CN117931861A - Service processing method and device - Google Patents
Service processing method and device Download PDFInfo
- Publication number
- CN117931861A CN117931861A CN202310900415.3A CN202310900415A CN117931861A CN 117931861 A CN117931861 A CN 117931861A CN 202310900415 A CN202310900415 A CN 202310900415A CN 117931861 A CN117931861 A CN 117931861A
- Authority
- CN
- China
- Prior art keywords
- information
- data mapping
- identified
- sensitive
- mapping rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title abstract description 12
- 238000013506 data mapping Methods 0.000 claims abstract description 156
- 238000013503 de-identification Methods 0.000 claims abstract description 83
- 238000012545 processing Methods 0.000 claims abstract description 80
- 238000000034 method Methods 0.000 claims abstract description 46
- 230000008569 process Effects 0.000 claims abstract description 12
- 238000012216 screening Methods 0.000 claims description 24
- 238000000586 desensitisation Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000000977 initiatory effect Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 241000533950 Leucojum Species 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Abstract
The disclosure relates to a service processing method and device, wherein the method comprises the following steps: receiving service request information, determining sensitive information in the service request information, and determining de-identification information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information; and carrying out service processing according to the de-identification information. Through the technical scheme, de-identification information corresponding to the sensitive information in the service request information can be determined based on the preset data mapping rule, and service processing is performed according to the de-identification information. Because no sensitive information exists in the de-identified information, the problem of sensitive information leakage in the service processing process can be avoided, and the information security in the service processing process is improved.
Description
Technical Field
The disclosure relates to the technical field of data processing, and in particular relates to a service processing method and device.
Background
Some sensitive information such as name, telephone, home address, bank account number or identification card number is generally present in the service request information. Leakage of service request information may cause leakage of sensitive information, and information security in a service processing process cannot be guaranteed.
Disclosure of Invention
In order to overcome the problems in the related art, the present disclosure provides a service processing method and apparatus.
According to a first aspect of an embodiment of the present disclosure, there is provided a service processing method, including:
receiving service request information;
Determining sensitive information in the service request information, and determining de-identification information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information;
and carrying out service processing according to the de-identification information.
Optionally, the method further comprises:
After business processing is carried out according to the de-identification information, determining the sensitive information based on the data mapping rule and the de-identification information;
and outputting the sensitive information and the service processing result.
Optionally, the data mapping rule is used for characterizing a correspondence between the identity token of the sensitive information and the de-identified information, and the determining the de-identified information based on the preset data mapping rule and the sensitive information includes:
Determining an identity token of the sensitive information;
And determining the de-identification information according to the identity token and the data mapping rule.
Optionally, the determining de-identifying information based on the preset data mapping rule and the sensitive information includes:
Inquiring the de-identified information in a first storage system according to the sensitive information and the data mapping rule;
When the de-identified information is not queried in the first storage system, querying the de-identified information in a second storage system according to the sensitive information and the data mapping rule;
and when the de-identified information is not queried in the second storage system, querying the de-identified information in a third storage system according to the sensitive information and the data mapping rule.
Optionally, the method further comprises:
when the de-identified information is not queried in the third storage system, randomly generating pseudo information of the sensitive information, and determining the pseudo information as the de-identified information of the sensitive information;
And generating the data mapping rule according to the de-identification information and the sensitive information, and storing the data mapping rule in the third storage system.
Optionally, the determining the sensitive information based on the data mapping rule and the de-identifying information includes:
Inquiring the sensitive information in a first storage system according to the de-identification information and the data mapping rule;
when the sensitive information is not queried in the first storage system, querying the sensitive information in the second storage system according to the de-identification information and the data mapping rule;
and when the sensitive information is not queried in the second storage system, querying the sensitive information in the third storage system according to the de-identification information and the data mapping rule.
Optionally, the first storage system is a local cache system, the second storage system is a centralized cache system, and the third storage system is a database.
Optionally, the service request information is remote control vehicle information, and the determining the sensitive information in the service request information includes:
determining user information and vehicle information in the remote control information;
Screening the user information based on a first preset screening rule to obtain target user information, and screening the vehicle information based on a second preset screening rule to obtain target vehicle information;
the determining de-identification information based on the preset data mapping rule and the sensitive information comprises the following steps:
determining de-identified user information based on the data mapping rules and the target user information, and determining de-identified vehicle information based on the data mapping rules and the target vehicle information;
the business processing according to the de-identification information comprises the following steps:
And carrying out service processing according to the de-identified user information and the de-identified vehicle information.
Optionally, the performing service processing according to the de-identified user information and the de-identified vehicle information includes:
Determining the target user information according to the data mapping rule and the de-identified user information, and determining the target vehicle information according to the data mapping rule and the de-identified vehicle information;
Determining a target vehicle according to the target user information and the target vehicle information;
And controlling the target vehicle.
According to a second aspect of embodiments of the present disclosure, there is provided a service processing apparatus, the apparatus comprising:
A receiving module configured to receive service request information;
The first determining module is configured to determine sensitive information in the service request information and determine de-identification information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information;
And the processing module is configured to perform service processing according to the de-identification information.
Optionally, the apparatus further comprises:
The second determining module is configured to determine the sensitive information based on the data mapping rule and the de-identification information after performing service processing according to the de-identification information;
and the output module is configured to output the sensitive information and the service processing result.
Optionally, the data mapping rule is used for characterizing a correspondence between the identity token of the sensitive information and the de-identified information, and the first determining module includes:
a first determination unit configured to determine an identity token of the sensitive information;
and a second determining unit configured to determine the de-identification information according to the identity token and the data mapping rule.
Optionally, the first determining module includes:
A third determining unit configured to query the de-identified information at the first storage system according to the sensitive information and the data mapping rule;
a fourth determining unit configured to query the de-identified information at a second storage system according to the sensitive information and the data mapping rule when the de-identified information is not queried at the first storage system;
and a fifth determining unit configured to query the de-identified information at a third storage system according to the sensitive information and the data mapping rule when the de-identified information is not queried at the second storage system.
Optionally, the apparatus further comprises:
a generation module configured to randomly generate dummy information of the sensitive information and determine the dummy information as the de-identified information of the sensitive information when the de-identified information is not queried in the third storage system;
And the storage module is configured to generate the data mapping rule according to the de-identification information and the sensitive information and store the data mapping rule in the third storage system.
Optionally, the second determining module includes:
A sixth determining unit configured to query the sensitive information at the first storage system according to the de-identified information and the data mapping rule;
A seventh determining unit configured to query the sensitive information at a second storage system according to the de-identified information and the data mapping rule when the sensitive information is not queried at the first storage system;
And an eighth determining unit configured to query the sensitive information at a third storage system according to the de-identified information and the data mapping rule when the sensitive information is not queried at the second storage system.
Optionally, the first storage system is a local cache system, the second storage system is a centralized cache system, and the third storage system is a database.
Optionally, the service request information is remote control vehicle information, and accordingly, the first determining module is configured to: determining user information and vehicle information in the remote control information, screening the user information based on a first preset screening rule to obtain target user information, and screening the vehicle information based on a second preset screening rule to obtain target vehicle information;
The processing module is configured to: and carrying out service processing according to the de-identified user information and the de-identified vehicle information.
Optionally, the processing module includes:
A ninth determining unit configured to determine the target user information according to the data mapping rule and the de-identified user information, and determine the target vehicle information according to the data mapping rule and the de-identified vehicle information;
a tenth determination unit configured to determine a target vehicle based on the target user information and the target vehicle information;
And a control unit configured to control the target vehicle.
The technical scheme provided by the embodiment of the disclosure can comprise the following beneficial effects:
According to the technical scheme, de-identification information corresponding to the sensitive information in the service request information can be determined based on the preset data mapping rule, and service processing is performed according to the de-identification information. Because no sensitive information exists in the de-identified information, the problem of sensitive information leakage in the service processing process can be avoided, and the information security in the service processing process is improved. In addition, the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identification information, so that the de-identification information can be quickly obtained according to the data mapping rule and the sensitive information in the service request information, and the service processing efficiency is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a flow chart illustrating a method of traffic handling according to an exemplary embodiment;
FIG. 2 is a timing diagram illustrating a method of traffic handling according to an example embodiment;
FIG. 3 is a timing diagram illustrating another method of traffic processing according to an example embodiment;
FIG. 4 is a block diagram of a business processing device, according to an example embodiment;
fig. 5 is a block diagram of another service processing apparatus according to an exemplary embodiment.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
It should be noted that, all actions for acquiring signals, information or data in the present disclosure are performed under the condition of conforming to the corresponding data protection rule policy of the country of the location and obtaining the authorization given by the owner of the corresponding device.
As mentioned in the background art, some sensitive information generally exists in the service request information, for example, in the government field, the service request information may include sensitive information such as identity and household account; in the field of telecommunications, the service request information may include sensitive information such as a mobile phone number, a call record, a network flow, etc.; in the financial field, the business request information may include personal account information of financial customers, transaction records, and other sensitive information. Therefore, the disclosure of the service request information may cause disclosure of sensitive information, and the information security in the service processing process cannot be ensured.
In view of this, an embodiment of the present disclosure provides a service processing method and apparatus, which determines de-identification information corresponding to sensitive information in service request information through a preset data mapping rule, and performs service processing according to the de-identification information. Because no sensitive information exists in the de-identified information, the problem of sensitive information leakage in the service processing process can be avoided, and the information security in the service processing process is improved. In addition, the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identification information, so that the de-identification information can be quickly obtained according to the data mapping rule and the sensitive information in the service request information, and the service processing efficiency is improved.
Embodiments of the present disclosure are further explained below with reference to the drawings.
Fig. 1 is a flowchart illustrating a service processing method according to an exemplary embodiment, which may include steps S101-S103 as shown in fig. 1.
In step S101, service request information is received.
It should be understood that, according to the difference of the service request information, the received service request information may be the service request information sent by the terminal device, or may not be the service request information sent by the terminal device, which is not limited in any way by the embodiments of the present disclosure.
In step S102, sensitive information in the service request information is determined, and de-identification information is determined based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information.
It should be understood that sensitive information refers to personal, institutional or organizational data that has particular properties, privacy or risks. Such as name, home address, phone number, identification number, bank account information, medical health records, business confidentiality, corporate financial data, and the like. Accordingly, the sensitive information in the service request information may be a phone number, an identification card number, or bank account information of the user, which may be specifically determined according to the actual service request information, which is not limited in any way by the embodiments of the present disclosure.
It should further be appreciated that different types of sensitive information may correspond to different data formats. For example, the data format corresponding to the phone number may be: * The information format corresponding to the bank account number is as follows: * ******************. Therefore, in a possible implementation manner, a plurality of target data formats may be preset, each target data format corresponds to a data format of one type of sensitive information, whether the sensitive information exists in the service request information is determined by determining whether the target data format exists in the service request information, and when the target data format exists in the service request information, information corresponding to the target data format in the service request information is extracted to obtain the sensitive information.
It should also be understood that the sensitive information may generally include prompt content and sensitive content, and different types of sensitive information may correspond to different prompt content. For example, when the sensitive information is a phone number, the prompt content corresponding to the sensitive information may be a "phone number", and when the sensitive information is a bank account, the prompt content corresponding to the sensitive information may be a "bank account". Therefore, in a possible implementation manner, a plurality of target data fields for representing prompt contents may be preset, and it is provided that whether the service request information has sensitive information is determined by identifying that the service request information has the target data field, and when the service request information has the target data field, sensitive contents corresponding to the target data field in the service request information are extracted to obtain the sensitive information.
After the sensitive information is acquired, in order to avoid the leakage of the sensitive information caused by the fact that a log module in a service system records the sensitive information when the service system performs service processing according to service request information, the sensitive information can be subjected to data desensitization processing, and de-identified information after the sensitive information is removed is obtained.
The data desensitization processing is performed on the sensitive information, which can be processed based on a data desensitization method in the related technology, or based on an improved data desensitization method, and the embodiment of the disclosure does not limit the processing at all. For example, when the sensitive information in the service request information is female, data desensitization of the sensitive information may be achieved based on the manner of data substitution. Namely: the female in the service request information may be replaced with the letter F. For another example, when the sensitive information in the service request information is a sequence, data desensitization of the sensitive information may be implemented based on a data mask. That is, sequences may be converted to sequences xxxxx.
In this embodiment, in order to improve the data desensitization efficiency, a data preset rule for representing the corresponding relationship between the sensitive information and the de-identification information is preset, so that after the sensitive information is acquired, the corresponding de-identification information can be quickly acquired according to the sensitive information and the data preset rule.
The data preset rule for representing the corresponding relation between the sensitive information and the de-identified information can be set according to the actual situation, and the embodiment of the disclosure does not limit the corresponding relation.
In a possible implementation manner, in order to avoid leakage of the data preset rule, which causes leakage of the sensitive information, the data mapping rule may be used to characterize a correspondence between the identity token of the sensitive information and the de-identified information. Accordingly, the determining de-identifying information based on the preset data mapping rule and the sensitive information may include:
Determining an identity token of the sensitive information; and determining the de-identification information according to the identity token and the data mapping rule.
It should be appreciated that the identity token (idToken) of the sensitive information may be generated based on the identity token generation method in the related art, or may be generated based on an improved identity token generation method, which is not limited in any way by the embodiments of the present disclosure. In a possible implementation, the identity token of the sensitive information may be generated based on a secure hash algorithm (SHA-256) in the related art, or based on a symmetric encryption and decryption method in the related art.
It should be further understood that the representation of the data mapping rule may be set in actual situations, and the embodiments of the present disclosure do not impose any limitation on this. In a possible implementation, the data mapping rule may be expressed as: { identity token of sensitive information, de-identified information }, or may be expressed as: identity token for sensitive information: de-identifying the information. The order of the identity token of the sensitive information and the de-identification information in the data mapping rule can also be set according to the actual situation, and the embodiment of the disclosure does not limit the sequence.
In addition, it should be understood that, because the data mapping rule characterizes the corresponding relationship between the identity token of the sensitive information and the de-identified information, when the data mapping rule is leaked, the sensitive information cannot be obtained according to the data mapping rule, so that the risk of leakage of the sensitive information caused by the leakage of the data mapping rule can be avoided, and the confidentiality and the security of the sensitive information are improved.
In a possible implementation manner, in order to further increase the speed of acquiring the de-identified information, after the sensitive information is acquired, the query of the de-identified information may be performed in the storage system with the first access speed according to the sensitive information and the data mapping rule, if the de-identified information is not queried, the query of the de-identified information is performed in the storage system with the second access speed according to the sensitive information and the data mapping rule, and if the de-identified information is not queried, the query of the de-identified information is performed in the storage system with the third access speed according to the sensitive information and the data mapping rule. Wherein the first access speed is greater than the second access speed, and the second access speed is greater than the third access speed. That is, the determining de-identifying information based on the preset data mapping rule and the sensitive information may include:
inquiring the de-identified information in a first storage system according to the sensitive information and the data mapping rule; when the de-identified information is not queried in the first storage system, querying the de-identified information in a second storage system according to the sensitive information and the data mapping rule; and when the de-identified information is not queried in the second storage system, querying the de-identified information in a third storage system according to the sensitive information and the data mapping rule.
Correspondingly, when the data mapping rule is used for representing the corresponding relation between the identity token of the sensitive information and the de-identification information, the de-identification information is determined based on the preset data mapping rule and the sensitive information, as shown in fig. 2, after the sensitive information is acquired, the identity token of the sensitive information is firstly generated, namely idToken, then the de-identification information is queried in the first storage system by using idToken and the data mapping rule, and if the de-identification information is queried, the de-identification information is output; if no de-identification information is queried, querying the de-identification information in a second storage system by using idToken and a data mapping rule, and if the de-identification information is queried, outputting the de-identification information; if no de-identification information is queried, querying the de-identification information in a third storage system by using idToken and a data mapping rule, and if the de-identification information is queried, outputting the de-identification information.
It should be understood that the determination of different levels of storage systems based on access speed is illustrative only and is not limiting of the present solution. In a possible implementation, different levels of storage systems may also be determined according to storage capacity. For example, a storage system having a first storage capacity is determined as a first storage system, a storage system having a second storage capacity is determined as a second storage system, a storage system having a third storage capacity is determined as a third storage system, and the first storage capacity is less than the second storage capacity, and the second storage capacity is less than the third storage capacity. Therefore, the query time of the first storage system and the second storage system can be reduced, and the speed of acquiring the de-identified information is improved.
In a possible embodiment, as shown in fig. 2, the method may further include:
When the de-identified information is not queried in the third storage system, randomly generating pseudo information of the sensitive information, and determining the pseudo information as the de-identified information of the sensitive information; and generating the data mapping rule according to the de-identification information and the sensitive information, and storing the data mapping rule in the third storage system.
It should be understood that the pseudo information may be a set of information randomly generated according to the characteristics and patterns of the sensitive information, and the random generation process may be based on a pseudo information generation method in the related art or may be based on an improved pseudo information generation method, which is not limited in any way by the embodiments of the present disclosure. In a possible implementation, the pseudo information of the sensitive information may be randomly generated based on a snowflake algorithm.
It should further be understood that the characteristics of the sensitive information refer to the properties, characteristics or sets of properties of the sensitive information itself. For example, the characteristics of the sensitive information may include name, age, gender, height, weight, home address, etc. Patterns of sensitive information refer to rules or laws that are organized, distributed, generated, or described based on features, and the like.
It should also be appreciated that at the same time, there may be multiple sensitive information that need to generate dummy information, in order to avoid resource conflict problems, i.e., the problem that one dummy information corresponds to multiple sensitive information. In a possible implementation manner, a distributed lock mechanism may be further provided, as shown in fig. 2, so that the distributed lock mechanism ensures that corresponding pseudo information is generated for only one sensitive information at the same time, thereby avoiding the problems of resource conflict and inconsistent data.
In addition, it should be understood that by storing the generated data mapping rule in the third storage system, when the sensitive information is obtained later, the corresponding de-identified information can be directly queried from the third storage system according to the sensitive information and the generated data mapping rule, so that the speed of obtaining the de-identified information is improved.
In a possible implementation manner, the first storage system may be a local cache system, the second storage system may be a centralized cache system, and the third storage system may be a database.
It should be appreciated that the data in the local cache system is typically located in the memory of the application, so the access speed is very fast. The data of the centralized caching system is usually located at the server side of the application program, and the data transmission needs to be performed through a network, so that a certain delay may be caused relative to the local caching system. Data in databases is typically stored on disk and disk access is slow, and therefore there is a high latency relative to local and centralized caching systems. Therefore, in this embodiment, the local cache system with a very fast access speed is set as the first storage system, the centralized cache system with a relatively fast access speed is set as the second storage system, the database with a relatively slow access speed is set as the third storage system, and the speed of acquiring the first de-identified information is increased by the three-level cache mode.
In step S103, service processing is performed according to the de-identification information.
In summary, according to the above technical solution, de-identification information corresponding to the sensitive information in the service request information may be determined based on a preset data mapping rule, and service processing may be performed according to the de-identification information. Because no sensitive information exists in the de-identified information, the problem of sensitive information leakage in the service processing process can be avoided, and the information security in the service processing process is improved. In addition, the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identification information, so that the de-identification information can be quickly obtained according to the data mapping rule and the sensitive information in the service request information, and the service processing efficiency is improved.
It should be understood that the log module in the service system typically records data or data processing procedures in the service system, so as to avoid leakage of sensitive information caused by the log module in the service system recording sensitive information in service requests and/or processing procedures of the sensitive information. In a possible implementation, step S101 and step S102 may be performed by the gateway, and step S103 is performed by the service system. That is, the gateway may receive the service request information, desensitize the sensitive information in the service request information to obtain de-identified information after the sensitive information is removed, and then send the de-identified information to the service system, where the service system performs corresponding service processing according to the de-identified information.
The gateway may be a hardware gateway or a software gateway, which is not limited in any way by the embodiments of the present disclosure. If the gateway is a software gateway, the gateway can be arranged at the cloud end or at the terminal equipment.
It should be understood that, after performing service processing, the service system may further output the service processing result to the terminal device that receives the service processing result in order to feed back the service processing result to the service request initiating terminal or transmit the service processing result to the terminal device that responds to the service processing result. Meanwhile, in order to make the terminal device receiving the service processing result clear the object corresponding to the service processing result, the service system can restore the de-identification information into sensitive information and transmit the sensitive information to the terminal device receiving the service processing result together with the service processing result. That is, according to one embodiment of the present disclosure, the method may further include:
After business processing is carried out according to the de-identification information, determining the sensitive information based on the data mapping rule and the de-identification information; and outputting the sensitive information and the service processing result.
It should be understood that the data mapping rules for determining the sensitive information may be the same as or different from the data mapping rules for determining the de-identified information, and the embodiments of the present disclosure are not limited in any way. In order to avoid that the log module of the service system records the sensitive information when the service system restores the de-identified information into the sensitive information, the data mapping rule for determining the sensitive information is different from the data mapping rule for determining the de-identified information. For ease of distinction, the data mapping rule for determining the de-identified information is represented by a first data mapping rule and the data mapping rule for determining the sensitive information is represented by a second data mapping rule.
In a possible embodiment, the second data mapping rule is used to characterize a correspondence between de-identified information and encryption sensitive information. The encryption sensitive information is information obtained after the sensitive information is encrypted, and accordingly, the determining the sensitive information based on the data mapping rule and the de-identification information may include: and determining encryption sensitive information according to the de-identification information and the second data mapping rule.
It should be understood that the encrypted sensitive information may be obtained by encrypting the sensitive information based on the encryption method in the related art, or may be obtained by encrypting the sensitive information based on the improved encryption method, which is not limited in any way by the embodiments of the present disclosure. In a possible implementation manner, the sensitive information may be encrypted based on a symmetric encryption algorithm in the related art to obtain encrypted sensitive information, or the sensitive information may be encrypted based on an asymmetric encryption and decryption method in the related art to obtain encrypted sensitive information.
It should be further understood that the representation of the second data mapping rule may be set in actual situations, which is not subject to any limitation by the embodiments of the present disclosure. In a possible implementation, the second data mapping rule may be expressed as: { encryption sensitive information, de-identified information }, or may be expressed as: encrypt sensitive information + de-identify information. The order of the de-identifying information and the encryption sensitive information in the second data mapping rule may also be set according to the actual situation, which is not limited in any way by the embodiments of the present disclosure.
In addition, it should be understood that, because the second data mapping rule characterizes the corresponding relationship between the encrypted sensitive information and the de-identified information, when the second data mapping rule is leaked, the sensitive information cannot be obtained according to the second data mapping rule, so that the risk of leakage of the sensitive information caused by leakage of the second data mapping rule can be avoided, and confidentiality and security of the sensitive information are improved.
In a possible implementation manner, in order to reduce the storage amount of the data mapping rule and improve the conversion efficiency of the sensitive information and the de-identification information, the first data mapping rule and the second data mapping rule may be combined into the same data mapping rule. Meanwhile, in order to avoid the leakage of sensitive information caused by the leakage of the data mapping rule, the data mapping rule can be used for representing the corresponding relation among the identity token of the sensitive information, the de-identified information and the encrypted sensitive information. Accordingly, the query of de-identified information, sensitive information and the generation of data mapping rules when the third storage system does not have sensitive information according to the data mapping rules may be referred to above in the description related to fig. 4, and will not be described herein.
It should be understood that the representation of the data mapping rule may be set according to the actual situation, which is not limited in any way by the embodiments of the present disclosure. In a possible implementation, the data mapping rule may be expressed as: identity token of sensitive information + de-identified information + encrypted sensitive information, or may be expressed as: identity token of sensitive information_de-identifying information_encrypting sensitive information. The order of the identity token, the de-identifying information and the encrypted sensitive information of the sensitive information in the data mapping rule may also be set according to the actual situation, which is not limited in any way by the embodiment of the present disclosure.
In a possible embodiment, to further increase the speed of acquiring the sensitive information, the determining the sensitive information based on the data mapping rule and the de-identifying information may include, as shown in fig. 3:
Inquiring the sensitive information in a first storage system according to the de-identification information and the data mapping rule; when the sensitive information is not queried in the first storage system, querying the sensitive information in a second storage system according to the de-identified information and the data mapping rule; and when the sensitive information is not queried in the second storage system, querying the sensitive information in a third storage system according to the de-identification information and the data mapping rule.
The principle of improving the rate of acquiring the sensitive information through hierarchical query is referred to the above related description, and will not be repeated here.
In a possible implementation manner, in order to prompt a user when the third storage system does not query the encrypted sensitive information, a preset error code or alarm value may also be returned when the third storage system does not query the encrypted sensitive information.
In order to facilitate understanding of the technical solution of the present disclosure, a remote control scenario is taken as an example, and a service processing method provided in this embodiment is further described below.
In this scenario, the service request information may be remote control information, and the remote control request may be used to characterize control of vehicle actions based on user information and control instructions. Accordingly, the sensitive information in the service request information may be user information and vehicle information, and the data mapping rule may be used to characterize a correspondence between the user information and the de-identified user information, and a correspondence between the vehicle information and the de-identified vehicle information. Specifically, when a user initiates a remote control vehicle request, the user needs to go through services such as gateway, client-business, driver, car-api automobile application program interface), TSP-proxy (telematics service agent), and the like, and finally issues a vehicle control instruction to a TSP (telematics service provider).
Steps S101-S102 in the service processing method provided by the present disclosure are firstly performed by gateway, that is, when the gateway receives the remote control car information, firstly, user information in the remote control car information, for example, a user name, a user account number, a terminal device number initiating a service request, a vehicle identification code, a vehicle model, a vehicle state, and the like, are determined. Since not all the user information and the vehicle information are sensitive information, after the user information and the vehicle information are acquired, the user information and the vehicle information can be screened according to a preset screening rule to determine sensitive target user information and target vehicle information, such as user account information and vehicle identification code information. And then, according to the data mapping rule, the screened target user information and the target vehicle information, carrying out automatic de-identification processing to obtain de-identified user information and de-identified vehicle information, and transmitting the de-identified user information and the de-identified vehicle information to a service system to execute corresponding service, namely, executing step S103 in the service processing method provided by the disclosure by the service system. Therefore, the gateway is used for automatically de-identifying the target user information and the target vehicle information, so that the safety of the target user information and the target vehicle information in a service system can be ensured, namely, the safety of the target user information and the target vehicle information in the services such as clients-business, driver, car-api and the like is ensured, and the risk of leakage does not exist.
When a specific vehicle is required to be called by a tsp-proxy, restoring the de-identified vin (vehicle identification code) of a target vehicle bound by a target user into a real vin by restoring sensitive information based on a data mapping rule and de-identification information in the service processing method provided by the present disclosure, and initiating vehicle control by using the real vin to complete one-time complete service interaction.
That is, according to one embodiment of the present disclosure, the service request information may be remote control information, and accordingly, the determining the sensitive information in the service request information may include:
determining user information and vehicle information in the remote control information;
Screening the user information based on a first preset screening rule to obtain target user information, and screening the vehicle information based on a second preset screening rule to obtain target vehicle information;
accordingly, the determining de-identifying information based on the preset data mapping rule and the sensitive information may include:
determining de-identified user information based on the data mapping rules and the target user information, and determining de-identified vehicle information based on the data mapping rules and the target vehicle information;
accordingly, the performing service processing according to the de-identification information may include:
And carrying out service processing according to the de-identified user information and the de-identified vehicle information.
The first preset screening gauge and the second preset screening rule may be set according to actual situations, which is not limited in the embodiments of the present disclosure. In a possible implementation manner, the first preset screening rule may be to determine whether preset user information exists in the user information in the service request information, and if the preset user information exists, the preset user information is used as target user information. The preset user information may be set according to an actual service scenario, which is not limited in the embodiment of the present disclosure.
In a possible implementation manner, the performing service processing according to the de-identified user information and the de-identified vehicle information may include:
Determining the target user information according to the data mapping rule and the de-identified user information, and determining the target vehicle information according to the data mapping rule and the de-identified vehicle information;
Determining a target vehicle according to the target user information and the target vehicle information;
And controlling the target vehicle.
It should be appreciated that in the remote control scenario, in order to accurately determine the controlled vehicle according to the service request, a binding rule for characterizing the correspondence between the user information and the vehicle information may be preset, so that the vehicle to be controlled may be determined according to the binding rule and the target user information/target vehicle information. Accordingly, determining the target vehicle according to the target user information and the target vehicle information may be determining corresponding vehicle information according to the target user information and the binding rule, and if the vehicle information is consistent with the target vehicle information, determining the vehicle corresponding to the target vehicle information as the target vehicle.
It should be understood that this is illustrative only and is not limiting of the solution.
Based on the same concept, the embodiments of the present disclosure further provide a service processing apparatus, as shown in fig. 5, which may include:
A receiving module 510 configured to receive service request information;
A first determining module 520 configured to determine sensitive information in the service request information, and determine de-identifying information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the first de-identification information;
a processing module 530 configured to perform service processing according to the de-identified information.
In a possible implementation manner, the service processing device may further include:
The second determining module is configured to determine the sensitive information based on the data mapping rule and the de-identification information after performing service processing according to the de-identification information;
and the output module is configured to output the sensitive information and the service processing result.
In a possible implementation manner, the data mapping rule is used to characterize a correspondence between the identity token of the sensitive information and the de-identified information, and the first determining module 520 may include:
a first determination unit configured to determine an identity token of the sensitive information;
and a second determining unit configured to determine the de-identification information according to the identity token and the data mapping rule.
In a possible implementation manner, the first determining module 520 may include:
A third determining unit configured to query the de-identified information at the first storage system according to the sensitive information and the data mapping rule;
a fourth determining unit configured to query the de-identified information at a second storage system according to the sensitive information and the data mapping rule when the de-identified information is not queried at the first storage system;
and a fifth determining unit configured to query the de-identified information at a third storage system according to the sensitive information and the data mapping rule when the de-identified information is not queried at the second storage system.
In a possible implementation manner, the service processing device may further include:
a generation module configured to randomly generate dummy information of the sensitive information and determine the dummy information as the de-identified information of the sensitive information when the de-identified information is not queried in the third storage system;
And the storage module is configured to generate the data mapping rule according to the de-identification information and the sensitive information and store the data mapping rule in the third storage system.
In a possible embodiment, the second determining module may include:
A sixth determining unit configured to query the sensitive information at the first storage system according to the de-identified information and the data mapping rule;
A seventh determining unit configured to query the sensitive information at a second storage system according to the de-identified information and the data mapping rule when the sensitive information is not queried at the first storage system;
And an eighth determining unit configured to query the sensitive information at a third storage system according to the de-identified information and the data mapping rule when the sensitive information is not queried at the second storage system.
In a possible implementation manner, the first storage system may be a local cache system, the second storage system may be a centralized cache system, and the third storage system may be a database.
In a possible implementation manner, the service request information is remote control vehicle information, and accordingly, the first determining module 520 is configured to: determining user information and vehicle information in the remote control information, screening the user information based on a first preset screening rule to obtain target user information, and screening the vehicle information based on a second preset screening rule to obtain target vehicle information;
The processing module 530 is configured to: and carrying out service processing according to the de-identified user information and the de-identified vehicle information.
In a possible implementation, the processing module 530 may include:
A ninth determining unit configured to determine the target user information according to the data mapping rule and the de-identified user information, and determine the target vehicle information according to the data mapping rule and the de-identified vehicle information;
a tenth determination unit configured to determine a target vehicle based on the target user information and the target vehicle information;
And a control unit configured to control the target vehicle.
The specific manner in which the respective modules perform the operations in the above-described embodiments of the service processing apparatus applied to the gateway has been described in detail in the embodiments related to the method, and will not be described in detail herein.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. A method of service processing, the method comprising:
receiving service request information;
Determining sensitive information in the service request information, and determining de-identification information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information;
and carrying out service processing according to the de-identification information.
2. The method according to claim 1, wherein the method further comprises:
After business processing is carried out according to the de-identification information, determining the sensitive information based on the data mapping rule and the de-identification information;
and outputting the sensitive information and the service processing result.
3. The method of claim 1, wherein the data mapping rule is used to characterize a correspondence between the identity token of the sensitive information and the de-identified information, wherein the determining de-identified information based on the preset data mapping rule and the sensitive information comprises:
Determining an identity token of the sensitive information;
And determining the de-identification information according to the identity token and the data mapping rule.
4. The method of claim 1, wherein the determining de-identification information based on the preset data mapping rules and the sensitive information comprises:
Inquiring the de-identified information in a first storage system according to the sensitive information and the data mapping rule;
When the de-identified information is not queried in the first storage system, querying the de-identified information in a second storage system according to the sensitive information and the data mapping rule;
and when the de-identified information is not queried in the second storage system, querying the de-identified information in a third storage system according to the sensitive information and the data mapping rule.
5. The method according to claim 4, wherein the method further comprises:
when the de-identified information is not queried in the third storage system, randomly generating pseudo information of the sensitive information, and determining the pseudo information as the de-identified information of the sensitive information;
And generating the data mapping rule according to the de-identification information and the sensitive information, and storing the data mapping rule in the third storage system.
6. The method of claim 2, wherein the determining the sensitive information based on the data mapping rules and the de-identification information comprises:
Inquiring the sensitive information in a first storage system according to the de-identification information and the data mapping rule;
When the sensitive information is not queried in the first storage system, querying the sensitive information in a second storage system according to the de-identified information and the data mapping rule;
and when the sensitive information is not queried in the second storage system, querying the sensitive information in a third storage system according to the de-identification information and the data mapping rule.
7. The method of any of claims 4-6, wherein the first storage system is a local cache system, the second storage system is a centralized cache system, and the third storage system is a database.
8. The method according to any one of claims 1-6, wherein the service request information is remote control car information, and the determining sensitive information in the service request information includes:
determining user information and vehicle information in the remote control information;
Screening the user information based on a first preset screening rule to obtain target user information, and screening the vehicle information based on a second preset screening rule to obtain target vehicle information;
the determining de-identification information based on the preset data mapping rule and the sensitive information comprises the following steps:
determining de-identified user information based on the data mapping rules and the target user information, and determining de-identified vehicle information based on the data mapping rules and the target vehicle information;
the business processing according to the de-identification information comprises the following steps:
And carrying out service processing according to the de-identified user information and the de-identified vehicle information.
9. The method of claim 8, wherein said performing business processes based on said de-identified user information and said de-identified vehicle information comprises:
Determining the target user information according to the data mapping rule and the de-identified user information, and determining the target vehicle information according to the data mapping rule and the de-identified vehicle information;
Determining a target vehicle according to the target user information and the target vehicle information;
And controlling the target vehicle.
10. A service processing apparatus, the apparatus comprising:
A receiving module configured to receive service request information;
The first determining module is configured to determine sensitive information in the service request information and determine de-identification information based on a preset data mapping rule and the sensitive information; the data mapping rule is used for representing the corresponding relation between the sensitive information and the de-identified information;
And the processing module is configured to perform service processing according to the de-identification information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310900415.3A CN117931861A (en) | 2023-07-20 | 2023-07-20 | Service processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310900415.3A CN117931861A (en) | 2023-07-20 | 2023-07-20 | Service processing method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117931861A true CN117931861A (en) | 2024-04-26 |
Family
ID=90760075
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310900415.3A Pending CN117931861A (en) | 2023-07-20 | 2023-07-20 | Service processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117931861A (en) |
-
2023
- 2023-07-20 CN CN202310900415.3A patent/CN117931861A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109716707B (en) | Server apparatus and method for distributed electronic recording and transaction history | |
| US11900380B2 (en) | Blockchain architecture with record security | |
| CN111316278B (en) | Secure identity and profile management system | |
| CN110383757B (en) | System and method for secure processing of electronic identities | |
| US10091230B1 (en) | Aggregating identity data from multiple sources for user controlled distribution to trusted risk engines | |
| US20190354606A1 (en) | Private Cryptocoinage in Blockchain Environments | |
| US11546348B2 (en) | Data service system | |
| US20130232077A1 (en) | Electronic authorization system and method | |
| CN111815454B (en) | Data uplink method and device, electronic equipment and storage medium | |
| CN113472716B (en) | System access method, gateway device, server, electronic device and storage medium | |
| CN111292174A (en) | Tax payment information processing method and device and computer readable storage medium | |
| CN111914279B (en) | Efficient and accurate privacy intersection system, method and device | |
| CN104836777B (en) | Identity verification method and system | |
| CN114925031A (en) | Data differentiation safety sharing method and device, electronic equipment and medium | |
| CN114500119A (en) | Block chain service calling method and device | |
| CN113132363B (en) | Front-end and back-end security verification method and equipment | |
| CN112887087B (en) | Data management method and device, electronic equipment and readable storage medium | |
| CN106982193A (en) | A kind of method and device of prevention batch registration | |
| CN117371011A (en) | Data hiding query method, electronic device and readable storage medium | |
| CN117931861A (en) | Service processing method and device | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN116055051A (en) | Data processing method based on block chain network and related equipment | |
| CN113592495A (en) | Block chain-based evidence storing method, device and system | |
| CN111552985A (en) | Information verification method and device | |
| EP1797666A2 (en) | Concept based message security system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |