CN115765973A - Encryption tagging multiplexing architecture method based on financial scene - Google Patents
Encryption tagging multiplexing architecture method based on financial scene Download PDFInfo
- Publication number
- CN115765973A CN115765973A CN202211412763.8A CN202211412763A CN115765973A CN 115765973 A CN115765973 A CN 115765973A CN 202211412763 A CN202211412763 A CN 202211412763A CN 115765973 A CN115765973 A CN 115765973A
- Authority
- CN
- China
- Prior art keywords
- algorithm
- encryption
- tagging
- layer
- financial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides an encryption tagging multiplexing architecture method based on a financial scene, which comprises the following steps: the multiplexing architecture comprises a user interface layer, an application layer, a field layer and a base layer; the client side of the user interface layer adopts a programming language to perform signing processing through a SM2 plus SM3 algorithm of a national password and simultaneously performs encryption processing through an SM4 plus SM2 algorithm of the national password; the application layer financial enterprise side adopts a programming language to decrypt through a SM4 plus SM2 algorithm of a state secret and adopts an SM2 plus SM3 algorithm of the state secret to check the signature; the domain layer externally packages and integrates the management of the key; the base layer stores key information of the key. By using the SM algorithm as encryption signing processing and java as a back-end development language, the business logic is developed safely, the response of the safety request is realized, and a multiplexing scheme is provided for projects with the same similar financial business scenes.
Description
Technical Field
The invention relates to the field of financial encryption, in particular to an encryption tagging multiplexing architecture method based on a financial scene.
Background
The safety problem exists in the plaintext processing of the internet and the internal interactive communication process of the financial enterprise. Based on the situation, the request response message is encrypted and transmitted in a plaintext mode, and meanwhile the signature is carried out on the message, so that the identity is proved, and the denial is prevented.
And adopting a mode of encrypting and signing by using the SM secret key. The client is responsible for sending the request, hashing the message by adopting a State cipher algorithm SM3, processing the message by adopting a State cipher algorithm SM2 signing mode, proving the identity of the client, encrypting the message by adopting a State cipher algorithm SM4, encrypting the symmetric key by adopting the State cipher algorithm SM2, and encrypting the message; the financial enterprise is responsible for receiving the request, decrypting the symmetric key by using the SM2 cryptographic algorithm, decrypting the message by using the symmetric key through the SM4 cryptographic algorithm, and acquiring and processing the plaintext.
In the prior art, the traditional plaintext interaction is adopted, so that the problem of data tampering exists on the Internet;
the data source of the internal receiving process of the financial enterprise side has the problem of identity forgery.
On the client side, a plaintext request is sent, and the situation that intercepted and tampered data exists, so that the situation that the finance and the like of a service system have danger, and the data of the service system is easily uncontrollable and the amount of money is lost; in addition, after the client side sends the request, the financial enterprise cannot identify the source of the request after receiving the request, the intermediate link is intercepted, the request is forged and is reinitiated, unreal requests and wrong request sources are caused, the problem that the client side cannot receive money and/or withholding money after the internal system of the financial enterprise finishes processing is caused, and the situation that the request is possibly not sent by the real enterprise exists in the stage of confirming with the enterprise.
Disclosure of Invention
In view of the above, the present invention has been developed to provide a financial scenario-based encryption tagging multiplexing architecture approach that overcomes or at least partially solves the above-mentioned problems.
According to one aspect of the invention, the encryption tagging multiplexing architecture method based on the financial scene comprises the following steps:
the multiplexing architecture comprises a user interface layer, an application layer, a field layer and a base layer;
the client side of the user interface layer adopts a programming language to perform signing processing through a SM2 plus SM3 algorithm of a national password and simultaneously performs encryption processing through an SM4 plus SM2 algorithm of the national password;
the application layer financial enterprise side adopts a programming language to decrypt through a SM4 plus SM2 algorithm of a state secret and adopts an SM2 plus SM3 algorithm of the state secret to check the signature;
the domain layer externally packages and integrates the management of the key;
the base layer stores key information of the key.
Optionally, the programming language is java language.
Optionally, the secret SM2 algorithm is an asymmetric encryption algorithm, and is used for signature encryption.
Optionally, the secret SM3 algorithm is a message digest algorithm, and is used to obtain a hash value of the message.
Optionally, the secret SM4 is a symmetric encryption algorithm of packet data of the wlan standard, and is used to encrypt the full packet.
Optionally, the encryption processing is to perform confusion based on an algorithm on the message of the visual plaintext, to perform scrambling mapping to obtain an unidentifiable ciphertext, and use the unidentifiable ciphertext for security processing.
Optionally, the signature is a unique label which cannot be tampered and is used for processing the requested message, and the unique label is used for a receiving party to confirm whether the identity information of the requesting client is true or false.
The invention provides an encryption tagging multiplexing architecture method based on a financial scene, which comprises the following steps: the multiplexing architecture comprises a user interface layer, an application layer, a field layer and a base layer; the client side of the user interface layer adopts a programming language to perform signing processing through a SM2 plus SM3 algorithm of a national password and simultaneously performs encryption processing through an SM4 plus SM2 algorithm of the national password; the application layer financial enterprise side adopts a programming language to decrypt through a SM4 plus SM2 algorithm of a state secret and adopts an SM2 plus SM3 algorithm of the state secret to check the signature; the domain layer externally packages and integrates the management of the key; the base layer stores key information of the key. By using the SM algorithm as encryption signing processing and java as a back-end development language, the business logic is developed safely, the response of the safety request is realized, and a multiplexing scheme is provided for projects with the same similar financial business scenes.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of an encryption tagging multiplexing architecture based on a financial scenario according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The terms "comprises" and "comprising," and any variations thereof, in the described embodiments of the invention and in the claims and drawings, are intended to cover a non-exclusive inclusion, such as, for example, a list of steps or elements.
The technical solution of the present invention is further described in detail with reference to the accompanying drawings and embodiments.
As shown in fig. 1, the client side of the user interface layer adopts java language to perform signing processing by using the SM2 plus SM3 algorithm of the country password and simultaneously performs encryption processing by using the SM4 plus SM2 algorithm of the country password. And the application layer financial enterprise side adopts java language to decrypt through the SM4 and SM2 algorithms of the state secret and adopts the SM2 and SM3 algorithms to verify the signature. And the domain layer performs encapsulation integration on the management of the key externally. The basic layer stores key information such as keys.
The SM2 is an asymmetric encryption algorithm and is used for signature encryption; the SM3 is a message digest algorithm and is used for acquiring a hash value of a message; SM4 is a symmetric encryption algorithm of packet data of the WLAN standard, and is used for encrypting the full message.
The back end adopts Java language. Java is a tool library supported by a cross-platform back-end language, has complete functions and is used for realizing encryption and decryption of applications.
Encryption is to map the visible plaintext message into unrecognizable ciphertext through algorithm-based confusion scrambling, and is commonly used and safely processed.
The signature is a unique label which can not be tampered and is processed by the request message, and is used for the receiving party to confirm the authenticity of the identity information of the requesting client.
Has the advantages that:
the invention mainly provides an easily understood multiplexing scheme for a financial business processing scene.
According to the invention, the SM algorithm is used for encryption and signature adding processing, java is used as a back-end development language, the business logic is developed safely, the response of the safety request is realized, and a multiplexing scheme is provided for projects with the same similar financial business scene.
The present invention is not intended to be limited to the embodiments shown herein, and it is to be understood that the present invention is not limited to the details shown and described herein.
