CN108768938B - A kind of web data encryption and decryption method and device - Google Patents

A kind of web data encryption and decryption method and device Download PDF

Info

Publication number
CN108768938B
CN108768938B CN201810332854.8A CN201810332854A CN108768938B CN 108768938 B CN108768938 B CN 108768938B CN 201810332854 A CN201810332854 A CN 201810332854A CN 108768938 B CN108768938 B CN 108768938B
Authority
CN
China
Prior art keywords
encryption
decryption
web data
browser
strategy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810332854.8A
Other languages
Chinese (zh)
Other versions
CN108768938A (en
Inventor
丁敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haitai Fangyuan High Technology Co Ltd
Original Assignee
Beijing Haitai Fangyuan High Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haitai Fangyuan High Technology Co Ltd filed Critical Beijing Haitai Fangyuan High Technology Co Ltd
Priority to CN201810332854.8A priority Critical patent/CN108768938B/en
Publication of CN108768938A publication Critical patent/CN108768938A/en
Application granted granted Critical
Publication of CN108768938B publication Critical patent/CN108768938B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Abstract

The present invention relates to field of information security technology, in particular to a kind of web data encryption and decryption method and device.This method are as follows: mark of the browser based on the current accessed page, determine encryption and decryption strategy corresponding with the current accessed page, it wherein, include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption web data attribute type set and encryption and decryption scheme;Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.Using the above method, browser is according to encryption and decryption strategy corresponding with the current accessed page, the web data interacted between operation system to itself carries out encryption and decryption processing, this makes it possible under the premise of not carrying out upgrading to operation system, for the increase of each Webpage, deletion or the corresponding encryption and decryption strategy of dynamic configuration that operation system provides, the flexibility of configuration encryption and decryption strategy is improved.

Description

A kind of web data encryption and decryption method and device
Technical field
The present invention relates to field of information security technology, in particular to a kind of web data encryption and decryption method and device.
Background technique
Currently, browser is mainly used for that the web data that background server push comes, browser and operation system is presented Web data interactive process in, the protection to web data realized by way of to web data encryption and decryption.
It in the prior art, is to rely on operation system to carry out to the encryption and decryption of web data, by being uploaded to browser Web data to operation system is encrypted, and browser is decrypted from the data that operation system is downloaded.Currently, common Operation system is to there are two types of the encryption and decryption modes of web data:
First way: after web data is uploaded to operation system by browser, net that operation system uploads browser Page data is encrypted;When browser needs to download web data from operation system, under operation system needs browser The web data of load is decrypted, and is sent to the presentation that browser carries out web data.
The second way: the web data that operation system calls encryption and decryption control to upload to operation system to browser carries out Encryption;Operation system calls encryption and decryption control that browser to be decrypted from the web data that operation system is downloaded, And web data presentation is carried out by browser.
However, when needing to execute web data encryption and decryption number for the operation system for not carrying out encryption and decryption to web data When according to strategy, alternatively, needing to upgrade the existing encryption and decryption scheme of operation system, it is also desirable to be carried out to operation system corresponding Upgrading, needs to be transformed operation system, and improvement cost is high, and transformation difficulty is big.
Summary of the invention
The purpose of the embodiment of the present invention is that a kind of web data encryption and decryption method and device is provided, to solve the prior art Present in when being increased to web data encryption and decryption strategy, delete, change, need the problem of being transformed to operation system.
The specific technical solution provided in the embodiment of the present invention is as follows:
In a first aspect, the present invention provides a kind of web data encipher-decipher method, which includes: clear It lookes at mark of the device based on the current accessed page, determines encryption and decryption strategy corresponding with the current accession page, wherein should plus solve It include the mark of the unique identification current web page in close strategy, to encryption and decryption web data attribute type set and encryption and decryption side Case;Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
Using web data encipher-decipher method provided by the invention, browser is according to the webpage of the operation system of current accessed The page determines and is directed to the pre-set encryption and decryption strategy of the Webpage accordingly, and based on the encryption and decryption strategy determined, Encryption and decryption processing is carried out to the web data that browser is interacted with the operation system, it is opposite according to the Webpage in browser lateral root The encryption and decryption strategy answered executes encryption and decryption operation to web data, under the premise of being not necessarily to be transformed upgrading to operation system, Increase, deletion or the change of the encryption and decryption strategy of the web data interacted to each Webpage with operation system can be achieved.
Optionally, for browser in the mark based on the current accessed page, determination is corresponding with the current accessed page Before encryption and decryption strategy, further comprise:
Browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, mark of the browser based on the current accessed page determines add corresponding with the current accessed page Decryption policy, comprising:
Browser obtains the uniform resource position mark URL of the current accessed page;
Browser determines to include described according to the URL of the current accessed page from the encryption and decryption strategy set The encryption and decryption strategy of the URL of the current accessed page.
Optionally, browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data, comprising:
Browser, which is directed to, needs to be uploaded to operation system, and belongs to described to encryption and decryption web data attribute type collection The first web data closed determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to institute It states the first web data to be encrypted, wherein the encryption and decryption scheme encrypts the webpage number of each attribute type for determining According to when, the encryption key that is respectively adopted.
Optionally, browser determines corresponding encryption key according to the encryption and decryption scheme, and uses the encryption key First web data is encrypted, comprising:
Browser is directed to web data disclosed in all users, using all public keys with the cipher key pair held per family It is encrypted;Alternatively,
Browser is directed to web data disclosed in designated user, using the public affairs for the cipher key pair that the designated user holds Key is encrypted.
Optionally, browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data, comprising:
Browser is directed to and download from operation system, and to encryption and decryption web data attribute type set described in belonging to Second web data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to described the Two web datas are decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, The decruption key being respectively adopted.
Optionally, browser determines corresponding decruption key according to the encryption and decryption scheme, and uses the decruption key Second web data is decrypted, comprising:
Browser is directed to web data disclosed in all users, using all private keys with the cipher key pair held per family It is decrypted;Alternatively,
Browser is directed to web data disclosed in itself, and place is decrypted in the private key for the cipher key pair held using itself Reason.
Second aspect, the present invention provide a kind of web data ciphering and deciphering device, which includes:
Determination unit determines add corresponding with the current accessed page for the mark based on the current accessed page Decryption policy, wherein include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage number According to attribute type set and encryption and decryption scheme;
Encryption/decryption element, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined Before strategy, the web data ciphering and deciphering device further comprises:
Acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined When tactful, the determination unit is used for:
Obtain the uniform resource position mark URL of the current accessed page;
It is determined to include the current visit from the encryption and decryption strategy set according to the URL of the current accessed page Ask the encryption and decryption strategy of the URL of the page.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element For:
For needing to be uploaded to operation system, and belong to the to encryption and decryption web data attribute type set One web data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to described first Web data is encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, point The encryption key not used.
Optionally, according to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to institute When stating the first web data and being encrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, added using all public keys with the cipher key pair held per family Close processing;Alternatively,
For to web data disclosed in designated user, the public key for the cipher key pair held using the designated user is carried out Encryption.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element For:
For what is downloaded from operation system, and belong to second net to encryption and decryption web data attribute type set Page data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to second webpage Data are decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, adopt respectively Decruption key.
Optionally, according to the encryption and decryption scheme, corresponding decruption key is determined, and using the decruption key to institute When stating the second web data and being decrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, solved using all private keys with the cipher key pair held per family Close processing;Alternatively,
For to web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
The third aspect, the present invention provide a kind of calculating equipment, which includes: memory, refer to for storing program It enables;Processor executes in above-mentioned first aspect for calling the program instruction stored in the memory according to the program of acquisition Any one method.
Fourth aspect, the present invention provide a kind of computer readable storage medium, the computer-readable recording medium storage There are computer executable instructions, the computer executable instructions are any in above-mentioned first aspect for executing the computer Item method.
The present invention has the beneficial effect that:
In conclusion during carrying out encryption and decryption to web data, browser is based on current in the embodiment of the present invention The mark of accession page determines encryption and decryption strategy corresponding with the current accessed page, wherein in the encryption and decryption strategy It include the mark of current web page described in unique identification, to encryption and decryption web data attribute type set and encryption and decryption scheme;It is clear Device of looking at is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
Using the above method, browser obtains encryption and decryption strategy corresponding with the current accessed page, and in browser sheet Ground carries out encryption and decryption to the web data itself interacted with the current accessed page that operation system provides based on the encryption and decryption strategy Processing, this makes it possible under the premise of not upgrading to operation system, for each Webpage that operation system provides, with Meaning increase, deletion or the corresponding encryption and decryption strategy of dynamic recognition, improve the flexibility of encryption and decryption strategy configuration, reduce The cost of encryption and decryption strategy upgrading.
Detailed description of the invention
Fig. 1 is a kind of detail flowchart of web data encipher-decipher method in the embodiment of the present invention;
Fig. 2 is a kind of data friendship of browser and encryption and decryption policy management system and operation system in the embodiment of the present invention Mutual schematic diagram;
Fig. 3 is a kind of structural schematic diagram of web data ciphering and deciphering device in the embodiment of the present invention.
Specific embodiment
The technical solution introduced in embodiment to facilitate the understanding of the present invention now provides the definition of part term:
Which 1, to encryption and decryption web data attribute type set, refer to belonging to the specific of user for specifically limiting The web data of which type needs to carry out the set of encryption and decryption processing.
2, encryption and decryption scheme, when referring to for different ownership and/or different types of web data encryption and decryption, institute The encryption key and/or decruption key that need to be used.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, is not whole embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Firstly, term "and" in the embodiment of the present invention, a kind of only incidence relation for describing affiliated partner, expression can be with There are three kinds of relationships, for example, A and B, can indicate: individualism A exists simultaneously A and B, these three situations of individualism B.Separately Outside, character "/" herein typicallys represent the relationship that forward-backward correlation object is a kind of "or".
When the present invention refers to ordinal numbers such as " first ", " second ", " third " or " the 4th ", unless based on context its The meaning of certain order of representation, it is appreciated that being only to distinguish to be used.
The solution of the present invention will be described in detail by specific embodiment below, certainly, the present invention is not limited to Lower embodiment.
As shown in fig.1, a kind of detailed process of web data encipher-decipher method is as follows in the embodiment of the present invention:
Step 100: browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
In practical application, user can access each business provided in operation system by browser, and each business can be right Corresponding Webpage is answered, corresponding, browser can carry out the interaction of web data with operation system, for example, browser can It is uploaded to operation system with the web data for inputting user, browser can also download web data from operation system, and be in On present browser page.Business function needed for operation system is used for carrying client, browser are used for each webpage of operation system The presentation of the page.So, it in order to ensure the safety of the web data interacted between browser and operation system, needs to browsing The web data interacted between device and operation system carries out encryption and decryption processing, optionally, can be directed to from browser and be uploaded to industry The web data of business system is encrypted, and downloads for browser from operation system, needs to be presented on browser page On web data be decrypted.
In the embodiment of the present invention, a kind of system (i.e. encryption and decryption tactical management system for encryption and decryption tactical management is provided System), be connected (or being connected with the terminal where browser) with browser, can be preparatory in encryption and decryption policy management system Corresponding encryption and decryption strategy is respectively configured in each Webpage provided for operation system, and browser can be from encryption and decryption strategy pipe The encryption and decryption strategy set for Webpage configuration each in operation system is obtained in reason system, encryption and decryption policy management system exists In operational process, the encryption and decryption strategy of any one Webpage can be arbitrarily added, deletes or changed.It can be mentioned for operation system Each Webpage supplied, presets corresponding encryption and decryption strategy, and be stored in encryption and decryption policy management system.
It is interacted for example, it is assumed that browser carries out web data with operation system, operation system includes Webpage 11, webpage The page 12, Webpage 13 and Webpage 14, then, encryption and decryption strategy pipe corresponding with browser and/or operation system Webpage 11 can be directed in reason system in advance, Webpage 13 and Webpage 14 are configured with corresponding encryption and decryption strategy 11, encryption and decryption strategy 13 and encryption and decryption strategy 14.If it is determined that needing that corresponding encryption and decryption strategy is arranged for Webpage 12, then Corresponding encryption and decryption strategy 12 can be configured for Webpage 12 directly in encryption and decryption policy management system;If it is determined that being not necessarily to Corresponding encryption and decryption strategy is set for Webpage 11, then can be deleted directly in encryption and decryption policy management system and be directed to net The encryption and decryption strategy that the page page 11 configures;If it is determined that needing to adjust encryption and decryption strategy for Webpage 14, then can directly exist Adaptation adjustment is carried out to encryption and decryption strategy 14 in encryption and decryption policy management system.
In the embodiment of the present invention, when executing step 100, can specifically include: when starting browser, browser from Connected encryption and decryption policy management system in obtain encryption and decryption strategy set.
Certainly, browser in first time after getting encryption and decryption strategy set in encryption and decryption policy management system, can Encryption and decryption strategy set is stored in local, and it is based on the preset period, periodically from encryption and decryption policy management system Newest encryption and decryption strategy set is obtained, it is of course also possible to the encryption and decryption strategy set acquisition instruction based on user's triggering, from adding Newest encryption and decryption strategy set is obtained in decryption policy management system.
In practical application, browser can be directed to the preset corresponding public keys pair of user during installing initialization And private cipher key pair, certainly, private cipher key pair can only browser home subscriber can be used, that is to say, that use private cipher key Clock synchronization need to verify user identity, and optionally, in the embodiment of the present invention, a kind of preferable embodiment is to use private cipher key Clock synchronization need to input correctly verifying password.
Step 110: mark of the browser based on the current accessed page determines add corresponding with the above-mentioned current accessed page Decryption policy, wherein include the mark of the above-mentioned current web page of unique identification in above-mentioned encryption and decryption strategy, to encryption and decryption webpage number According to attribute type set and encryption and decryption scheme.
In practical application, each Webpage is corresponding with the mark for being mutually applied to unique identification Webpage in operation system Know, then, in the embodiment of the present invention, browser can be according to the mark of the webpage of current accessed, from the encryption and decryption plan got Slightly encryption and decryption strategy corresponding with the webpage of current accessed is determined in set.
Specifically, when executing step 110, browser obtains the unified money of the current accessed page in the embodiment of the present invention Source finger URL (Uniform Resource Locator, URL), and solution is added from what is got according to the URL of the current accessed page Determined in close strategy set include the URL of the current accessed page encryption and decryption strategy.
In practical application, the corresponding encryption and decryption strategy of a Webpage is included at least: being used for unique identification this The mark of Webpage, the set of the attribute type for the web data for being encrypted and/or being decrypted, any attribute type , the corresponding encryption key of the web data for needing to be implemented cryptographic operation, any attribute type, need to be implemented decryption oprerations The corresponding decruption key ... ... of web data.
Certainly, in the embodiment of the present invention, according to the attribute type information of any web data, this can be at least determined The user information that the type of one web data and/or any web data are belonged to.
For example, can according in the corresponding encryption and decryption strategy of a Webpage to encryption and decryption web data Attribute class Type set is determined: for user A (i.e. browser A), needing for user A to be uploaded to the 1st class webpage number of operation system It is encrypted, is needed to user A the 2nd class web data downloaded from operation system and the 4th class according to the 3rd class web data Web data is decrypted;For user B (i.e. browser B), need user B being uploaded to the 1st of operation system Class web data and the 4th class web data are encrypted, and need the 3rd class webpage number downloaded to user B from operation system According to being decrypted;…….
Further, the encryption and decryption scheme that encryption and decryption strategy includes refers to the attribute according to a web data, determines Cryptographic operation whether is needed to be implemented, or determines the need for executing decryption oprerations, and when determination needs to be implemented cryptographic operation, It determines encryption key, when determination needs to be implemented decryption oprerations, determines decruption key.
Step 120: browser is based on above-mentioned encryption and decryption strategy and carries out encryption and decryption processing to web data.
In the embodiment of the present invention, when executing step 120, browser is carried out plus is solved to web data according to encryption and decryption strategy The mode of close processing includes but is not limited to any one or combination in following two mode:
First way are as follows: browser, which is directed to, needs to be uploaded to operation system, and belongs to above-mentioned to encryption and decryption webpage First web data of data attribute type set determines corresponding encryption key according to above-mentioned encryption and decryption scheme, and using upper It states encryption key above-mentioned first web data is encrypted, wherein above-mentioned encryption and decryption scheme encrypts each category for determining When the web data of property type, the encryption key that is respectively adopted.
Specifically, browser determines corresponding encryption key, and close using above-mentioned encryption according to above-mentioned encryption and decryption scheme When above-mentioned first web data is encrypted in key, it is specifically including but not limited to any one in following two situation:
The first situation are as follows: browser is directed to web data disclosed in all users, is held per family using all use The public key of cipher key pair is encrypted.
In practical application, due to when browser is installed, for each with corresponding Public key pair is preset per family, i.e., respectively With holding the Public key pair per family, then, browser will be uploaded to any web data of operation system in determination as to institute There is web data disclosed in user, then any web data can be carried out at encryption using the public key of the Public key centering Reason, and encrypted any web data is uploaded to operation system.
Second situation are as follows: browser is directed to web data disclosed in designated user, is held using above-mentioned designated user The public key of cipher key pair be encrypted.
In practical application, due to presetting corresponding private cipher key pair respectively for each user, i.e., when browser is installed It is each with holding the private cipher key pair for only belonging to oneself per family, then, browser will be uploaded to any of operation system in determination Web data be only to web data disclosed in designated user, then the private cipher key centering that can be held using the designated user Any web data is encrypted in public key, and encrypted any web data is uploaded to operation system.
The second way are as follows: browser is directed to and downloads from operation system, and belongs to above-mentioned to encryption and decryption web data Second web data of attribute type set determines corresponding decruption key according to above-mentioned encryption and decryption scheme, and uses above-mentioned solution Close above-mentioned second web data of key pair is decrypted, wherein above-mentioned encryption and decryption scheme decrypts each Attribute class for determining When the web data of type, the decruption key that is respectively adopted.
Specifically, browser determines corresponding decruption key, and close using the decryption according to the encryption and decryption scheme When second web data is decrypted in key, it is specifically including but not limited to any one in following two situation:
The first situation are as follows: browser is directed to web data disclosed in all users, is held per family using all use The private key of cipher key pair is decrypted.
In practical application, browser determines any web data encrypted downloaded from operation system for useful Then place is decrypted to any web data using the private key for the Public key centering itself held in web data disclosed in family Reason, any web data after being decrypted, and by parsing, rendering, which is presented on browser page On face.
Second situation are as follows: browser is directed to web data disclosed in itself, the cipher key pair held using itself Private key is decrypted.
In practical application, browser determines that any web data encrypted downloaded from operation system is only to oneself Disclosed web data, then after determining user identity, the private key for the private cipher key centering held using itself is any to this Web data is decrypted, any web data after being decrypted, and by parsing, rendering, by any webpage Data are presented on browser page.
Above-described embodiment is described in further detail using specific application scenarios below, as shown in fig.2, of the invention In embodiment, a kind of data interaction schematic diagram of browser and encryption and decryption policy management system and operation system.Pacify in client Equipped with browser, browser carries out web data with operation system and interacts, and the web data that browser can input user uploads Into operation system, web data can also be downloaded from operation system, and show on browser page.Encryption and decryption strategy pipe Preset in reason system operation system offer the corresponding encryption and decryption strategy of each Webpage, then, any client it is clear Device of looking at can synchronize encryption and decryption strategy set from encryption and decryption policy management system, and when accessing operation system, according to current The mark of accession page determines corresponding encryption and decryption strategy from encryption and decryption strategy set, and uses the encryption and decryption strategy pair The web data itself interacted with the current accessed page carries out encryption and decryption processing.
Based on the above embodiment, as shown in fig.3, in the embodiment of the present invention, a kind of web data ciphering and deciphering device, at least Including determination unit 30 and encryption/decryption element 31, wherein
Determination unit 30, for the mark based on the current accessed page, determination is corresponding with the current accessed page Encryption and decryption strategy, wherein include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage Data attribute set and encryption and decryption scheme;
Encryption/decryption element 31, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined Before strategy, the web data ciphering and deciphering device further comprises:
Acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined When tactful, the determination unit 30 is used for:
Obtain the uniform resource position mark URL of the current accessed page;
It is determined to include the current visit from the encryption and decryption strategy set according to the URL of the current accessed page Ask the encryption and decryption strategy of the URL of the page.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element 31 are used for:
For needing to be uploaded to operation system, and belong to first net to encryption and decryption web data attribute set Page data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to first webpage Data are encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, adopt respectively Encryption key.
Optionally, according to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to institute When stating the first web data and being encrypted, the encryption/decryption element 31 is used for:
For to web data disclosed in all users, added using all public keys with the cipher key pair held per family Close processing;Alternatively,
For to web data disclosed in designated user, the public key for the cipher key pair held using the designated user is carried out Encryption.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element 31 are used for:
For what is downloaded from operation system, and belong to the second webpage number to encryption and decryption web data attribute set According to determining corresponding decruption key, and using the decruption key to second web data according to the encryption and decryption scheme It is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, be respectively adopted Decruption key.
Optionally, according to the encryption and decryption scheme, corresponding decruption key is determined, and using the decruption key to institute When stating the second web data and being decrypted, the encryption/decryption element 31 is used for:
For to web data disclosed in all users, solved using all private keys with the cipher key pair held per family Close processing;Alternatively,
For to web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
In conclusion during carrying out encryption and decryption to web data, browser is based on current in the embodiment of the present invention The mark of accession page determines encryption and decryption strategy corresponding with the current accessed page, wherein in the encryption and decryption strategy It include the mark of current web page described in unique identification, to encryption and decryption web data attribute set and encryption and decryption scheme;Browser Encryption and decryption processing is carried out to web data based on the encryption and decryption strategy.
Using the above method, browser obtains encryption and decryption strategy corresponding with the current accessed page, and in browser sheet Ground carries out encryption and decryption to the web data itself interacted with the current accessed page that operation system provides based on the encryption and decryption strategy Processing, this makes it possible under the premise of not upgrading to operation system, for each Webpage that operation system provides, with Meaning increase, deletion or the corresponding encryption and decryption strategy of dynamic recognition, improve the flexibility of encryption and decryption strategy configuration, reduce The cost of encryption and decryption strategy upgrading.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The present invention be according to the method for the embodiment of the present invention, the flow chart of equipment (system) and computer program product and/ Or block diagram describes.It should be understood that each process that can be realized by computer program instructions in flowchart and/or the block diagram and/ Or the combination of the process and/or box in box and flowchart and/or the block diagram.It can provide these computer program instructions To general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices processor to generate one A machine so that by the instruction that the processor of computer or other programmable data processing devices executes generate for realizing The device for the function of being specified in one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims (16)

1. a kind of web data encipher-decipher method characterized by comprising
Mark of the browser based on the current accessed page determines encryption and decryption strategy corresponding with the current accessed page, In, it include the mark of the current accessed page described in unique identification in the encryption and decryption strategy, to encryption and decryption web data attribute Type set and encryption and decryption scheme, and the encryption and decryption strategy is the strategy periodically updated, it is described to encryption and decryption web data Attribute type set is for determining the type to encryption and decryption web data and/or described being belonged to encryption and decryption web data The set of user information;
Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
2. the method as described in claim 1, which is characterized in that browser in the mark based on the current accessed page, determine with Before the corresponding encryption and decryption strategy of the current accessed page, further comprise:
Browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
3. method according to claim 2, which is characterized in that mark of the browser based on the current accessed page, determining and institute State the corresponding encryption and decryption strategy of the current accessed page, comprising:
Browser obtains the uniform resource position mark URL of the current accessed page;
Browser determines to include described current according to the URL of the current accessed page from the encryption and decryption strategy set The encryption and decryption strategy of the URL of accession page.
4. the method according to claim 1, which is characterized in that browser is based on the encryption and decryption strategy to webpage Data carry out encryption and decryption processing, comprising:
Browser, which is directed to, needs to be uploaded to operation system, and belongs to described to encryption and decryption web data attribute type set First web data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to described the One web data is encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, The encryption key being respectively adopted.
5. method as claimed in claim 4, which is characterized in that browser determines corresponding add according to the encryption and decryption scheme Key, and first web data is encrypted using the encryption key, comprising:
Browser is directed to web data disclosed in all users, is carried out using all with the public key for the cipher key pair held per family Encryption;Alternatively,
Browser is directed to web data disclosed in designated user, the public key of the cipher key pair held using the designated user into Row encryption.
6. the method according to claim 1, which is characterized in that browser is based on the encryption and decryption strategy to webpage Data carry out encryption and decryption processing, comprising:
Browser is directed to and download from operation system, and described in belonging to encryption and decryption web data attribute type set second Web data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to second net Page data is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, respectively The decruption key of use.
7. method as claimed in claim 6, which is characterized in that browser determines corresponding solution according to the encryption and decryption scheme Key, and second web data is decrypted using the decruption key, comprising:
Browser is directed to web data disclosed in all users, is carried out using all with the private key for the cipher key pair held per family Decryption processing;Alternatively,
Browser is directed to web data disclosed in itself, and the private key for the cipher key pair held using itself is decrypted.
8. a kind of web data ciphering and deciphering device characterized by comprising
Determination unit determines encryption and decryption corresponding with the current accessed page for the mark based on the current accessed page Strategy, wherein include the mark of the current accessed page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage number According to attribute type set and encryption and decryption scheme, and the encryption and decryption strategy is the strategy periodically updated, described to encryption and decryption net Page data attribute type set is for determining to the type of encryption and decryption web data and/or described to encryption and decryption web data institute The set of the user information of ownership;
Encryption/decryption element, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
9. device as claimed in claim 8, which is characterized in that in the mark based on the current accessed page, determination is worked as with described Before the corresponding encryption and decryption strategy of preceding accession page, the web data ciphering and deciphering device further comprises: acquiring unit;
The acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
10. device as claimed in claim 9, which is characterized in that in the mark based on the current accessed page, determination is worked as with described When the corresponding encryption and decryption strategy of preceding accession page, the determination unit is used for:
Obtain the uniform resource position mark URL of the current accessed page;Added according to the URL of the current accessed page from described Determined in decryption policy set include the URL of the current accessed page encryption and decryption strategy.
11. such as the described in any item devices of claim 9-10, which is characterized in that be based on the encryption and decryption strategy to webpage number When according to carrying out encryption and decryption processing, the encryption/decryption element is used for:
For needing to be uploaded to operation system, and belong to first net to encryption and decryption web data attribute type set Page data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to first webpage Data are encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, adopt respectively Encryption key.
12. device as claimed in claim 11, which is characterized in that
According to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to the first webpage number When according to being encrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, carried out at encryption using all with the public key for the cipher key pair held per family Reason;Alternatively, the public key for the cipher key pair held using the designated user is carried out for web data disclosed in designated user Encryption.
13. such as the described in any item devices of claim 9-10, which is characterized in that be based on the encryption and decryption strategy to webpage number When according to carrying out encryption and decryption processing, the encryption/decryption element is used for:
For what is downloaded from operation system, and belong to the second webpage number to encryption and decryption web data attribute type set According to determining corresponding decruption key, and using the decruption key to second web data according to the encryption and decryption scheme It is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, be respectively adopted Decruption key.
14. device as claimed in claim 13, which is characterized in that according to the encryption and decryption scheme, determine corresponding decryption Key, and using the decruption key second web data is decrypted when, the encryption/decryption element is used for:
For to web data disclosed in all users, place is decrypted using all private keys with the cipher key pair held per family Reason;Alternatively, for web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
15. a kind of calculating equipment characterized by comprising
Memory, for storing program instruction;
Processor, for calling the program instruction stored in the memory, according to acquisition program execute as claim 1 to 7 described in any item methods.
16. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer can It executes instruction, the computer executable instructions are for making the computer execute side as described in any one of claim 1 to 7 Method.
CN201810332854.8A 2018-04-13 2018-04-13 A kind of web data encryption and decryption method and device Active CN108768938B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810332854.8A CN108768938B (en) 2018-04-13 2018-04-13 A kind of web data encryption and decryption method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810332854.8A CN108768938B (en) 2018-04-13 2018-04-13 A kind of web data encryption and decryption method and device

Publications (2)

Publication Number Publication Date
CN108768938A CN108768938A (en) 2018-11-06
CN108768938B true CN108768938B (en) 2019-08-09

Family

ID=64010769

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810332854.8A Active CN108768938B (en) 2018-04-13 2018-04-13 A kind of web data encryption and decryption method and device

Country Status (1)

Country Link
CN (1) CN108768938B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112579998B (en) * 2019-09-30 2023-09-26 北京京东尚科信息技术有限公司 Webpage access method, management system and electronic equipment in information interaction platform
CN111222075A (en) * 2020-01-15 2020-06-02 平安普惠企业管理有限公司 Data transmission method based on multiple Webviews, server and storage medium
CN112632585B (en) * 2020-12-31 2022-04-01 北京海泰方圆科技股份有限公司 Webpage data transmission system, method, device, medium and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104506518A (en) * 2014-12-22 2015-04-08 中软信息系统工程有限公司 Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system
CN105095694A (en) * 2014-05-14 2015-11-25 腾讯科技(深圳)有限公司 Method and system for calling plug-ins by webpages
CN105516208A (en) * 2016-01-28 2016-04-20 邱铭钗 WEB site link dynamic hiding method and device capable of effectively preventing network attacks
CN107305610A (en) * 2016-04-22 2017-10-31 腾讯科技(深圳)有限公司 The method and apparatus of access path processing, the methods, devices and systems of automatic machine identification

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI20155763A (en) * 2015-10-26 2017-04-27 Online Solutions Oy METHOD AND SYSTEM FOR VERIFYING THE CERTIFICATE BY SSL PROTOCOL ON THE INTERNET ACCESS TO THE WEBSITE

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105095694A (en) * 2014-05-14 2015-11-25 腾讯科技(深圳)有限公司 Method and system for calling plug-ins by webpages
CN104506518A (en) * 2014-12-22 2015-04-08 中软信息系统工程有限公司 Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system
CN105516208A (en) * 2016-01-28 2016-04-20 邱铭钗 WEB site link dynamic hiding method and device capable of effectively preventing network attacks
CN107305610A (en) * 2016-04-22 2017-10-31 腾讯科技(深圳)有限公司 The method and apparatus of access path processing, the methods, devices and systems of automatic machine identification

Also Published As

Publication number Publication date
CN108768938A (en) 2018-11-06

Similar Documents

Publication Publication Date Title
US11676133B2 (en) Method and system for mobile cryptocurrency wallet connectivity
CN104852925B (en) Mobile intelligent terminal anti-data-leakage secure storage, backup method
US8712041B2 (en) Content protection apparatus and content encryption and decryption apparatus using white-box encryption table
CN106506159A (en) Encryption method and equipment for key safety
CN111314069B (en) Block chain-based shaking system and method, electronic device and storage medium
CN108768938B (en) A kind of web data encryption and decryption method and device
US20170099144A1 (en) Embedded encryption platform comprising an algorithmically flexible multiple parameter encryption system
CN108154038A (en) Data processing method and device
JP2006301992A (en) Authentication management method and system
CN105847000A (en) Token generation method and communication system based on same
CN107040520A (en) A kind of cloud computing data-sharing systems and method
CN112422500A (en) Cross-platform data transmission method and device, storage medium and electronic device
US20170200020A1 (en) Data management system, program recording medium, communication terminal, and data management server
CN110266641B (en) Information reading method, system, device and computer readable storage medium
CN105187379B (en) Password based on multi-party mutual mistrust splits management method
JP5678150B2 (en) User terminal, key management system, and program
WO2011058629A1 (en) Information management system
CN102855419A (en) Copyright protection method for data files of intelligent terminals
CN110034922A (en) Request processing method, processing unit and requests verification method, verifying device
CN102724212A (en) Read-later server realization method, read-later server realization system and read-later read server
CN102724328A (en) Read-later client-side refreshing method, system and device
US10043015B2 (en) Method and apparatus for applying a customer owned encryption
JP7325872B1 (en) Secure computing system, information processing device, computer program, and access right management method
CN114125830B (en) APP data encryption transmission method, device and medium
JP4000395B2 (en) Web3D authoring system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant