CN114418571A - Transaction data rapid auditing and checking method - Google Patents
Transaction data rapid auditing and checking method Download PDFInfo
- Publication number
- CN114418571A CN114418571A CN202210053753.3A CN202210053753A CN114418571A CN 114418571 A CN114418571 A CN 114418571A CN 202210053753 A CN202210053753 A CN 202210053753A CN 114418571 A CN114418571 A CN 114418571A
- Authority
- CN
- China
- Prior art keywords
- key
- information
- data
- user
- key1
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000012795 verification Methods 0.000 claims abstract description 32
- 230000005540 biological transmission Effects 0.000 claims abstract description 5
- 238000007726 management method Methods 0.000 claims description 35
- 239000011159 matrix material Substances 0.000 claims description 30
- 230000006870 function Effects 0.000 claims description 26
- 230000008569 process Effects 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 238000012550 audit Methods 0.000 claims description 4
- 229910002056 binary alloy Inorganic materials 0.000 claims description 3
- 230000008859 change Effects 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 230000017105 transposition Effects 0.000 claims description 3
- 238000013524 data verification Methods 0.000 abstract description 8
- 230000003993 interaction Effects 0.000 abstract description 4
- 238000006467 substitution reaction Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The invention provides a transaction data rapid auditing and checking method, which constructs an auditing and checking method for transaction data interaction between systems, ensures the safety of data transmission between systems, and meanwhile, the checking method can be suitable for any subsystem for transaction data checking, and ensures the flexibility of the transaction data auditing and checking method. The provided data verification algorithm with encryption overcomes the rule difference of data verification among different systems, ensures the rapidity and the safety of verification, can reduce the space complexity, provides higher safety and ensures the information safety of online shopping of users.
Description
Technical Field
The invention belongs to the technical field of transaction data verification, and particularly relates to a faster and more accurate auditing and verifying method for transaction data.
Background
With the rapid development of the internet and information technology, online shopping has become an important part of people's daily life, and the participants of e-commerce platform include: common users, suppliers, platform service providers and third party regulatory agencies. Each party participant has a corresponding business system, and a single service system can not meet business requirements, so that transaction data is transmitted between the service systems by using a micro-service architecture.
In the data interaction process of the e-commerce system, according to the service requirements, each service needs to verify transaction data, the data processing operation can be performed only when the verification data is valid, otherwise, the data processing operation cannot be performed, but if the verification rules of each platform are not uniform, the flexibility of data verification is low when data transmission between different systems is caused. In summary, both flexibility and security of the transaction data should be ensured, so a method for quickly auditing and verifying the transaction data is urgently needed to solve the above problems.
Disclosure of Invention
The invention aims to solve the problems in the prior art and provides a method for quickly auditing and verifying transaction data. And further overcomes the defects of low safety and poor flexibility of the transaction data verification method in the prior art to a certain extent.
The invention provides a method for quickly auditing and verifying transaction data, which is applied to verification of transaction data among subsystems. The method is realized by the following technical scheme:
step 1: the system adopts a micro-service architecture with completely separated front and back ends, all data are transmitted through asynchronous interfaces, and the transaction system comprises the following subsystems: the user management system comprises: managing all registered user information, including provider user information; the mall service system: managing contents such as commodity classification information, commodity information, order information, payment information and the like; an inventory management system: managing inventory information of all commodities, managing warehouse information, shelf information and the like; the logistics management system comprises: all the logistics information for the traded orders, including the node for each logistics information for each order.
Step 2: when a user uses the system, the user first needs to register an account and log in the system. When registering, inputting information such as user name and password, submitting the information to a user management system, and encrypting the password of the user by using an AES (advanced encryption standard) encryption algorithm by the user management system and storing the encrypted password in a database. When a user logs in, a user name and a password also need to be input, the user name and the password are submitted to a user management system, the password input by the user is encrypted by the user management system and is compared with the password stored by a server for verification, if the verification is passed, the system is normally used, and if the verification is failed, the system cannot be accessed;
the AES encryption algorithm in the step 2 comprises the following steps:
2.1, carrying out XOR operation on the key and the original text, wherein the original text is 128 bits, and the ciphertext is also 128 bits, firstly carrying out XOR operation on the main key and the original text, and then generating a 40-bit sub-key by using the main key;
step 2.2 if i is not a multiple of 4, then column i is given the following equation:
w [ i ] ═ W [ i-4] XOR W [ i-1] (XOR means exclusive or, the same applies below);
step 2.3 if i is a multiple of 4, then column i uses the following equation:
W[i]=W[i-4]XOR T(W[i-1]);
the T () function consists of three parts, word circulation, byte substitution and round constant substitution XOR;
a. word circulation: the 4 bytes in 1 word are cyclically shifted left by 1 byte. Converting the input words [ a0, a1, a2, a3] into [ a1, a2, a3, a0 ];
b. byte substitution: carrying out byte substitution on the result of the word circulation by using an S box;
c. round constant XOR: the results of the first two steps are subjected to XOR with the round constants;
step 3, after browsing the commodity information, the user performs order placing operation on the psychographic commodity, submits an order to a mall service system, and generates order information;
step 4, successfully generating an order, constructing a payment request, sending the payment request to a third-party payment system by the mall service system, displaying payment information by a user side, inputting a payment password by the user, confirming payment, finishing payment transaction by the third-party payment system, and returning a transaction result to the mall service system;
wherein, the transaction data verification is related to in the step 4, and the verification rule of the third party payment system needs to be met, and the verification steps are as follows:
step 4.1, acquiring a payment signature from a third party payment system;
step 4.2, the service system signs the transaction data by using a private key, then initiates payment and submits the data to a third party payment system;
4.3, after the third-party payment system receives the data, using the public key to check the transaction data;
4.4, after the third party payment system verifies that the data are correct, processing the data and then returning the payment result data to the service system;
step 4.5, after receiving the transaction result, the mall service system uses the public key of the third-party payment system to check and sign, obtains the transaction result and stores the data result to the mall service system;
and 5: the mall service system sends the transaction result data to the inventory management system to change inventory information;
step 6: the inventory management system sends the order information to a logistics management system to generate logistics information;
the above steps 5 and 6 require fast and safe auditing and checking on transaction data when the transaction data between the systems are transmitted. Assuming that the system A sends data to the system B, the steps are as follows:
step 5.1: the system A converts transaction data generated in a transaction process into a json form;
step 5.2: taking a well agreed key of the system A and the system B as a key1, wherein the cycle number R is 0;
step 5.3: acquiring the length L of the key 1;
step 5.4: circularly executing the algorithm of the step 5.5 until R is greater than L/2;
step 5.5: when R < ═ L/2;
step 5.5.1, acquiring a new key from the random key generation function as key 2;
for the algorithm of the random key generation function of step 5.5.1, the steps are as follows:
step 5.5.1.1: reading the key1 sent as a parameter;
step 5.5.1.2: find length L of key 1;
step 5.5.1.3: the key1 is now processed using the reverse function, obtaining a new reverse key called key _ rev;
step 5.5.1.4: converting each character of key1 into a corresponding ASCII code;
step 5.5.1.5: calculating an ASCII sequence of each character of randomNo ∑ key 1;
step 5.5.1.6: obtaining the sum of randomNo, and defining the sum as sum;
step 5.5.1.7: finding a modulo of randomNo, defined as m ═ mod (randomNo, L);
step 5.5.1.8: applying the matrixes on the key1 and the key _ rev to generate a new application matrix _ key;
step 5.5.1.9: adding the modulus m of the random sum to each bit of the matrix _ key, and defining the matrix _ key _ rev;
step 5.5.1.10: performing exclusive-or operation on the matrix _ key and the matrix _ key _ rev;
step 5.5.1.11: obtaining a new matrix as a new _ matrix result _ matrix;
step 5.5.1.12: binary conversion is carried out on result _ matrix to characters and the characters are stored in a new matrix as key 2;
step 5.5.1.13: returning to key 2.
Step 5.5.2: calling random key selection functions (key1, key 2);
the steps for the step 5.5.2 random key selection function algorithm are as follows:
step 5.5.2.1: reading the two numbers of key1 and key2 obtained in the step;
step 5.5.2.2: each character of key1 and key2 is converted to its equivalent ASCII code,
step 5.5.2.3: then converting into binary system again;
step 5.5.2.4: the least significant bits of the entire key of the translated keys 1 and 2, such as Lowv1 and Lowv2,
step 5.5.2.5: if Lowv1 ≠ Lowv2, key1 is selected for return, and if Lowv1 ≠ Lowv2, key2 is selected for return.
Step 5.5.3: now, key is a value obtained by calling the random key selection function (key1, key 2).
Step 5.5.4: the transpose function (key) is now called to obtain the final key to be encrypted/interfaced.
The transposition function algorithm for step 5.5.4 steps are as follows:
step 5.5.4.1: redefines the incoming parameter key as key1,
step 5.5.4.2: reading 1.5.1.6 the sum of the random numbers, reading each character of the sum separately;
step 5.5.4.3: the character of key1 is interchanged with the character of the (value-1) index of the corresponding number,
step 5.5.4.4: increase the index of key1 and sum by 1;
step 5.5.4.5: repeating steps 5.5.4.3 and 5.5.4.4 until the last index of the key;
step 5.5.4.6: finally, obtaining a check code to be encrypted;
step 5.5.5: executing R +1, and returning the check code as key1 to continue the next cycle;
step 5.5.6: ending circulation until the condition R & lt/2 & gt is not met, and returning to the final check code key;
step 5.6: the system A adds the final check code key _ a returned in the step 5.5 into a json string of the transaction data among the systems and sends the json string to the system B;
step 5.7: the system B receives the data transmitted by the system A, processes the transaction data except the check code, and operates and executes once again according to the steps from 5.2 to 5.5 to obtain the check code key _ B of the system B;
step 5.8: the system B compares the check code key _ B with the key _ a check code sent by the system A, and if the check code key _ B is consistent with the key _ a check code sent by the system A, the verification is passed; if the two are not consistent, the data is determined to be illegal data;
and 7: the user will see the order information and the payment result on the page.
Besides, the application also provides a computing device and a computer-readable storage medium corresponding to the transaction data rapid auditing and checking method, and the computing device and the computer-readable storage medium comprise a processor and a memory, wherein the memory stores computer-executable instructions capable of being executed by the processor, and the processor executes the computer-executable instructions to realize the transaction data checking method. When the computer executable instructions are called and executed by the processor, the computer executable instructions cause the processor to realize the method for quickly auditing and verifying the transaction data.
Compared with the prior art, the invention has the beneficial effects that: an auditing and checking method for transaction data interaction between systems is constructed, the safety of data transmission between systems is ensured, meanwhile, the checking method can be suitable for any subsystem for transaction data checking, and the flexibility of the transaction data auditing and checking method is ensured. The provided data verification algorithm with encryption ensures that the rapidity and the safety of verification are ensured when transaction data are transmitted among different systems, the space complexity can be reduced, higher safety is provided, and the information safety of users in online shopping is ensured.
Drawings
FIG. 1 is a business flow diagram;
FIG. 2 user login authentication;
FIG. 3 a user payment timing diagram.
Detailed Description
The invention is described in further detail below with reference to the accompanying figures 1-3:
the invention provides a method for quickly auditing and verifying transaction data, which is applied to verification of transaction data among subsystems. The method is realized by the following technical scheme:
step 1: the system adopts a micro-service architecture with completely separated front and back ends, all data are transmitted through asynchronous interfaces, and the transaction system comprises the following subsystems: the user management system comprises: managing all registered user information, including provider user information; the mall service system: managing contents such as commodity classification information, commodity information, order information, payment information and the like; an inventory management system: managing inventory information of all commodities, managing warehouse information, shelf information and the like; the logistics management system comprises: all the logistics information for the traded orders, including the node for each logistics information for each order.
Step 2: when a user uses the system, the user first needs to register an account and log in the system. When registering, inputting information such as user name and password, submitting the information to a user management system, and encrypting the password of the user by using an AES (advanced encryption standard) encryption algorithm by the user management system and storing the encrypted password in a database. When a user logs in, a user name and a password also need to be input, the user name and the password are submitted to a user management system, the password input by the user is encrypted by the user management system and is compared with the password stored by a server for verification, if the verification is passed, the system is normally used, and if the verification is failed, the system cannot be accessed;
the AES encryption algorithm in the step 2 comprises the following steps:
2.1, carrying out XOR operation on the key and the original text, wherein the original text is 128 bits, and the ciphertext is also 128 bits, firstly carrying out XOR operation on the main key and the original text, and then generating a 40-bit sub-key by using the main key;
step 2.2 if i is not a multiple of 4, then column i is given the following equation:
w [ i ] ═ W [ i-4] XOR W [ i-1] (XOR means exclusive or, the same applies below);
step 2.3 if i is a multiple of 4, then column i uses the following equation:
W[i]=W[i-4]XOR T(W[i-1]);
the T () function consists of three parts, word circulation, byte substitution and round constant substitution XOR;
a. word circulation: the 4 bytes in 1 word are cyclically shifted left by 1 byte. Converting the input words [ a0, a1, a2, a3] into [ a1, a2, a3, a0 ];
b. byte substitution: carrying out byte substitution on the result of the word circulation by using an S box;
c. round constant XOR: the results of the first two steps are subjected to XOR with the round constants;
step 3, after browsing the commodity information, the user performs order placing operation on the psychographic commodity, submits an order to a mall service system, and generates order information;
step 4, successfully generating an order, constructing a payment request, sending the payment request to a third-party payment system by the mall service system, displaying payment information by a user side, inputting a payment password by the user, confirming payment, finishing payment transaction by the third-party payment system, and returning a transaction result to the mall service system;
wherein, the transaction data verification is related to in the step 4, and the verification rule of the third party payment system needs to be met, and the verification steps are as follows:
step 4.1, acquiring a payment signature from a third party payment system;
step 4.2, the service system signs the transaction data by using a private key, then initiates payment and submits the data to a third party payment system;
4.3, after the third-party payment system receives the data, using the public key to check the transaction data;
4.4, after the third party payment system verifies that the data are correct, processing the data and then returning the payment result data to the service system;
step 4.5, after receiving the transaction result, the mall service system uses the public key of the third-party payment system to check and sign, obtains the transaction result and stores the data result to the mall service system;
and 5: the mall service system sends the transaction result data to the inventory management system to change inventory information;
step 6: the inventory management system sends the order information to a logistics management system to generate logistics information;
the above steps 5 and 6 require fast and safe auditing and checking on transaction data when the transaction data between the systems are transmitted. Assuming that the system A sends data to the system B, the steps are as follows:
step 5.1: the system A converts transaction data generated in a transaction process into a json form;
step 5.2: taking a well agreed key of the system A and the system B as a key1, wherein the cycle number R is 0;
step 5.3: acquiring the length L of the key 1;
step 5.4: circularly executing the algorithm of the step 5.5 until R is greater than L/2;
step 5.5: when R < ═ L/2;
step 5.5.1, acquiring a new key from the random key generation function as key 2;
for the algorithm of the random key generation function of step 5.5.1, the steps are as follows:
step 5.5.1.1: reading the key1 sent as a parameter;
step 5.5.1.2: find length L of key 1;
step 5.5.1.3: the key1 is now processed using the reverse function, obtaining a new reverse key called key _ rev;
step 5.5.1.4: converting each character of key1 into a corresponding ASCII code;
step 5.5.1.5: calculating an ASCII sequence of each character of randomNo ∑ key 1;
step 5.5.1.6: obtaining the sum of randomNo, and defining the sum as sum;
step 5.5.1.7: finding a modulo of randomNo, defined as m ═ mod (randomNo, L);
step 5.5.1.8: applying the matrixes on the key1 and the key _ rev to generate a new application matrix _ key;
step 5.5.1.9: adding the modulus m of the random sum to each bit of the matrix _ key, and defining the matrix _ key _ rev;
step 5.5.1.10: performing exclusive-or operation on the matrix _ key and the matrix _ key _ rev;
step 5.5.1.11: obtaining a new matrix as a new _ matrix result _ matrix;
step 5.5.1.12: binary conversion is carried out on result _ matrix to characters and the characters are stored in a new matrix as key 2;
step 5.5.1.13: returning to key 2.
Step 5.5.2: calling random key selection functions (key1, key 2);
the steps for the step 5.5.2 random key selection function algorithm are as follows:
step 5.5.2.1: reading the two numbers of key1 and key2 obtained in the step;
step 5.5.2.2: each character of key1 and key2 is converted to its equivalent ASCII code,
step 5.5.2.3: then converting into binary system again;
step 5.5.2.4: the least significant bits of the entire key of the translated keys 1 and 2, such as Lowv1 and Lowv2,
step 5.5.2.5: if Lowv1 ≠ Lowv2, key1 is selected for return, and if Lowv1 ≠ Lowv2, key2 is selected for return.
Step 5.5.3: now, key is a value obtained by calling the random key selection function (key1, key 2).
Step 5.5.4: the transpose function (key) is now called to obtain the final key to be encrypted/interfaced.
The transposition function algorithm for step 5.5.4 steps are as follows:
step 5.5.4.1: redefines the incoming parameter key as key1,
step 5.5.4.2: reading 1.5.1.6 the sum of the random numbers, reading each character of the sum separately;
step 5.5.4.3: the character of key1 is interchanged with the character of the (value-1) index of the corresponding number,
step 5.5.4.4: increase the index of key1 and sum by 1;
step 5.5.4.5: repeating steps 5.5.4.3 and 5.5.4.4 until the last index of the key;
step 5.5.4.6: finally, obtaining a check code to be encrypted;
step 5.5.5: executing R +1, and returning the check code as key1 to continue the next cycle;
step 5.5.6: ending circulation until the condition R & lt/2 & gt is not met, and returning to the final check code key;
step 5.6: the system A adds the final check code key _ a returned in the step 5.5 into a json string of the transaction data among the systems and sends the json string to the system B;
step 5.7: the system B receives the data transmitted by the system A, processes the transaction data except the check code, and operates and executes once again according to the steps from 5.2 to 5.5 to obtain the check code key _ B of the system B;
step 5.8: the system B compares the check code key _ B with the key _ a check code sent by the system A, and if the check code key _ B is consistent with the key _ a check code sent by the system A, the verification is passed; if the two are not consistent, the data is determined to be illegal data;
and 7: the user will see the order information and the payment result on the page.
With reference to fig. 1, data interaction between service systems is provided.
Step 1: and browsing the service display system by the user, logging in by the user, and submitting the identity authentication information such as the user name, the password and the like to the user information management system.
Step 2: and after the user management system passes the verification, returning the token, and carrying out subsequent operations of purchasing, checking orders and the like by holding the token.
And step 3: and browsing the commodity information in the shopping mall, selecting the commodity, and submitting order information to the shopping mall service system.
And 4, step 4: the mall service system verifies that the commodity exists effectively and submits the commodity to the inventory management system for verification.
And 5: the inventory management system verifies that the inventory of the commodity is sufficient, can trade and returns verification information to the mall service system.
Step 6: and the mall service system forms a payment request and returns the payment request to the business display system.
And 7: and the user carries out payment operation on the service display system.
And 8: after the third-party payment system returns a message of successful payment, the third-party payment system calls back to the mall service system,
and step 9: the mall service system maintains the order state, submits information to the inventory management system, reduces corresponding inventory, and updates the logistics state through the logistics management system.
Step 10: after the transaction is finished, the user can check the corresponding order details in the business display system.
With reference to fig. 2, the user login authentication flowchart of the present application is implemented by a technical scheme that a user and a server share a group of passwords through identity authentication based on a shared password:
step 1, when logging in, a user needs to input a user name and a password and submits the user name and the password to a service system.
And 2, after receiving the password submitted by the user, the service system encrypts the password by an encryption algorithm AES.
And 3, comparing the encrypted password with the password stored in the service system, and if the encrypted password is consistent with the password stored in the service system, judging that the user is a legal user. And if the submitted password is inconsistent with the password stored by the server, judging that the user identity authentication fails.
With reference to fig. 3, the user payment sequence diagram of the application is a verification rule through a third party payment system, and the technical scheme is as follows:
step 1, obtaining a payment signature from a third party payment system.
And step 2, the service system signs the transaction data by using a private key, then initiates payment and submits the data to a third-party payment system.
And 3, after the third-party payment system receives the data, verifying the signature of the transaction data by using the public key.
And 4, after the third-party payment system verifies that the data are correct, processing the data, and then returning the payment result data to the service system.
And 5, after receiving the transaction result, the service system uses the public key of the third-party payment system to check and sign, obtains the transaction result and stores the data result to the service system.
In addition, the application also provides a computing device and a computer-readable storage medium corresponding to the transaction data rapid audit verification method, and the computing device and the computer-readable storage medium comprise a processor and a memory, wherein the memory stores computer-executable instructions capable of being executed by the processor, and the processor executes the computer-executable instructions to realize the intelligent generation method of the industry map. When invoked and executed by a processor, the computer-executable instructions cause the processor to implement the enterprise demand data processing method described above.
In the description of the present invention, it is to be noted that, unless otherwise explicitly specified or limited, the terms "connected" and "connected" are to be interpreted broadly, e.g., as being fixed or detachable or integrally connected; can be mechanically or electrically connected; may be directly connected or indirectly connected through an intermediate. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
In the description of the present invention, unless otherwise specified, the terms "upper", "lower", "left", "right", "inner", "outer", and the like indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention.
Finally, it should be noted that the above-mentioned technical solution is only one embodiment of the present invention, and it will be apparent to those skilled in the art that various modifications and variations can be easily made based on the application method and principle of the present invention disclosed, and the method is not limited to the above-mentioned specific embodiment of the present invention, so that the above-mentioned embodiment is only preferred, and not restrictive.
Claims (4)
1. A transaction data rapid auditing and checking method is characterized in that: comprises the following steps:
step 1: the system of the transaction method adopts a micro service architecture with completely separated front and back ends, all data are transmitted through an asynchronous interface, and the transaction system comprises the following subsystems: a user management system for managing all registered user information and provider user information; the mall service system is used for managing commodity classification information, commodity information, order information and payment information; the inventory management system is used for managing inventory information of all commodities, warehouse information and shelf information; the logistics management system is used for aiming at all the logistics information of the traded orders, and comprises node information of each logistics information of each order;
step 2: when a user uses the system, firstly, an account needs to be registered and the system is logged in, a user name and password information are input during registration and submitted to the user management system, and the user management system encrypts the password of the user by using an AES (advanced encryption standard) encryption algorithm and stores the encrypted password in a database; when a user logs in, a user name and a password also need to be input, the user management system encrypts the password input by the user, the password is compared with the password stored by the server for verification, if the verification is passed, the system is normally used, and if the verification is failed, the system is forbidden to be accessed;
and step 3: after browsing the commodity information, a user performs order placing operation on the psychographic commodity, submits an order to a mall service system and generates order information;
and 4, step 4: the order is successfully generated, a payment request is constructed, the mall service system sends the payment request to the third-party payment system, the user side displays payment information, the user inputs a payment password to confirm payment, the third-party payment system completes payment transaction, and a transaction result is returned to the mall service system;
and 5: the mall service system sends the transaction result data to the inventory management system to change inventory information;
step 6: the inventory management system sends the order information to a logistics management system to generate logistics information;
the step 5 and the step 6 are transaction data transmission between systems, and transaction data security audit verification is carried out;
and 7: after the audit verification is passed, the user can see the order information and the payment result on the page.
2. The transaction data fast auditing and verifying method according to claim 1, wherein the above steps 5 and 6 are transaction data transmission between systems, one of the systems is system a, the system interacting with the system is system B, and the steps of verifying the security of the transaction data between the two systems are as follows:
step 5.1: the system A converts transaction data generated in a transaction process into a json form;
step 5.2: taking a well agreed key of the system A and the system B as a key1, wherein the cycle number R is 0;
step 5.3: acquiring the length L of the key 1;
step 5.4: circularly executing the algorithm of the step 5.5 until R is greater than L/2;
step 5.5: when R < ═ L/2;
step 5.5.1, acquiring a new key from the random key generation function as key 2;
for the algorithm of the random key generation function of step 5.5.1, the steps are as follows:
step 5.5.1.1: reading the key1 sent as a parameter;
step 5.5.1.2: find length L of key 1;
step 5.5.1.3: the key1 is now processed using the reverse function, obtaining a new reverse key called key _ rev;
step 5.5.1.4: converting each character of key1 into a corresponding ASCII code;
step 5.5.1.5: calculating an ASCII sequence of each character of randomNo ∑ key 1;
step 5.5.1.6: obtaining the sum of randomNo, and defining the sum as sum;
step 5.5.1.7: finding a modulo of randomNo, defined as m ═ mod (randomNo, L);
step 5.5.1.8: applying the matrixes on the key1 and the key _ rev to generate a new application matrix _ key;
step 5.5.1.9: adding the modulus m of the random sum to each bit of the matrix _ key, and defining the matrix _ key _ rev;
step 5.5.1.10: performing exclusive-or operation on the matrix _ key and the matrix _ key _ rev;
step 5.5.1.11: obtaining a new matrix as a new _ matrix result _ matrix;
step 5.5.1.12: binary conversion is carried out on result _ matrix to characters and the characters are stored in a new matrix as key 2;
step 5.5.1.13: return key 2;
step 5.5.2: calling random key selection functions (key1, key 2);
the steps for the step 5.5.2 random key selection function algorithm are as follows:
step 5.5.2.1: reading the two numbers of key1 and key2 obtained in the step;
step 5.5.2.2: each character of key1 and key2 is converted to its equivalent ASCII code,
step 5.5.2.3: then converting into binary system again;
step 5.5.2.4: the least significant bits of the entire key of the translated keys 1 and 2, such as Lowv1 and Lowv2,
step 5.5.2.5: if Lowv1 ≠ Lowv2, key1 is selected for returning, and if Lowv1 ≠ Lowv2, key2 is selected for returning;
step 5.5.3: now, key is a value obtained by calling a random key selection function (key1, key 2);
step 5.5.4: now call the transpose function (key) to get the final key to encrypt/interface;
the transposition function algorithm for step 5.5.4 steps are as follows:
step 5.5.4.1: redefines the incoming parameter key as key1,
step 5.5.4.2: reading 1.5.1.6 the sum of the random numbers, reading each character of the sum separately;
step 5.5.4.3: the character of key1 is interchanged with the character of the (value-1) index of the corresponding number,
step 5.5.4.4: increase the index of key1 and sum by 1;
step 5.5.4.5: repeating steps 5.5.4.3 and 5.5.4.4 until the last index of the key;
step 5.5.4.6: finally, obtaining a check code to be encrypted;
step 5.5.5: executing R +1, and returning the check code as key1 to continue the next cycle;
step 5.5.6: ending circulation until the condition R & lt/2 & gt is not met, and returning to the final check code key;
step 5.6: the system A adds the final check code key _ a returned in the step 5.5 into a json string of the transaction data among the systems and sends the json string to the system B;
step 5.7: the system B receives the data transmitted by the system A, processes the transaction data except the check code, and operates and executes once again according to the steps from 5.2 to 5.5 to obtain the check code key _ B of the system B;
step 5.8: the system B compares the check code key _ B with the key _ a check code sent by the system A, and if the check code key _ B is consistent with the key _ a check code sent by the system A, the verification is passed; if the two are not consistent, the data is determined to be illegal.
3. The transaction data fast auditing and verifying method according to claim 1, in order transaction, needs to interact with the third party payment platform, needs to conform with the verification rule of the third party payment system, and the interacted data must be safe and effective, and the verification steps are as follows:
step a, acquiring a payment signature from a third-party payment system;
step b, the service system signs the transaction data by using a private key, then initiates payment and submits the data to a third-party payment system;
c, after the third-party payment system receives the data, using the public key to check the transaction data;
d, after the third-party payment system verifies that the data are correct, processing the data and then returning the payment result data to the service system;
and e, after receiving the transaction result, the service system uses the public key of the third-party payment system to check and sign, obtains the transaction result and stores the data result to the service system.
4. A computing device comprising a processor and a memory, the memory storing computer-executable instructions executable by the processor, the processor executing the computer-executable instructions to implement the transaction data rapid audit verification method of claims 1-3 above.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210053753.3A CN114418571B (en) | 2022-01-18 | 2022-01-18 | Transaction data rapid auditing and checking method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210053753.3A CN114418571B (en) | 2022-01-18 | 2022-01-18 | Transaction data rapid auditing and checking method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114418571A true CN114418571A (en) | 2022-04-29 |
CN114418571B CN114418571B (en) | 2022-11-15 |
Family
ID=81273278
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210053753.3A Active CN114418571B (en) | 2022-01-18 | 2022-01-18 | Transaction data rapid auditing and checking method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114418571B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5809144A (en) * | 1995-08-24 | 1998-09-15 | Carnegie Mellon University | Method and apparatus for purchasing and delivering digital goods over a network |
US20030063751A1 (en) * | 2001-09-20 | 2003-04-03 | Aiden Bruen | Key agreement protocol based on network dynamics |
CN103279883A (en) * | 2013-05-02 | 2013-09-04 | 携程计算机技术(上海)有限公司 | Electronic-payment transaction risk control method and system |
CN103903175A (en) * | 2014-03-21 | 2014-07-02 | 沈阳化工大学 | Electronic commerce shopping system |
CN111786773A (en) * | 2020-06-24 | 2020-10-16 | 重庆邮电大学 | TWDM-PON system physical layer security method based on MD5 check sum AES encryption |
CN112017018A (en) * | 2019-05-28 | 2020-12-01 | 阿里巴巴集团控股有限公司 | Tax refunding method and system based on block chain and electronic equipment |
-
2022
- 2022-01-18 CN CN202210053753.3A patent/CN114418571B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5809144A (en) * | 1995-08-24 | 1998-09-15 | Carnegie Mellon University | Method and apparatus for purchasing and delivering digital goods over a network |
US20030063751A1 (en) * | 2001-09-20 | 2003-04-03 | Aiden Bruen | Key agreement protocol based on network dynamics |
CN103279883A (en) * | 2013-05-02 | 2013-09-04 | 携程计算机技术(上海)有限公司 | Electronic-payment transaction risk control method and system |
CN103903175A (en) * | 2014-03-21 | 2014-07-02 | 沈阳化工大学 | Electronic commerce shopping system |
CN112017018A (en) * | 2019-05-28 | 2020-12-01 | 阿里巴巴集团控股有限公司 | Tax refunding method and system based on block chain and electronic equipment |
CN111786773A (en) * | 2020-06-24 | 2020-10-16 | 重庆邮电大学 | TWDM-PON system physical layer security method based on MD5 check sum AES encryption |
Also Published As
Publication number | Publication date |
---|---|
CN114418571B (en) | 2022-11-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110692214B (en) | Method and system for ownership verification using blockchain | |
US9258296B2 (en) | System and method for generating a strong multi factor personalized server key from a simple user password | |
EP3465524B1 (en) | Secure transmission of sensitive data | |
CN110050435A (en) | Key pair architecture for security message transmitting-receiving | |
US20030070074A1 (en) | Method and system for authentication | |
CN113259133B (en) | Encryption communication method, equipment and storage medium based on HTTP protocol | |
US9325499B1 (en) | Message encryption and decryption utilizing low-entropy keys | |
US11233772B1 (en) | Methods and systems for secure cross-platform token exchange | |
US20120221862A1 (en) | Multifactor Authentication System and Methodology | |
CN112989309B (en) | Login method, authentication method and system based on multi-party authorization and computing equipment | |
CN106572076A (en) | Web service access method, client side and server side | |
CN111444551A (en) | Account registration and login method and device, electronic equipment and readable storage medium | |
US20190362093A1 (en) | Computer-implemented method of transferring a data string from an application to a data protection device | |
CN114418571B (en) | Transaction data rapid auditing and checking method | |
Yuniati et al. | Secure e-payment method based on visual cryptography | |
EP3400695A1 (en) | System, method and apparatus for data transmission | |
CN116866029B (en) | Random number encryption data transmission method, device, computer equipment and storage medium | |
WO2013012531A2 (en) | Authentication service | |
US20230421399A1 (en) | Cross chain access granting to applications | |
US20210250337A1 (en) | Method and device for matching evaluation of structured data sets protected by encryption | |
CN117196875A (en) | Account data verification method, device, equipment and storage medium | |
Raji et al. | Multiple Service Authentication with Cloud OTP as a service. | |
KR20230124207A (en) | Document sharing service server for managing document sharing service based on cloud, and the operating method thereof | |
Kumar | Protocol based verification and authentication for multi-tasking server in DUOS system | |
WO2004028078A1 (en) | Method and system for authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A Fast Verification Method for Transaction Data Review Granted publication date: 20221115 Pledgee: Agricultural Bank of China Limited Kuitun Branch Pledgor: XINJIANG ASIA-EUROPE EXCHANGE Co.,Ltd. Registration number: Y2024980007161 |