Claims (7)
1. An encryption tagging multiplexing architecture method based on financial scenes is characterized by comprising the following steps:
the multiplexing architecture comprises a user interface layer, an application layer, a field layer and a base layer;
the client side of the user interface layer adopts a programming language to perform signing processing through a SM2 plus SM3 algorithm of a national password and simultaneously performs encryption processing through an SM4 plus SM2 algorithm of the national password;
the application layer financial enterprise side adopts a programming language to decrypt through a SM4 plus SM2 algorithm of a state secret and adopts an SM2 plus SM3 algorithm of the state secret to check the signature;
the domain layer externally packages and integrates the management of the key;
the base layer stores key information of the key.
2. The financial scenario-based encryption tagging multiplexing architecture method according to claim 1, wherein the programming language is java language.
3. The financial scenario-based encryption tagging multiplexing architecture method according to claim 1, wherein the SM2 cryptographic algorithm is an asymmetric encryption algorithm for signature encryption.
4. The financial scenario-based encryption tagging multiplexing architecture method according to claim 1, wherein the SM3 cryptographic algorithm is a message digest algorithm for obtaining a hash value of a message.
5. The financial scenario-based encryption tagging multiplexing architecture method according to claim 1, wherein the secret SM4 is a symmetric encryption algorithm of packet data of a wireless local area network standard, and can be used for encrypting a full message.
6. The financial scenario-based encryption tagging multiplexing architecture method according to claim 1, wherein the encryption processing is to perform algorithm-based obfuscation and scrambling mapping on a message of a visual plaintext into an unidentifiable ciphertext for security processing.
7. The encryption and tagging multiplexing architecture method based on the financial scenario as claimed in claim 1, wherein the tag is a unique tag which can not be tampered when the requested message is processed, and is used by the receiving party to confirm whether the identity information of the requesting client is true or false.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211412763.8A CN115765973A (en) | 2022-11-11 | 2022-11-11 | Encryption tagging multiplexing architecture method based on financial scene |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211412763.8A CN115765973A (en) | 2022-11-11 | 2022-11-11 | Encryption tagging multiplexing architecture method based on financial scene |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115765973A true CN115765973A (en) | 2023-03-07 |
Family
ID=85369733
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211412763.8A Pending CN115765973A (en) | 2022-11-11 | 2022-11-11 | Encryption tagging multiplexing architecture method based on financial scene |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115765973A (en) |
-
2022
- 2022-11-11 CN CN202211412763.8A patent/CN115765973A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8396218B2 (en) | Cryptographic module distribution system, apparatus, and program | |
| CN113067699B (en) | Data sharing method and device based on quantum key and computer equipment | |
| CN109981255B (en) | Method and system for updating key pool | |
| US6988198B1 (en) | System and method for initializing operation for an information security operation | |
| US20040236953A1 (en) | Method and device for transmitting an electronic message | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
| CN101720071A (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| CN108323230B (en) | Method for transmitting key, receiving terminal and distributing terminal | |
| CN114024710A (en) | Data transmission method, device, system and equipment | |
| JP2003530635A (en) | System and method for securely storing confidential information, and digital content distribution device and server used in the system and method | |
| CN105025019A (en) | Data safety sharing method | |
| CN104243439A (en) | File transfer processing method and system and terminals | |
| CN113382002B (en) | Data request method, request response method, data communication system, and storage medium | |
| CN113886771A (en) | Software authorization authentication method | |
| US20020018570A1 (en) | System and method for secure comparison of a common secret of communicating devices | |
| CN113347143A (en) | Identity authentication method, device, equipment and storage medium | |
| CN111262852B (en) | Business card signing and issuing method and system based on block chain | |
| US20240106633A1 (en) | Account opening methods, systems, and apparatuses | |
| JPH0969831A (en) | Cipher communication system | |
| CN111541708B (en) | Identity authentication method based on power distribution | |
| CN111541652B (en) | System for improving security of secret information keeping and transmission | |
| EP3337083A1 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| CN115765973A (en) | Encryption tagging multiplexing architecture method based on financial scene |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |