is 35367., can basis when id information to be made up of a variety of letters The ASCII tables of comparisons are translated into metric numerical data, are used as corresponding second numerical data of identity information.
After corresponding first numerical data of address information and corresponding second numerical data of identity information is got, lead to Cross special algorithm corresponding first numerical data of address information and corresponding second numerical data of identity information are combined and generated Encryption key.Specific special algorithm is not intended as limiting, and can be polynomial equation, or other more complicated algorithms, and it is acted on Encryption key is used as the first numerical data and the second numerical data are calculated into one value of acquisition.
In embodiments of the present invention, the first numerical data and the second numerical data are generated into the algorithm of encryption key not As restriction, its complexity can be improved for customized algorithm also, to a certain extent, to lift security.
After encryption key is obtained, then from the file content being stored in, the fileinfo correspondence in download request is searched File content.Find after the corresponding file content of fileinfo, pass through predetermined encryption algorithm and the encryption key of acquisition File content is encrypted, encryption file is acquired.Wherein, the predetermined encryption algorithm can be any one AES, As DES (Data Encryption Standard) AES, AES (Advanced Encryption Standard) are encrypted Algorithm, RSA (Rivest Shamir Adleman) AES etc..Certainly, the particular type of predetermined encryption algorithm is in the present invention It is not intended as limiting in embodiment, can be selected according to actual conditions.
It is thus possible to get the encryption file after the corresponding encryption of fileinfo.Also, by the encryption file after encryption Send to the user terminal for sending download request.
In embodiments of the present invention, document down loading method can also include:Receive the file solution that the user terminal is sent Close request, the file decryption request includes address information and identity information;According to the address information and identity information Generate decruption key;The decruption key is sent to the user terminal, so that the user terminal is close according to the decryption The file after being decrypted, the default decipherment algorithm and institute is decrypted to the encryption file in key and default decipherment algorithm State predetermined encryption algorithm correspondence.
Specifically, including address information and identity information in decoding request.Can be according to address information and identity Information generates decruption key, and the method for generating decruption key is identical with the method for generating encryption key.Decruption key is sent again To the user terminal, so that, the user terminal can be according to the decruption key and default decipherment algorithm received to encryption text Part is decrypted, and acquires the file after decryption.It should be noted that default decipherment algorithm is corresponding with predetermined encryption algorithm, i.e., Default decipherment algorithm is the algorithm that the file after being encrypted to the predetermined encryption algorithm is decrypted.
In embodiments of the present invention, this document method for down loading can also include:The file for receiving user terminal transmission is uploaded Request, the upload request includes address information, checking information, identity information and fileinfo;Judge the address information Whether in preset address range of information, if the address information is in preset address range of information, believed according to the checking Breath carries out authentication to the user, gets authentication result;If authentication result is authentication success, root Judge whether the fileinfo can upload according to the identity information;If it is determined that can be uploaded for the fileinfo, then it is right The file content corresponding with the fileinfo that the user terminal is sent is received, and the file content is divided Class is stored.
It is understood that the judgement of address information, authentication, the specific method and file download of fileinfo judgement During method it is consistent, this is no longer going to repeat them.
Second embodiment
Second embodiment of the invention provides a kind of file downloading device 200, applied to the server of file download system, Fig. 5 is referred to, this document download apparatus 200 includes request receiving module 210, the first judge module 220, the second judge module 230 and file sending module 240.Wherein, the request receiving module 210 is used to receive operation of the user terminal according to user The download request of transmission, the download request includes address information, checking information, identity information and fileinfo;Described One judge module 220 is used to judge the address information whether in preset address range of information, if the address information is pre- If in the range of address information, then carrying out authentication to the user according to the checking information, getting authentication result; If it is authentication success that second judge module 230, which is used for authentication result, institute is judged according to the identity information State whether fileinfo can be downloaded;The file sending module 240 is used for if it is determined that can be downloaded for the fileinfo, then Acquisition encryption file is encrypted in file content corresponding to the fileinfo, and sends to the user terminal.
In embodiments of the present invention, the second judge module 220 includes authority information acquiring unit, list lookup unit, text Part information judging unit and file identifying unit.Wherein, authority information acquiring unit is used to obtain and the identity information pair The authority information answered;List lookup unit is used to, according to the authority information, search under file corresponding with the authority information List table;Fileinfo judging unit is used to judge that the fileinfo whether there is in the file download list;File If identifying unit is present in the file download list for the fileinfo, it is determined as that the fileinfo can be following Carry.
In embodiments of the present invention, file sending module 240 includes Key generating unit and ciphering unit.Wherein, it is close Key generation unit is used to the address information and identity information generating encryption key according to preset algorithm;Ciphering unit is used for The corresponding file content of the fileinfo is encrypted according to the encryption key and predetermined encryption algorithm to get and added Ciphertext part.
In embodiments of the present invention, the first judge module 220 includes matching judgment unit and result generation unit.Its In, matching judgment unit is used to judge whether the checking information matches with default checking information;If as a result generation unit is used for The checking information is matched with the default checking information, then authentication success;If the checking information is tested with described preset Demonstrate,prove information to mismatch, then authentication is unsuccessful.
In summary, document down loading method and device provided in an embodiment of the present invention, include address information by reception, test Demonstrate,prove the download request of information, identity information and fileinfo;Then judge address information whether in preset address range of information It is interior, if address information is in preset address range of information, authentication is carried out to user according to checking information, identity is got The result;If authentication result is authentication success, judge whether fileinfo can be downloaded according to identity information; Finally, if it is decided that can be downloaded for fileinfo, then acquisition encryption text the corresponding file content of fileinfo is encrypted Part, and send to user terminal.So as to realize in file download process to address information, checking information, identity information and text Part information, improves security, the problem of solution security that file is transmitted in the prior art is not high.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weight Point explanation be all between difference with other embodiment, each embodiment identical similar part mutually referring to. For device class embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is joined See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed apparatus and method, it can also pass through Other modes are realized.Device embodiment described above is only schematical, for example, flow chart and block diagram in accompanying drawing Show according to the device of multiple embodiments of the present invention, the architectural framework in the cards of method and computer program product, Function and operation.At this point, each square frame in flow chart or block diagram can represent the one of a module, program segment or code Part a, part for the module, program segment or code is used to realize holding for defined logic function comprising one or more Row instruction.It should also be noted that in some implementations as replacement, the function of being marked in square frame can also with different from The order marked in accompanying drawing occurs.For example, two continuous square frames can essentially be performed substantially in parallel, they are sometimes It can perform in the opposite order, this is depending on involved function.It is also noted that every in block diagram and/or flow chart The combination of individual square frame and block diagram and/or the square frame in flow chart, can use the special base for performing defined function or action Realize, or can be realized with the combination of specialized hardware and computer instruction in the system of hardware.
In addition, each functional module in each embodiment of the invention can integrate to form an independent portion Point or modules individualism, can also two or more modules be integrated to form an independent part.
If the function is realized using in the form of software function module and is used as independent production marketing or in use, can be with It is stored in a computer read/write memory medium.Understood based on such, technical scheme is substantially in other words The part contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter Calculation machine software product is stored in a storage medium, including some instructions are to cause a computer equipment (can be individual People's computer, server, or network equipment etc.) perform all or part of step of each of the invention embodiment methods described. And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.Need Illustrate, herein, such as first and second or the like relational terms be used merely to by an entity or operation with Another entity or operation make a distinction, and not necessarily require or imply between these entities or operation there is any this reality The relation or order on border.Moreover, term " comprising ", "comprising" or its any other variant are intended to the bag of nonexcludability Contain, so that process, method, article or equipment including a series of key elements are not only including those key elements, but also including Other key elements being not expressly set out, or also include for this process, method, article or the intrinsic key element of equipment. In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including the key element Process, method, article or equipment in also there is other identical element.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the invention, for the skill of this area For art personnel, the present invention can have various modifications and variations.Within the spirit and principles of the invention, that is made any repaiies Change, equivalent substitution, improvement etc., should be included in the scope of the protection.It should be noted that:Similar label and letter exists Similar terms is represented in following accompanying drawing, therefore, once being defined in a certain Xiang Yi accompanying drawing, is then not required in subsequent accompanying drawing It is further defined and explained.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained Cover within protection scope of the present invention.Therefore, protection scope of the present invention described should be defined by scope of the claims.

Claims (10)

1. a kind of document down loading method, it is characterised in that applied to the server of file download system, methods described includes:
The download request that user terminal is sent according to the operation of user is received, the download request includes address information, checking letter Breath, identity information and fileinfo;
The address information is judged whether in preset address range of information, if the address information is in preset address range of information It is interior, then authentication is carried out to the user according to the checking information, get authentication result;
If authentication result is authentication success, judge whether the fileinfo can be following according to the identity information Carry;
If it is determined that can be downloaded for the fileinfo, then the corresponding file content of the fileinfo is encrypted and added Ciphertext part, and send to the user terminal.
2. according to the method described in claim 1, it is characterised in that described that the fileinfo is judged according to the identity information Whether can download, including:
Obtain authority information corresponding with the identity information;
According to the authority information, file download list corresponding with the authority information is searched;
Judge that the fileinfo whether there is in the file download list;
If the fileinfo is present in the file download list, it is determined as that the fileinfo can be downloaded.
3. according to the method described in claim 1, it is characterised in that described that the corresponding file content of the fileinfo is carried out Encryption obtains encryption file, including:
The address information and identity information are generated into encryption key according to preset algorithm;
Acquisition is encrypted to the corresponding file content of the fileinfo according to the encryption key and predetermined encryption algorithm To encryption file.
4. method according to claim 3, it is characterised in that the identity information includes account, described by described in Address information and identity information generate encryption key according to preset algorithm, including:
The address information and identity information are separately converted to the first numerical data and the second numerical data;
Generation encryption key is combined according to first numerical data and the second numerical data.
5. method according to claim 3, it is characterised in that methods described also includes:
The file decryption request that the user terminal is sent is received, the file decryption request includes address information and identity letter Breath;
According to the address information and identity information generation decruption key;
The decruption key is sent to the user terminal, so that the user terminal is according to the decruption key and presets The file after being decrypted, the default decipherment algorithm and the predetermined encryption is decrypted to the encryption file in decipherment algorithm Algorithm correspondence.
6. according to the method described in claim 1, it is characterised in that described that body is carried out to the user according to the checking information Part checking, including:
Judge whether the checking information matches with default checking information;
If the checking information is matched with the default checking information, authentication success;If the checking information with it is described Default checking information is mismatched, then authentication is unsuccessful.
7. method according to claim 6, it is characterised in that the checking information includes finger print information, face information, solution Image information and encrypted message are locked, it is described to judge whether the checking information matches with default checking information, including:
Judge whether the finger print information matches with preset fingerprint information respectively, judge the face information and default face information Whether match, judge whether the unblock image information matches with default unblock image information, and judge the encrypted message Whether matched with preset password information;
If the finger print information and preset fingerprint information matches, the face information are matched with default face information, the unblock Image information is matched with default unblock image information, and the encrypted message is matched with preset password information, then the checking letter Breath is matched with default checking information.
8. method according to claim 7, it is characterised in that the judgement unblock image information and default unblock figure As whether information matches, including:
The unblock image information is parsed, multistage gesture path is got;
Extract the vector value of every section of gesture path;
According to the corresponding vector row of the vector value generation unblock image information of the described every section gesture path;
Judge whether the corresponding vector row of unblock image information vector row corresponding with default unblock image information match;
If the corresponding vector row of the image information vectorial row corresponding with default unblock image information that unlock are matched, it is determined as The unblock image information is matched with default unblock image information.
9. according to the method described in claim 1, it is characterised in that methods described also includes:
Receive the file upload request of user terminal transmission, the upload request includes address information, checking information, identity information And fileinfo;
The address information is judged whether in preset address range of information, if the address information is in preset address range of information It is interior, then authentication is carried out to the user according to the checking information, get authentication result;
If authentication result be authentication success, according to the identity information judge the fileinfo whether can more than Pass;
If it is determined that can be uploaded for the fileinfo, then the text corresponding with the fileinfo sent to the user terminal Part content is received, and the file content is carried out into classification storage.
10. a kind of file downloading device, it is characterised in that applied to the server of file download system, described device includes please Receiving module, the first judge module, the second judge module and file sending module are asked, wherein,
The request receiving module is used to receive the download request that user terminal is sent according to the operation of user, the download request Including address information, checking information, identity information and fileinfo;
First judge module is used to judge the address information whether in preset address range of information, if the address is believed Breath then carries out authentication to the user according to the checking information, gets identity and test in preset address range of information Demonstrate,prove result;
If it is authentication success that second judge module, which is used for authentication result, institute is judged according to the identity information State whether fileinfo can be downloaded;
The file sending module is used for if it is determined that can be downloaded for the fileinfo, then to the corresponding text of the fileinfo Acquisition encryption file is encrypted in part content, and sends to the user terminal.
CN201710679533.0A 2017-08-10 2017-08-10 File downloading method and device Active CN107241364B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710679533.0A CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710679533.0A CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Publications (2)

Publication Number Publication Date
CN107241364A true CN107241364A (en) 2017-10-10
CN107241364B CN107241364B (en) 2020-05-08

Family

ID=59989879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710679533.0A Active CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Country Status (1)

Country Link
CN (1) CN107241364B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682376A (en) * 2017-11-21 2018-02-09 北京顶象技术有限公司 Air control data interactive method and device
CN108347629A (en) * 2018-03-16 2018-07-31 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN108418826A (en) * 2018-03-16 2018-08-17 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN110149535A (en) * 2019-05-16 2019-08-20 北京小米移动软件有限公司 Image management method and device, storage medium
CN110519154A (en) * 2019-08-15 2019-11-29 中国平安财产保险股份有限公司 Data transmission method for uplink, device, equipment and computer readable storage medium
CN111460400A (en) * 2020-03-31 2020-07-28 腾讯科技(深圳)有限公司 Data processing method and device and computer readable storage medium
CN111885047A (en) * 2020-07-21 2020-11-03 黑芝麻智能科技(重庆)有限公司 Method for terminal to acquire data, method for terminal to access data and terminal
CN112133080A (en) * 2020-08-18 2020-12-25 宁波三星医疗电气股份有限公司 Storage method of metering data of power acquisition terminal, power acquisition terminal and power system
CN112527750A (en) * 2020-12-15 2021-03-19 中孚安全技术有限公司 Domestic operating system file storage method and system
CN112653777A (en) * 2020-12-18 2021-04-13 北京百家科技集团有限公司 File downloading method, terminal, server, electronic device and storage medium
CN113420331A (en) * 2021-06-30 2021-09-21 建信金融科技有限责任公司 Method and device for managing file downloading permission
CN114039729A (en) * 2022-01-08 2022-02-11 广州市成格信息技术有限公司 Intelligent network management method and system based on optical network technology
CN114999030A (en) * 2022-05-25 2022-09-02 杭州萤石软件有限公司 Unlocking method, system, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020049679A1 (en) * 2000-04-07 2002-04-25 Chris Russell Secure digital content licensing system and method
CN103268456A (en) * 2013-05-31 2013-08-28 杭州华三通信技术有限公司 Method and device for file safety control
CN103914520A (en) * 2014-03-18 2014-07-09 小米科技有限责任公司 Data query method, terminal equipment and server

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020049679A1 (en) * 2000-04-07 2002-04-25 Chris Russell Secure digital content licensing system and method
CN103268456A (en) * 2013-05-31 2013-08-28 杭州华三通信技术有限公司 Method and device for file safety control
CN103914520A (en) * 2014-03-18 2014-07-09 小米科技有限责任公司 Data query method, terminal equipment and server

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682376B (en) * 2017-11-21 2021-03-23 北京顶象技术有限公司 Wind control data interaction method and device
CN107682376A (en) * 2017-11-21 2018-02-09 北京顶象技术有限公司 Air control data interactive method and device
CN108347629A (en) * 2018-03-16 2018-07-31 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN108418826A (en) * 2018-03-16 2018-08-17 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN110149535A (en) * 2019-05-16 2019-08-20 北京小米移动软件有限公司 Image management method and device, storage medium
CN110519154A (en) * 2019-08-15 2019-11-29 中国平安财产保险股份有限公司 Data transmission method for uplink, device, equipment and computer readable storage medium
CN110519154B (en) * 2019-08-15 2022-11-15 中国平安财产保险股份有限公司 Data transmission method, device, equipment and computer readable storage medium
CN111460400A (en) * 2020-03-31 2020-07-28 腾讯科技(深圳)有限公司 Data processing method and device and computer readable storage medium
US20220027480A1 (en) * 2020-07-21 2022-01-27 Black Sesame International Holding Limited Method for a terminal to acquire and access data
CN111885047A (en) * 2020-07-21 2020-11-03 黑芝麻智能科技(重庆)有限公司 Method for terminal to acquire data, method for terminal to access data and terminal
US11550932B2 (en) * 2020-07-21 2023-01-10 Black Sesame Technologies Inc. Method for a terminal to acquire and access data
CN112133080A (en) * 2020-08-18 2020-12-25 宁波三星医疗电气股份有限公司 Storage method of metering data of power acquisition terminal, power acquisition terminal and power system
CN112527750A (en) * 2020-12-15 2021-03-19 中孚安全技术有限公司 Domestic operating system file storage method and system
CN112653777A (en) * 2020-12-18 2021-04-13 北京百家科技集团有限公司 File downloading method, terminal, server, electronic device and storage medium
CN113420331A (en) * 2021-06-30 2021-09-21 建信金融科技有限责任公司 Method and device for managing file downloading permission
CN113420331B (en) * 2021-06-30 2022-12-13 建信金融科技有限责任公司 Method and device for managing file downloading permission
CN114039729A (en) * 2022-01-08 2022-02-11 广州市成格信息技术有限公司 Intelligent network management method and system based on optical network technology
CN114039729B (en) * 2022-01-08 2022-04-19 广州市成格信息技术有限公司 Intelligent network management method and system based on optical network technology
CN114999030A (en) * 2022-05-25 2022-09-02 杭州萤石软件有限公司 Unlocking method, system, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN107241364B (en) 2020-05-08

Similar Documents

Publication Publication Date Title
CN107241364A (en) Document down loading method and device
JP6548667B2 (en) Method, apparatus and system for providing security checks
JP6814147B2 (en) Terminals, methods, non-volatile storage media
CN103457922B (en) Electronic authentication client-side system, processing method, electronic authentication system and method
CN104320375B (en) A kind of method and apparatus for preventing from illegally registering
CN108280369B (en) Cloud document offline access system, intelligent terminal and method
CN107181714A (en) Verification method and device, the generation method of service code and device based on service code
CN104077690B (en) Method and device for generating one-time password, authentication method and authentication system
CN104240095A (en) Two-dimensional code anti-fake method and system based on domain name
CN111161056A (en) Method, system and equipment for improving transaction security of digital assets
CN104050431A (en) Self-signing method and self-signing device for RFID chips
WO2020233047A1 (en) Page test method and apparatus
CN108399521A (en) Logistics Distribution Method, device, server and storage medium
WO2022108886A1 (en) End-to end product authentication technique
CN108347629A (en) Video file processing method, device, server and storage medium
CN104980420A (en) Business processing method, device, terminal and server
CN110659899B (en) Offline payment method, device and equipment
CN107038540B (en) Method and device for object type distribution based on intelligent bar code
CN104639394B (en) Statistical method, the device and system of client number of users
CN105933273A (en) Data verification method and server
CN108830532A (en) Logistics management-control method and system
CN106790159A (en) Level of confidentiality method of calibration and device
CN112583600B (en) User authentication method, device, electronic equipment and medium
CN113946862A (en) Data processing method, device and equipment and readable storage medium
TWM612447U (en) Equipment end for identity verification and user end for obtaining product permissions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant