CN108768938B - A kind of web data encryption and decryption method and device - Google Patents
A kind of web data encryption and decryption method and device Download PDFInfo
- Publication number
- CN108768938B CN108768938B CN201810332854.8A CN201810332854A CN108768938B CN 108768938 B CN108768938 B CN 108768938B CN 201810332854 A CN201810332854 A CN 201810332854A CN 108768938 B CN108768938 B CN 108768938B
- Authority
- CN
- China
- Prior art keywords
- encryption
- decryption
- web data
- browser
- strategy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The present invention relates to field of information security technology, in particular to a kind of web data encryption and decryption method and device.This method are as follows: mark of the browser based on the current accessed page, determine encryption and decryption strategy corresponding with the current accessed page, it wherein, include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption web data attribute type set and encryption and decryption scheme;Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.Using the above method, browser is according to encryption and decryption strategy corresponding with the current accessed page, the web data interacted between operation system to itself carries out encryption and decryption processing, this makes it possible under the premise of not carrying out upgrading to operation system, for the increase of each Webpage, deletion or the corresponding encryption and decryption strategy of dynamic configuration that operation system provides, the flexibility of configuration encryption and decryption strategy is improved.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of web data encryption and decryption method and device.
Background technique
Currently, browser is mainly used for that the web data that background server push comes, browser and operation system is presented
Web data interactive process in, the protection to web data realized by way of to web data encryption and decryption.
It in the prior art, is to rely on operation system to carry out to the encryption and decryption of web data, by being uploaded to browser
Web data to operation system is encrypted, and browser is decrypted from the data that operation system is downloaded.Currently, common
Operation system is to there are two types of the encryption and decryption modes of web data:
First way: after web data is uploaded to operation system by browser, net that operation system uploads browser
Page data is encrypted;When browser needs to download web data from operation system, under operation system needs browser
The web data of load is decrypted, and is sent to the presentation that browser carries out web data.
The second way: the web data that operation system calls encryption and decryption control to upload to operation system to browser carries out
Encryption;Operation system calls encryption and decryption control that browser to be decrypted from the web data that operation system is downloaded,
And web data presentation is carried out by browser.
However, when needing to execute web data encryption and decryption number for the operation system for not carrying out encryption and decryption to web data
When according to strategy, alternatively, needing to upgrade the existing encryption and decryption scheme of operation system, it is also desirable to be carried out to operation system corresponding
Upgrading, needs to be transformed operation system, and improvement cost is high, and transformation difficulty is big.
Summary of the invention
The purpose of the embodiment of the present invention is that a kind of web data encryption and decryption method and device is provided, to solve the prior art
Present in when being increased to web data encryption and decryption strategy, delete, change, need the problem of being transformed to operation system.
The specific technical solution provided in the embodiment of the present invention is as follows:
In a first aspect, the present invention provides a kind of web data encipher-decipher method, which includes: clear
It lookes at mark of the device based on the current accessed page, determines encryption and decryption strategy corresponding with the current accession page, wherein should plus solve
It include the mark of the unique identification current web page in close strategy, to encryption and decryption web data attribute type set and encryption and decryption side
Case;Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
Using web data encipher-decipher method provided by the invention, browser is according to the webpage of the operation system of current accessed
The page determines and is directed to the pre-set encryption and decryption strategy of the Webpage accordingly, and based on the encryption and decryption strategy determined,
Encryption and decryption processing is carried out to the web data that browser is interacted with the operation system, it is opposite according to the Webpage in browser lateral root
The encryption and decryption strategy answered executes encryption and decryption operation to web data, under the premise of being not necessarily to be transformed upgrading to operation system,
Increase, deletion or the change of the encryption and decryption strategy of the web data interacted to each Webpage with operation system can be achieved.
Optionally, for browser in the mark based on the current accessed page, determination is corresponding with the current accessed page
Before encryption and decryption strategy, further comprise:
Browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, mark of the browser based on the current accessed page determines add corresponding with the current accessed page
Decryption policy, comprising:
Browser obtains the uniform resource position mark URL of the current accessed page;
Browser determines to include described according to the URL of the current accessed page from the encryption and decryption strategy set
The encryption and decryption strategy of the URL of the current accessed page.
Optionally, browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data, comprising:
Browser, which is directed to, needs to be uploaded to operation system, and belongs to described to encryption and decryption web data attribute type collection
The first web data closed determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to institute
It states the first web data to be encrypted, wherein the encryption and decryption scheme encrypts the webpage number of each attribute type for determining
According to when, the encryption key that is respectively adopted.
Optionally, browser determines corresponding encryption key according to the encryption and decryption scheme, and uses the encryption key
First web data is encrypted, comprising:
Browser is directed to web data disclosed in all users, using all public keys with the cipher key pair held per family
It is encrypted;Alternatively,
Browser is directed to web data disclosed in designated user, using the public affairs for the cipher key pair that the designated user holds
Key is encrypted.
Optionally, browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data, comprising:
Browser is directed to and download from operation system, and to encryption and decryption web data attribute type set described in belonging to
Second web data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to described the
Two web datas are decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type,
The decruption key being respectively adopted.
Optionally, browser determines corresponding decruption key according to the encryption and decryption scheme, and uses the decruption key
Second web data is decrypted, comprising:
Browser is directed to web data disclosed in all users, using all private keys with the cipher key pair held per family
It is decrypted;Alternatively,
Browser is directed to web data disclosed in itself, and place is decrypted in the private key for the cipher key pair held using itself
Reason.
Second aspect, the present invention provide a kind of web data ciphering and deciphering device, which includes:
Determination unit determines add corresponding with the current accessed page for the mark based on the current accessed page
Decryption policy, wherein include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage number
According to attribute type set and encryption and decryption scheme;
Encryption/decryption element, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined
Before strategy, the web data ciphering and deciphering device further comprises:
Acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined
When tactful, the determination unit is used for:
Obtain the uniform resource position mark URL of the current accessed page;
It is determined to include the current visit from the encryption and decryption strategy set according to the URL of the current accessed page
Ask the encryption and decryption strategy of the URL of the page.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element
For:
For needing to be uploaded to operation system, and belong to the to encryption and decryption web data attribute type set
One web data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to described first
Web data is encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, point
The encryption key not used.
Optionally, according to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to institute
When stating the first web data and being encrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, added using all public keys with the cipher key pair held per family
Close processing;Alternatively,
For to web data disclosed in designated user, the public key for the cipher key pair held using the designated user is carried out
Encryption.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element
For:
For what is downloaded from operation system, and belong to second net to encryption and decryption web data attribute type set
Page data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to second webpage
Data are decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, adopt respectively
Decruption key.
Optionally, according to the encryption and decryption scheme, corresponding decruption key is determined, and using the decruption key to institute
When stating the second web data and being decrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, solved using all private keys with the cipher key pair held per family
Close processing;Alternatively,
For to web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
The third aspect, the present invention provide a kind of calculating equipment, which includes: memory, refer to for storing program
It enables;Processor executes in above-mentioned first aspect for calling the program instruction stored in the memory according to the program of acquisition
Any one method.
Fourth aspect, the present invention provide a kind of computer readable storage medium, the computer-readable recording medium storage
There are computer executable instructions, the computer executable instructions are any in above-mentioned first aspect for executing the computer
Item method.
The present invention has the beneficial effect that:
In conclusion during carrying out encryption and decryption to web data, browser is based on current in the embodiment of the present invention
The mark of accession page determines encryption and decryption strategy corresponding with the current accessed page, wherein in the encryption and decryption strategy
It include the mark of current web page described in unique identification, to encryption and decryption web data attribute type set and encryption and decryption scheme;It is clear
Device of looking at is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
Using the above method, browser obtains encryption and decryption strategy corresponding with the current accessed page, and in browser sheet
Ground carries out encryption and decryption to the web data itself interacted with the current accessed page that operation system provides based on the encryption and decryption strategy
Processing, this makes it possible under the premise of not upgrading to operation system, for each Webpage that operation system provides, with
Meaning increase, deletion or the corresponding encryption and decryption strategy of dynamic recognition, improve the flexibility of encryption and decryption strategy configuration, reduce
The cost of encryption and decryption strategy upgrading.
Detailed description of the invention
Fig. 1 is a kind of detail flowchart of web data encipher-decipher method in the embodiment of the present invention;
Fig. 2 is a kind of data friendship of browser and encryption and decryption policy management system and operation system in the embodiment of the present invention
Mutual schematic diagram;
Fig. 3 is a kind of structural schematic diagram of web data ciphering and deciphering device in the embodiment of the present invention.
Specific embodiment
The technical solution introduced in embodiment to facilitate the understanding of the present invention now provides the definition of part term:
Which 1, to encryption and decryption web data attribute type set, refer to belonging to the specific of user for specifically limiting
The web data of which type needs to carry out the set of encryption and decryption processing.
2, encryption and decryption scheme, when referring to for different ownership and/or different types of web data encryption and decryption, institute
The encryption key and/or decruption key that need to be used.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, is not whole embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Firstly, term "and" in the embodiment of the present invention, a kind of only incidence relation for describing affiliated partner, expression can be with
There are three kinds of relationships, for example, A and B, can indicate: individualism A exists simultaneously A and B, these three situations of individualism B.Separately
Outside, character "/" herein typicallys represent the relationship that forward-backward correlation object is a kind of "or".
When the present invention refers to ordinal numbers such as " first ", " second ", " third " or " the 4th ", unless based on context its
The meaning of certain order of representation, it is appreciated that being only to distinguish to be used.
The solution of the present invention will be described in detail by specific embodiment below, certainly, the present invention is not limited to
Lower embodiment.
As shown in fig.1, a kind of detailed process of web data encipher-decipher method is as follows in the embodiment of the present invention:
Step 100: browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
In practical application, user can access each business provided in operation system by browser, and each business can be right
Corresponding Webpage is answered, corresponding, browser can carry out the interaction of web data with operation system, for example, browser can
It is uploaded to operation system with the web data for inputting user, browser can also download web data from operation system, and be in
On present browser page.Business function needed for operation system is used for carrying client, browser are used for each webpage of operation system
The presentation of the page.So, it in order to ensure the safety of the web data interacted between browser and operation system, needs to browsing
The web data interacted between device and operation system carries out encryption and decryption processing, optionally, can be directed to from browser and be uploaded to industry
The web data of business system is encrypted, and downloads for browser from operation system, needs to be presented on browser page
On web data be decrypted.
In the embodiment of the present invention, a kind of system (i.e. encryption and decryption tactical management system for encryption and decryption tactical management is provided
System), be connected (or being connected with the terminal where browser) with browser, can be preparatory in encryption and decryption policy management system
Corresponding encryption and decryption strategy is respectively configured in each Webpage provided for operation system, and browser can be from encryption and decryption strategy pipe
The encryption and decryption strategy set for Webpage configuration each in operation system is obtained in reason system, encryption and decryption policy management system exists
In operational process, the encryption and decryption strategy of any one Webpage can be arbitrarily added, deletes or changed.It can be mentioned for operation system
Each Webpage supplied, presets corresponding encryption and decryption strategy, and be stored in encryption and decryption policy management system.
It is interacted for example, it is assumed that browser carries out web data with operation system, operation system includes Webpage 11, webpage
The page 12, Webpage 13 and Webpage 14, then, encryption and decryption strategy pipe corresponding with browser and/or operation system
Webpage 11 can be directed in reason system in advance, Webpage 13 and Webpage 14 are configured with corresponding encryption and decryption strategy
11, encryption and decryption strategy 13 and encryption and decryption strategy 14.If it is determined that needing that corresponding encryption and decryption strategy is arranged for Webpage 12, then
Corresponding encryption and decryption strategy 12 can be configured for Webpage 12 directly in encryption and decryption policy management system;If it is determined that being not necessarily to
Corresponding encryption and decryption strategy is set for Webpage 11, then can be deleted directly in encryption and decryption policy management system and be directed to net
The encryption and decryption strategy that the page page 11 configures;If it is determined that needing to adjust encryption and decryption strategy for Webpage 14, then can directly exist
Adaptation adjustment is carried out to encryption and decryption strategy 14 in encryption and decryption policy management system.
In the embodiment of the present invention, when executing step 100, can specifically include: when starting browser, browser from
Connected encryption and decryption policy management system in obtain encryption and decryption strategy set.
Certainly, browser in first time after getting encryption and decryption strategy set in encryption and decryption policy management system, can
Encryption and decryption strategy set is stored in local, and it is based on the preset period, periodically from encryption and decryption policy management system
Newest encryption and decryption strategy set is obtained, it is of course also possible to the encryption and decryption strategy set acquisition instruction based on user's triggering, from adding
Newest encryption and decryption strategy set is obtained in decryption policy management system.
In practical application, browser can be directed to the preset corresponding public keys pair of user during installing initialization
And private cipher key pair, certainly, private cipher key pair can only browser home subscriber can be used, that is to say, that use private cipher key
Clock synchronization need to verify user identity, and optionally, in the embodiment of the present invention, a kind of preferable embodiment is to use private cipher key
Clock synchronization need to input correctly verifying password.
Step 110: mark of the browser based on the current accessed page determines add corresponding with the above-mentioned current accessed page
Decryption policy, wherein include the mark of the above-mentioned current web page of unique identification in above-mentioned encryption and decryption strategy, to encryption and decryption webpage number
According to attribute type set and encryption and decryption scheme.
In practical application, each Webpage is corresponding with the mark for being mutually applied to unique identification Webpage in operation system
Know, then, in the embodiment of the present invention, browser can be according to the mark of the webpage of current accessed, from the encryption and decryption plan got
Slightly encryption and decryption strategy corresponding with the webpage of current accessed is determined in set.
Specifically, when executing step 110, browser obtains the unified money of the current accessed page in the embodiment of the present invention
Source finger URL (Uniform Resource Locator, URL), and solution is added from what is got according to the URL of the current accessed page
Determined in close strategy set include the URL of the current accessed page encryption and decryption strategy.
In practical application, the corresponding encryption and decryption strategy of a Webpage is included at least: being used for unique identification this
The mark of Webpage, the set of the attribute type for the web data for being encrypted and/or being decrypted, any attribute type
, the corresponding encryption key of the web data for needing to be implemented cryptographic operation, any attribute type, need to be implemented decryption oprerations
The corresponding decruption key ... ... of web data.
Certainly, in the embodiment of the present invention, according to the attribute type information of any web data, this can be at least determined
The user information that the type of one web data and/or any web data are belonged to.
For example, can according in the corresponding encryption and decryption strategy of a Webpage to encryption and decryption web data Attribute class
Type set is determined: for user A (i.e. browser A), needing for user A to be uploaded to the 1st class webpage number of operation system
It is encrypted, is needed to user A the 2nd class web data downloaded from operation system and the 4th class according to the 3rd class web data
Web data is decrypted;For user B (i.e. browser B), need user B being uploaded to the 1st of operation system
Class web data and the 4th class web data are encrypted, and need the 3rd class webpage number downloaded to user B from operation system
According to being decrypted;…….
Further, the encryption and decryption scheme that encryption and decryption strategy includes refers to the attribute according to a web data, determines
Cryptographic operation whether is needed to be implemented, or determines the need for executing decryption oprerations, and when determination needs to be implemented cryptographic operation,
It determines encryption key, when determination needs to be implemented decryption oprerations, determines decruption key.
Step 120: browser is based on above-mentioned encryption and decryption strategy and carries out encryption and decryption processing to web data.
In the embodiment of the present invention, when executing step 120, browser is carried out plus is solved to web data according to encryption and decryption strategy
The mode of close processing includes but is not limited to any one or combination in following two mode:
First way are as follows: browser, which is directed to, needs to be uploaded to operation system, and belongs to above-mentioned to encryption and decryption webpage
First web data of data attribute type set determines corresponding encryption key according to above-mentioned encryption and decryption scheme, and using upper
It states encryption key above-mentioned first web data is encrypted, wherein above-mentioned encryption and decryption scheme encrypts each category for determining
When the web data of property type, the encryption key that is respectively adopted.
Specifically, browser determines corresponding encryption key, and close using above-mentioned encryption according to above-mentioned encryption and decryption scheme
When above-mentioned first web data is encrypted in key, it is specifically including but not limited to any one in following two situation:
The first situation are as follows: browser is directed to web data disclosed in all users, is held per family using all use
The public key of cipher key pair is encrypted.
In practical application, due to when browser is installed, for each with corresponding Public key pair is preset per family, i.e., respectively
With holding the Public key pair per family, then, browser will be uploaded to any web data of operation system in determination as to institute
There is web data disclosed in user, then any web data can be carried out at encryption using the public key of the Public key centering
Reason, and encrypted any web data is uploaded to operation system.
Second situation are as follows: browser is directed to web data disclosed in designated user, is held using above-mentioned designated user
The public key of cipher key pair be encrypted.
In practical application, due to presetting corresponding private cipher key pair respectively for each user, i.e., when browser is installed
It is each with holding the private cipher key pair for only belonging to oneself per family, then, browser will be uploaded to any of operation system in determination
Web data be only to web data disclosed in designated user, then the private cipher key centering that can be held using the designated user
Any web data is encrypted in public key, and encrypted any web data is uploaded to operation system.
The second way are as follows: browser is directed to and downloads from operation system, and belongs to above-mentioned to encryption and decryption web data
Second web data of attribute type set determines corresponding decruption key according to above-mentioned encryption and decryption scheme, and uses above-mentioned solution
Close above-mentioned second web data of key pair is decrypted, wherein above-mentioned encryption and decryption scheme decrypts each Attribute class for determining
When the web data of type, the decruption key that is respectively adopted.
Specifically, browser determines corresponding decruption key, and close using the decryption according to the encryption and decryption scheme
When second web data is decrypted in key, it is specifically including but not limited to any one in following two situation:
The first situation are as follows: browser is directed to web data disclosed in all users, is held per family using all use
The private key of cipher key pair is decrypted.
In practical application, browser determines any web data encrypted downloaded from operation system for useful
Then place is decrypted to any web data using the private key for the Public key centering itself held in web data disclosed in family
Reason, any web data after being decrypted, and by parsing, rendering, which is presented on browser page
On face.
Second situation are as follows: browser is directed to web data disclosed in itself, the cipher key pair held using itself
Private key is decrypted.
In practical application, browser determines that any web data encrypted downloaded from operation system is only to oneself
Disclosed web data, then after determining user identity, the private key for the private cipher key centering held using itself is any to this
Web data is decrypted, any web data after being decrypted, and by parsing, rendering, by any webpage
Data are presented on browser page.
Above-described embodiment is described in further detail using specific application scenarios below, as shown in fig.2, of the invention
In embodiment, a kind of data interaction schematic diagram of browser and encryption and decryption policy management system and operation system.Pacify in client
Equipped with browser, browser carries out web data with operation system and interacts, and the web data that browser can input user uploads
Into operation system, web data can also be downloaded from operation system, and show on browser page.Encryption and decryption strategy pipe
Preset in reason system operation system offer the corresponding encryption and decryption strategy of each Webpage, then, any client it is clear
Device of looking at can synchronize encryption and decryption strategy set from encryption and decryption policy management system, and when accessing operation system, according to current
The mark of accession page determines corresponding encryption and decryption strategy from encryption and decryption strategy set, and uses the encryption and decryption strategy pair
The web data itself interacted with the current accessed page carries out encryption and decryption processing.
Based on the above embodiment, as shown in fig.3, in the embodiment of the present invention, a kind of web data ciphering and deciphering device, at least
Including determination unit 30 and encryption/decryption element 31, wherein
Determination unit 30, for the mark based on the current accessed page, determination is corresponding with the current accessed page
Encryption and decryption strategy, wherein include the mark of current web page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage
Data attribute set and encryption and decryption scheme;
Encryption/decryption element 31, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined
Before strategy, the web data ciphering and deciphering device further comprises:
Acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
Optionally, in the mark based on the current accessed page, encryption and decryption corresponding with the current accessed page is determined
When tactful, the determination unit 30 is used for:
Obtain the uniform resource position mark URL of the current accessed page;
It is determined to include the current visit from the encryption and decryption strategy set according to the URL of the current accessed page
Ask the encryption and decryption strategy of the URL of the page.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element
31 are used for:
For needing to be uploaded to operation system, and belong to first net to encryption and decryption web data attribute set
Page data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to first webpage
Data are encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, adopt respectively
Encryption key.
Optionally, according to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to institute
When stating the first web data and being encrypted, the encryption/decryption element 31 is used for:
For to web data disclosed in all users, added using all public keys with the cipher key pair held per family
Close processing;Alternatively,
For to web data disclosed in designated user, the public key for the cipher key pair held using the designated user is carried out
Encryption.
Optionally, when carrying out encryption and decryption processing to web data based on the encryption and decryption strategy, the encryption/decryption element
31 are used for:
For what is downloaded from operation system, and belong to the second webpage number to encryption and decryption web data attribute set
According to determining corresponding decruption key, and using the decruption key to second web data according to the encryption and decryption scheme
It is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, be respectively adopted
Decruption key.
Optionally, according to the encryption and decryption scheme, corresponding decruption key is determined, and using the decruption key to institute
When stating the second web data and being decrypted, the encryption/decryption element 31 is used for:
For to web data disclosed in all users, solved using all private keys with the cipher key pair held per family
Close processing;Alternatively,
For to web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
In conclusion during carrying out encryption and decryption to web data, browser is based on current in the embodiment of the present invention
The mark of accession page determines encryption and decryption strategy corresponding with the current accessed page, wherein in the encryption and decryption strategy
It include the mark of current web page described in unique identification, to encryption and decryption web data attribute set and encryption and decryption scheme;Browser
Encryption and decryption processing is carried out to web data based on the encryption and decryption strategy.
Using the above method, browser obtains encryption and decryption strategy corresponding with the current accessed page, and in browser sheet
Ground carries out encryption and decryption to the web data itself interacted with the current accessed page that operation system provides based on the encryption and decryption strategy
Processing, this makes it possible under the premise of not upgrading to operation system, for each Webpage that operation system provides, with
Meaning increase, deletion or the corresponding encryption and decryption strategy of dynamic recognition, improve the flexibility of encryption and decryption strategy configuration, reduce
The cost of encryption and decryption strategy upgrading.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The present invention be according to the method for the embodiment of the present invention, the flow chart of equipment (system) and computer program product and/
Or block diagram describes.It should be understood that each process that can be realized by computer program instructions in flowchart and/or the block diagram and/
Or the combination of the process and/or box in box and flowchart and/or the block diagram.It can provide these computer program instructions
To general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices processor to generate one
A machine so that by the instruction that the processor of computer or other programmable data processing devices executes generate for realizing
The device for the function of being specified in one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention
The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention
And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.
Claims (16)
1. a kind of web data encipher-decipher method characterized by comprising
Mark of the browser based on the current accessed page determines encryption and decryption strategy corresponding with the current accessed page,
In, it include the mark of the current accessed page described in unique identification in the encryption and decryption strategy, to encryption and decryption web data attribute
Type set and encryption and decryption scheme, and the encryption and decryption strategy is the strategy periodically updated, it is described to encryption and decryption web data
Attribute type set is for determining the type to encryption and decryption web data and/or described being belonged to encryption and decryption web data
The set of user information;
Browser is based on the encryption and decryption strategy and carries out encryption and decryption processing to web data.
2. the method as described in claim 1, which is characterized in that browser in the mark based on the current accessed page, determine with
Before the corresponding encryption and decryption strategy of the current accessed page, further comprise:
Browser obtains encryption and decryption strategy set from encryption and decryption policy management system.
3. method according to claim 2, which is characterized in that mark of the browser based on the current accessed page, determining and institute
State the corresponding encryption and decryption strategy of the current accessed page, comprising:
Browser obtains the uniform resource position mark URL of the current accessed page;
Browser determines to include described current according to the URL of the current accessed page from the encryption and decryption strategy set
The encryption and decryption strategy of the URL of accession page.
4. the method according to claim 1, which is characterized in that browser is based on the encryption and decryption strategy to webpage
Data carry out encryption and decryption processing, comprising:
Browser, which is directed to, needs to be uploaded to operation system, and belongs to described to encryption and decryption web data attribute type set
First web data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to described the
One web data is encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type,
The encryption key being respectively adopted.
5. method as claimed in claim 4, which is characterized in that browser determines corresponding add according to the encryption and decryption scheme
Key, and first web data is encrypted using the encryption key, comprising:
Browser is directed to web data disclosed in all users, is carried out using all with the public key for the cipher key pair held per family
Encryption;Alternatively,
Browser is directed to web data disclosed in designated user, the public key of the cipher key pair held using the designated user into
Row encryption.
6. the method according to claim 1, which is characterized in that browser is based on the encryption and decryption strategy to webpage
Data carry out encryption and decryption processing, comprising:
Browser is directed to and download from operation system, and described in belonging to encryption and decryption web data attribute type set second
Web data determines corresponding decruption key according to the encryption and decryption scheme, and using the decruption key to second net
Page data is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, respectively
The decruption key of use.
7. method as claimed in claim 6, which is characterized in that browser determines corresponding solution according to the encryption and decryption scheme
Key, and second web data is decrypted using the decruption key, comprising:
Browser is directed to web data disclosed in all users, is carried out using all with the private key for the cipher key pair held per family
Decryption processing;Alternatively,
Browser is directed to web data disclosed in itself, and the private key for the cipher key pair held using itself is decrypted.
8. a kind of web data ciphering and deciphering device characterized by comprising
Determination unit determines encryption and decryption corresponding with the current accessed page for the mark based on the current accessed page
Strategy, wherein include the mark of the current accessed page described in unique identification in the encryption and decryption strategy, to encryption and decryption webpage number
According to attribute type set and encryption and decryption scheme, and the encryption and decryption strategy is the strategy periodically updated, described to encryption and decryption net
Page data attribute type set is for determining to the type of encryption and decryption web data and/or described to encryption and decryption web data institute
The set of the user information of ownership;
Encryption/decryption element, for carrying out encryption and decryption processing to web data based on the encryption and decryption strategy.
9. device as claimed in claim 8, which is characterized in that in the mark based on the current accessed page, determination is worked as with described
Before the corresponding encryption and decryption strategy of preceding accession page, the web data ciphering and deciphering device further comprises: acquiring unit;
The acquiring unit, for obtaining encryption and decryption strategy set from encryption and decryption policy management system.
10. device as claimed in claim 9, which is characterized in that in the mark based on the current accessed page, determination is worked as with described
When the corresponding encryption and decryption strategy of preceding accession page, the determination unit is used for:
Obtain the uniform resource position mark URL of the current accessed page;Added according to the URL of the current accessed page from described
Determined in decryption policy set include the URL of the current accessed page encryption and decryption strategy.
11. such as the described in any item devices of claim 9-10, which is characterized in that be based on the encryption and decryption strategy to webpage number
When according to carrying out encryption and decryption processing, the encryption/decryption element is used for:
For needing to be uploaded to operation system, and belong to first net to encryption and decryption web data attribute type set
Page data determines corresponding encryption key according to the encryption and decryption scheme, and using the encryption key to first webpage
Data are encrypted, wherein when the encryption and decryption scheme is for determining the web data for encrypting each attribute type, adopt respectively
Encryption key.
12. device as claimed in claim 11, which is characterized in that
According to the encryption and decryption scheme, corresponding encryption key is determined, and using the encryption key to the first webpage number
When according to being encrypted, the encryption/decryption element is used for:
For to web data disclosed in all users, carried out at encryption using all with the public key for the cipher key pair held per family
Reason;Alternatively, the public key for the cipher key pair held using the designated user is carried out for web data disclosed in designated user
Encryption.
13. such as the described in any item devices of claim 9-10, which is characterized in that be based on the encryption and decryption strategy to webpage number
When according to carrying out encryption and decryption processing, the encryption/decryption element is used for:
For what is downloaded from operation system, and belong to the second webpage number to encryption and decryption web data attribute type set
According to determining corresponding decruption key, and using the decruption key to second web data according to the encryption and decryption scheme
It is decrypted, wherein when the encryption and decryption scheme is for determining the web data for decrypting each attribute type, be respectively adopted
Decruption key.
14. device as claimed in claim 13, which is characterized in that according to the encryption and decryption scheme, determine corresponding decryption
Key, and using the decruption key second web data is decrypted when, the encryption/decryption element is used for:
For to web data disclosed in all users, place is decrypted using all private keys with the cipher key pair held per family
Reason;Alternatively, for web data disclosed in itself, the private key for the cipher key pair held using itself is decrypted.
15. a kind of calculating equipment characterized by comprising
Memory, for storing program instruction;
Processor, for calling the program instruction stored in the memory, according to acquisition program execute as claim 1 to
7 described in any item methods.
16. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer can
It executes instruction, the computer executable instructions are for making the computer execute side as described in any one of claim 1 to 7
Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810332854.8A CN108768938B (en) | 2018-04-13 | 2018-04-13 | A kind of web data encryption and decryption method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810332854.8A CN108768938B (en) | 2018-04-13 | 2018-04-13 | A kind of web data encryption and decryption method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108768938A CN108768938A (en) | 2018-11-06 |
CN108768938B true CN108768938B (en) | 2019-08-09 |
Family
ID=64010769
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810332854.8A Active CN108768938B (en) | 2018-04-13 | 2018-04-13 | A kind of web data encryption and decryption method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108768938B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112579998B (en) * | 2019-09-30 | 2023-09-26 | 北京京东尚科信息技术有限公司 | Webpage access method, management system and electronic equipment in information interaction platform |
CN111222075A (en) * | 2020-01-15 | 2020-06-02 | 平安普惠企业管理有限公司 | Data transmission method based on multiple Webviews, server and storage medium |
CN112632585B (en) * | 2020-12-31 | 2022-04-01 | 北京海泰方圆科技股份有限公司 | Webpage data transmission system, method, device, medium and equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104506518A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system |
CN105095694A (en) * | 2014-05-14 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Method and system for calling plug-ins by webpages |
CN105516208A (en) * | 2016-01-28 | 2016-04-20 | 邱铭钗 | WEB site link dynamic hiding method and device capable of effectively preventing network attacks |
CN107305610A (en) * | 2016-04-22 | 2017-10-31 | 腾讯科技(深圳)有限公司 | The method and apparatus of access path processing, the methods, devices and systems of automatic machine identification |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FI20155763A (en) * | 2015-10-26 | 2017-04-27 | Online Solutions Oy | METHOD AND SYSTEM FOR VERIFYING THE CERTIFICATE BY SSL PROTOCOL ON THE INTERNET ACCESS TO THE WEBSITE |
-
2018
- 2018-04-13 CN CN201810332854.8A patent/CN108768938B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105095694A (en) * | 2014-05-14 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Method and system for calling plug-ins by webpages |
CN104506518A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system |
CN105516208A (en) * | 2016-01-28 | 2016-04-20 | 邱铭钗 | WEB site link dynamic hiding method and device capable of effectively preventing network attacks |
CN107305610A (en) * | 2016-04-22 | 2017-10-31 | 腾讯科技(深圳)有限公司 | The method and apparatus of access path processing, the methods, devices and systems of automatic machine identification |
Also Published As
Publication number | Publication date |
---|---|
CN108768938A (en) | 2018-11-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11676133B2 (en) | Method and system for mobile cryptocurrency wallet connectivity | |
CN104852925B (en) | Mobile intelligent terminal anti-data-leakage secure storage, backup method | |
US8712041B2 (en) | Content protection apparatus and content encryption and decryption apparatus using white-box encryption table | |
CN106506159A (en) | Encryption method and equipment for key safety | |
CN111314069B (en) | Block chain-based shaking system and method, electronic device and storage medium | |
CN108768938B (en) | A kind of web data encryption and decryption method and device | |
US20170099144A1 (en) | Embedded encryption platform comprising an algorithmically flexible multiple parameter encryption system | |
CN108154038A (en) | Data processing method and device | |
JP2006301992A (en) | Authentication management method and system | |
CN105847000A (en) | Token generation method and communication system based on same | |
CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
CN112422500A (en) | Cross-platform data transmission method and device, storage medium and electronic device | |
US20170200020A1 (en) | Data management system, program recording medium, communication terminal, and data management server | |
CN110266641B (en) | Information reading method, system, device and computer readable storage medium | |
CN105187379B (en) | Password based on multi-party mutual mistrust splits management method | |
JP5678150B2 (en) | User terminal, key management system, and program | |
WO2011058629A1 (en) | Information management system | |
CN102855419A (en) | Copyright protection method for data files of intelligent terminals | |
CN110034922A (en) | Request processing method, processing unit and requests verification method, verifying device | |
CN102724212A (en) | Read-later server realization method, read-later server realization system and read-later read server | |
CN102724328A (en) | Read-later client-side refreshing method, system and device | |
US10043015B2 (en) | Method and apparatus for applying a customer owned encryption | |
JP7325872B1 (en) | Secure computing system, information processing device, computer program, and access right management method | |
CN114125830B (en) | APP data encryption transmission method, device and medium | |
JP4000395B2 (en) | Web3D authoring system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |