CN115374462A - Storage management system based on financial service data - Google Patents
Storage management system based on financial service data Download PDFInfo
- Publication number
- CN115374462A CN115374462A CN202211285851.6A CN202211285851A CN115374462A CN 115374462 A CN115374462 A CN 115374462A CN 202211285851 A CN202211285851 A CN 202211285851A CN 115374462 A CN115374462 A CN 115374462A
- Authority
- CN
- China
- Prior art keywords
- data
- financial service
- service data
- management system
- storage management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a storage management system based on financial service data, which comprises: the database is used for storing financial service data; the authority management port is used for configuring corresponding authority for the user according to the user identification; the invention relates to the technical field of financial service data processing. According to the financial service data-based storage management system, due to the processing steps of the arranged data encoder, the content can be changed through the replaced bytes during the transmission of financial service data, even the change of one data in the financial service data can cause great influence, the data information is not real in the data transmission process, the effect of confusing intruders can be achieved, clues are provided for subsequent intrusion tracking, and the financial service data of the system cannot be influenced; the double encryption processing steps matched with the design increase the secondary replacement password on the basis of the original digital password, and the anti-intrusion capability of the self storage of the financial service data can be obviously enhanced.
Description
Technical Field
The invention relates to the technical field of financial service data processing, in particular to a storage management system based on financial service data.
Background
A large amount of various financial service data are generated every day in the financial market, most of the financial service data belong to enterprise confidentiality, and the confidentiality degree of different financial service data is different, and the security of the financial service data is crucial to one enterprise, so that the storage management capability of the financial service data needs to be enhanced.
When the financial service data is stored and managed, because the firewall of the financial service data can play a certain anti-intrusion effect, the financial service data can be protected, but the protection still needs to be strengthened, and the situation with higher risk is that in the process of transmitting the financial service data, although the time is short, the time is the best time for the hacker to intrude.
The prior art relies on the protection of data excessively, and when high-end hackers are met, the leakage risk still exists, in financial service data, even the change of one data can cause great influence, and the problem to be solved urgently is considered that the data content is changed when the data is transmitted, the initial data can be recovered after the transmission is finished, and the data transmission risk is reduced.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a storage management system based on financial service data, which solves the problems that the existing financial service data storage security needs to be strengthened and the data transmission is easy to invade to obtain the real financial service data content.
In order to achieve the purpose, the invention is realized by the following technical scheme: a financial services data based storage management system comprising:
the database is used for storing financial service data;
the authority management port is used for configuring corresponding authority for the user according to the user identification;
the encryption processing module is used for carrying out double encryption processing on the financial service data in the database, wherein the first re-encryption adopts a password setting mode, and the second re-encryption adopts a set password timing changing mode;
the data coder is used for carrying out coding substitution processing on the financial service data needing to be transmitted;
a data decoder for encoding the replaced data by the reverse replacement data encoder;
and the base station is used for transmitting or receiving the financial service data.
Further, the database is also used for displaying the financial service data in multiple types, and the financial service data is converted into image data or dynamic model data.
Further, the corresponding authority includes at least one of system login, data query, data editing and data downloading.
Further, the double encryption processing step of the encryption processing module on the database is as follows:
setting a digital password in an entering program of the database, marking the digital password as S1, S1 and S3.. Sk, and entering the next step after the digital password is input completely correctly;
the encryption processing module is internally provided with a random selection unit which randomly changes one bit in the digital password in a timing mode, the randomly selected position is marked as Nk, nk =1, 2, \8230;, k, the replaced number is marked as Dk, and the expression of Dk is as follows:
and taking the first numerical value after the decimal point by Dk, and entering the next step after the digital password is completely input correctly.
Further, the length of the digital password is set to be 9-18 bits, wherein the time interval adopted when the digital password is randomly changed in a timing mode is 20-30s.
Further, when the replaced number Dk is the same as the number Sk of the initial mark, the replaced number Dk advances by one bit.
Further, the processing step of the financial service data by the data encoder is as follows:
marking one byte in the financial service data as Bi and one byte in the encoded data in the data encoder as Mi, wherein i represents the arrangement order of the bytes, i =1, 2, \8230;, n, obtaining the sum of the corresponding financial service data and marking as Y, wherein Y = { B1, B2, B3.. Bn };
and then obtaining the sum of the corresponding coded data, and marking the sum as G, wherein G = { M1, M2, M3.. Mn }, and in the coded data, the expression of i is as follows:
wherein the calculation result of i is an integer;
at this time, the acquired encoded data Mi is correspondingly replaced into the financial service data Bi, the length of the initial financial service data byte is unchanged, and new financial service data D is generated, wherein D = { bn.. Mn. }.
Still further, the data decoder further comprises a built-in memory for storing the data replaced by the data encoder, and the data decoder reversely replaces the original data according to the data encoder replacing method.
The invention provides a storage management system based on financial service data. Compared with the prior art, the method has the following beneficial effects:
according to the storage management system based on the financial service data, due to the processing steps of the arranged data encoder, the content can be changed through the replaced bytes when the financial service data are transmitted, even if one data is changed in the financial service data, the content is greatly influenced, the data information is not real in the data transmission process, the effect of confusing intruders can be achieved, clues are provided for follow-up intrusion tracking, and the financial service data of the system can not be influenced; the double encryption processing steps matched with the design increase the secondary replacement password on the basis of the original digital password, and the anti-intrusion capability of the self storage of the financial service data can be obviously enhanced.
Drawings
FIG. 1 is a schematic block diagram of a financial services data based storage management system according to the present invention;
FIG. 2 is a logical operation diagram of the financial services data-based storage management system according to the present invention;
FIG. 3 is a schematic block diagram of a financial services data-based database according to the present invention.
In the figure, 100-a database, 1001-a data input module, 1002-a classification processing module, 1003-an internal storage module, 1004-an external display module, 101-an encryption processing module, 102-a right management port, 103-a data encoder, 104-a data decoder and 200-a base station.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a storage management system based on financial service data provides an embodiment, including:
a database 100 for storing financial service data;
the authority management port 102 is used for configuring corresponding authority for the user according to the user identification;
the encryption processing module 101 is configured to perform double encryption processing on the financial service data in the database 100, where a first re-encryption adopts a password setting manner, and a second re-encryption adopts a set password timing changing manner;
the data encoder 103 is used for carrying out encoding replacement processing on the financial service data needing to be transmitted;
a data decoder 104 for encoding the replaced data by the reverse replacement data encoder 103;
and a base station 200 for transmitting or receiving the financial service data.
The output end of the encryption processing module 101 is connected with the input end of the database 100, the encryption processing module 101 is used for encrypting the database 100, the data can enter the database after passing through the encryption processing module 101 before entering the database, the database 100 is directly invaded by the outside, the firewall of the database 100 needs to be overcome while the encryption processing module 101 is overcome, the output end of the authority management port 102 is connected with the input ends of the encryption processing module 101 and the database 100, the authority management port 102 needs to enter the database 100 after acquiring corresponding authority after passing through the authentication party of the encryption processing module 101, the output end of the database 100 is in bidirectional connection with the data encoder 103, the output end of the data decoder 104 is connected with the input end of the data encoder 103, financial service data of the database 100 needs to be encoded and replaced by the data encoder 103 before being transmitted by the base station 200 and then is transmitted by the base station 200, wherein the base station 200 is in bidirectional connection with the data encoder 103 and the data decoder 104, the financial service data transmitted by the base station 200, and the my base station 200 can transmit the data replaced by the data encoded and then the data of the data encoder 103 and the database 100.
Referring to fig. 1-3, a financial services data-based storage management system, according to another embodiment,
the method comprises the following steps:
a database 100 for storing financial service data;
the authority management port 102 is used for configuring corresponding authority for the user according to the user identification;
the encryption processing module 101 is configured to perform double encryption processing on the financial service data in the database 100, where the first re-encryption adopts a password setting manner, and the second re-encryption adopts a set password timing changing manner;
the data encoder 103 is used for carrying out encoding replacement processing on the financial service data needing to be transmitted;
a data decoder 104 for encoding the replaced data by the reverse replacement data encoder 103;
and a base station 200 for transmitting or receiving the financial service data.
The output end of the encryption processing module 101 is connected with the input end of the database 100, the database 100 is encrypted by the encryption processing module 101 and can enter the database after passing through the encryption processing module 101, the database 100 is directly invaded by the outside, a firewall of the database 100 needs to be overcome while the encryption processing module 101 is overcome, the output end of the authority management port 102 is connected with the input ends of the encryption processing module 101 and the database 100, the authority management port 102 needs to enter the database 100 after acquiring corresponding authority after passing through the authentication party of the encryption processing module 101, the output end of the database 100 is connected with the data encoder 103 in a bidirectional mode, the output end of the data decoder 104 is connected with the input end of the data encoder 103, financial service data of the database 100 needs to be encoded and replaced by the data encoder 103 before being transmitted by the base station 200 and then is transmitted by the base station 200, the financial service data transmitted by the base station 200 is transmitted by the opposite base station 200, the my base station 200 receives the financial service data, the data encoded and replaced by the data encoder 103 in a reverse mode, and then the database 100 is transmitted to the database.
For the design scheme of the database 1000, the database 100 includes a data input module 1001, a classification processing module 1002, an internal storage module 1003 and an external display module 1004, an output end of the input module 1001 is connected with an input end of the classification processing module 1002, output ends of the classification processing module 1002 and the external display module 1004 are both connected with an input end of the internal storage module 1003, wherein the data input module 1001 is used for inputting financial service data, the classification processing module 1002 classifies the input financial service data, the internal storage module 1003 stores the classified financial service data, and the external display module 1004 can display and operate the financial service data storage in the internal storage module 1003.
For the design scheme of the database 100, the database 100 is also used for displaying the financial service data in multiple types, and the financial service data is converted into image data or dynamic model data.
And for the design scheme of the corresponding authority, the corresponding authority comprises at least one of system login, data query, data editing and data downloading.
In this embodiment, a more preferred embodiment is further provided, where the double encryption processing step of the encryption processing module on the database is:
setting a digital password in an entering program of the database, marking the digital password as S1, S1 and S3.. Sk, and entering the next step after the digital password is input completely correctly;
the encryption processing module is internally provided with a random selection unit which randomly changes one bit in the digital password in a timing mode, the randomly selected position is marked as Nk, nk =1, 2, \8230;, k, the replaced number is marked as Dk, and the expression of Dk is as follows:
and taking the first numerical value after the decimal point by Dk, and entering the next step after the digital password is completely input correctly.
For the design of the digital password, the password length is more than 6 bits, and the preferred scheme is to set the length of the digital password to be 9-18 bits, wherein when the digital password is randomly changed in a timing mode, the time interval can be set according to the security requirement, and the preferred time interval is 20-30s.
For the same processing mode of the replaced digit and the replaced digit, when the replaced digit Dk is the same as the digit Sk of the initial mark, the replaced digit Dk advances by one bit, and for the replacement digit of 10, since the digit becomes two bits, the digit 10 is replaced by 0, for example, the replaced digit is 5, the replacement digit is also 5, and when the replacement digit is one bit ahead, the replacement digit is changed to 6; for another example, the replaced number is 9, and the replacing number is also 9, and the replacing number is one bit before the replacing number and is changed to 0.
The secondary encryption processing method is implemented at the client, a processor is independently arranged on each client, the operation of the encryption processing module on the double encryption processing steps of the database is controlled, and the passwords replaced by each client during operation may be different, so that the safety performance in the operation process is enhanced.
In this embodiment, a more preferred implementation is further provided, and the processing step of the financial service data by the data encoder is:
marking one byte in the financial service data as Bi and one byte in the encoded data in the data encoder as Mi, wherein i represents the arrangement order of the bytes, i =1, 2, \8230;, n, obtaining the sum of the corresponding financial service data and marking as Y, wherein Y = { B1, B2, B3.. Bn }; the byte Bi and the byte Mi may have the condition that few parts are the same, but the number of replaced bytes is large, so that the effect of code replacement is not influenced;
and then obtaining the sum of the corresponding coded data, and marking the sum as G, wherein G = { M1, M2, M3.. Mn }, and in the coded data, the expression of i is as follows:
wherein the calculation result of i is an integer;
correspondingly replacing the acquired encoded data Mi into financial service data Bi at the moment, wherein the byte length of the initial financial service data is unchanged, and generating new financial service data D, wherein D = { Bn.. Mn. }; the generation of new financial service data D can not form messy codes due to the change of bytes, but can change the meaning of original data due to the change of bytes, and even the change of one data can cause great influence in the financial service data, thereby not only playing a puzzling role, but also providing clues for follow-up intrusion tracking.
For the design of the data decoder, the data decoder also comprises a built-in memory, the memory is used for storing the data replaced by the data encoder, the data decoder reversely replaces the initial data according to the data encoder replacing method, and the data replacing effect of the data decoder is processed by adopting the existing processor without relating to the improvement of the prior art.
In conclusion, due to the processing steps of the data encoder, the content can be changed through the replaced bytes during the financial service data transmission, even if one data is changed in the financial service data, the data information is not real in the data transmission process, the effect of confusing intruders can be achieved, clues are provided for the subsequent intrusion tracking, and the financial service data of the user can not be influenced; the double encryption processing steps matched with the design increase the secondary replacement password on the basis of the original digital password, and the anti-intrusion capability of the self storage of the financial service data can be obviously enhanced.
And those not described in detail in this specification are well within the skill of those in the art.
It should be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (8)
1. A financial services data based storage management system, characterized by: the method comprises the following steps:
the database is used for storing financial service data;
the authority management port is used for configuring corresponding authority for the user according to the user identification;
the encryption processing module is used for carrying out double encryption processing on the financial service data in the database, wherein the first re-encryption adopts a password setting mode, and the second re-encryption adopts a set password timing changing mode;
the data coder is used for carrying out coding substitution processing on the financial service data needing to be transmitted;
a data decoder for encoding the replaced data by the reverse replacement data encoder;
and the base station is used for transmitting or receiving the financial service data.
2. The financial services data-based storage management system according to claim 1, wherein: the database is also used for displaying the financial service data in multiple types and converting the financial service data into image data or dynamic model data.
3. The financial services data-based storage management system according to claim 1, wherein: the corresponding authority comprises at least one of system login, data query, data editing and data downloading.
4. A financial services data based storage management system according to any one of claims 1 to 3, in which: the double encryption processing steps of the encryption processing module on the database are as follows:
setting a digital password in an entering program of the database, marking the digital password as S1, S1 and S3.. Sk, and entering the next step after the digital password is input completely correctly;
the encryption processing module is internally provided with a random selection unit which randomly changes one bit in the digital password in a timing mode, the randomly selected position is marked as Nk, nk =1, 2, \8230;, k, the replaced number is marked as Dk, and the expression of Dk is as follows:
and taking the first numerical value after the decimal point by Dk, and entering the next step after the digital password is completely input correctly.
5. The financial services data-based storage management system according to claim 4, wherein: the length of the digital password is set to be 9-18 bits, wherein the time interval adopted when the digital password is randomly changed in a timing mode is 20-30s.
6. The financial services data-based storage management system of claim 4, wherein: the replaced digit Dk may advance one bit when it is the same as the digit Sk of the initial mark.
7. The financial services data-based storage management system according to claim 1, wherein: the processing steps of the data encoder on the financial service data are as follows:
marking one byte in the financial service data as Bi and one byte in the encoded data in the data encoder as Mi, wherein i represents the arrangement order of the bytes, i =1, 2, \8230;, n, obtaining the sum of the corresponding financial service data and marking as Y, wherein Y = { B1, B2, B3.. Bn };
and then obtaining the sum of the corresponding coded data, and marking the sum as G, wherein G = { M1, M2, M3.. Mn }, and in the coded data, the expression of i is as follows:
wherein the calculation result of i is an integer;
at this time, the acquired encoded data Mi is correspondingly replaced into the financial service data Bi, the length of the initial financial service data byte is unchanged, and new financial service data D is generated, wherein D = { bn.. Mn. }.
8. The financial services data-based storage management system according to claim 7, wherein: the data decoder further includes a built-in memory for storing the data replaced by the data encoder, and the data decoder inversely replaces the original data according to the data encoder replacement method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211285851.6A CN115374462B (en) | 2022-10-20 | 2022-10-20 | Storage management system based on financial service data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211285851.6A CN115374462B (en) | 2022-10-20 | 2022-10-20 | Storage management system based on financial service data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115374462A true CN115374462A (en) | 2022-11-22 |
| CN115374462B CN115374462B (en) | 2023-01-24 |
Family
ID=84073034
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211285851.6A Active CN115374462B (en) | 2022-10-20 | 2022-10-20 | Storage management system based on financial service data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115374462B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030074564A1 (en) * | 2001-10-11 | 2003-04-17 | Peterson Robert L. | Encryption system for allowing immediate universal access to medical records while maintaining complete patient control over privacy |
| CN106157025A (en) * | 2016-07-05 | 2016-11-23 | 清华大学深圳研究生院 | The mobile terminal safety method of payment of identity-based card and system |
| CN107205080A (en) * | 2016-03-19 | 2017-09-26 | 汪风珍 | A kind of smart mobile phone with independent finance transaction system |
| CN112787976A (en) * | 2019-11-06 | 2021-05-11 | 阿里巴巴集团控股有限公司 | Data encryption, decryption and sharing method, device, system and storage medium |
-
2022
- 2022-10-20 CN CN202211285851.6A patent/CN115374462B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030074564A1 (en) * | 2001-10-11 | 2003-04-17 | Peterson Robert L. | Encryption system for allowing immediate universal access to medical records while maintaining complete patient control over privacy |
| CN107205080A (en) * | 2016-03-19 | 2017-09-26 | 汪风珍 | A kind of smart mobile phone with independent finance transaction system |
| CN106157025A (en) * | 2016-07-05 | 2016-11-23 | 清华大学深圳研究生院 | The mobile terminal safety method of payment of identity-based card and system |
| CN112787976A (en) * | 2019-11-06 | 2021-05-11 | 阿里巴巴集团控股有限公司 | Data encryption, decryption and sharing method, device, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115374462B (en) | 2023-01-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9959065B2 (en) | Hybrid blockchain | |
| CN111079128B (en) | Data processing method and device, electronic equipment and storage medium | |
| US9208491B2 (en) | Format-preserving cryptographic systems | |
| US20040101142A1 (en) | Method and system for an integrated protection system of data distributed processing in computer networks and system for carrying out said method | |
| CN116471007B (en) | Network information encryption transmission method based on cloud platform | |
| KR20010090877A (en) | Secure system using continuously-changing features of a body part as a key | |
| CN110011993B (en) | Two-dimensional code big data safety transmission device based on developments multistage encryption and decryption | |
| CN110210270B (en) | Two-dimensional code information security reinforcement method and system and two-dimensional code image analysis method and system | |
| US20210144005A1 (en) | Data format-preserving encryption, tokenization, and access control for vaultless systems and methods | |
| CN114640523B (en) | Computer data security encryption method and system | |
| KR102028151B1 (en) | Encryption method and system using authorization key of device | |
| CN113836578A (en) | Method and system for maintaining security of sensitive data of big data | |
| CN114969128A (en) | Secret query method, system and storage medium based on secure multi-party computing technology | |
| CN115374462B (en) | Storage management system based on financial service data | |
| CN110795757B (en) | Method, device, system and storage medium for personal information disclosure management | |
| CN114422230B (en) | Information transmission system based on data encryption | |
| CN116756750A (en) | Medical sensitive data acquisition desensitization method | |
| CN111104693A (en) | Android platform software data cracking method, terminal device and storage medium | |
| RU2259639C2 (en) | Method for complex protection of distributed information processing in computer systems and system for realization of said method | |
| KR970005596B1 (en) | Method for encrypting and decryting digital information | |
| CN116484407B (en) | Data security protection method and device, electronic equipment and storage medium | |
| RU2708354C1 (en) | Concealed information exchange method | |
| Mekhaznia et al. | New approach for attack of permutation-based image encryption schemes | |
| US11829512B1 (en) | Protecting membership in a secure multi-party computation and/or communication | |
| CN117057804B (en) | Financial transaction data secure storage method and system based on hash sequence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |