CN110035070B - Data processing method and device for car sharing - Google Patents
Data processing method and device for car sharing Download PDFInfo
- Publication number
- CN110035070B CN110035070B CN201910202006.XA CN201910202006A CN110035070B CN 110035070 B CN110035070 B CN 110035070B CN 201910202006 A CN201910202006 A CN 201910202006A CN 110035070 B CN110035070 B CN 110035070B
- Authority
- CN
- China
- Prior art keywords
- car sharing
- target
- carpooling
- key
- service terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
One or more embodiments of the present specification provide a data processing method and apparatus for car sharing, which are applied to a business data processing system including a car sharing service terminal, a car sharing user client, and a security computing module; the method comprises the following steps: a target car sharing user client sends a target car sharing request to the car sharing service terminal, wherein the target car sharing request comprises an identity of the target car sharing user and a target car sharing address encrypted by a target transmission key corresponding to the target car sharing user; the carpooling service terminal sends the target carpooling request to the safety calculation module; the safety calculation module decrypts the target car sharing address based on the target transmission key; and the safety calculation module matches the car sharing addresses of other car sharing users acquired by the safety calculation module based on the decrypted target car sharing address according to preset car sharing user matching logic so as to obtain a car sharing distribution result.
Description
Technical Field
The present disclosure relates to the field of network communication and data processing technologies, and in particular, to a data processing method and apparatus for car pooling.
Background
In actual business application, a car sharing service terminal can be accessed by a plurality of clients or other business processing devices due to processing a plurality of business service types, and data information processed on the car sharing service terminal, especially data information related to a user, is easily acquired by other clients or business processing devices, so that a safety risk of data leakage is caused.
Disclosure of Invention
In view of this, one or more embodiments of the present specification provide a data processing method and apparatus for car pooling, and a computer device.
To achieve the above object, one or more embodiments of the present disclosure provide the following technical solutions:
according to a first aspect of one or more embodiments of the present specification, a data processing method for car sharing is provided, which is applied to a data processing system including a car sharing service terminal, a car sharing user client, and a secure computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
a target car sharing user client sends a target car sharing request to the car sharing service terminal, wherein the target car sharing request comprises an identity of the target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission secret key corresponding to the target car sharing user;
and receiving a carpooling distribution result from the carpooling service terminal.
According to a second aspect of one or more embodiments of the present specification, there is provided a data processing method for car sharing, applied to a data processing system including a car sharing service terminal, a car sharing user client, and a secure computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
the carpooling service terminal receives a target carpooling request sent by a target carpooling user client, wherein the target carpooling request comprises an identity of a target carpooling user and a target carpooling address, and the target carpooling address is encrypted by a target transmission secret key corresponding to the target carpooling user client;
sending the car sharing request data to the safety calculation module;
receiving a carpooling distribution result sent by the safety calculation module;
and sending the carpooling distribution result to the target carpooling user client.
According to a third aspect of one or more embodiments of the present specification, a data processing method for car sharing is provided, which is applied to a data processing system including a car sharing service terminal, a car sharing user client, and a security computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
the safety calculation module acquires a target car sharing request sent by the car sharing service terminal, wherein the target car sharing request comprises an identity of a target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission secret key corresponding to the target car sharing user;
obtaining a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user;
decrypting the target car sharing address based on the target transmission key;
matching the decrypted target car sharing address with the car sharing addresses of other car sharing users acquired by the safety calculation module according to preset car sharing user matching logic to obtain a car sharing distribution result;
and sending the carpooling distribution result to the carpooling service terminal.
According to a fourth aspect of one or more embodiments of the present specification, there is provided a data processing apparatus for car sharing, applied to a data processing system including a car sharing service terminal, a car sharing user client, and a secure computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device is used for a car sharing user client, and comprises:
the system comprises a sending unit, a sharing service terminal and a sharing server, wherein the sending unit is used for sending a target sharing request to the sharing service terminal, the target sharing request comprises an identity of a target sharing user and a target sharing address, and the target sharing address is encrypted by a target transmission key corresponding to the target sharing user;
and the receiving unit is used for receiving the carpooling distribution result from the carpooling service terminal.
According to a fifth aspect of one or more embodiments of the present specification, there is provided a data processing apparatus for car sharing, applied to a data processing system including a car sharing service terminal, a car sharing user client, and a secure computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device is used for the car sharing service terminal, and comprises:
the system comprises a receiving unit, a sending unit and a receiving unit, wherein the receiving unit is used for receiving a target car sharing request sent by a target car sharing user client, the target car sharing request comprises an identity of a target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user client;
the sending unit is used for sending the car pooling request data to the safety calculation module;
the receiving unit is further used for receiving the carpooling allocation result sent by the safety calculation module;
the sending unit is further configured to send the car sharing allocation result to the target car sharing user client.
According to a sixth aspect of one or more embodiments of the present specification, there is provided a data processing apparatus for car sharing, applied to a data processing system including a car sharing service terminal, a car sharing user client, and a secure computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the apparatus is for the secure computing module, comprising:
the system comprises an acquisition unit, a sharing service terminal and a sharing server, wherein the acquisition unit is used for acquiring a target sharing request sent by the sharing service terminal, the target sharing request comprises an identity of a target sharing user and a target sharing address, and the target sharing address is encrypted by a target transmission key corresponding to the target sharing user;
the obtaining unit is further used for obtaining a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user;
a decryption unit that decrypts the target car sharing address based on the target transmission key;
the calculation matching unit is used for matching the decrypted target car sharing address with the car sharing addresses of other car sharing users acquired by the safety calculation module according to preset car sharing user matching logic so as to obtain a car sharing distribution result;
and the sending unit is used for sending the car sharing distribution result to the car sharing service terminal.
According to a seventh aspect of one or more embodiments of the present specification, there is provided a computer device, comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; and when the processor runs the computer program, executing the steps of the data processing method executed by the target car sharing user client.
According to a first aspect of one or more embodiments of the present specification, there is provided a computer apparatus comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; and when the processor runs the computer program, executing the steps of the data processing method executed by the carpooling service terminal.
According to a first aspect of one or more embodiments of the present specification, there is provided a computer apparatus comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; and when the processor runs the computer program, executing the steps of the data processing method executed by the safety computing module.
By applying the data processing method, the device and the computer equipment for car sharing provided by the specification, the safety calculation module is arranged to be connected with the car sharing service terminal, the safety calculation module is utilized to decrypt the encrypted car sharing request acquired by the car sharing service terminal from the user client and perform matching processing on the car sharing user, and the matching processing result is sent back to the user client through the car sharing service terminal. Although the car sharing request related to the car sharing user data privacy security (which may include the car sharing address of the user, which may relate to the user privacy) passes through the car sharing service terminal, the information related to the car sharing user data privacy security transmitted by the car sharing service terminal may be encrypted information, so that the security risks such as data leakage and the like which may occur at the car sharing service terminal are avoided.
Drawings
Fig. 1 is a flowchart of data processing performed by a service data processing system for car pooling provided in an exemplary embodiment of the present specification;
fig. 2 is a schematic diagram of a data processing device applied to a car pool service terminal according to an exemplary embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a data processing device applied to a ride share user client according to an exemplary embodiment of the present disclosure;
FIG. 4 is a schematic diagram of a data processing apparatus applied to a secure computing module according to an exemplary embodiment of the present disclosure;
fig. 5 is a hardware block diagram for implementing one or more embodiments of the service data processing apparatus provided herein.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with one or more embodiments of the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of one or more embodiments of the specification, as detailed in the claims which follow.
It should be noted that: in other embodiments, the steps of the corresponding methods are not necessarily performed in the order shown and described herein. In some other embodiments, the method may include more or fewer steps than those described herein. Moreover, a single step described in this specification may be broken down into multiple steps for description in other embodiments; multiple steps described in this specification may be combined into a single step in other embodiments.
The data processing method described in the embodiments provided in this specification can be applied to a data processing system including a car sharing service terminal, a car sharing user client, and a security calculation module. The car sharing service terminal can comprise a computer device or a computer cluster and other terminals which are set by a shared riding service provider for receiving the car sharing request of the user and carrying out the services of car sharing matching and the like. The car sharing user client is a computer equipment terminal held by the car sharing user for services such as car sharing request lifting and car sharing distribution result receiving. The safety calculation module can be realized by software, or by hardware or a combination of the software and the hardware; taking software implementation as an example, as a module in a logical sense, the module can be formed by integrating the module in the car pooling service terminal and reading a corresponding computer program instruction into a memory for running through a Central Processing Unit (CPU) of the car pooling service terminal; from the hardware aspect, the safety computing module can be a hardware device which is independent of the car sharing service terminal and comprises a CPU, an internal memory and a storage; or a soft-hard combination module sharing hardware facilities with the car pool service terminal part. For example, the processor of the secure computing module is a partial area that is set by dividing in the processor of the car pool service terminal, and the secure computing module is a software and hardware combined computing processing module that is established based on the partial area of the processor, such as an enclave trusted secure computing environment based on an Intel chip.
Fig. 1 is a schematic data processing flow diagram of a service data processing system for car pooling provided in an exemplary embodiment of the present specification. As shown in fig. 1, the car pooling service terminal is in communication connection with the secure computing module, and the car pooling service terminal is in communication connection with the car pooling user client. It should be noted that "communication connection" in the embodiments of the present specification includes, but is not limited to, direct communication connection between terminal devices or between a terminal device and a module, and may also include indirect communication connection between terminal devices or between a terminal device and a module through other terminal devices, and the like.
In this embodiment, the secure computing module and the car sharing user client negotiate a transmission key corresponding to the car sharing user, and the transmission key may be used to encrypt or decrypt service data to be transmitted by communication between the secure computing module and the car sharing user client. Because the transmission key is only obtained by negotiation between the security calculation module and the car sharing user client, the car sharing service terminal cannot decrypt the transmitted or stored service data encrypted by the transmission key because the car sharing service terminal cannot obtain the transmission key, so that the original text of the encrypted service data cannot be obtained.
As shown in fig. 1, a data processing method provided in one or more embodiments of the present specification includes:
102, a target car sharing user client sends a target car sharing request to the car sharing service terminal, wherein the target car sharing request comprises an identity of the target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission secret key corresponding to the target car sharing user.
The identification of the target car sharing user can be a unique identification ID known by the data processing system and used for identifying the target car sharing user. The target car sharing address can comprise information of the journey that the target car sharing user wants to share cars with other users (which can be driver users or riding users), the destination of the car sharing, the starting place of the car sharing and the like. The target car sharing address has personal privacy as the target car sharing address comprises the position or travel information of the target car sharing user; particularly, when the target car sharing address comprises information such as a home address or a company address of the target car sharing user, some car sharing users are reluctant to disclose the target car sharing address information to other car sharing users.
And 104, the carpooling service terminal sends the target carpooling request to the safety calculation module.
And the carpooling service terminal outputs and transmits the target carpooling request to a safety calculation module after acquiring the target carpooling request. As described above, since the car sharing service terminal does not have the target transmission key, the car sharing service terminal cannot know the original text information of the target car sharing address related to the privacy of the target user, thereby preventing the leakage of the target car sharing address information at the car sharing service terminal. In this embodiment, the car sharing service terminal may be directly connected to the security calculation module, and send the target car sharing request including the identity and the target car sharing address of the target car sharing user to the security calculation module.
And 106, the safety calculation module obtains a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user.
Because the security calculation module has negotiated with the car sharing user client a transmission key corresponding to the car sharing user, the security calculation module can obtain a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user.
The process of the secure computing module negotiating the transmission key with the car sharing user client may include:
the carpooling user client sends an encrypted first secret key to the carpooling service terminal, wherein the first secret key is encrypted based on a public key of the safety computing module;
the carpooling service terminal sends the encrypted first secret key to the safety calculation module;
the secure computing module decrypts the encrypted first key based on its own private key to obtain the first key;
and the security calculation module calculates and obtains the transmission key based on the first key according to a preset transmission key calculation rule.
The security calculation module can store the transmission key obtained through negotiation in an area which cannot be accessed by the carpooling service terminal for key management, so that the physical isolation of the transmission key and the carpooling service terminal is achieved; further, for safety, the security calculation module may renegotiate the transmission key with the target car sharing user client periodically or at set target car sharing request sending times of the target user. Or, the target car sharing user client may send the encrypted first key while sending the target car sharing request each time, so that the security calculation module may decrypt the encrypted first key based on its own private key to obtain a transmission key for the current target car sharing request data, and further decrypt the first service data; therefore, the one-time pad can further improve the safety protection of the privacy data contained in the target car sharing data, such as the target car sharing address data.
Those skilled in the art will appreciate that the preset transmission key calculation rule is different, and the way of obtaining the transmission key corresponding to the car pool user based on the first key is also different.
In an illustrative embodiment, the transmission key is equal to the first key. In another illustrated embodiment, the data processing system may engage the security calculation module and the car pool user client to use the same elliptic curve cryptography algorithm and DH exchange key in the base point selection as the transmission key for encrypting the service data (e.g., the target car pool address data); when a DH exchange key is used as a transmission key, the product of the public key of the safety calculation module and the private key of the car sharing user client side is the same as the product of the private key of the safety calculation module and the public key of the car sharing user client side, and both the products can be used as the transmission key; therefore, as long as the public key of the car sharing user client is obtained, the safety calculation module can perform operations such as decryption of the service data and encryption of the service data processing result based on the product of the private key of the safety calculation module and the public key of the car sharing user client.
Further, the client of the car sharing user can periodically replace the public key-private key pair so as to improve the safety factor of service data transmission. Similarly, the process of negotiating the transmission key with the secure computing module by the car pool user client based on the replacement public key (hereinafter referred to as a random public key) may include:
the carpooling user client sends the encrypted random public key to the carpooling service terminal, wherein the random public key is encrypted based on the public key of the safety calculation module;
the carpooling service terminal sends the encrypted random public key to the safety calculation module again;
the security calculation module decrypts the encrypted random public key based on a private key of the security calculation module to obtain the random public key;
and the safety calculation module calculates the product of the random public key and the private key of the safety calculation module to obtain the transmission key.
Similarly, the random public key of the car sharing user client can be replaced periodically, or one-time pad is realized, so that the safety of service data transmission is further improved; the detailed process is not described herein.
In addition to the specific processes of negotiating the transmission key with the car-sharing user client by the security computing module according to the above embodiments, other specific negotiation processes that may occur to those skilled in the art based on the existing encryption technology should fall within the protection scope of negotiating the transmission key described in this specification.
And 108, the safety calculation decrypts the target car sharing address based on the target transmission key.
And 110, the safety calculation module matches the car sharing addresses of other car sharing users acquired by the safety calculation module based on the decrypted target car sharing address according to preset car sharing user matching logic so as to obtain a car sharing allocation result.
The safety calculation module may obtain target car sharing addresses of a plurality of users to be car shared according to the method described in steps 102 to 108 of this embodiment, and then match other car sharing users that meet the matching logic of the car sharing users for the target car sharing users according to the matching logic of the car sharing users preset by the system. The specification does not limit the specific content of the car sharing user matching logic, and the safety calculation module can match other car sharing users meeting the system threshold setting for the users based on the indexes of the starting position similarity, the end position similarity, the travel similarity and the like of each user to be car shared.
As will be readily appreciated by those skilled in the art, the above-mentioned car sharing allocation result may include notification-type messages such as car sharing success or car sharing failure, and may further include identities of other car sharing users who can participate in car sharing with the target car sharing user, or other information of the above-mentioned other car sharing users. In a further illustrated embodiment, the car pool allocation result may further include, by authorization of another car pool user, a target car pool address of another car pool user who can participate in car pool with the target car pool user, wherein, in order to keep target car pool address information of the another car pool user secret to the car pool service terminal, the target car pool address of the another car pool user is encrypted by the security calculation module based on the target transmission key.
And step 112, the safety calculation module sends the car sharing distribution result to the car sharing service terminal.
And step 114, the car sharing service terminal sends the car sharing distribution result to the car sharing user client.
When the car sharing allocation result includes the address information of other car sharing participating users encrypted by the target transmission key, the method of this embodiment further includes step 116, where the car sharing user client decrypts the target car sharing address based on the target transmission key.
In the embodiment, the safety calculation module is arranged to decrypt the car sharing request data and perform car sharing user matching calculation processing based on the car sharing request data inside the safety calculation module, and send the car sharing distribution result back to the user client. In the process, the data information (at least comprising the address information of the car sharing user) related to the privacy of the car sharing user is invisible to the car sharing service terminal, so that the data information (at least comprising the address information of the car sharing user) related to the privacy of the car sharing user is ensured not to be leaked at the car sharing service terminal.
As mentioned above, the above-mentioned safety calculation module can be implemented by software independently operated by the car sharing service terminal, so as to achieve data isolation at a software level; in order to further improve the data security of the data processing of the safety computing module, the safety computing module can be combined with the car sharing service terminal in a mode of sharing part of hardware or not sharing independent hardware.
The form of independent hardware not sharing hardware can be understood as that the safety computing module runs on independent terminal equipment completely, and the safety computing module and the car sharing service terminal can be connected through communication modules of all terminals. The form of partially shared hardware has become possible with the evolution of computer processor technology: for example, the car pool service terminal can encapsulate the legal business data calculation processing program in a trusted computing environment of the CPU to protect the CPU from being attacked by malicious software or programs, and the trusted computing environment cannot be accessed by privileged or non-privileged software or programs, that is, once the business processing program and the business data are located in the trusted computing environment, even an operating system or a vmm (hypervisor) cannot affect codes and data in the trusted computing environment.
Through the trusted computing environment division technology, the processor of the safety computing module divides a set partial area for the processor of the car-sharing service terminal, and physical isolation of the service data and the processing of the service data to the car-sharing service terminal is achieved physically. Compared with a completely independent hardware terminal mode, the implementation mode of setting the safety computing module based on the trusted computing environment technology is convenient to develop and reduces the operation cost; belonging to the preferred embodiments provided in the specification.
Corresponding to the above flow implementation, the embodiments of the present specification further provide various data processing apparatuses. The above-mentioned means can be implemented by software, and also can be implemented by hardware or by a combination of software and hardware. Taking a software implementation as an example, the logical device is formed by reading a corresponding computer program instruction into a memory for running through a Central Processing Unit (CPU) of the device. In terms of hardware, the device in which the data processing apparatus is located generally includes other hardware such as a chip for transmitting and receiving wireless signals and/or other hardware such as a board for realizing a network communication function, in addition to the CPU, the memory, and the storage shown in fig. 5.
FIG. 2 shows a data processing apparatus 20 for car sharing provided in the present specification, which is applied to a data processing system including a car sharing service terminal, a car sharing user client, and a security computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device 20 is used for a car sharing user client, and comprises:
a sending unit 202, configured to send a target car-sharing request to the car-sharing service terminal, where the target car-sharing request includes an identity of the target car-sharing user and a target car-sharing address, and the target car-sharing address is encrypted by a target transmission key corresponding to the target car-sharing user;
a receiving unit 204, configured to receive a car pooling allocation result from the car pooling service terminal.
In yet another illustrated embodiment, the ride share allocation result includes identities of other ride share users that may participate in ride sharing with the target ride share user.
In a further illustrated embodiment, the ride share allocation result further comprises target ride share addresses of other ride share users who can participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the security calculation module based on the target transmission key;
the device further comprises: a decryption unit 206, configured to decrypt the target car pool address based on the target transmission key.
FIG. 3 illustrates a data processing apparatus 30 for car pooling provided in a further embodiment of the present specification, applied to a data processing system comprising a car pooling service terminal, a car pooling user client, and a security computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device 30 is used for the car pooling service terminal, and comprises:
a receiving unit 302, configured to receive a target car sharing request sent by a target car sharing user client, where the target car sharing request includes an identity and a target car sharing address of the target car sharing user, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user client;
a sending unit 304, configured to send the car pooling request data to the safety computing module;
the receiving unit 302 is further configured to receive a car pooling allocation result sent by the security calculating module;
the sending unit 304 is further configured to send the car-sharing allocation result to the target car-sharing user client.
In yet another illustrated embodiment, the ride share allocation result includes identities of other ride share users that may participate in ride sharing with the target ride share user.
In a further illustrated embodiment, the ride share allocation result further comprises target ride share addresses of other ride share users who can participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the security calculation module based on the target transmission key;
FIG. 4 illustrates a data processing apparatus 40 for car pooling provided by a further embodiment of the present specification, applied to a data processing system comprising a car pooling service terminal, a car pooling user client, and a security computing module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the apparatus 40 is for the secure computing module, and includes:
an obtaining unit 402, configured to obtain a target car sharing request sent by the car sharing service terminal, where the target car sharing request includes an identity and a target car sharing address of the target car sharing user, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user;
the obtaining unit 402 is further configured to obtain a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user;
a decryption unit 404 that decrypts the target car pool address based on the target transmission key;
the calculation matching unit 406 is used for matching the decrypted target car sharing address with the car sharing addresses of other car sharing users acquired by the safety calculation module according to a preset car sharing user matching logic so as to obtain a car sharing allocation result;
a sending unit 406, configured to send the car pooling allocation result to the car pooling service terminal.
In yet another illustrated embodiment, the ride share allocation result includes identities of other ride share users that may participate in ride sharing with the target ride share user.
In a further illustrated embodiment, the ride share allocation result further comprises target ride share addresses of other ride share users who can participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the security calculation module based on the target transmission key.
The implementation processes of the functions and actions of each unit in each device are specifically described in the implementation processes of corresponding steps in the method, and related parts are described in part of the description of the method embodiment, which is not described herein again.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the units or modules can be selected according to actual needs to achieve the purpose of the solution in the specification. One of ordinary skill in the art can understand and implement it without inventive effort.
The apparatuses, units and modules illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
Corresponding to the method embodiment, the embodiment of the present specification further provides a computer device, which includes a memory and a processor. Wherein the memory has stored thereon a computer program executable by the processor; the processor executes the steps of the service data processing method executed by the carpooling service terminal in the embodiment of the present specification when running the stored computer program. For a detailed description of each step of the service data processing method executed by the car-sharing service terminal, please refer to the previous contents, which are not repeated.
Corresponding to the method embodiment, the embodiment of the present specification further provides a computer device, which includes a memory and a processor. Wherein the memory has stored thereon a computer program executable by the processor; the processor executes the steps of the service data processing method executed by the car pooling user client in the embodiment of the present specification when running the stored computer program. For a detailed description of each step of the service data processing method executed by the client of the car-sharing user, please refer to the previous contents, which are not repeated.
Corresponding to the method embodiment, the embodiment of the present specification further provides a computer device, which includes a memory and a processor. Wherein the memory has stored thereon a computer program executable by the processor; the processor executes the steps of the business data processing method executed by the security computation module in the embodiments of the present specification when running the stored computer program. For detailed descriptions of the steps of the service data processing method executed by the security computing module, please refer to the previous contents, and they are not repeated.
The above description is only a preferred embodiment of the present disclosure, and should not be taken as limiting the present disclosure, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data.
Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
Claims (24)
1. A data processing method for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
the target car sharing user client sends a target car sharing request to the car sharing service terminal; the target car sharing request comprises an identity of the target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user; when the carpooling service terminal receives the target carpooling request, the target carpooling request is sent to the safety calculation module, a target transmission key corresponding to the target carpooling user is obtained by the safety calculation module based on the identity, the target carpooling address is decrypted based on the target transmission key, and the decrypted target carpooling address is matched with the carpooling addresses of other carpooling users obtained by the safety calculation module based on the preset matching logic of the carpooling user so as to obtain a carpooling distribution result, and the carpooling distribution result is returned to the carpooling service terminal;
and receiving the carpooling distribution result from the carpooling service terminal.
2. The method of claim 1, the process by which the secure computing module negotiates with the ride share user client to obtain a transport key corresponding to the ride share user, comprising:
the carpooling user client sends an encrypted first secret key to the carpooling service terminal, wherein the first secret key is encrypted based on a public key of the safety computing module;
the carpooling service terminal sends the encrypted first secret key to the safety calculation module;
the secure computing module decrypts the encrypted first key based on its own private key to obtain the first key;
and the security calculation module calculates and obtains the transmission key based on the first key according to a preset transmission key calculation rule.
3. The method of claim 2, the transport key being equal to the first key.
4. The method according to claim 2, wherein the first key is a random public key selected by the car-sharing user client, the transmission key is a product of the random public key and a private key of the security computing module, and the product is equal to a product of a random private key corresponding to the random public key and a public key of the security computing module.
5. The method of any of claims 1-4, the ride share allocation result comprising identities of other ride share users that may participate in ride sharing with the target ride share user.
6. The method of claim 5, the ride share allocation result further comprising target ride share addresses of other ride share users that may participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the secure computing module based on the target transmission key;
the method further comprises the following steps: and the carpooling user client decrypts the target carpooling address based on the target transmission key.
7. A data processing method for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
the carpooling service terminal receives a target carpooling request sent by a target carpooling user client, wherein the target carpooling request comprises an identity of a target carpooling user and a target carpooling address, and the target carpooling address is encrypted by a target transmission secret key corresponding to the target carpooling user client;
sending the target car sharing request to the safety calculation module; the safety calculation module obtains a target transmission key corresponding to the target car sharing user based on the identity, decrypts the target car sharing address based on the target transmission key, and matches the decrypted target car sharing address with car sharing addresses of other car sharing users obtained by the safety calculation module based on preset car sharing user matching logic so as to obtain a car sharing distribution result, and the car sharing distribution result is returned to the car sharing service terminal;
receiving a carpooling distribution result sent by the safety calculation module;
and sending the carpooling distribution result to the target carpooling user client.
8. The method of claim 7, wherein the process by which the secure computing module negotiates with the ride share user client to obtain a transport key corresponding to the ride share user comprises:
the carpooling user client sends an encrypted first secret key to the carpooling service terminal, wherein the first secret key is encrypted based on a public key of the safety computing module;
the carpooling service terminal sends the encrypted first secret key to the safety calculation module;
the secure computing module decrypts the encrypted first key based on its own private key to obtain the first key;
and the safety calculation module obtains the transmission key based on the first key according to a preset transmission key calculation rule.
9. The method of claim 8, the transport key being equal to the first key.
10. The method according to claim 8, wherein the first key is a random public key selected by the car-sharing user client, the transmission key is a product of the random public key and a private key of the security computing module, and the product is equal to a product of a random private key corresponding to the random public key and a public key of the security computing module.
11. The method of any of claims 7 to 10, the ride share allocation result comprising identities of other ride share users that can participate in ride sharing with the target ride share user.
12. The method of claim 11, the ride share allocation result further comprising target ride share addresses of other ride share users that may participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the secure computing module based on the target transport key.
13. A data processing method for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the method comprises the following steps:
the safety calculation module acquires a target car sharing request sent by the car sharing user client to the car sharing service terminal, wherein the target car sharing request comprises an identity of the target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user;
obtaining a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user;
decrypting the target car sharing address based on the target transmission key;
matching the decrypted target car sharing address with the car sharing addresses of other car sharing users acquired by the safety calculation module according to preset car sharing user matching logic to obtain a car sharing distribution result;
sending the car sharing distribution result to the car sharing service terminal; and the carpooling service terminal sends the carpooling distribution result to the target carpooling user client.
14. The method of claim 13, wherein the process by which the secure computing module negotiates with the ride share user client to obtain a transport key corresponding to the ride share user comprises:
the carpooling user client sends an encrypted first secret key to the carpooling service terminal, wherein the first secret key is encrypted based on a public key of the safety computing module;
the carpooling service terminal sends the encrypted first secret key to the safety calculation module;
the secure computing module decrypts the encrypted first key based on its own private key to obtain the first key;
and the safety calculation module obtains the transmission key based on the first key according to a preset transmission key calculation rule.
15. The method of claim 14, the transport key being equal to the first key.
16. The method according to claim 14, wherein the first key is a random public key selected by the car-sharing user client, the transmission key is a product of the random public key and a private key of the secure computing module, and the product is equal to a product of a random private key corresponding to the random public key and a public key of the secure computing module.
17. The method of any of claims 13-16, the ride share allocation result comprising identities of other ride share users that can participate in ride sharing with the target ride share user.
18. The method of claim 17, the ride share allocation further comprising target ride share addresses of other ride share users that may participate in ride sharing with the target ride share user, wherein the target ride share addresses of the other ride share users are encrypted by the secure computing module based on the target transport key;
the method further comprises the following steps: and the carpooling user client decrypts the target carpooling address based on the target transmission key.
19. A data processing device for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device is used for a car sharing user client, and comprises:
the sending unit is used for sending a target car sharing request to the car sharing service terminal; the target car sharing request comprises an identity of the target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user; when the carpooling service terminal receives the target carpooling request, the target carpooling request is sent to the safety calculation module, a target transmission key corresponding to the target carpooling user is obtained by the safety calculation module based on the identity, the target carpooling address is decrypted based on the target transmission key, and the decrypted target carpooling address is matched with the carpooling addresses of other carpooling users obtained by the safety calculation module based on the preset matching logic of the carpooling user so as to obtain a carpooling distribution result, and the carpooling distribution result is returned to the carpooling service terminal;
and the receiving unit is used for receiving the car sharing distribution result from the car sharing service terminal.
20. A data processing device for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the device is used for the car sharing service terminal, and comprises:
the system comprises a receiving unit, a sending unit and a receiving unit, wherein the receiving unit is used for receiving a target car sharing request sent by a target car sharing user client, the target car sharing request comprises an identity of a target car sharing user and a target car sharing address, and the target car sharing address is encrypted by a target transmission key corresponding to the target car sharing user client;
the sending unit is used for sending the target car sharing request to the safety computing module; the safety calculation module obtains a target transmission key corresponding to the target car sharing user based on the identity, decrypts the target car sharing address based on the target transmission key, and matches the decrypted target car sharing address with car sharing addresses of other car sharing users obtained by the safety calculation module based on preset car sharing user matching logic so as to obtain a car sharing distribution result, and the car sharing distribution result is returned to the car sharing service terminal;
the receiving unit is further used for receiving the carpooling allocation result sent by the safety calculation module;
the sending unit is further configured to send the car sharing allocation result to the target car sharing user client.
21. A data processing device for car sharing is applied to a data processing system comprising a car sharing service terminal, a car sharing user client and a safety calculation module; the car sharing service terminal is in communication connection with the safety calculation module and is in communication connection with the car sharing user client; the safety calculation module and the car sharing user client negotiate a transmission key corresponding to the car sharing user; the apparatus is for the secure computing module, comprising:
the system comprises an acquisition unit, a sharing service terminal and a sharing server, wherein the acquisition unit is used for acquiring a target sharing request sent by a sharing user client to the sharing service terminal, the target sharing request comprises an identity and a target sharing address of a target sharing user, and the target sharing address is encrypted by a target transmission key corresponding to the target sharing user;
the obtaining unit is further used for obtaining a target transmission key corresponding to the target car sharing user based on the identity of the target car sharing user;
a decryption unit that decrypts the target car sharing address based on the target transmission key;
the calculation matching unit is used for matching the decrypted target car sharing address with the car sharing addresses of other car sharing users acquired by the safety calculation module according to preset car sharing user matching logic so as to obtain a car sharing distribution result;
the sending unit is used for sending the car sharing distribution result to the car sharing service terminal; and the carpooling service terminal sends the carpooling distribution result to the target carpooling user client.
22. A computer device, comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; the processor, when executing the computer program, performs the method of any of claims 1 to 6.
23. A computer device, comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; the processor, when executing the computer program, performs the method of any of claims 7 to 12.
24. A computer device, comprising: a memory and a processor; the memory having stored thereon a computer program executable by the processor; the processor, when executing the computer program, performs the method of any of claims 13 to 18.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910202006.XA CN110035070B (en) | 2019-03-18 | 2019-03-18 | Data processing method and device for car sharing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910202006.XA CN110035070B (en) | 2019-03-18 | 2019-03-18 | Data processing method and device for car sharing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110035070A CN110035070A (en) | 2019-07-19 |
| CN110035070B true CN110035070B (en) | 2021-07-23 |
Family
ID=67236173
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910202006.XA Active CN110035070B (en) | 2019-03-18 | 2019-03-18 | Data processing method and device for car sharing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110035070B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103546515A (en) * | 2012-07-16 | 2014-01-29 | 上海博讯信息技术有限公司 | Real-time car-sharing system |
| CN104484902A (en) * | 2014-12-03 | 2015-04-01 | 广州万客达电子科技有限公司 | Cloud-based car-sharing cost calculating and processing method |
| CN106339763A (en) * | 2016-08-12 | 2017-01-18 | 北京东方车云信息技术有限公司 | Carpooling method, passenger side and server side |
| CN107172210A (en) * | 2017-07-06 | 2017-09-15 | 安徽超清科技股份有限公司 | A kind of car sharing service system |
| CN107508796A (en) * | 2017-07-28 | 2017-12-22 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
| CN107610453A (en) * | 2017-08-31 | 2018-01-19 | 武汉斑马快跑科技有限公司 | A kind of share-car method and system based on the positioning of closely bluetooth hot spot |
| CN107924339A (en) * | 2015-08-12 | 2018-04-17 | 微软技术许可有限责任公司 | Data center's privacy |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102903046A (en) * | 2011-07-25 | 2013-01-30 | 上海博路信息技术有限公司 | Real-time car pooling system for mobile terminal |
| US9127958B2 (en) * | 2013-01-03 | 2015-09-08 | Sap Se | Shared ride driver determination |
| CN103761873B (en) * | 2014-02-13 | 2016-04-20 | 王中胜 | Carpooling system and utilize the share-car method of this Carpooling system |
| CN105553951B (en) * | 2015-12-08 | 2019-11-08 | 腾讯科技(深圳)有限公司 | Data transmission method and device |
| CN108566383B (en) * | 2018-03-22 | 2020-11-10 | 西安电子科技大学 | Privacy protection system and method for online taxi-taking service |
-
2019
- 2019-03-18 CN CN201910202006.XA patent/CN110035070B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103546515A (en) * | 2012-07-16 | 2014-01-29 | 上海博讯信息技术有限公司 | Real-time car-sharing system |
| CN104484902A (en) * | 2014-12-03 | 2015-04-01 | 广州万客达电子科技有限公司 | Cloud-based car-sharing cost calculating and processing method |
| CN107924339A (en) * | 2015-08-12 | 2018-04-17 | 微软技术许可有限责任公司 | Data center's privacy |
| CN106339763A (en) * | 2016-08-12 | 2017-01-18 | 北京东方车云信息技术有限公司 | Carpooling method, passenger side and server side |
| CN107172210A (en) * | 2017-07-06 | 2017-09-15 | 安徽超清科技股份有限公司 | A kind of car sharing service system |
| CN107508796A (en) * | 2017-07-28 | 2017-12-22 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
| CN107610453A (en) * | 2017-08-31 | 2018-01-19 | 武汉斑马快跑科技有限公司 | A kind of share-car method and system based on the positioning of closely bluetooth hot spot |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110035070A (en) | 2019-07-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111181720B (en) | Service processing method and device based on trusted execution environment | |
| US9537918B2 (en) | File sharing with client side encryption | |
| US10069806B2 (en) | Secure transfer and use of secret material in a shared environment | |
| EP3574434B1 (en) | Addressing a trusted execution environment using encryption key | |
| EP3574622B1 (en) | Addressing a trusted execution environment | |
| US10609006B2 (en) | Self-encrypting key management system | |
| US10122713B2 (en) | Method and device for the secure authentication and execution of programs | |
| CN113095749A (en) | Logistics information transmission method, system and device based on block chain | |
| US20160294794A1 (en) | Security System For Data Communications Including Key Management And Privacy | |
| US20150082024A1 (en) | Technologies for synchronizing and restoring reference templates | |
| CN106888183A (en) | Data encryption, decryption, the method and apparatus and system of key request treatment | |
| CN109729041B (en) | Method and device for issuing and acquiring encrypted content | |
| CN111475850B (en) | Intelligent contract-based privacy data query method and device | |
| US10298551B1 (en) | Privacy-preserving policy enforcement for messaging | |
| KR20190108580A (en) | Addressing Techniques for Trusted Execution Environments Using Signature Keys | |
| US10063655B2 (en) | Information processing method, trusted server, and cloud server | |
| CN107026730B (en) | Data processing method, device and system | |
| CN113312655A (en) | File transmission method based on redirection, electronic equipment and readable storage medium | |
| CN112995109B (en) | Data encryption system, data encryption method, data processing device and electronic equipment | |
| Patil et al. | Demystifying user data privacy in the world of IOT | |
| CN110035070B (en) | Data processing method and device for car sharing | |
| CN116647567A (en) | Privacy protection set intersection method and device | |
| CN114615087A (en) | Data sharing method, device, equipment and medium | |
| CN115001716B (en) | Network data processing method and system of education all-in-one machine and education all-in-one machine | |
| CN114257457B (en) | File sharing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201020 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20201020 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |