CN117113392A - Private data processing method, device, computer equipment and storage medium - Google Patents

Private data processing method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN117113392A
CN117113392A CN202311008831.9A CN202311008831A CN117113392A CN 117113392 A CN117113392 A CN 117113392A CN 202311008831 A CN202311008831 A CN 202311008831A CN 117113392 A CN117113392 A CN 117113392A
Authority
CN
China
Prior art keywords
data
user
target
approval
target privacy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311008831.9A
Other languages
Chinese (zh)
Inventor
姬文晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202311008831.9A priority Critical patent/CN117113392A/en
Publication of CN117113392A publication Critical patent/CN117113392A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Economics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • General Engineering & Computer Science (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosure provides a method, a device, a computer device and a storage medium for processing privacy data, wherein the method is applied to a service agent program in butt joint with a data platform, and the data platform stores privacy data of a user; the method comprises the following steps: receiving an application request of an applicant for private data stored on a data platform; responding to the received application request, generating an approval work order corresponding to the application request, and sending the approval work order to an approver authenticated by the approval authority for approval; and responding to the approval work order, acquiring target privacy data of a target user from the data platform according to user identification and description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating an applicant to download the target privacy data from the intermediate database. The embodiment can automatically complete application, approval and sharing of the private data, and can ensure the safety of the private data.

Description

Private data processing method, device, computer equipment and storage medium
Technical Field
The disclosure relates to the field of computer technology, and in particular, to a method, a device, computer equipment and a storage medium for processing private data.
Background
Currently, service platforms such as e-commerce or local living generally store private data of registered users; in some scenarios, there are situations where the user's private data is legitimately provided to other users. Taking an e-commerce platform as an example, the e-commerce platform stores personal information of a merchant; in order to protect the legal rights of the consumer, the consumer and related rights personnel can request to acquire some personal information of the merchant from the e-commerce platform based on the requirement of reasonable rights maintenance. The prior method is that the related rights people apply for processing after finishing the information requirement to be disclosed, and the efficiency is low.
Disclosure of Invention
To overcome the problems in the related art, the present disclosure provides a method, apparatus, computer device, and storage medium for processing private data.
According to a first aspect of embodiments of the present specification, there is provided a method of processing private data, the method being applied to a service agent interfacing with a data platform on which private data of a user is stored; the method comprises the following steps:
Receiving an application request of an applicant for private data stored on the data platform; the application request comprises a user identifier of a target user and description information corresponding to target privacy data of the target user;
generating an approval work order corresponding to the application request in response to the received application request, and sending the approval work order to an approver passing approval authority authentication for approval processing;
and responding to the approval work order passing approval, acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating the applicant to download the target privacy data from the intermediate database.
According to a second aspect of embodiments of the present specification, there is provided a private data processing apparatus for use in a service agent interfacing with a data platform on which private data of a user is stored; the device comprises:
a receiving module for: receiving an application request of an applicant for private data stored on the data platform; the application request comprises a user identifier of a target user and description information corresponding to target privacy data of the target user;
An approval module for: generating an approval work order corresponding to the application request in response to the received application request, and sending the approval work order to an approver passing approval authority authentication for approval processing;
a storage module for: and responding to the approval work order passing approval, acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating the applicant to download the target privacy data from the intermediate database.
According to a third aspect of embodiments of the present specification, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the method embodiments of the first aspect are implemented when the computer program is executed by the processor.
According to a fourth aspect of embodiments of the present specification, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method embodiments of the first aspect described above.
The technical scheme provided by the embodiment of the specification can comprise the following beneficial effects:
the embodiment of the specification designs a service agent program which is in butt joint with a data platform for storing private data of a user, the service agent program is used for proxy application of the private data by an applicant, the service agent program can generate an approval work order corresponding to the application request, the approval work order is sent to an approver authenticated by approval authorities for approval processing, and automatic data application and flow approval are realized through the approval work order. Further, in order to ensure the safety of data storage, the target privacy data of the user acquired by the service agent program from the data platform is encrypted and stored in an intermediate database; in addition, the privacy data can not be actively provided for the applicant, but the applicant is instructed to download the privacy data from the intermediate database, so that the transmission safety of the data is ensured. Therefore, the embodiment realizes automatic data application, flow approval and data sharing on the premise of ensuring the safety of data storage and transmission, and greatly improves the efficiency compared with the prior artificial mail.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the specification and together with the description, serve to explain the principles of the disclosure.
Fig. 1A is a flow chart of a method of privacy data processing according to an exemplary embodiment of the present description.
FIG. 1B is a schematic diagram of a user interface shown in accordance with an exemplary embodiment of the present description.
Fig. 2A is a schematic diagram of functional modules of a service agent program according to an exemplary embodiment of the present disclosure.
Fig. 2B is a flow chart of another method of privacy data processing shown in this specification according to an exemplary embodiment.
Fig. 3 is a hardware configuration diagram of a computer device in which a privacy data processing apparatus is located, according to an exemplary embodiment of the present specification.
Fig. 4 is a block diagram of a private data processing apparatus according to an exemplary embodiment of the present description.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present description as detailed in the accompanying claims.
The terminology used in the description presented herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in this specification to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present description. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
User information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to in this disclosure are both user-authorized or fully authorized information and data by parties, and the collection, use and processing of relevant data requires compliance with relevant laws and regulations and standards of relevant countries and regions, and is provided with corresponding operation portals for user selection of authorization or denial.
Taking e-commerce as an example, online consumers' rights are also receiving more and more attention in recent years with the rapid rise of online purchases. In order to protect legal rights of consumers, many e-commerce platforms have formulated "vendor service agreements", where the regulations are within the scope of legal permission, such as that consumers and rights persons can apply for information disclosure based on reasonable right-keeping requirements of complaints to related authorities or complaints to courts, and obtain related information such as names/names, identification numbers, addresses and contact ways of related subjects.
Since the disclosure data is mostly personal sensitive information, the disclosure data is currently processed by offline manual work. Specifically, the related party sorts the information requirement to be disclosed and then sends a mail to apply for the electronic commerce platform, related personnel of the electronic commerce platform review the mail and manually approve the mail, and after the approval is passed, the information to be disclosed is sent to the applicant through the mail. This approach is inefficient and the application records are difficult to keep, and also easily causes data leakage.
The embodiment of the specification hopes to provide a private data processing scheme which can realize automatic data application, flow approval and data sharing; however, since sensitive private data of users is to be shared, data storage and transmission security needs to be ensured. Therefore, the embodiment of the specification designs a service agent program which is in butt joint with a data platform for storing private data of a user, the service agent program agents an application request of an applicant for the private data, the service agent program generates an approval work order corresponding to the application request, the approval work order is sent to an approver authenticated by approval authorities for approval processing, and automatic data application and flow approval are realized through the approval work order. Further, in order to ensure the safety of data storage, the target privacy data of the user acquired by the service agent program from the data platform is encrypted and stored in an intermediate database; in addition, the privacy data can not be actively provided for the applicant, but the applicant is instructed to download the privacy data from the intermediate database, so that the transmission safety of the data is ensured. Therefore, the embodiment realizes automatic data application, flow approval and data sharing on the premise of ensuring the safety of data storage and transmission, and greatly improves the efficiency compared with the prior artificial mail. Next, embodiments of the present specification will be described in detail.
As shown in fig. 1A, fig. 1A is a flowchart illustrating a method for processing private data according to an exemplary embodiment of the present disclosure, where the method is applied to a service agent program interfacing with a data platform on which private data of a user is stored; the method may comprise the steps of:
step 102, receiving an application request of an applicant for private data stored on a data platform.
The application request contains a user identification of the target user and description information corresponding to the target privacy data of the target user.
And 104, responding to the received application request, generating an approval work order corresponding to the application request, and sending the approval work order to an approver authenticated by the approval authority for approval processing.
And step 106, responding to the approval work order, acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating an applicant to download the target privacy data from the intermediate database.
The data platform of the embodiment may store the private data of the user, and the actual private data may be different according to different application scenarios. As an example, the privacy data may specifically include personal identity information, such as information related to personal identity, including name, gender, nationality, identification card number, etc., and may also include contact or location data, etc. In a transaction scenario such as e-commerce, it may be private data of a merchant. Currently, in order to protect legal rights of consumers, consumers and related rights people can request to acquire some personal information of merchants from an electronic commerce platform based on the requirement of reasonable rights maintenance. The privacy data of the user stored in the data platform of the embodiment is stored under the condition of meeting the relevant laws and regulations and standards of relevant countries and regions and authorizing the user, and proper security measures are adopted to protect the privacy of the user. The private data shared to the applicant is also provided under relevant laws and regulations and standards in compliance with relevant countries and regions.
The data platform stores all the privacy information contained in the privacy data of the user, and in practical application, the target privacy data applied by the applicant can be all or part of the privacy information contained in the privacy data of the user.
Alternatively, the service agent program of the present embodiment may specifically be a program running on a server or a server cluster, for example, may be a back-end application, and may receive the front-end request by providing a web application, a client, or an API interface, or other manners.
As an example, a web application may be developed that gathers user input information via a front-end interface and sends it to a back-end service agent. The user may interactively fill out forms, click buttons, etc. in the front-end interface.
A mobile application may be developed that includes a front-end interface in which a user may interact with form filling, button clicking, etc. The application may call an API provided by the service agent with which the mobile application may interact via HTTP requests or other communication protocols.
The service agent may also be open to other systems or platforms for integration. For example, other platforms may connect their applications or services to service agents through API interfaces, enabling data exchange and functional expansion, etc.
Optionally, in the process of interaction between the service agent program and the data platform, communication encryption can be performed by using a security protocol, so as to ensure data transmission security between the service agent program and the data platform. The specific security protocol may be selected according to actual needs, which is not limited in this embodiment.
Alternatively, the applicant's request may be received through a front end interface. As an example, the front-end interface may provide forms for user input; a form is an interface element for collecting user input, typically containing a set of fields and submit buttons. Each field represents a user input item. For example, a text field is used to receive text information entered by a user, a check box field is used to indicate a selection among a plurality of options, a drop down list field is used to provide options for selection by the user, and so on. Each field typically has a label to describe the purpose of the field. The fields may also have verification rules for verifying that the data entered by the user is in the intended format, etc., and the user may fill in the relevant information in the form. In this embodiment scenario, the applicant needs to input application information, where the application information may include a user identifier of the target user, description information corresponding to target privacy data of the target user, and the like. The form also comprises a submit button which can be clicked by the user to submit the filled form data to the back-end application for processing. Optionally, the form may also contain other interactive elements, such as check boxes, radio boxes, file uploads, etc., to meet different needs and scenarios. For example, the applicant may apply for target privacy data of a plurality of target users, may provide a template text, may enter application information of the plurality of target users in the template file, and may upload a file for entering the application information through a file upload function.
Optionally, the applicant may be authenticated before submitting the private data access request. In practical application, a specific identity authentication method can be configured according to needs, for example, the applicant can be required to provide registered user names and passwords for verification, and one-time verification codes (such as short message verification codes, email verification codes or dynamic verification codes generated by mobile phone application programs) can be sent to the applicant so as to ensure that only legal owners can log in. Or the applicant is subjected to real-name authentication, the identity authentication methods can be used singly or in combination, and the applicable method can be determined according to the requirement and the security level of the actual data platform so as to ensure the validity and the integrity of the application, and the embodiment is not limited in this way.
Optionally, the private data of the user stored in the data platform may use the user identifier of the user as a keyword, so that an approval work order corresponding to the application request may be generated based on the application request including the user identifier of the target user and the description information corresponding to the target private data of the target user. By way of example, an application work order may be a record of a request or demand submitted by an applicant through a service agent. The service agent program is used as an intermediate agent and is responsible for receiving the application of the applicant and converting the application into an approval work order, namely, an executable task or flow. Further, the service agent program distributes the application work order to corresponding approvers or departments, and simultaneously tracks and records the state and progress of the application work order, and can monitor the processing condition of the application so as to enable the approvers to complete the approval process in a matching way.
Optionally, one or more communication modes of the approver may be preset, and the approval worksheet may be sent to the approver in a plurality of modes, including a mode of email, an instant messaging client, and the like. For example, the service agent may generate an email containing a link to the approval page and send it to the corresponding approver's mailbox. The approver can view and access the approval page in the inbox via a link. The approval worksheet can also be sent to the approver through a client supporting an instant messaging function and the like. The service agent may interface with a platform such as an enterprise intercom tool, instant messaging application, etc., and send a message containing a link to the approval page to the approver to alert the approver based on the account name of the approver.
The embodiment can also carry out approval authority authentication on the reviewer; for example, the service agent may jump to an approval authority authentication page in response to the approval page being accessed, and the specific authentication mode may be determined according to the requirements and security requirements of the organization. Such as verifying a user name and password to verify the identity of the visitor and confirm that he has approval authority. The verification can be performed in combination with other rules, and specific rules can be configured according to actual needs, which is not limited in this embodiment. The embodiment can ensure that only authorized personnel can conduct approval, and the safety and the credibility of the whole approval process are improved.
Optionally, the approval authority authentication page may include a button for triggering approval passing or a button for triggering approval failing, etc.; the method can also comprise an approval opinion box, such as a text box or a rich text editor, etc., for an approver to fill out approval opinions, and the approver can input reasons or additional descriptions of approval decisions; the approval authority authentication page can acquire the information of whether the approval work order passes the approval, the reasons of failing the approval and the like.
And responding to the approval work order to pass the approval, and acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order. The service agent program of the embodiment encrypts and stores the acquired target privacy data to an intermediate database corresponding to the service agent program so as to ensure the safety of data storage; in practical applications, an appropriate encryption algorithm may be adopted based on various factors such as the format of the private data, which is not limited in this embodiment.
In addition, the embodiment does not directly provide the target privacy data for the applicant, but instructs the applicant to download the target privacy data from the intermediate database, so that the safety of data transmission is ensured.
In practical application, the format of the target privacy data stored in the intermediate database can be flexibly configured according to the requirement. As an example, the obtained target privacy data may include user data in text format; the user data in text format includes one or more data fields.
Encrypting and storing the obtained target privacy data to an intermediate database corresponding to the service agent program may include:
encrypting one or more designated data fields in text format user data contained in the obtained target privacy data, and storing the encrypted target privacy data into an intermediate database corresponding to the service agent program.
In the embodiment, the private data is stored in a text format, so that the data in the text format is easier to understand and analyze during storage and processing, and is convenient to share and exchange between different platforms and application programs. In addition, the text-formatted user data of the present embodiment may include one or more fields. The different fields represent different attributes or information in the user data so that it can be organized and stored in a structured manner, such structured data formats making retrieval, screening and analysis of the data more convenient and efficient.
Wherein, since the user in the text format comprises a plurality of data fields, the designated data fields to be encrypted can be part of or all of the data fields in the user data in the text format.
As one example, the encryption algorithm may be AES (Advanced Encryption Standard ), which is a symmetric encryption algorithm that uses 128-bit keys for data encryption and decryption. An ECB (Electronic Codebook, advanced codebook), which is an encryption mode in AES, may also be employed. In ECB mode, the data to be encrypted may be divided into blocks, each of which is independently encrypted using the same key. PKCS5Padding (Public Key Cryptography Standards #5padding, public key cryptography standard 5 th partial pad) may also be used, where PKCS5Padding is a Padding mode that pads data blocks to meet the block size required by the encryption algorithm when the data block size does not meet the encryption algorithm requirement. PKCS5Padding fills a block of data by adding a specific byte at the end of the data, the value of the Padding byte being equal to the number of bytes that need to be padded.
In some examples, considering that the user's privacy data may include data in an image format, such as a user's identification card picture, etc., the data platform may typically store such data in a manner as Object Storage, and thus the user's privacy data stored by the data platform may include image files. In order to prevent information leakage of the image itself, the service agent program interacts with the data platform by using a binary stream of the image, i.e., an image code, so that the text format user data in this embodiment may include the text format image code corresponding to the image file. In actual implementation, the data platform may implement the capability of converting the image file into an image code in a text format, and the data platform transmits the image code to the service agent program, and the data stored in the intermediate database by the service agent program may be the image code or the encrypted image code. Because the data platform and the service agent program do not interact with the image itself but image coding, the leakage of image information can be prevented; in addition, the image code is a character string, so the image code can be used as one field of the privacy data of the user, and is not required to be independently managed with privacy information of other text formats of the user, thereby being convenient for managing the privacy data of the user in an intermediate database.
The algorithm of image coding can be configured according to requirements, such as Base64 coding and the like. Taking Base64 encoding as an example, the flow of Base64 encoding image data may be: the image file is read as binary data, which is encoded using the Base64 encoding algorithm. As an example, 3 bytes of binary data may be partitioned into 4 groups of 6 bits each, and then the 4 groups of data are converted to corresponding characters according to a Base64 character table. The encoded characters are subjected to line separation processing according to a fixed length, line wrapping symbols and the like can be added according to requirements, and the finally obtained character string is image data encoded by Base64 and can be used as a text for transmission or storage. When decoding, the corresponding Base64 decoding algorithm can be used to convert the Base64 encoded character string back to the original binary image data, and then the image is processed and displayed.
In this embodiment, the service agent may interface with the intermediate database, in some examples, the service agent may implement an interaction interface that interacts with the intermediate database, where the interaction interface may be a set of several interface methods for centrally processing operations such as connection, query, insertion, update, and deletion of the database, so as to better manage and maintain the database.
As an example, the interface method may include a data storage method, and the data storage method may include a method of performing an insert operation into a database, and may further include a method of performing an update operation into stored data in the database. The interface method may further include a data query method for querying the intermediate database for target privacy data of the user.
As can be seen from the foregoing embodiments, one or more specified data fields in the user data in text format need to be encrypted, and in some examples, when programming the program source code, the specified data fields may be encoded with encryption logic in the method definition of the data storage method. The same applies to the decryption process, and in the method definition of the data query method, codes of encryption logic are written for specified data fields. However, the method of directly embedding encryption and decryption logic in the interface method has the defects of poor code multiplexing and inflexible modification of the encryption and decryption logic.
Based on this, in other examples, the service agent of the present embodiment may piggyback a first interceptor associated with the data storage method;
encrypting one or more designated data fields in text format user data contained in the obtained target privacy data, and storing the encrypted target privacy data in an intermediate database corresponding to the service agent program, wherein the method can comprise the following steps:
Generating a first call request corresponding to a data storage method contained in the interaction interface; the first call request comprises all data fields contained in the acquired target privacy data;
submitting the first call request to the interaction interface, operating the first interceptor to intercept the first call request, identifying the appointed data field from all the data fields contained in the first call request by the interceptor, encrypting the appointed data field, then calling the data storage method, and storing the encrypted target privacy data to an intermediate database corresponding to the service agent program.
The interceptor of the present embodiment may be flexibly configured according to a programming language or the like in actual implementation. For example, an AOP (tangential plane programming) interceptor or Mybatis interceptor, etc. may be included. Taking Mybatis interceptor as an example, a user is allowed to intercept and call some appointed nodes in the execution process of the mapping statement, and key attributes in some execution processes are modified in different nodes by introducing the interceptor, so that the generation, execution and return results of SQL (Structured Query Language, a standardized language for managing a relational database system) are affected.
Alternatively, the first interceptor may be associated with the data storage method by configuring a method name of the data storage method in configuration information of the first interceptor, so that the service agent may operate the first interceptor and intercept the call request of the data storage method by the first interceptor during operation.
In this way, the first interceptor may intercept the first call request before the data storage method is invoked, and identify the specified data field from the data fields included in the request; for example, the first call request includes 3 fields: the field A, the field B and the field C identify the field C to be encrypted from the field A, the field B and the field C, the designated data field C is encrypted, then a data storage method is called, and the encrypted target privacy data (namely the field A, the field B and the encrypted field C) are stored in an intermediate database corresponding to the service agent program.
In this embodiment, instead of embedding the code of the encryption operation into the definition of the data storage method, the encryption operation of the specified data field is independent of the definition code of the data storage method, and the encryption and decryption logic may be applied to multiple interface methods without writing the same encryption and decryption code in each interface method. This can improve reusability, maintainability, and readability of the code. Moreover, the interceptor can decouple the encryption logic from the specific interface method, and can flexibly modify the encryption logic without modifying the code of the interface method, such as replacing an algorithm, modifying a parameter format and the like.
The first interceptor can identify the appointed data field from the data fields contained in the call request in various modes; for example, a specific data structure may be defined in the configuration file to store field information that needs encryption and decryption, and so on. In other examples, the parameters of the data storage method may also be implemented in the form of annotations, including all data fields of the user data in text format.
The program source code of the service agent program may include definition codes of parameters of the data storage method, and in the definition codes of the parameters of the data storage method, specified fields in all fields of the text format user data may carry preset first annotation information;
identifying, by the interceptor, the specified field from among the fields contained in the first call request may include:
the specified field carrying the first annotation information in the definition code of the parameter of the data storage method is identified by the interceptor from the respective fields contained in the first call request.
In this embodiment, it is considered that the privacy data of the user generally includes a plurality of data fields of the user data in text format, and the target privacy data applied by the applicant may be some or all of the data fields therein, and different applications may also request different data fields. Thus, parameters of the data storage method may include all data fields of user data in text format, and a call request for any target privacy data containing any data field may call the data storage method.
In the definition code of the parameters of the data storage method, the appointed field in all the fields of the user data in the text format can carry preset first annotation information. Annotations (Annography) are special syntax structures in a programming language for providing metadata, which can be applied to classes, methods, variables, and other program elements for providing additional information to a compiler, tool, or runtime environment. Annotations are represented by adding specific annotation tags in the code and using predefined or custom annotation types. Annotations do not directly affect the execution of the program, but may be used by compilers and tools to generate code, verify the correctness of the code, or perform certain operations. The programming language herein may include a language such as Java or Python that supports annotations.
As one example:
in the code, an insertMethod represents an insertion method included in a data storage method and is used for inserting privacy data of a user into a database; the parameters of the method are an entity class, in the example the entity class PersonEntity. "public class PersonEntity" represents the definition of the entity class personEntity, in the example three fields, name, age and email, are shown, these 3 fields are all designated data fields that need to be encrypted, the first annotation information carried in the code is "@ Secure", where "@" represents the annotation, "Secure" is the name of the annotation; the specific annotation names may be flexibly set in actual application according to needs, which is not limited in this embodiment. The annotation may be associated with the first interceptor, for example, annotation information "@ Secure" may be configured in the configuration information of the first interceptor so that the first interceptor may identify which fields are specified fields.
For example, assume that the first call request includes the following fields:
the code indicates that the first call request contains three field information: name, age, and email. Each field is assigned a corresponding field value. The name has a value of "John Doe", the age has a value of 25, and the email has a value of "johndoe@example.com".
The first interceptor intercepts the first call request, and may recognize that the 3 fields of name, age and email need to be encrypted, and after encrypting the field values of the 3 fields, as an example, the first call request may be changed to:
and then, a data storage method is called, and the encrypted target privacy data is stored in an intermediate database corresponding to the service agent program.
As can be seen from the above embodiments, in the manner of annotations, developers can quickly understand the intent and logic of the code, and subsequent maintenance and modification is easy. The annotation provides a flexible configuration mode, and the marking, encryption and decryption setting of parameters can be carried out according to specific requirements. The encryption and decryption logic is separated from the business logic by using the annotation, so that decoupling can be realized, and the code is clearer and maintainable. Meanwhile, the annotation can be shared and reused by a plurality of methods or classes, and repeated writing of codes related to encryption and decryption is avoided. In addition, when the appointed encryption field in the privacy data of the subsequent user is changed, the annotation information carried by the field is directly modified in the definition of the parameter, so that the modification cost is low, and the expandability is high.
Through the embodiment, the data can be stored in the intermediate database in an encrypted manner; when the applicant needs to download the private data, it is necessary to fetch and provide the decrypted private data from the database. The decryption process is similar to the encryption process, and as an example, the interactive interface may further include a data query method; the service agent may also host a second interceptor associated with the data querying method.
In response to an applicant's request for acquisition of target privacy data, the target privacy data may be queried from the intermediate database by:
generating a second call request corresponding to the data query method; the second call request contains each data field contained in the target privacy data;
submitting the second calling request to the interaction interface, operating a second interceptor, intercepting the encrypted target privacy data queried from the database after the data query method is called by the second interceptor, identifying the appointed data field from all data fields contained in the encrypted target privacy data, decrypting the appointed data field, and calling the data query method to return the decrypted target privacy data.
The second interceptor of this embodiment may also be a Mybatis interceptor. The second interceptor and the data query method are associated, namely, the method name of the data query method is configured in the configuration information of the second interceptor, so that the service agent program can operate the second interceptor in the operation process, the second interceptor firstly intercepts the queried data after the data query method queries the data from the intermediate database, then decrypts the data, and then invokes the data query method to return the decrypted data. The second interceptor is adopted to realize decryption operation, so that the reusability, maintainability and readability of codes are better, and decryption logic can be flexibly modified.
Likewise, the second interceptor may identify the specified data field from the respective data fields included in the second call request in a variety of ways; still taking notes as an example, parameters of the data query method may include all data fields of user data in text format; the program source code of the service agent program may include a definition code for parameters of the data query method, and in the definition code for parameters of the data query method, specified data fields among all data fields of the user data in text format may carry preset second annotation information.
The identifying of the specified data field from the respective data fields contained in the encrypted target privacy data may include:
and identifying the appointed data field carrying the second annotation information in the definition code of the parameter of the data query method from the data fields contained in the encrypted target privacy data.
Similar to the principle of identifying the specified data field by the first interceptor implementation, the second annotation information is added to the specified data field in the definition code of the parameters of the data query method. In practical application, the second annotation information may be the same as or different from the first annotation information, and the second interceptor may identify which fields are designated data fields based on the configured second annotation information as long as the second annotation information is configured at the second interceptor. Through the embodiment, when the appointed encryption field in the privacy data of the subsequent user is changed, the annotation information carried by the field is directly modified in the definition of the parameter, so that the modification cost is low, and the expandability is high.
In some examples, instructing the applicant to download the target privacy data from the intermediate database may include:
generating a download address corresponding to the acquired target privacy data, and sending the download address to an applicant;
triggering and executing a process of authenticating the identity of the visitor in response to receiving an access request of the download address;
and if the identity of the visitor is successfully authenticated as the applicant, providing target privacy data for the visitor to download.
As an example, the service agent may generate a download address for the acquired target privacy data, the address being associated with the acquired target privacy data. And sending the generated download address to the applicant. When the applicant wishes to download the target private data, an access request to the download address may be initiated. The service agent receives the access request and may trigger an authentication procedure to verify the identity of the visitor. For example, the applicant may be required to provide valid authentication credentials, such as a token or username password. If the identity of the visitor is successfully authenticated as the applicant, continuing to execute the next step; otherwise, access is denied and corresponding error information is returned. After successfully authenticating the identity of the applicant, the target privacy data associated with the download address can be acquired from the intermediate database, and further the target privacy data can be provided to the applicant for downloading in the form of a file or a data stream. Optionally, log records downloaded herein may also be stored, which may include user identification of the applicant, IP address of the applicant, download time, descriptive information of the target privacy data, etc.
In some examples, after the step of generating the download address corresponding to the obtained at least one piece of target privacy data, the method may further include: setting expiration time of the download address; before triggering the step of executing the process of authenticating the visitor, the method may further include: comparing the current time when the download address is accessed with the expiration time, and determining whether the download address has expired; if the message is expired, returning an error message; if not, further triggering and executing the process of identity authentication of the visitor.
In this embodiment, in order to prevent the target privacy data from being downloaded without limitation, the embodiment also sets an expiration time for the download address, and the specific expiration time may be configured as needed, which is not limited in this embodiment. Therefore, when the downloading address is accessed after expiration, an error message can be returned, so that data downloading is prevented, and the safety of the target privacy data is ensured.
In some examples, the method may further comprise: responsive to successfully authenticating the identity of the visitor as the applicant, displaying a user interface; wherein the user interface includes a presentation button that can be triggered by a user; and responding to the received trigger event of the display button, displaying the target privacy data in the user interface, and recording display time information of the target privacy data and user identification of an applicant.
In this embodiment, after the identity of the visitor is successfully authenticated as the applicant, a user interface may be further provided to display the target privacy data for the applicant to review, so as to satisfy the review requirement of the user. In order to reduce the situation that the target privacy data is revealed when being referred by other personnel during display, in this embodiment, a display button which can be triggered by a user is arranged on a user interface, the target privacy data is further displayed only when the user triggers the display button, and display time information of the target privacy data and user identification of an applicant are recorded, so that the data of the present reference behavior are recorded and stored.
As an example, as shown in fig. 1B, which is a schematic diagram of a user interface according to an exemplary embodiment of the present disclosure, a legend on an arrow in the figure is a user interface before a button is triggered, where the button may be specifically a closed-eye icon, and before the user does not trigger, a merchant name and a merchant phone in merchant information are desensitized, and specific information is not displayed temporarily; when the user activates the show button, the legend under the arrow shows the specific merchant name and merchant telephone.
In some examples, exposing the target privacy data in the user interface may include: aiming at the codes corresponding to the text formats of the target image files in the target privacy data, decoding the codes to obtain target images, adding preset watermark information to the target images, and displaying the target images in a user interface.
In order to further ensure the safety and privacy of the image, in this embodiment, for the presentation of the text format code of the target image file, a decoding algorithm corresponding to the encoding algorithm may be used first to restore the text code of the target image file to an image, watermark the decoded target image, and embed the preset watermark information into the image data. The watermark may be a text, a picture or other form of identification, which is used to mark the source, attribution or other additional information of the image, and the setting of the watermark may be specifically and flexibly implemented, which is not limited in this embodiment. The watermarked target image is presented in a user interface to enable a user to view, save or otherwise perform operations.
Next, taking a transaction platform scenario such as an electronic commerce and the like as an example, a description will be made with reference to fig. 2A and 2B; fig. 2A is a schematic diagram of functional modules of a service agent program according to an exemplary embodiment of the present disclosure, where the service agent program may include: the system comprises an access module, a flow processing module, a privacy data acquisition module, a privacy data processing module, a permission management module and a message notification module. Fig. 2B is a flow chart of another method of privacy data processing shown in this specification according to an exemplary embodiment.
(1) The access module can provide two access paths respectively aiming at an internal person and an external person;
1. internal access; i.e. the service agent may provide an application portal page; the applicant can directly fill in application information in the application entry page, and the application information can specifically include application reason information, identification information of a target user, description information of target privacy data of the target user and the like.
2. External access; the service agent program can provide an interface for developing a designated protocol on the external gateway, other platforms can call the interface of the external interactive gateway, and an applicant can submit an application on an application entry page provided by the other platforms.
(2) Flow processing module
After receiving the application request, the service agent program of the embodiment can convert the application request into an approval work order, and can discriminate the rationality of the related application in the form of an approval flow, and ensure that related data is acquired again under the condition that the approval is passed, so as to save the data of the approval work order. If the application is rejected, a reject message is returned.
(3) Privacy data acquisition module
After the approval worksheet passes the approval, the service agent program of the embodiment may be used as a data intermediate party to replace the applicant to obtain related data from one or more data platforms, in the figure, 3 data platforms are taken as an example, including but not limited to data platforms such as a member center, a client center, an authentication center, and the like. Due to different scenes of acquiring data and in order to ensure the real-time property and accuracy of data return, the embodiment can also provide two modes of synchronous and asynchronous data acquisition.
(1) The synchronous acquisition is suitable for the condition of small data volume, and can directly call an interface provided by an external data platform, and after the call is completed, the data acquisition is successful.
(2) Asynchronous acquisition is suitable for situations where the amount of data is large, such as where the applicant is about to apply for private data from a large number of merchants at a time. The privacy data of each merchant is taken as a piece of data, and each piece of data maintains a state: i.e. a status indicating whether the call was successful. By way of example in the flow, it may be:
initiating an asynchronous request: for application requests of target privacy data of each target user, an asynchronous task is created and the requests are initiated simultaneously.
Each asynchronous task is associated with a corresponding target user, whose state may be initialized to "in call".
And (3) checking states: at the next node that acquired the data, it is checked whether the state of all the data is complete.
If there is incomplete data (i.e., the status is "in call" or "call failed"), the failure is returned, and the data acquisition node is rolled back, and the propulsion is attempted again after waiting for 1 minute.
Successful data acquisition: if the status of all data is not null (i.e., the status is "call successful"), this indicates that all data has been successfully acquired.
Thus, when asynchronous processing is performed, the private data acquisition requests of a plurality of target users can be initiated simultaneously, and the state of each request is maintained. By periodically checking the status, it can be determined whether all data has been successfully invoked, thereby determining whether data acquisition is successful.
(4) Privacy data processing module
Because the data related to the embodiment comprises merchant personal information data, the data belongs to the sensitive data; the security of data needs to be ensured in the process of data storage and transmission. As an example, the data involved may include: shop name, member number, merchant name, identification card address, business license, etc. of the merchant; text data and picture data can be distinguished by category, so that corresponding processing is performed for these two different data types.
(1) Text data
Encryption: the encryption of text data in this embodiment may adopt a database encryption mode based on the combination of annotation and Mybatis interceptor as mentioned in the previous embodiment, and the encryption algorithm may use AES/ECB/PKCS5Padding or the like.
Combining Mybatis interceptor by annotation: in order to realize general database encryption, appointed notes can be added to appointed fields for encryption and decryption, general interception encryption is carried out before the insertion and updating of the database, and general interception decryption is carried out before the query of the database.
And (3) displaying: since the text data is required to be displayed at the front end, desensitization treatment is carried out on the sensitive data; the presentation button is provided in the user interface as mentioned in the previous embodiment, and the target privacy data is presented after the user triggers. Optionally, for the behavior of viewing the private data, a viewer, a viewing time, and the viewed data may also be recorded.
Validity period: after the application approval is passed, in order to prevent the data from being checked without limit, the expiration time can be set, the acquired privacy data can only be checked and downloaded in the effective time, and after expiration, the user can not check and download.
(2) Image data
The data platform stores the image file by adopting the object, in order to prevent the image data from leaking, the image data is not stored in the process of acquiring the data and interacting with the front end, and the whole process uses binary stream (namely image coding) for interaction. Therefore, the service agent program of the embodiment requests the image code in the text format corresponding to the image file from the data platform, so that the image code can be used as a data field and stored in the database in an encrypted manner by combining the annotation with the Mybatis interceptor.
When the front end is displayed, a watermarking technology can be adopted; the embodiment can provide configurable watermark setting, and can realize automatic image watermarking after configuring watermark information such as watermark content, text color, text size and the like.
(5) Message notification module
To automate the full process, real-time messaging is required to the applicant: the method comprises the steps of flow progress, approval state, approval opinion, data acquisition state, data expiration reminding, data downloading link and the like. The present embodiment provides two access modes: for internal and external, therefore, in order to ensure the notification suitability of the related message, the embodiment may also provide a message notification module adapted to multiple access modes. For example:
(1) Inlet for internal application: if the applicant is an internal person passing through the application entry page, the notification message can be pushed through the modes of an instant messaging client and the like according to the communication mode of the applicant;
(2) the external application inlet: if the applicant is an external person submitting the application through other platforms, the message middleware can be used for sending related messages in the interaction process with the external developer.
Wherein the transmitted message includes, but is not limited to: flow progress of the approval work order, approval status, approval opinion, data acquisition status, data expiration reminder, data download link, etc.
(6) Rights management module
In addition to the encryption of the data itself, the authority control of related personnel is also considered in the process of revealing the privacy data. The present embodiment may provide a variety of rights management configurations, which may include, by way of example:
(1) application rights: for the internal application entrance, the identity of the applicant can be checked, and the application can be performed after the check passes.
(2) Approval authority: for the approval of the whole application flow, the identity of an approver can be checked, and the approval can be performed after the verification is passed.
(3) Work order viewing rights: the embodiment can save the related information of the approval work order and can also provide the function of consulting the detailed information of the approval work order; therefore, for checking the application work order, the identity of a check person can be checked, and checking of work order details can be performed after the check is passed.
(4) Data download rights: for data downloading, the identity of a downloading person needs to be checked, and the related data can be downloaded after the identity passes the check.
(5) Rights whitelist: in this embodiment, a permission white list may be further set, where the permission white list may record a user identifier of an applicant, the applicant in the list may not need to be manually approved by an approver, and after the service agent program generates an approval work order, it may be determined that the user identifier of the applicant of the approval work order is recorded in the permission white list, and if yes, the service agent program may determine that the approval work order passes the approval. The scheme is suitable for specific scenes needing to obtain the private data through approval. The service agent may include a configuration portal for the rights whitelist through which records in the rights whitelist may be configured by a authorized user.
As can be seen from the foregoing embodiments, the embodiments of the present disclosure provide a service agent program that interfaces with a data platform storing private data of a user, where the service agent program agents an application request for the private data from an applicant, and the service agent program generates an approval work order corresponding to the application request, and sends the approval work order to an approver authenticated by approval authorities for approval processing, and implements automated data application and flow approval through the approval work order. Further, in order to ensure the safety of data storage, the target privacy data of the user acquired by the service agent program from the data platform is encrypted and stored in an intermediate database; in addition, the privacy data can not be actively provided for the applicant, but the applicant is instructed to download the privacy data from the intermediate database, so that the transmission safety of the data is ensured. Therefore, the embodiment realizes automatic data application, flow approval and data sharing on the premise of ensuring the safety of data storage and transmission, and greatly improves the efficiency compared with the prior artificial mail.
Corresponding to the foregoing embodiments of the private data processing method, the present specification also provides embodiments of a private data processing apparatus and a computer device to which the private data processing apparatus is applied.
The embodiments of the privacy data processing means of the present specification may be applied to a computer device, such as a server or a terminal device. The apparatus embodiments may be implemented by software, or may be implemented by hardware or a combination of hardware and software. Taking software implementation as an example, the device in a logic sense is formed by reading corresponding computer program instructions in a nonvolatile memory into a memory by a processor where the device is located. In terms of hardware, as shown in fig. 3, a hardware structure diagram of a computer device where the privacy data processing apparatus of the present disclosure is located is shown in fig. 3, and in addition to the processor 310, the memory 330, the network interface 320, and the nonvolatile memory 340 shown in fig. 3, the computer device where the privacy data processing apparatus 331 is located in the embodiment generally may further include other hardware according to the actual function of the computer device, which is not described herein again.
FIG. 4 is a block diagram of a private data processing apparatus according to an exemplary embodiment of the present disclosure, the apparatus being applied to a service agent interfacing with a data platform on which private data of a user is stored; the device comprises:
A receiving module 41 for: receiving an application request of an applicant for private data stored on a data platform; the application request comprises a user identifier of a target user and description information corresponding to target privacy data of the target user;
an approval module 42 for: responding to the received application request, generating an approval work order corresponding to the application request, and sending the approval work order to an approver authenticated by the approval authority for approval;
a storage module 43 for: and responding to the approval work order, acquiring target privacy data of a target user from the data platform according to user identification and description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating an applicant to download the target privacy data from the intermediate database.
In some examples, the obtained target privacy data includes user data in text format; the text formatted user data includes one or more data fields;
the storage module 43 is further configured to:
encrypting one or more designated data fields in text format user data contained in the obtained target privacy data, and storing the encrypted target privacy data into an intermediate database corresponding to the service agent program.
In some examples, the privacy data stored by the data platform for the user includes image files; the text formatted user data includes text formatted image encodings corresponding to the image files.
In some examples, the service agent provides an interactive interface to interact with the intermediate database; the interactive interface comprises a data storage method; the service agent program is provided with a first interceptor associated with the data storage method;
the storage module 43 is further configured to:
generating a first call request corresponding to a data storage method contained in the interaction interface; the first call request comprises all data fields contained in the acquired target privacy data;
submitting the first call request to the interaction interface, operating the first interceptor to intercept the first call request, identifying the appointed data field from all the data fields contained in the first call request by the interceptor, encrypting the appointed data field, then calling the data storage method, and storing the encrypted target privacy data to an intermediate database corresponding to the service agent program.
In some examples, the parameters of the data storage method include all data fields of user data in text format;
The program source code of the service agent program comprises definition codes of parameters of a data storage method, and specified fields in all fields of text-format user data carry preset annotation information in the definition codes of the parameters of the data storage method;
the storage module 43 is further configured to:
and identifying a specified field carrying preset annotation information in the definition code of the parameters of the data storage method from the fields contained in the first call request by the interceptor.
In some examples, the interactive interface includes a data query method; the service agent program is also provided with a second interceptor associated with the data query method;
a query module for: in response to an applicant's request for acquisition of target privacy data, the target privacy data is queried from the intermediate database by:
generating a second call request corresponding to the data query method; the second call request contains each data field contained in the target privacy data;
submitting the second calling request to the interaction interface, operating a second interceptor, intercepting the encrypted target privacy data queried from the database after the data query method is called by the second interceptor, identifying the appointed data field from all data fields contained in the encrypted target privacy data, decrypting the appointed data field, and calling the data query method to return the decrypted target privacy data.
In some examples, the parameters of the data query method include all data fields of user data in text format;
the program source code of the service agent program comprises a definition code of parameters of the data query method, and specified data fields in all data fields of user data in a text format carry preset annotation information in the definition code of the parameters of the data query method;
the query module is further used for:
and identifying the appointed data field carrying preset annotation information in the definition code of the parameters of the data query method from each data field contained in the encrypted target privacy data.
In some examples, the first interceptor comprises a Mybatis interceptor and the second interceptor comprises a Mybatis interceptor.
In some examples, the storage module 43 is further configured to:
generating a download address corresponding to the acquired at least one item of target privacy data, and sending the download address to an applicant;
triggering and executing a process of authenticating the identity of the visitor in response to receiving an access request of the download address;
and if the identity of the visitor is successfully authenticated as the applicant, providing target privacy data for the visitor to download.
In some examples, the storage module 43 is further configured to:
Setting expiration time of the download address after the step of generating the download address corresponding to the acquired at least one item of target private data;
before triggering the step of executing the process of authenticating the identity of the visitor, comparing the current time when the download address is accessed with the expiration time, and determining whether the download address has expired;
if the message is expired, returning an error message;
if not, further triggering and executing the process of identity authentication of the visitor.
In some examples, the apparatus further comprises a presentation module to:
responsive to successfully authenticating the identity of the visitor as the applicant, displaying a user interface; wherein the user interface includes a presentation button that can be triggered by a user;
and responding to the received trigger event of the display button, displaying the target privacy data in the user interface, and recording display time information of the target privacy data and user identification of an applicant.
In some examples, the presentation module is further to:
aiming at the codes corresponding to the text formats of the target image files in the target privacy data, decoding the codes to obtain target images, adding preset watermark information to the target images, and displaying the target images in a user interface.
The implementation process of the functions and roles of each module in the above privacy data processing apparatus is specifically detailed in the implementation process of the corresponding steps in the above privacy data processing method, and will not be described herein again.
Accordingly, the present embodiments also provide a computer program product comprising a computer program which, when executed by a processor, implements the steps of the foregoing embodiments of the method for processing private data.
Accordingly, the embodiments of the present disclosure further provide a computer device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the steps of the embodiments of the method for processing private data are implemented when the processor executes the program.
Accordingly, the present embodiments also provide a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the private data processing method embodiments.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, in which the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purposes of the present description. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The above embodiments may be applied to one or more computer devices, which are devices capable of automatically performing numerical calculation and/or information processing according to instructions set or stored in advance, and the hardware of the computer devices include, but are not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, and the like.
The computer device may be any electronic product that can interact with a user in a human-machine manner, such as a personal computer, tablet, smart phone, personal digital assistant (Personal Digital Assistant, PDA), gaming machine, interactive web television (Internet Protocol Television, IPTV), smart wearable device, etc.
The computer device may also include a network device and/or a user device. Network devices include, but are not limited to, a single network server, a server group of multiple network servers, or a Cloud based Cloud Computing (Cloud Computing) composed of a large number of hosts or network servers.
The network in which the computer device is located includes, but is not limited to, the internet, a wide area network, a metropolitan area network, a local area network, a virtual private network (Virtual Private Network, VPN), and the like.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The above steps of the methods are divided, for clarity of description, and may be combined into one step or split into multiple steps when implemented, so long as they include the same logic relationship, and they are all within the protection scope of this patent; it is within the scope of this application to add insignificant modifications to the algorithm or flow or introduce insignificant designs, but not to alter the core design of its algorithm and flow.
Where a description of "a specific example", or "some examples", etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present description. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Other embodiments of the present description will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This specification is intended to cover any variations, uses, or adaptations of the specification following, in general, the principles of the specification and including such departures from the present disclosure as come within known or customary practice within the art to which the specification pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the specification being indicated by the following claims.
It is to be understood that the present description is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present description is limited only by the appended claims.
The foregoing description of the preferred embodiments is provided for the purpose of illustration only and is not intended to limit the scope of the disclosure, since any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the disclosure are intended to be included within the scope of the disclosure.

Claims (15)

1. A method of processing private data, the method being applied to a service agent interfacing with a data platform on which private data of a user is stored; the method comprises the following steps:
Receiving an application request of an applicant for private data stored on the data platform; the application request comprises a user identifier of a target user and description information corresponding to target privacy data of the target user;
generating an approval work order corresponding to the application request in response to the received application request, and sending the approval work order to an approver passing approval authority authentication for approval processing;
and responding to the approval work order passing approval, acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating the applicant to download the target privacy data from the intermediate database.
2. The method of claim 1, the obtained target privacy data comprising user data in text format; the text formatted user data includes one or more data fields;
the encrypting and storing the obtained target privacy data in an intermediate database corresponding to the service agent program comprises the following steps:
Encrypting one or more designated data fields in text format user data contained in the obtained target privacy data, and storing the encrypted target privacy data into an intermediate database corresponding to the service agent program.
3. The method of claim 2, wherein the privacy data of the user stored by the data platform comprises an image file; the text formatted user data includes a text formatted image encoding corresponding to the image file.
4. The method of claim 2, the service agent providing an interaction interface to interact with the intermediate database; wherein the interactive interface comprises a data storage method; the service agent program is provided with a first interceptor associated with the data storage method;
encrypting one or more designated data fields in text format user data contained in the obtained target privacy data, and storing the encrypted target privacy data in an intermediate database corresponding to the service agent program, wherein the method comprises the following steps:
generating a first call request corresponding to a data storage method contained in the interactive interface; the first call request comprises all data fields contained in the acquired target privacy data;
Submitting the first call request to the interactive interface, operating the first interceptor to intercept the first call request, identifying designated data fields from all data fields contained in the first call request by the first interceptor, encrypting the designated data fields, then calling the data storage method, and storing the encrypted target privacy data to an intermediate database corresponding to the service agent program.
5. The method of claim 4, the parameters of the data storage method comprising all data fields of the text formatted user data;
the program source code of the service agent program comprises definition codes of parameters of the data storage method, and in the definition codes of the parameters of the data storage method, appointed fields in all fields of the user data in the text format carry preset first annotation information;
the identifying, by the interceptor, a specified field from among the fields contained in the first call request, including:
and identifying a specified field carrying the first annotation information in a definition code of a parameter of the data storage method from various fields contained in the first call request by the interceptor.
6. The method of claim 4, the interactive interface comprising a data query method; the service agent program is further provided with a second interceptor associated with the data query method;
the method comprises the following steps:
in response to the applicant's request for obtaining the target privacy data, querying the target privacy data from the intermediate database by:
generating a second call request corresponding to the data query method; the second call request comprises each data field contained in the target privacy data;
submitting the second call request to the interactive interface, operating the second interceptor, intercepting the encrypted target privacy data queried from the database by the second interceptor after the data query method is called, identifying designated data fields from all data fields contained in the encrypted target privacy data, decrypting the designated data fields, and calling the data query method to return the decrypted target privacy data.
7. The method of claim 6, the parameters of the data query method comprising all data fields of the text formatted user data;
The program source code of the service agent program comprises definition codes of parameters of the data query method, and in the definition codes of the parameters of the data query method, appointed data fields in all data fields of the text format user data carry preset second annotation information;
the identifying the designated data field from the data fields contained in the encrypted target privacy data comprises the following steps:
and identifying the appointed data field carrying the second annotation information in the definition code of the parameter of the data query method from the data fields contained in the encrypted target privacy data.
8. The method of claim 7, the first interceptor comprising a Mybatis interceptor and the second interceptor comprising a Mybatis interceptor.
9. A method according to claim 3, said instructing the applicant to download the target privacy data from the intermediate database, comprising:
generating a download address corresponding to the acquired target privacy data, and sending the download address to the applicant;
triggering and executing a process of authenticating the identity of the visitor in response to receiving the access request of the download address;
And if the identity of the visitor is successfully authenticated as the applicant, providing the target privacy data for the visitor to download.
10. The method of claim 9, after the step of generating a download address corresponding to the acquired at least one item of target privacy data, the method further comprising:
setting the expiration time of the download address;
before the step of triggering the execution of the process of authenticating the visitor, the method further comprises:
comparing the current time when the download address is accessed with the expiration time, and determining whether the download address has expired;
if the message is expired, returning an error message;
if not, further triggering and executing the process of identity authentication of the visitor.
11. The method of claim 9, the method further comprising:
responsive to successfully authenticating the identity of the visitor as the applicant, displaying a user interface; wherein the user interface comprises a presentation button that can be triggered by a user;
and responding to the trigger event of the display button, displaying the target privacy data in the user interface, and recording display time information of the target privacy data and the user identification of the applicant.
12. The method of claim 11, exposing the target privacy data in the user interface, comprising:
and aiming at the code corresponding to the text format of the target image file in the target privacy data, decoding the code to obtain a target image, adding preset watermark information to the target image, and displaying the target image in the user interface.
13. A private data processing apparatus for use in a service agent interfacing with a data platform on which private data of a user is stored; the device comprises:
a receiving module for: receiving an application request of an applicant for private data stored on the data platform; the application request comprises a user identifier of a target user and description information corresponding to target privacy data of the target user;
an approval module for: generating an approval work order corresponding to the application request in response to the received application request, and sending the approval work order to an approver passing approval authority authentication for approval processing;
a storage module for: and responding to the approval work order passing approval, acquiring target privacy data of the target user from the data platform according to the user identification and the description information contained in the approval work order, encrypting and storing the acquired target privacy data to an intermediate database corresponding to the service agent program, and indicating the applicant to download the target privacy data from the intermediate database.
14. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the method of any of claims 1 to 12 when the computer program is executed.
15. A computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method of any of claims 1 to 12.
CN202311008831.9A 2023-08-10 2023-08-10 Private data processing method, device, computer equipment and storage medium Pending CN117113392A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311008831.9A CN117113392A (en) 2023-08-10 2023-08-10 Private data processing method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311008831.9A CN117113392A (en) 2023-08-10 2023-08-10 Private data processing method, device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117113392A true CN117113392A (en) 2023-11-24

Family

ID=88793958

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311008831.9A Pending CN117113392A (en) 2023-08-10 2023-08-10 Private data processing method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117113392A (en)

Similar Documents

Publication Publication Date Title
US10454906B1 (en) Systems and methods for encryption and authentication
US11475403B2 (en) Distributed ledger certification
US11132464B2 (en) Security systems and methods for encoding and decoding content
US11132463B2 (en) Security systems and methods for encoding and decoding digital content
KR102514325B1 (en) Model training system and method, storage medium
US11038677B2 (en) Systems and methods for encryption and authentication
US10404471B1 (en) Secure ledger assurance tokenization
US8539231B1 (en) Encryption key management
KR101591255B1 (en) Differential client-side encryption of information originating from a client
CN108537314A (en) Product marketing system and method based on Quick Response Code
JP5160205B2 (en) Method and system for file transfer management
US11841960B1 (en) Systems and processes for providing secure client controlled and managed exchange of data between parties
CA3103222C (en) Security systems and methods for encoding and decoding digital content
CN108900472B (en) Information transmission method and device
CN114265577A (en) Service data processing method and device, computer equipment and storage medium
US20190164201A1 (en) Trustworthy review system and method for legitimizing a review
CN117113392A (en) Private data processing method, device, computer equipment and storage medium
CN113255005B (en) Block chain-based data asset circulation method, device and equipment
CN116938472A (en) Digital certificate processing method, device, equipment and storage medium
CN118018265A (en) Login authentication method and device based on NFT, electronic equipment and storage medium
CN114760063A (en) Home decoration data processing method, system, storage medium and equipment
CN115994043A (en) Data processing method, device, computer readable medium and electronic equipment
CN116611093A (en) Method and equipment for authorizing use of database resources
CN117955698A (en) Swagger-based call request authentication method and swagger-based call request authentication device
CN115150123A (en) Method for providing data access and storage service based on block chain and related product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination