CN115860017B - Data processing method and related device - Google Patents
Data processing method and related device Download PDFInfo
- Publication number
- CN115860017B CN115860017B CN202310111370.1A CN202310111370A CN115860017B CN 115860017 B CN115860017 B CN 115860017B CN 202310111370 A CN202310111370 A CN 202310111370A CN 115860017 B CN115860017 B CN 115860017B
- Authority
- CN
- China
- Prior art keywords
- parameters
- service
- card
- algorithm
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The application discloses a data processing method and a related device, and relates to the technical field of data processing. The method comprises the steps of aiming at a target card, acquiring writing parameters of the target card, dividing the writing parameters into action parameters and service parameters according to preset rules, further carrying out encryption processing on the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and carrying out encryption processing on the service parameters according to a service encryption algorithm to obtain encrypted service parameters. The writing parameters are divided into the action parameters and the service parameters, and are encrypted respectively, so that the card service can be well adapted when different card services exist, and the method can be suitable for processing the writing parameters of the card in different application scenes. Finally, the encrypted action parameters and the encrypted service parameters are written into the target card, and as the parameters written into the target card are encrypted, decryption authentication is required correspondingly when the target card is used, so that the data security of the target card in the using stage can be improved.
Description
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a data processing method and a related device.
Background
The card plays an important role in daily life, for example, in various application scenes such as apartments, schools, automatic teller machines, gas stations, toll stations and the like, which are applied with intelligent door locks, the card can be utilized to improve convenience experience.
Usually, when the card is issued, certain writing parameters are written in the card, and when the card is used, the writing parameters in the card are read. In order to ensure the data security, the writing parameters written into the card are encrypted, and correspondingly, decryption is carried out when the card is used, so that authentication is realized, and the card can be successfully used only after the authentication passes.
However, the processing method in the related art is not well suited for various types of application scenarios.
Disclosure of Invention
In order to solve the technical problems, the application provides a data processing method and a related device, which can be better suitable for processing writing parameters of cards in different application scenes.
The embodiment of the application discloses the following technical scheme:
in one aspect, an embodiment of the present application provides a data processing method, where the method includes:
acquiring writing parameters of a target card;
dividing the writing parameters into action parameters and service parameters according to preset rules;
encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and writing the encrypted action parameters and the encrypted business parameters into the target card.
On the other hand, an embodiment of the present application provides a data processing apparatus, where the apparatus includes an acquisition unit, a dividing unit, a processing unit, and a writing unit:
the acquisition unit is used for acquiring the writing parameters of the target card;
the dividing unit is used for dividing the writing parameters into action parameters and service parameters according to preset rules;
the processing unit is used for carrying out encryption processing on the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and carrying out encryption processing on the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
the writing unit is used for writing the encrypted action parameters and the encrypted service parameters into the target card.
In yet another aspect, embodiments of the present application provide a computer device comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to execute the data processing method according to the above aspect according to the instructions in the program code.
In yet another aspect, embodiments of the present application provide a computer readable storage medium for storing a computer program for executing the data processing method described in the above aspect.
In yet another aspect, embodiments of the present application provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the data processing method of the above aspect.
According to the technical scheme, the writing parameters of the target card can be obtained according to the target card, the writing parameters are divided into the action parameters and the service parameters according to the preset rule, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain encrypted service parameters. The writing parameters are divided into the action parameters and the service parameters, and then are encrypted respectively, so that the card service can be well adapted when different card services exist, and the card writing parameters can be well adapted to the processing of the writing parameters of the card in different application scenes. Finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and as the parameters written into the target card are encrypted, decryption authentication is required correspondingly when the target card is used, so that the data security of the using stage of the target card can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a data processing method according to an embodiment of the present application;
FIG. 2a is a schematic diagram of an algorithm content configuration provided in an embodiment of the present application;
fig. 2b is a schematic diagram of a process of encrypting an action parameter according to an embodiment of the present application;
fig. 2c is a schematic diagram of a process of encrypting a service parameter according to an embodiment of the present application;
FIG. 3a is a schematic diagram of a system card algorithm interface according to an embodiment of the present disclosure;
FIG. 3b is a schematic diagram illustrating a card processing process according to an embodiment of the present disclosure;
FIG. 4 is a schematic view of a card using process according to an embodiment of the present disclosure;
fig. 5 is a block diagram of a data processing apparatus according to an embodiment of the present application.
Detailed Description
In order to make the present application solution better understood by those skilled in the art, the following description will clearly and completely describe the technical solution in the embodiments of the present application with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The data processing method provided by the embodiment of the application can be implemented by a computer device, and the computer device can be a terminal device or a server, wherein the server can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server for providing cloud computing service. The terminal equipment comprises, but is not limited to, mobile phones, computers, intelligent voice interaction equipment, intelligent household appliances, vehicle-mounted terminals and the like. The terminal device and the server may be directly or indirectly connected through wired or wireless communication, which is not limited in this application.
The following examples are provided to illustrate the invention:
fig. 1 is a flowchart of a data processing method provided in an embodiment of the present application, taking a terminal device as an example of the foregoing computer device, where the method includes S101-S104:
s101: and acquiring the writing parameters of the target card.
S102: and dividing the writing parameters into action parameters and service parameters according to preset rules.
For the target card, the write parameters of the target card may be acquired first. In general, a target card may refer to a card that is undergoing a card management operation, such as in an apartment or hotel scenario, and may be a pass card and a room card. In practical application, the card management operation may be a card management operation performed by a unified card sender, and may specifically include a management operation such as adding, deleting, reporting, losing and activating a card, for example, for a card, and may also include a management operation for data in a card, such as adding a public key of a card, updating a public key of a card, deleting a public key of a card, updating a private key of a card in a room, deleting a private key of a card in a room, and the like. The card management operation can be realized by unifying the card sending and carrying out the card management operation, meanwhile, the management operation can be carried out remotely, and based on the management operation, the card service management can still be realized under the condition that the card is not networked or can not be connected through a Bluetooth channel, and the card management operation is more convenient.
The writing parameters may be input by a user initiating the card management operation, and may refer to related data that needs to be written to the target card. In practical application, corresponding card services are different under different application scenes, and corresponding writing parameters are different. In order to adapt to more different application scenes, the writing parameters can be divided into action parameters and service parameters according to preset rules, and then the action parameters and the service parameters can be processed respectively in the subsequent processing, so that the card service can be well adapted when different card services are adopted in different application scenes.
In practical applications, the writing parameters may be different according to the actual card service, which is not limited in this application. For example, the writing parameters may include parameters such as account client code, account authentication key, device ID, card swiping device authentication key, encryption mode, number of times of use, card service operation command code, start-stop time, etc. Taking this as an example, the account client code and the account authentication key may be divided into action parameters, the number of times of use, the card service operation command code and the start-stop time may be divided into service parameters, and the device ID, the card swiping device authentication key and the encryption mode may be divided into action parameters and service parameters. That is, the device ID, the card swiping device authentication key, and the encryption scheme may have dual properties, both as an action parameter and as a service parameter.
In general, in order to ensure data security, the background system may perform legal authentication on the write-in parameter, and perform subsequent related operations on the write-in parameter after the legal authentication passes (e.g. S102). For better understanding of validity authentication, the embodiment of the present application is described by taking three dimensions of account client code, device authentication key and device ID as examples, and specifically as follows:
the account client code can be a random hexadecimal number of 16 bytes which is automatically allocated in advance by the system according to different projects or different clients, the system ensures the uniqueness of the account client code through generating rules, and the account client code can be ensured to be a matched legal client through legal authentication. When the device authentication key is a device binding, a random hexadecimal number with the random number not more than 20 bytes generated by the platform is stored in the platform. The device ID is the unique identifier of the card swiping device, and the Bluetooth MAC address information of the card swiping device is converted into fixed address information, so that the device ID accords with Bluetooth communication standards and can ensure the uniqueness of the information. The validity and the security of subsequent algorithm calls are ensured by the respective generated security and the respective uniqueness of the write-in parameters of the three dimensions.
S103: and encrypting the action parameters according to the primary encryption algorithm to obtain encrypted action parameters, and encrypting the service parameters according to the service encryption algorithm to obtain encrypted service parameters.
After determining the action parameter and the service parameter, the action parameter may be encrypted according to a primary encryption algorithm to obtain an encrypted action parameter, and the service parameter may be encrypted according to a service encryption algorithm to obtain an encrypted service parameter. Based on this, the encryption processing of the action parameter and the service parameter is completed.
That is, in the embodiment of the present application, the algorithm used for the encryption processing of the write parameters may be composed of two parts, namely, the primary encryption algorithm and the traffic encryption algorithm. Correspondingly, the algorithm content structure can be seen in fig. 2a, and fig. 2a shows a schematic diagram of the algorithm content structure. The process of encrypting the action parameters may be referred to as fig. 2b, and fig. 2b shows a schematic diagram of the process of encrypting the action parameters, where the primary encryption algorithm may be an SM4 algorithm, and the item key is a corresponding key. The process of encrypting the service parameter may be shown in fig. 2c, and fig. 2c shows a schematic diagram of the process of encrypting the service parameter, where the service encryption algorithm may be an algorithm customized according to a service, the service encryption key is a corresponding key, and the service plaintext to be encrypted may include start-stop time, number of times of use, card carrier ID, service operation function code, random number of the server system, public key of a through card, private key of a room card, and the like.
In practical applications, the action parameters and the service parameters are different for the data security requirement level, and in general, the service data is directly related to the card service, and the data security requirement level is higher than the action parameters. Thus, in one possible implementation, the primary encryption algorithm and the traffic encryption algorithm may be different, wherein the traffic encryption algorithm may have a higher encryption level than the primary encryption algorithm, and accordingly, the encryption process for the traffic parameters may be more complex than the encryption process for the action parameters, thereby increasing decryption complexity in use and increasing data security.
The corresponding card business is different in different application scenes, and can be regarded as different card types. In order to adapt to more different application scenarios, in one possible implementation manner, before S103, a card type of the target card may be determined, and further, the pending primary encryption algorithm is screened according to the card type, the primary encryption algorithm is determined, and the pending service encryption algorithm is screened according to the card type, so as to determine the service encryption algorithm. The pending primary encryption algorithm and the pending service encryption algorithm may include a plurality of related algorithms in a preconfigured algorithm pool, for example, the related algorithms may be SM4, DES, AES, and the like. Based on the above, the primary encryption algorithm and the service encryption algorithm are matched with the card type of the target card, that is, are more matched with the card service and the application scene of the target card, thereby improving the processing effect. Aiming at different types of cards, the matching algorithm can be screened for processing, and the adaptation degree is higher.
In order to simplify the decryption process in the use stage, in practical application, the primary encryption algorithm and the service encryption algorithm may be symmetric encryption algorithms. It should be noted that the pending primary encryption algorithm and the pending service encryption algorithm may be symmetric encryption algorithms. Based on this, the decryption process at the use stage can be simplified by utilizing the symmetry of the symmetric encryption algorithm.
S104: and writing the encrypted action parameters and the encrypted business parameters into the target card.
After the encryption processing is completed, the encrypted action parameters and the encrypted service parameters can be written into the target card, and based on the encrypted action parameters and the encrypted service parameters, the card management operation on the target card is completed.
In order to improve the data security, a system card algorithm interface can be arranged, the write-in parameters are uniformly processed through the system card algorithm interface, and the system card algorithm interface can be specially used for processing the write-in parameters of the card, so that the data leakage and the like can be avoided to a certain extent, and the data security is improved. System card algorithm interface referring to fig. 3a, fig. 3a shows a schematic diagram of a system card algorithm interface, and in fig. 3a, the writing parameters may include account client code, device authentication key, and device ID. The primary encryption algorithm, the business encryption algorithm and the like can be generated by a card algorithm generation server. Correspondingly, the embodiment of the application further provides a schematic card processing process, referring to fig. 3b, fig. 3b shows a schematic card processing process, where the system card algorithm interface may be used to process the writing parameters first, and then the card algorithm generation server generates a related algorithm to perform encryption processing, where the two parts may be considered as related processing of the writing stage of the card; then, the card reader interface can be used to read the encrypted data in the card, and the card is verified through the device end, which can be regarded as the related processing of the application stage of the card, and the device end refers to the card swiping device, and the card swiping device can read the encrypted data in the card through the card reader interface.
In practical applications, during the use stage of the target card, the user may use the target card to perform related card swiping operations, such as card swiping and unlocking. Typically, the swiping operation may be performed on the swiping device. Correspondingly, in response to the card swiping operation of the target card in the card swiping device, the primary algorithm identification and the primary key identification corresponding to the primary encryption algorithm are acquired through the card swiping device, and the service algorithm identification and the service key identification corresponding to the service encryption algorithm are acquired. Based on the method, in the using stage, key identification and algorithm identification are transmitted, but not the key and algorithm can ensure the data security to a greater extent. Furthermore, the corresponding primary decryption algorithm can be called according to the primary algorithm identification through the card swiping device, the corresponding primary key is called according to the primary key identification, the corresponding service decryption algorithm is called according to the service algorithm identification, and the corresponding service key is called according to the service key identification. Finally, the encrypted action parameters can be decrypted and authenticated by the card swiping device according to the primary decryption algorithm and the primary secret key, and the encrypted service parameters can be decrypted and authenticated according to the service decryption algorithm and the service secret key.
Based on this, decryption authentication of the encrypted data at the use stage can be completed. In practical application, if decryption authentication is passed, the card swiping operation can be determined to be effective card swiping, and response is made to the card swiping operation, otherwise, the card swiping operation can be prompted to be ineffective card swiping. For example, taking card swiping unlocking as an example, when decryption authentication is passed, the card swiping can be determined to be effective, and unlocking is responded, otherwise, invalid card swiping is prompted, and unlocking is not performed.
In practical application, in order to further improve data security, a security chip may be further built in the card swiping device, and accordingly, the primary decryption algorithm, the primary key, the service decryption algorithm and the service key may be stored in the security chip corresponding to the card swiping device. Based on the method, a security chip with higher security level is used for storing the secret key and the algorithm, so that the data security is improved, and the secret key and the algorithm are prevented from being read or tampered maliciously.
It should be noted that, when the card swiping device is configured, the foregoing primary encryption algorithm to be determined and the service encryption algorithm to be determined may be stored in a built-in security chip in advance, for example, SM4, DES, AES algorithm and a key may be stored in advance, and specifically may be stored in advance according to different address information of the card swiping device in the server in a binding process of the card swiping device. Accordingly, in the use stage, the card swiping device may call a corresponding algorithm from the security chip according to the algorithm identifier (e.g., the foregoing primary algorithm identifier, service algorithm identifier), and call a corresponding key from the security chip according to the key identifier (e.g., the foregoing primary key identifier, service key identifier). Based on the method, the secret key and the algorithm are stored in advance, so that only the secret key identification and the algorithm identification can be transmitted in the using stage, the secret key and the algorithm are not transmitted, and the data security is improved. The mode of only transmitting the key identification and the algorithm identification can ensure the randomness of the encrypted data through the same condition of the random number, can also ensure the difficulty of decoding the encrypted data of the offline card, and is beneficial to improving the data security.
Correspondingly, the embodiment of the application provides a schematic diagram of the using process of the card, and can be seen in fig. 4. Fig. 4 shows a schematic diagram of a card usage process, specifically, for example, after a user performs a card swiping operation on a card swiping device, ciphertext data (i.e., encrypted action parameters and encrypted service parameters) may be read through a card reader interface of the card swiping device, and corresponding algorithm codes (e.g., primary algorithm identification and service algorithm identification) and key codes (e.g., primary key identification and service key identification) may be obtained. Then, the corresponding decryption algorithm and the key can be called to decrypt the ciphertext data to obtain plaintext data, and the plaintext data is authenticated to ensure the validity. The method for processing the card validity period, the use times, the card authorized room and other writing parameters related to the service according to the preconfigured algorithm and rule can cover the condition of non-network issuing or Bluetooth writing, and based on the method, the card authentication and management in an off-line state can be completed. Correspondingly, if the authentication is passed, the card swiping operation can be responded, otherwise, the user can be prompted to swipe the card in an invalid mode.
According to the technical scheme, the writing parameters of the target card can be obtained according to the target card, the writing parameters are divided into the action parameters and the service parameters according to the preset rule, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain encrypted service parameters. The writing parameters are divided into the action parameters and the service parameters, and then are encrypted respectively, so that the card service can be well adapted when different card services exist, and the card writing parameters can be well adapted to the processing of the writing parameters of the card in different application scenes. Finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and as the parameters written into the target card are encrypted, decryption authentication is required correspondingly when the target card is used, so that the data security of the using stage of the target card can be improved.
Fig. 5 is a block diagram of a data processing apparatus according to an embodiment of the present application, where the apparatus includes an obtaining unit 501, a dividing unit 502, a processing unit 503, and a writing unit 504:
the acquiring unit 501 is configured to acquire a writing parameter of a target card;
the dividing unit 502 is configured to divide the writing parameters into action parameters and service parameters according to a preset rule;
the processing unit 503 is configured to encrypt the action parameter according to a primary encryption algorithm to obtain an encrypted action parameter, and encrypt the service parameter according to a service encryption algorithm to obtain an encrypted service parameter;
the writing unit 504 is configured to write the encrypted action parameter and the encrypted service parameter into the target card.
In a possible implementation manner, the apparatus further includes a determining unit:
the determining unit is used for determining the card type of the target card;
the determining unit is further configured to screen the pending primary encryption algorithm according to the card type, determine the primary encryption algorithm, screen the pending service encryption algorithm according to the card type, and determine the service encryption algorithm.
In a possible implementation manner, the apparatus further includes a calling unit and an authentication unit:
the acquisition unit is further used for responding to the card swiping operation of the target card in the card swiping device, acquiring a primary algorithm identifier and a primary key identifier corresponding to the primary encryption algorithm through the card swiping device, and acquiring a service algorithm identifier and a service key identifier corresponding to the service encryption algorithm;
the calling unit is used for calling a corresponding primary decryption algorithm according to the primary algorithm identification through the card swiping device, calling a corresponding primary secret key according to the primary secret key identification, calling a corresponding service decryption algorithm according to the service algorithm identification, and calling a corresponding service secret key according to the service secret key identification;
the authentication unit is used for carrying out decryption authentication on the encrypted action parameters according to the primary decryption algorithm and the primary secret key through the card swiping equipment, and carrying out decryption authentication on the encrypted service parameters according to the service decryption algorithm and the service secret key.
In a possible implementation manner, the device further includes a prompting unit:
and the prompting unit is used for determining the card swiping operation as effective card swiping if decryption authentication is passed and responding to the card swiping operation, otherwise prompting the card swiping operation as ineffective card swiping.
In one possible implementation manner, the primary decryption algorithm, the primary key, the service decryption algorithm and the service key are stored in a security chip corresponding to the card swiping device.
In one possible implementation, the primary encryption algorithm and the traffic encryption algorithm are both symmetric encryption algorithms.
According to the technical scheme, the writing parameters of the target card can be obtained according to the target card, the writing parameters are divided into the action parameters and the service parameters according to the preset rule, further, the action parameters can be encrypted according to the primary encryption algorithm to obtain encrypted action parameters, and the service parameters are encrypted according to the service encryption algorithm to obtain encrypted service parameters. The writing parameters are divided into the action parameters and the service parameters, and then are encrypted respectively, so that the card service can be well adapted when different card services exist, and the card writing parameters can be well adapted to the processing of the writing parameters of the card in different application scenes. Finally, the encrypted action parameters and the encrypted service parameters can be written into the target card, and as the parameters written into the target card are encrypted, decryption authentication is required correspondingly when the target card is used, so that the data security of the using stage of the target card can be improved.
In yet another aspect, embodiments of the present application provide a computer device comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to execute the data processing method provided in the foregoing embodiment according to an instruction in the program code.
The computer device may comprise a terminal device or a server, in which the aforementioned data processing means may be arranged.
In yet another aspect, the present application further provides a storage medium, where the storage medium is used to store a computer program, where the computer program is used to execute the data processing method provided in the foregoing embodiment.
In addition, the embodiment of the present application further provides a computer program product including instructions, which when executed on a computer, cause the computer to perform the data processing method provided in the above embodiment.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware related to program instructions, where the above program may be stored in a computer readable storage medium, and when the program is executed, the program performs steps including the above method embodiments; and the aforementioned storage medium may be at least one of the following media: read-only Memory (ROM), RAM, magnetic disk or optical disk, etc.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing has outlined some of the more detailed description of the data processing method and related apparatus provided in the examples of the present application, wherein specific examples are provided herein to illustrate the principles and implementations of the present application, and the description of the examples above is only intended to facilitate the understanding of the methods of the present application. Also, as will be apparent to one of ordinary skill in the art, there are variations in the specific embodiments and the scope of the application of the method according to the present application.
In view of the foregoing, the disclosure should not be construed as limiting the application, and any changes or substitutions that would be easily recognized by those skilled in the art within the technical scope of the disclosure of the present application are intended to be encompassed within the scope of the present application. Further combinations of the implementations provided in the above aspects may be made to provide further implementations.
Claims (9)
1. A method of data processing, the method comprising:
acquiring writing parameters of a target card; the writing parameters are related to card business of the target card;
dividing the writing parameters into action parameters and service parameters according to preset rules; the action parameters and the service parameters are different in data security requirement level, the service parameters are directly related to the card service, and the action parameters are indirectly related to the card service;
encrypting the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and encrypting the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
and writing the encrypted action parameters and the encrypted business parameters into the target card.
2. The method of claim 1, wherein prior to said encrypting the action parameters according to the primary encryption algorithm and encrypting the traffic parameters according to the traffic encryption algorithm, the method further comprises:
determining a card type of the target card;
and screening the undetermined primary encryption algorithm according to the card type, determining the primary encryption algorithm, and screening the undetermined service encryption algorithm according to the card type, and determining the service encryption algorithm.
3. The method according to claim 1, wherein the method further comprises:
responding to the card swiping operation of the target card in card swiping equipment, acquiring a primary algorithm identifier and a primary key identifier corresponding to the primary encryption algorithm through the card swiping equipment, and acquiring a service algorithm identifier and a service key identifier corresponding to the service encryption algorithm;
calling a corresponding primary decryption algorithm according to the primary algorithm identification through the card swiping device, calling a corresponding primary key according to the primary key identification, calling a corresponding service decryption algorithm according to the service algorithm identification, and calling a corresponding service key according to the service key identification;
and carrying out decryption authentication on the encrypted action parameters through the card swiping equipment according to the primary decryption algorithm and the primary secret key, and carrying out decryption authentication on the encrypted service parameters according to the service decryption algorithm and the service secret key.
4. A method according to claim 3, characterized in that the method further comprises:
if decryption authentication is passed, determining that the card swiping operation is effective card swiping, and responding to the card swiping operation, otherwise prompting that the card swiping operation is ineffective card swiping.
5. The method of claim 3, wherein the primary decryption algorithm, the primary key, the traffic decryption algorithm, and the traffic key are stored in corresponding secure chips of the card swiping device.
6. The method according to any of claims 1-5, wherein the primary encryption algorithm and the traffic encryption algorithm are both symmetric encryption algorithms.
7. A data processing apparatus, characterized in that the apparatus comprises an acquisition unit, a dividing unit, a processing unit and a writing unit:
the acquisition unit is used for acquiring the writing parameters of the target card; the writing parameters are related to card business of the target card;
the dividing unit is used for dividing the writing parameters into action parameters and service parameters according to preset rules; the action parameters and the service parameters are different in data security requirement level, the service parameters are directly related to the card service, and the action parameters are indirectly related to the card service;
the processing unit is used for carrying out encryption processing on the action parameters according to a primary encryption algorithm to obtain encrypted action parameters, and carrying out encryption processing on the service parameters according to a service encryption algorithm to obtain encrypted service parameters;
the writing unit is used for writing the encrypted action parameters and the encrypted service parameters into the target card.
8. A computer device, the computer device comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method of any of claims 1-6 according to instructions in the program code.
9. A computer readable storage medium, characterized in that the computer readable storage medium is for storing a computer program for executing the method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310111370.1A CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310111370.1A CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115860017A CN115860017A (en) | 2023-03-28 |
| CN115860017B true CN115860017B (en) | 2023-07-14 |
Family
ID=85658027
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310111370.1A Active CN115860017B (en) | 2023-02-14 | 2023-02-14 | Data processing method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115860017B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022217714A1 (en) * | 2021-04-16 | 2022-10-20 | 平安科技(深圳)有限公司 | Data collision method, apparatus and device, and computer-readable storage medium |
| CN115391795A (en) * | 2021-05-21 | 2022-11-25 | 腾讯云计算(北京)有限责任公司 | Data processing method, related device and medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101719228B (en) * | 2009-11-25 | 2012-07-04 | 北京握奇数据系统有限公司 | Method and device for data management of intelligent card |
| CN104899496B (en) * | 2014-09-26 | 2020-01-31 | 腾讯科技(深圳)有限公司 | data reading method and terminal thereof |
| CN105243407B (en) * | 2015-10-09 | 2018-12-07 | 腾讯科技(深圳)有限公司 | Read and write the method and device of smart card |
| CN108763979A (en) * | 2018-05-15 | 2018-11-06 | 苏州澄怀科技有限公司 | A kind of system and method that card application is written to smart card by mobile terminal |
| CN111862470A (en) * | 2020-08-18 | 2020-10-30 | 天津速越科技有限公司 | One-to-many virtual card reading method based on IC card and virtual card reader |
| CN114519360B (en) * | 2022-01-29 | 2024-03-08 | 金蝶软件(中国)有限公司 | Data read-write method, login method and device of service system and computer equipment |
-
2023
- 2023-02-14 CN CN202310111370.1A patent/CN115860017B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022217714A1 (en) * | 2021-04-16 | 2022-10-20 | 平安科技(深圳)有限公司 | Data collision method, apparatus and device, and computer-readable storage medium |
| CN115391795A (en) * | 2021-05-21 | 2022-11-25 | 腾讯云计算(北京)有限责任公司 | Data processing method, related device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115860017A (en) | 2023-03-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8639940B2 (en) | Methods and systems for assigning roles on a token | |
| US11295565B2 (en) | Secure smart unlocking | |
| US8813243B2 (en) | Reducing a size of a security-related data object stored on a token | |
| KR102466166B1 (en) | Processing electronic tokens | |
| CN111787530B (en) | Block chain digital identity management method based on SIM card | |
| EP3407565B1 (en) | Device authentication | |
| CN109740384A (en) | Data based on block chain deposit card method and apparatus | |
| CN108259413B (en) | Method for obtaining certificate and authenticating and network equipment | |
| CN111552935B (en) | Block chain data authorized access method and device | |
| CN112632521B (en) | Request response method and device, electronic equipment and storage medium | |
| US11051162B2 (en) | Method for anonymously identifying a security module | |
| CN102782694A (en) | Transaction auditing for data security devices | |
| US20210226794A1 (en) | Access control using proof-of-possession token | |
| CN101159940A (en) | Method of compartmentalized provision of an electronic service | |
| CN108243188A (en) | A kind of interface access, interface calling and interface authentication processing method and device | |
| KR101379711B1 (en) | Method for file encryption and decryption using telephone number | |
| WO2021007472A1 (en) | Methods and systems for securing and utilizing a personal data store on a mobile device | |
| CN110266641B (en) | Information reading method, system, device and computer readable storage medium | |
| CN112751803B (en) | Method, apparatus, and computer-readable storage medium for managing objects | |
| CN115860017B (en) | Data processing method and related device | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| WO2020144110A1 (en) | Authentication system with reduced attack surface | |
| CN113472722A (en) | Data transmission method, storage medium, electronic device and automatic ticket selling and checking system | |
| CN106209381B (en) | A kind of photo encipher-decipher method and its system | |
| CN105743859A (en) | Method, device and system for authenticating light application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |