WO2021098150A1 - Receipt data encryption method and apparatus, electronic device, and storage medium - Google Patents

Receipt data encryption method and apparatus, electronic device, and storage medium Download PDF

Info

Publication number
WO2021098150A1
WO2021098150A1 PCT/CN2020/087458 CN2020087458W WO2021098150A1 WO 2021098150 A1 WO2021098150 A1 WO 2021098150A1 CN 2020087458 W CN2020087458 W CN 2020087458W WO 2021098150 A1 WO2021098150 A1 WO 2021098150A1
Authority
WO
WIPO (PCT)
Prior art keywords
item
transfer
identifier
party
encrypted
Prior art date
Application number
PCT/CN2020/087458
Other languages
French (fr)
Chinese (zh)
Inventor
陈飞
章伟
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2021098150A1 publication Critical patent/WO2021098150A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification

Definitions

  • This application relates to the field of data processing, in particular to a method and related equipment for encrypting document data.
  • the embodiments of the present application provide a method, device, electronic device, and storage medium for document data encryption to at least solve the technical problem of low security of encrypted document data in the prior art.
  • a method for encrypting document data includes: in response to a document data encryption request sent by a user terminal, extracting document data contained in the encryption request; and determining that the document data is Each field corresponds to the field type and extracts the transfer-in party identification and the transfer-out party identification contained in the document data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item; based on the transfer-in party
  • the identification and the transferee identification determine a first reference factor, and a second reference factor is determined based on the article identification, the number of articles corresponding to the article identification, and the evaluation value of a single article; based on the first reference factor and the second reference factor
  • the reference factor is used to determine the score corresponding to the document data; the encrypted field table based on the score corresponding to the document data and the prestored score corresponding to the encrypted field table is used to determine the fields that need to be encrypted in the document data; based on each of
  • an encryption device for document data including: an extraction module for extracting document data contained in the encryption request in response to a document data encryption request sent by a user terminal; and a first determination module , Used to determine the field type corresponding to each field in the document data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, the item identification and the item identification corresponding to the number of items and the number of individual items Evaluation value; a second determination module, configured to determine the first reference factor based on the transfer-in party identification and the transfer-out party identification, and determine the first reference factor based on the item identification, the number of items corresponding to the item identification, and the evaluation value of a single item Two reference factors; a third determining module, configured to determine the score corresponding to the document data based on the first reference factor and the second reference factor; a fourth determining module, configured to determine the corresponding score based on the document data
  • the score value corresponds to an encrypted field table of the pre-stored score value to
  • an encrypted electronic device for document data including: a memory configured to store executable instructions.
  • the processor is configured to execute executable instructions stored in the memory to execute the method described above.
  • a computer-readable storage medium which stores computer program instructions that, when executed by a computer, cause the computer to execute the method described above.
  • the need is determined based on the document data that needs to be encrypted including the transfer-in party identification, the transfer-out party identification, the item identification, and the number of items corresponding to the item identification and the evaluation value of a single item.
  • the score corresponding to the encrypted document data is determined based on the score corresponding to the document data to be encrypted and the preset score corresponding encrypted field table to determine the field to be encrypted in the document data to be encrypted, and the field corresponding to the encrypted field is determined Field type, encrypt the field to be encrypted according to the key corresponding to the field type corresponding to the field to be encrypted, determine the field to be encrypted according to the score corresponding to the document data to be encrypted, and then determine the field to be encrypted according to the document data to be encrypted Each field to be encrypted in the fields to be encrypted is encrypted according to the key corresponding to the field type of each field to be encrypted, thereby improving the security of the encrypted document data.
  • Fig. 1 shows a flowchart of document data encryption according to an exemplary embodiment of the present disclosure.
  • Fig. 2 shows a flowchart after step S160 shown in Fig. 1 according to an exemplary embodiment of the present disclosure.
  • FIG. 3 shows a flowchart after step S220 shown in FIG. 2 according to an exemplary embodiment of the present disclosure.
  • Fig. 4 shows a device for encrypting document data according to an exemplary embodiment of the present disclosure.
  • Fig. 5 shows a system architecture diagram of document data encryption according to an exemplary embodiment of the present disclosure.
  • Fig. 6 shows a diagram of an electronic device for document data encryption according to an exemplary embodiment of the present disclosure.
  • Fig. 7 shows a diagram of a computer-readable storage medium for document data encryption according to an exemplary embodiment of the present disclosure.
  • a method for document data encryption includes: in response to a document data encryption request sent by a user terminal, extracting document data contained in the encryption request; and determining the field type corresponding to each field in the document data And extract the transfer-in party identification and transfer-out party identification contained in the document data, the item identification and the number of items corresponding to the item identification and the evaluation value of a single item; determine based on the transfer-in party identification and the transfer-out party identification A first reference factor, a second reference factor is determined based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item; the document is determined based on the first reference factor and the second reference factor
  • the score corresponding to the data based on the score corresponding to the bill data and the pre-stored score corresponding to the encrypted field table, determine the field to be encrypted in the bill data; based on the field type and the field type corresponding to each field
  • Fig. 1 shows a flowchart of document data encryption according to an exemplary embodiment of the present disclosure:
  • Step S100 In response to the document data encryption request sent by the user terminal, extract the document data contained in the encryption request;
  • Step S110 Determine the field type corresponding to each field in the bill data and extract the transfer-in party identification and transfer-out party identification contained in the bill data, the number of items corresponding to the item identification and the item identification, and the value of a single item The assessed value;
  • Step S120 Determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
  • Step S130 Determine the score corresponding to the receipt data based on the first reference factor and the second reference factor;
  • Step S140 Determine a field to be encrypted in the document data based on the score value corresponding to the document data and the pre-stored score value corresponding encrypted field table;
  • Step S150 Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
  • Step S160 Encrypt each field to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted.
  • step S100 in response to a bill data encryption request sent by the user terminal, the bill data contained in the encryption request is extracted.
  • the document data encryption request sent by the user terminal contains the document data that needs to be encrypted, and may also include the user ID or user level of the login user corresponding to the user terminal to determine whether the user can call
  • the server encrypts the document data that needs to be encrypted, and records the operation behavior of related users at the same time, so that the corresponding users can be held accountable when the system has problems.
  • step S110 determine the field type corresponding to each field in the document data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, the item identification and the number of items corresponding to the item identification, and the number of individual items. The estimated value of the item.
  • the field type corresponding to each field in the document is determined and the transfer-in party identification and the transfer-out party identification contained in the bill data are extracted, and the item identification and the corresponding item outside the item identification
  • the quantity and the evaluation value of a single item can be obtained by extracting keywords from the document data, determining the probability of the keywords appearing in the document data in the pre-stored database, and extracting each document data from the pre-stored data.
  • the document data with the highest probability of occurrence of the keyword is selected at the same time, and the document data template corresponding to the document data to be encrypted is determined based on the document data selected.
  • the document data template indicates the field type and conversion corresponding to each field.
  • the outgoing party ID and the transferring party ID, the item ID and the number of corresponding items outside the item ID, and the position of the evaluation value of a single item are determined based on the document data template corresponding to each field in the document data to be encrypted Field type and extract the transfer-in party ID and transfer-out party ID contained in the bill data, the item ID and the number of corresponding items outside the item ID, and the evaluation value of a single item.
  • the field type may refer to the content type of each part of the order contract, such as the main part of the contract, the subject part of the contract, and the rights and obligations of both parties to the contract.
  • the transfer-out party refers to the seller
  • the transfer-in party refers to the buyer
  • the item identifier refers to the item to be traded
  • the evaluation value of the single item refers to the unit price of the item to be traded.
  • the bill data can also be other contracts or bills, such as storage contracts, takeaway bills, and so on.
  • a first reference factor is determined based on the transfer-in party identification and the transfer-out party identification
  • a second reference factor is determined based on the item identification, the number of items corresponding to the item identification, and the evaluation value of a single item.
  • determining the first reference factor based on the transfer-in party identifier and the transfer-out party identifier may include:
  • the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score
  • the first reference factor is determined by the following formula:
  • a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers
  • n is the number of the different transfer-in party identifiers
  • b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers
  • d is the number of the different transfer-out party identifiers.
  • determining the second reference factor based on the item identifier, the quantity of items corresponding to the item identifier, and the evaluation value of a single item may include:
  • the second reference factor is determined by the following formula:
  • F is the second reference factor
  • r is the number of different item identifiers contained in the bill data
  • We is the score corresponding to the e-th item identifier in the different item identifiers
  • te is the different item identifier.
  • g is a preset constant, and g is greater than zero and less than one.
  • g is greater than zero and less than one to prevent The value of is too large, which causes the determined second reference factor to be too large, which in turn affects the score corresponding to the document data determined later, so that the score corresponding to the document data is too large.
  • step S130 based on the first reference factor and the second reference factor, a score corresponding to the document data is determined.
  • the step S130 may include:
  • the score corresponding to the document data is determined by the following formula:
  • M is the score corresponding to the receipt data
  • z is a constant greater than 1
  • F is the second reference factor
  • s is the first reference factor
  • step S140 Based on the encrypted field table corresponding to the score corresponding to the bill data and the pre-stored score, it is determined that the field in the bill data needs to be encrypted.
  • the entire system will process a large amount of encrypted document data at the same time, resulting in a lower operating efficiency of the system.
  • the operating load of the system will cause the entire system to crash. Therefore, the first reference factor and the second reference factor are used to determine the fields that need to be encrypted in the document data to be encrypted, so as to avoid encrypting and storing the entire document data, thereby reducing
  • the processing pressure of the entire system ensures the stability of the system.
  • the order contract one if it is determined that the score corresponding to the order contract one is 1000, and the score corresponding to the order contract two is 2000, according to the pre-stored score corresponding to the encrypted field table, it can be seen that the order contract one needs
  • the encrypted fields are the subject part of the contract.
  • the fields that need to be encrypted are the subject part of the contract and the contract rights and obligations.
  • step S150 based on the field type corresponding to each field in the document data and the field to be encrypted, the field type corresponding to each field to be encrypted in the field to be encrypted is determined.
  • each field to be encrypted in the fields to be encrypted in the document data is encrypted according to the key corresponding to the field type of each field to be encrypted.
  • this solution is based on assigning corresponding encryption keys to the field types corresponding to the document fields that need to be encrypted in the document data that need to be encrypted, so that different field types in the fields that need to be encrypted correspond to The encryption keys of the fields are different, thereby reducing the success rate of cracking the leaked document data and improving the security of the document data.
  • the key is used to encrypt the fields in the order contract whose field type is the subject of the contract in the fields to be encrypted.
  • the encryption key corresponding to the field type may be determined based on the following method: determining the encryption key corresponding to the field type based on the encryption key table corresponding to the field type and the pre-stored field type , Wherein the encryption key table corresponding to the pre-stored field type can be determined by the following method: obtaining the total number of field types in the encryption key table corresponding to the field inner type, and randomly extracting the encryption key from the pre-stored encryption key library The total number of field types corresponds to the number of encryption keys, and the extracted encryption key is randomly combined with the field types in the encryption key table to determine the corresponding field type in the encryption key table. Encryption key.
  • the method may further include:
  • Step S210 Determine the level corresponding to the bill data based on the score corresponding to the bill and the pre-stored score corresponding level table;
  • Step S220 Based on the level corresponding to the bill data, store the bill data in a corresponding storage server.
  • the score corresponding to the bill data indicates the importance of the bill data. In order to better store and protect the corresponding bill data, based on the score corresponding to the bill data, store the bill data in a different storage server , In order to improve the security of the document data.
  • the score corresponding to order contract one is 1000 points, and the score corresponding to order contract two is 2000 points, according to the pre-stored score corresponding grade table, it can be determined that the corresponding grade of order contract one is Level 1, order contract 2 corresponds to level 4, level 1 to 3 corresponds to storage server 1, and level 4 to 6 corresponds to storage server 2, then order contract 1 is encrypted and stored to the storage server 1.
  • the order and contract two are encrypted and stored in the storage server 2.
  • step S220 in FIG. 2 it may further include:
  • Step S230 In response to the call request sent by the user terminal, extract the user identification and the call receipt data identification included in the call request;
  • Step S240 Determine the level corresponding to the user based on the user identifier, and determine the level corresponding to the retrieved receipt data based on the retrieved receipt data identifier;
  • Step S250 Based on the relationship between the level corresponding to the user and the level corresponding to the retrieved receipt data, it is determined whether the user can retrieve the retrieved receipt data.
  • the score corresponding to the bill data indicates the degree of importance of the bill data.
  • the user is determined according to the relationship between the user's corresponding level and the level corresponding to the bill data to be retrieved. Whether the corresponding document data can be retrieved to prevent the leakage of the document data and to ensure the security of the document data.
  • the level corresponding to user A is level 2
  • the level corresponding to the document data a to be retrieved is level 1
  • the level corresponding to document data b is level 3, because 1 ⁇ 2 ⁇ 3.
  • the user A can call the bill data a, but cannot call the bill data b.
  • the device 400 for encrypting document data includes: an extraction module 410, a first determination module 420, a second determination module 430, a third determination module 440, a fourth determination module 450, and a fifth determination module 460, Encryption module 470. among them:
  • the extraction module 410 is configured to extract the document data contained in the encryption request in response to the document data encryption request sent by the user terminal;
  • the first determining module 420 is configured to determine the field type corresponding to each field in the bill data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, and the item identification and the item identification corresponding to the item Quantity and the estimated value of a single item;
  • the second determination module 430 is configured to determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item factor;
  • the third determining module 440 is configured to determine the score corresponding to the document data based on the first reference factor and the second reference factor;
  • the fourth determining module 450 is configured to determine the fields that need to be encrypted in the document data based on the score value corresponding to the document data and the pre-stored score value corresponding encrypted field table;
  • the fifth determining module 460 is configured to determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
  • the encryption module 470 is configured to encrypt each field to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted.
  • the second determining module 430 may also be configured to determine the number of different transfer-in party identifiers included in the transfer-in party identifier and the difference between the number of transfer-in party identifiers included in the transfer-out party identifier.
  • the number of transfer-out party IDs based on the transfer-in party ID and transfer-out party ID and the pre-stored transfer-in party and transfer-out party ID corresponding score table, determine the score corresponding to each of the different transfer-in party IDs and each Points corresponding to each of the different transfer-out party identifiers;
  • the first reference factor is determined by the following formula:
  • a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers
  • n is the number of the different transfer-in party identifiers
  • b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers
  • d is the number of the different transfer-out party identifiers.
  • the second determining module 430 may also be configured to: determine the number of different item identifiers contained in the item identifier; based on the score table corresponding to the item identifier and the pre-stored item identifier , Determine the score corresponding to each item identifier in the different item identifiers;
  • the second reference factor is determined by the following formula:
  • F is the second reference factor
  • r is the number of different item identifiers contained in the bill data
  • We is the score corresponding to the e-th item identifier in the different item identifiers
  • te is the different item identifier.
  • g is a preset constant, and g is greater than zero and less than one.
  • the third determining module 440 may be further configured to determine the score corresponding to the document data by the following formula based on the first reference factor and the second reference factor :
  • M is the score corresponding to the receipt data
  • z is a constant greater than 1
  • F is the second reference factor
  • s is the first reference factor
  • the device 400 for encrypting document data further includes: a storage module for determining the level corresponding to the document data based on the corresponding level table of the score corresponding to the document and the pre-stored score value. ; Based on the level corresponding to the bill data, store the bill data to the corresponding storage server.
  • the device 400 for encrypting bill data further includes: an invocation module configured to, in response to an invocation request sent by the user terminal, extract the user identification and the invocation bill data contained in the invocation request Identification; determine the level corresponding to the user based on the user identifier, determine the level corresponding to the call receipt data based on the call receipt data identification; determine the rank corresponding to the call receipt data based on the user The relationship between the levels determines whether the user can retrieve the retrieval receipt data.
  • an invocation module configured to, in response to an invocation request sent by the user terminal, extract the user identification and the invocation bill data contained in the invocation request Identification; determine the level corresponding to the user based on the user identifier, determine the level corresponding to the call receipt data based on the call receipt data identification; determine the rank corresponding to the call receipt data based on the user The relationship between the levels determines whether the user can retrieve the retrieval receipt data.
  • modules or units of the device for action execution are mentioned in the above detailed description, this division is not mandatory.
  • the features and functions of two or more modules or units described above may be embodied in one module or unit.
  • the features and functions of a module or unit described above can be further divided into multiple modules or units to be embodied.
  • the example embodiments described here can be implemented by software, or can be implemented by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, and the software product can be stored in a non-volatile storage medium (which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.) or a network
  • a non-volatile storage medium which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.
  • the above includes several instructions to make a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) execute the method according to the embodiment of the present disclosure.
  • Fig. 5 shows a block diagram of a system architecture for document data encryption according to an exemplary embodiment of the present disclosure.
  • the system architecture includes: a client 310 and a server 320.
  • the client 310 sends an encryption request to the server 320.
  • the server 320 extracts the receipt data from the received encryption request.
  • the server 320 determines the field type corresponding to each field in the receipt data and extracts the receipt data.
  • the transfer-in party identification and the transfer-out party identification contained in the transfer-in party identification and the transfer-out party identification, the item identification and the number of items corresponding to the item identification and the evaluation value of a single item, the server 320 determines the first reference factor based on the transfer-in party identification and the transfer-out party identification ,
  • the server 320 determines a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
  • the server 320 determines the receipt based on the first reference factor and the second reference factor
  • the score corresponding to the data; the server 320 determines the fields to be encrypted in the document data based on the score corresponding to the document data and the pre-stored score corresponding
  • the method for encrypting the document data provided by the embodiments of the present disclosure is generally executed by the server 320, and accordingly, the device for encrypting the document data is generally set in the server 320.
  • the terminal and the server may also have similar functions, so as to implement the document data encryption solution provided by the embodiments of the present disclosure.
  • an electronic device capable of implementing the above method is also provided.
  • the electronic device 500 according to this embodiment of the present application will be described below with reference to FIG. 6.
  • the electronic device 500 shown in FIG. 6 is only an example, and should not bring any limitation to the function and scope of use of the embodiments of the present application.
  • the electronic device 500 is represented in the form of a general-purpose computing device.
  • the components of the electronic device 500 may include, but are not limited to: the aforementioned at least one processing unit 510, the aforementioned at least one storage unit 520, and a bus 530 connecting different system components (including the storage unit 520 and the processing unit 510).
  • the storage unit stores program code, and the program code can be executed by the processing unit 510, so that the processing unit 510 executes the various exemplary methods described in the “Exemplary Method” section of this specification. Steps of implementation.
  • the processing unit 510 may perform step S100 as shown in FIG.
  • step S110 in response to the document data encryption request sent by the user terminal, extract the document data contained in the encryption request; step S110: determine every item in the document data Field types corresponding to each field, and extract the transfer-in party identification and transfer-out party identification contained in the document data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item; step S120: based on the transfer The incoming party identifier and the outgoing party identifier determine a first reference factor, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item; step S130: based on the first reference factor Determine the score corresponding to the document data with the second reference factor; Step S140: Determine the field to be encrypted in the document data based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score; Step S150: Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field
  • the storage unit 520 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 5201 and/or a cache storage unit 5202, and may further include a read-only storage unit (ROM) 5203.
  • RAM random access storage unit
  • ROM read-only storage unit
  • the storage unit 520 may also include a program/utility tool 5204 having a set (at least one) program module 5205.
  • program module 5205 includes but is not limited to: an operating system, one or more application programs, other program modules, and program data, Each of these examples or some combination may include the implementation of a network environment.
  • the bus 530 may represent one or more of several types of bus structures, including a storage unit bus or a storage unit controller, a peripheral bus, a graphics acceleration port, a processing unit, or a local area using any bus structure among multiple bus structures. bus.
  • the electronic device 500 may also communicate with one or more external devices 600 (such as keyboards, pointing devices, Bluetooth devices, etc.), and may also communicate with one or more devices that enable users to interact with the electronic device 500, and/or communicate with Any device (such as a router, modem, etc.) that enables the electronic device 500 to communicate with one or more other computing devices. Such communication can be performed through an input/output (I/O) interface 550.
  • the electronic device 500 may also communicate with one or more networks (for example, a local area network (LAN), a wide area network (WAN), and/or a public network, such as the Internet) through the network adapter 560. As shown in the figure, the network adapter 560 communicates with other modules of the electronic device 500 through the bus 530.
  • LAN local area network
  • WAN wide area network
  • public network such as the Internet
  • the example embodiments described here can be implemented by software, or can be implemented by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, U disk, mobile hard disk, etc.) or on the network , Including several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the embodiment of the present disclosure.
  • a computing device which may be a personal computer, a server, a terminal device, or a network device, etc.
  • a computer-readable storage medium is also provided, on which a program product capable of implementing the above method of this specification is stored.
  • various aspects of the present application can also be implemented in the form of a program product, which includes program code.
  • the program product runs on a terminal device, the program code is used to make the The terminal device executes the steps according to various exemplary embodiments of the present application described in the above-mentioned "Exemplary Method" section of this specification.
  • a program product 700 for implementing the above method according to an embodiment of the present application is described. It can adopt a portable compact disk read-only memory (CD-ROM) and include program code, and can be stored in a terminal device, For example, running on a personal computer.
  • CD-ROM compact disk read-only memory
  • the program product of this application is not limited to this.
  • the readable storage medium can be any tangible medium that contains or stores a program, and the program can be used by or in combination with an instruction execution system, device, or device.
  • the program product can use any combination of one or more readable media.
  • the readable medium may be a readable signal medium or a readable storage medium.
  • the readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or a combination of any of the above. More specific examples (non-exhaustive list) of readable storage media include: electrical connections with one or more wires, portable disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable Type programmable read only memory (EPROM or flash memory), optical fiber, portable compact disk read only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
  • the computer-readable signal medium may include a data signal propagated in baseband or as a part of a carrier wave, and readable program code is carried therein. This propagated data signal can take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing.
  • the readable signal medium may also be any readable medium other than a readable storage medium.
  • the storage medium is a volatile storage medium or a non-volatile storage medium.
  • the readable medium can be sent, propagated or transmitted for use by the instruction Execute programs used by or in combination with systems, devices or devices.
  • the program code contained on the readable medium can be transmitted by any suitable medium, including but not limited to wireless, wired, optical cable, RF, etc., or any suitable combination of the above.
  • the program code used to perform the operations of the present application can be written in any combination of one or more programming languages.
  • the programming languages include object-oriented programming languages—such as Java, C++, etc., as well as conventional procedural programming languages. Programming language-such as "C" language or similar programming language.
  • the program code can be executed entirely on the user's computing device, partly on the user's device, executed as an independent software package, partly on the user's computing device and partly executed on the remote computing device, or entirely on the remote computing device or server Executed on.
  • the remote computing device can be connected to a user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computing device (for example, using Internet service providers). Business to connect via the Internet).
  • LAN local area network
  • WAN wide area network
  • Internet service providers for example, using Internet service providers.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

(FIG. 1) The present application relates to the field of data processing. Disclosed are a receipt data encryption method and apparatus, an electronic device, and a storage medium. The method comprises: determining a score corresponding to receipt data on the basis of a first reference factor and a second reference factor; determining fields to be encrypted in the receipt data on the basis of the score corresponding to the receipt data and a pre-stored encrypted field table corresponding to the score; determining a field type corresponding to each field in the fields to be encrypted on the basis of the field type corresponding to each field in the receipt data and the fields to be encrypted; and encrypting each field in the fields to be encrypted in the receipt data according to a key corresponding to the field type of the each field. According to the technical solution of the embodiment of the present invention, the security of encrypted receipt data can be improved.

Description

单据数据加密的方法、装置、电子设备和存储介质Method, device, electronic equipment and storage medium for document data encryption
本申请要求于2019年11月21日提交中国专利局、申请号为201911150333.1,发明名称为“单据数据加密的方法、装置、电子设备和存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on November 21, 2019, the application number is 201911150333.1, and the invention title is "Methods, devices, electronic equipment and storage media for document data encryption". The entire content of the application is approved. The reference is incorporated in this application.
技术领域Technical field
本申请涉及数据处理领域,特别是涉及对单据数据加密的方法及相关设备。This application relates to the field of data processing, in particular to a method and related equipment for encrypting document data.
背景技术Background technique
随着计算机及互联网技术的不断发展,尤其是电子数据存储技术的发展,相对于以往人们通过纸质文件存储的方式,现在人们都已习惯进行电子备份以方便进行存储,发明人意识到虽然人们在对以电子方式存储的单据数据进行加密处理,但因其加密方式过于单一很容易被黑客盗取并破解,尤其是包含有大量的隐私数据的单据数据,如该单据数据被盗取,则很容易造成隐私数据的泄露,因此如何对单据数据进行加密以提高加密后的单据数据的安全性是亟需解决的问题。With the continuous development of computer and Internet technology, especially the development of electronic data storage technology, compared with the way people use paper files to store in the past, people are now accustomed to making electronic backups to facilitate storage. The inventor realized that although people Encrypting the document data stored electronically, but because the encryption method is too single, it is easy to be stolen and cracked by hackers, especially the document data containing a large amount of private data. If the document data is stolen, It is easy to cause the leakage of private data, so how to encrypt the document data to improve the security of the encrypted document data is a problem that needs to be solved urgently.
发明内容Summary of the invention
基于此,本申请实施例提供了一种单据数据加密的方法、装置、电子设备和存储介质,以至少解决现有技术中存在的加密后的单据数据安全性低的技术问题。Based on this, the embodiments of the present application provide a method, device, electronic device, and storage medium for document data encryption to at least solve the technical problem of low security of encrypted document data in the prior art.
根据本申请实施例的第一方面,提供了一种单据数据加密的方法,包括:响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。According to the first aspect of the embodiments of the present application, a method for encrypting document data is provided, which includes: in response to a document data encryption request sent by a user terminal, extracting document data contained in the encryption request; and determining that the document data is Each field corresponds to the field type and extracts the transfer-in party identification and the transfer-out party identification contained in the document data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item; based on the transfer-in party The identification and the transferee identification determine a first reference factor, and a second reference factor is determined based on the article identification, the number of articles corresponding to the article identification, and the evaluation value of a single article; based on the first reference factor and the second reference factor The reference factor is used to determine the score corresponding to the document data; the encrypted field table based on the score corresponding to the document data and the prestored score corresponding to the encrypted field table is used to determine the fields that need to be encrypted in the document data; based on each of the document data The field type corresponding to the field and the field to be encrypted are determined, and the field type corresponding to each field to be encrypted in the field to be encrypted is determined; each field to be encrypted in the field to be encrypted in the document data is based on each The key corresponding to the field type of the field to be encrypted is encrypted.
根据本申请的第二方面,提供了一种单据数据的加密装置包括:提取模块,用于响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;第一确定模块,用于确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识 对应物品的数量及单个物品的评估值;第二确定模块,用于基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;第三确定模块,用于基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;第四确定模块,用于基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;第五确定模块,用于基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;加密模块,用于对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。According to a second aspect of the present application, there is provided an encryption device for document data including: an extraction module for extracting document data contained in the encryption request in response to a document data encryption request sent by a user terminal; and a first determination module , Used to determine the field type corresponding to each field in the document data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, the item identification and the item identification corresponding to the number of items and the number of individual items Evaluation value; a second determination module, configured to determine the first reference factor based on the transfer-in party identification and the transfer-out party identification, and determine the first reference factor based on the item identification, the number of items corresponding to the item identification, and the evaluation value of a single item Two reference factors; a third determining module, configured to determine the score corresponding to the document data based on the first reference factor and the second reference factor; a fourth determining module, configured to determine the corresponding score based on the document data The score value corresponds to an encrypted field table of the pre-stored score value to determine the field to be encrypted in the document data; the fifth determining module is configured to determine based on the field type corresponding to each field in the document data and the field to be encrypted The field type corresponding to each field to be encrypted in the field to be encrypted; the encryption module is used for corresponding to each field to be encrypted in the field to be encrypted in the document data according to the field type of each field to be encrypted The key is encrypted.
根据本申请的第三方面,提供了一种单据数据的加密电子设备,包括:存储器,配置为存储可执行指令。处理器,配置为执行所述存储器中存储的可执行指令,以执行以上所述的方法。According to a third aspect of the present application, there is provided an encrypted electronic device for document data, including: a memory configured to store executable instructions. The processor is configured to execute executable instructions stored in the memory to execute the method described above.
根据本申请的第四方面,提供一种计算机可读存储介质,其存储有计算机程序指令,当所述计算机指令被计算机执行时,使计算机执行以上所述的方法。According to a fourth aspect of the present application, a computer-readable storage medium is provided, which stores computer program instructions that, when executed by a computer, cause the computer to execute the method described above.
在本申请实施例所提供的技术方案中,通过基于需加密的单据数据中包含转入方标识、转出方标识、物品标识和所述物品标识对应物品的数量及单个物品的评估值确定需加密的单据数据对应的分值,再基于该需加密单据数据对应的分值与预设的分值对应加密字段表确定该需加密单据数据中需加密的字段,确定所述需加密字段对应的字段类型,根据所述需加密字段对应的字段类型对应的密钥对所述需加密字段进行加密,根据需加密单据数据对应的分值确定需要加密的字段,再对需加密单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密,从而提高了加密后的单据数据的安全性。In the technical solution provided in the embodiments of the present application, the need is determined based on the document data that needs to be encrypted including the transfer-in party identification, the transfer-out party identification, the item identification, and the number of items corresponding to the item identification and the evaluation value of a single item. The score corresponding to the encrypted document data is determined based on the score corresponding to the document data to be encrypted and the preset score corresponding encrypted field table to determine the field to be encrypted in the document data to be encrypted, and the field corresponding to the encrypted field is determined Field type, encrypt the field to be encrypted according to the key corresponding to the field type corresponding to the field to be encrypted, determine the field to be encrypted according to the score corresponding to the document data to be encrypted, and then determine the field to be encrypted according to the document data to be encrypted Each field to be encrypted in the fields to be encrypted is encrypted according to the key corresponding to the field type of each field to be encrypted, thereby improving the security of the encrypted document data.
附图说明Description of the drawings
图1示出根据本公开一示例实施方式的单据数据加密的流程图。Fig. 1 shows a flowchart of document data encryption according to an exemplary embodiment of the present disclosure.
图2示出根据本公开一示例实施方式的图1中所示的步骤S160之后的流程图。Fig. 2 shows a flowchart after step S160 shown in Fig. 1 according to an exemplary embodiment of the present disclosure.
图3示出根据本公开一示例实施方式的图2中所示的步骤S220之后的流程图。FIG. 3 shows a flowchart after step S220 shown in FIG. 2 according to an exemplary embodiment of the present disclosure.
图4示出根据本公开一示例实施方式的单据数据加密的装置。Fig. 4 shows a device for encrypting document data according to an exemplary embodiment of the present disclosure.
图5示出根据本公开一示例实施方式的单据数据加密的系统架构图。Fig. 5 shows a system architecture diagram of document data encryption according to an exemplary embodiment of the present disclosure.
图6示出根据本公开一示例实施方式的单据数据加密的电子设备图。Fig. 6 shows a diagram of an electronic device for document data encryption according to an exemplary embodiment of the present disclosure.
图7示出根据本公开一示例实施方式的单据数据加密的计算机可读存储介质图。Fig. 7 shows a diagram of a computer-readable storage medium for document data encryption according to an exemplary embodiment of the present disclosure.
具体实施方式Detailed ways
本公开的目的在于从技术方面提高加密后单据数据的安全性。根据本公开一个实施例的单据数据加密的方法,包括:响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。The purpose of the present disclosure is to technically improve the security of encrypted document data. A method for document data encryption according to an embodiment of the present disclosure includes: in response to a document data encryption request sent by a user terminal, extracting document data contained in the encryption request; and determining the field type corresponding to each field in the document data And extract the transfer-in party identification and transfer-out party identification contained in the document data, the item identification and the number of items corresponding to the item identification and the evaluation value of a single item; determine based on the transfer-in party identification and the transfer-out party identification A first reference factor, a second reference factor is determined based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item; the document is determined based on the first reference factor and the second reference factor The score corresponding to the data; based on the score corresponding to the bill data and the pre-stored score corresponding to the encrypted field table, determine the field to be encrypted in the bill data; based on the field type and the field type corresponding to each field in the bill data Describe the fields to be encrypted, and determine the field type corresponding to each field to be encrypted in the fields to be encrypted; each field to be encrypted in the fields to be encrypted in the document data corresponds to the field type of each field to be encrypted The key is encrypted.
图1示出根据本公开一示例实施方式的单据数据加密的流程图:Fig. 1 shows a flowchart of document data encryption according to an exemplary embodiment of the present disclosure:
步骤S100:响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;Step S100: In response to the document data encryption request sent by the user terminal, extract the document data contained in the encryption request;
步骤S110:确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;Step S110: Determine the field type corresponding to each field in the bill data and extract the transfer-in party identification and transfer-out party identification contained in the bill data, the number of items corresponding to the item identification and the item identification, and the value of a single item The assessed value;
步骤S120:基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;Step S120: Determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
步骤S130:基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;Step S130: Determine the score corresponding to the receipt data based on the first reference factor and the second reference factor;
步骤S140:基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;Step S140: Determine a field to be encrypted in the document data based on the score value corresponding to the document data and the pre-stored score value corresponding encrypted field table;
步骤S150:基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;Step S150: Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
步骤S160:对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。Step S160: Encrypt each field to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted.
下面,将结合附图对本示例实施方式中上述对图像中的文本信息进行识的各步骤进行详细的解释以及说明。Hereinafter, the steps of recognizing the text information in the image in this exemplary embodiment will be explained and described in detail with reference to the accompanying drawings.
在步骤S100中,响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据。In step S100, in response to a bill data encryption request sent by the user terminal, the bill data contained in the encryption request is extracted.
在本申请的一实施例中,用户端发送的单据数据加密请求中出包含需加密的单据数据外,还可包含用户端对应登陆用户的用户标识或用户等级,以确定所述用户能否调用服务器对需加密的单据数据进行加密,同时记录相关用户的操作行为,以便系统出现问题时对相应用户进行责任追究。In an embodiment of the present application, the document data encryption request sent by the user terminal contains the document data that needs to be encrypted, and may also include the user ID or user level of the login user corresponding to the user terminal to determine whether the user can call The server encrypts the document data that needs to be encrypted, and records the operation behavior of related users at the same time, so that the corresponding users can be held accountable when the system has problems.
在步骤S110中,确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值。In step S110, determine the field type corresponding to each field in the document data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, the item identification and the number of items corresponding to the item identification, and the number of individual items. The estimated value of the item.
在本申请的一实施例中,确定所述单据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识外对应物品的数量及单个物品的评估值,可通过如下方式:提取所述单据数据中的关键词,确定所述关键词在预存数据库中各单据数据中出现的概率,从所述预存数据中各单据数据中筛选同时出现所述关键词概率最大的单据数据,根据所述筛选出的单据数据确定需加密单据数据对应的单据数据模板,所述单据数据模板中标明了每个字段对应的字段类型、转出方标识和转入方标识、物品标识和所述物品标识外对应物品的数量及单个物品的评估值所处的位置,基于所述单据数据模板确定该需加密单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识外对应物品的数量及单个物品的评估值。In an embodiment of the present application, the field type corresponding to each field in the document is determined and the transfer-in party identification and the transfer-out party identification contained in the bill data are extracted, and the item identification and the corresponding item outside the item identification The quantity and the evaluation value of a single item can be obtained by extracting keywords from the document data, determining the probability of the keywords appearing in the document data in the pre-stored database, and extracting each document data from the pre-stored data. The document data with the highest probability of occurrence of the keyword is selected at the same time, and the document data template corresponding to the document data to be encrypted is determined based on the document data selected. The document data template indicates the field type and conversion corresponding to each field. The outgoing party ID and the transferring party ID, the item ID and the number of corresponding items outside the item ID, and the position of the evaluation value of a single item are determined based on the document data template corresponding to each field in the document data to be encrypted Field type and extract the transfer-in party ID and transfer-out party ID contained in the bill data, the item ID and the number of corresponding items outside the item ID, and the evaluation value of a single item.
在本申请的一实施例中,当所述单据数据是订单合同是,所述字段类型可以是指该订单合同中各部分的内容类型如合同主体部分、合同标的部分、合同双方的权利与义务部分等,所述转出方是指卖方,所述转入方是指买方,所述物品标识是指交易的物品,所述单个物品的评估值则指所要交易物品的单价。同样,所述单据数据还可以是其他合同或单据,如仓储合同、外卖单据等。In an embodiment of the present application, when the document data is an order contract, the field type may refer to the content type of each part of the order contract, such as the main part of the contract, the subject part of the contract, and the rights and obligations of both parties to the contract. For example, the transfer-out party refers to the seller, the transfer-in party refers to the buyer, the item identifier refers to the item to be traded, and the evaluation value of the single item refers to the unit price of the item to be traded. Similarly, the bill data can also be other contracts or bills, such as storage contracts, takeaway bills, and so on.
在步骤S120中:基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子。In step S120, a first reference factor is determined based on the transfer-in party identification and the transfer-out party identification, and a second reference factor is determined based on the item identification, the number of items corresponding to the item identification, and the evaluation value of a single item.
在本申请的一实施例中,基于所述转入方标识和转出方标识确定第一参考因子,可以包括:In an embodiment of the present application, determining the first reference factor based on the transfer-in party identifier and the transfer-out party identifier may include:
确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;Determining the number of different transfer-in party identifiers included in the transfer-in party identifier and the number of different transfer-out party identifiers included in the transfer-out party identifier;
基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;Based on the transfer-in party identification and the transfer-out party identification and the pre-stored score table corresponding to the transfer-in party and the transfer-out party identification, the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score;
通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
Figure PCTCN2020087458-appb-000001
Figure PCTCN2020087458-appb-000001
其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
在本申请的一实施例中,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子,可以包括:In an embodiment of the present application, determining the second reference factor based on the item identifier, the quantity of items corresponding to the item identifier, and the evaluation value of a single item may include:
确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
Figure PCTCN2020087458-appb-000002
Figure PCTCN2020087458-appb-000002
其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
在本申请的一实施例中,通过设置常数g,g大于零小于壹,以防止因获取的
Figure PCTCN2020087458-appb-000003
的值过大,而导致确定的所述第二参考因子过大,进而影响后边确定的所述单据数据对应的分值,使得所述单据数据对应的分值过大。 In an embodiment of the present application, by setting the constant g, g is greater than zero and less than one to prevent
Figure PCTCN2020087458-appb-000003
The value of is too large, which causes the determined second reference factor to be too large, which in turn affects the score corresponding to the document data determined later, so that the score corresponding to the document data is too large.
在步骤S130中:基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值。In step S130: based on the first reference factor and the second reference factor, a score corresponding to the document data is determined.
在本申请的一实施例中,所述步骤S130可以包括:In an embodiment of the present application, the step S130 may include:
基于所述第一参考因子与所述第二参考因子,通过以下公式,确定所述单据数据对应的分值:Based on the first reference factor and the second reference factor, the score corresponding to the document data is determined by the following formula:
M=log zF+S M=log z F+S
其中M为所述单据数据对应的分值,z为大于1的常数,F为所述第二参考因子,s为所述第一参考因子。Where M is the score corresponding to the receipt data, z is a constant greater than 1, F is the second reference factor, and s is the first reference factor.
在步骤S140中:基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段。In step S140: Based on the encrypted field table corresponding to the score corresponding to the bill data and the pre-stored score, it is determined that the field in the bill data needs to be encrypted.
因所要存储的单据数据中并非所有的单据数据都需要密钥进行加密存储,如全部需要密钥进行加密则整个系统会因同时处理大量的需加密单据数据而导致系统运行效率的底下,若超出系统运行的负荷,则会导致整个系统的崩溃, 因此通过上述第一参考因子与第二参考因子确定所述需加密单据数据中需加密的字段,从而避免对整个单据数据进行加密存储,进而减轻整个系统的处理压力,从而保证系统的稳定性。Because not all of the document data to be stored require a key to be encrypted for storage, if all of the document data needs to be encrypted, the entire system will process a large amount of encrypted document data at the same time, resulting in a lower operating efficiency of the system. The operating load of the system will cause the entire system to crash. Therefore, the first reference factor and the second reference factor are used to determine the fields that need to be encrypted in the document data to be encrypted, so as to avoid encrypting and storing the entire document data, thereby reducing The processing pressure of the entire system ensures the stability of the system.
在本申请的一实施例中,若确定的订单合同一对应的分值为1000,订单合同二对应的分值为2000,根据预存的分值对应加密字段表,可知,对于订单合同一其需要加密的字段为合同标的部分,对于订单合同二其需要加密的字段为合同标的部分、合同权利义务部分。In an embodiment of the present application, if it is determined that the score corresponding to the order contract one is 1000, and the score corresponding to the order contract two is 2000, according to the pre-stored score corresponding to the encrypted field table, it can be seen that the order contract one needs The encrypted fields are the subject part of the contract. For the order contract, the fields that need to be encrypted are the subject part of the contract and the contract rights and obligations.
在步骤S150中,基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型。In step S150, based on the field type corresponding to each field in the document data and the field to be encrypted, the field type corresponding to each field to be encrypted in the field to be encrypted is determined.
在步骤S160中,对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。In step S160, each field to be encrypted in the fields to be encrypted in the document data is encrypted according to the key corresponding to the field type of each field to be encrypted.
为防止需加密的单据数据泄露后易被破解,本方案基于给需加密单据数据中需加密的单据字段对应的字段类型分配相应的加密密钥,从而使得所述需加密字段中不同字段类型对应的字段加密的密钥不同,从而降低泄露单据数据的破解成功率,提高单据数据的安全性。In order to prevent the document data that needs to be encrypted from being easily cracked after being leaked, this solution is based on assigning corresponding encryption keys to the field types corresponding to the document fields that need to be encrypted in the document data that need to be encrypted, so that different field types in the fields that need to be encrypted correspond to The encryption keys of the fields are different, thereby reducing the success rate of cracking the leaked document data and improving the security of the document data.
在本申请的一实施例中,若需加的订单合同中需加密的字段对应的字段类型为合同标的,根据预存的字段类型对应加密密钥表确定,合同标的对应的加密密钥为“678”,则通过该密钥对订单合同中需加密字段中字段类型为合同标的的字段进行加密。In an embodiment of the present application, if the field type corresponding to the field to be encrypted in the order contract to be added is the subject of the contract, it is determined according to the pre-stored field type corresponding encryption key table, and the corresponding encryption key of the contract subject is "678 ", the key is used to encrypt the fields in the order contract whose field type is the subject of the contract in the fields to be encrypted.
在本申请的一实施例中,所述字段类型对应的加密密钥可以基于以下方式进行确定:基于所述字段类型与预存的字段类型对应加密密钥表确定所述字段类型对应的加密密钥,其中所述预存的字段类型对应加密密钥表可通过如下方式确定:获取所述字段内型对应加密密钥表中字段类型的总个数,从预存的加密密钥库中随机抽取所述字段类型的总个数对应数目的加密密钥,将所述抽取出的加密密钥与所述加密密钥表中的字段类型随机组合,确定所述加密密钥表中每个字段类型对应的加密密钥。In an embodiment of the present application, the encryption key corresponding to the field type may be determined based on the following method: determining the encryption key corresponding to the field type based on the encryption key table corresponding to the field type and the pre-stored field type , Wherein the encryption key table corresponding to the pre-stored field type can be determined by the following method: obtaining the total number of field types in the encryption key table corresponding to the field inner type, and randomly extracting the encryption key from the pre-stored encryption key library The total number of field types corresponds to the number of encryption keys, and the extracted encryption key is randomly combined with the field types in the encryption key table to determine the corresponding field type in the encryption key table. Encryption key.
在本申请的一实施例中,如图2所示,在图1中步骤S160之后还可包括:In an embodiment of the present application, as shown in FIG. 2, after step S160 in FIG. 1, the method may further include:
步骤S210:基于所述单据对应的分值与预存的分值对应等级表,确定所述单据数据对应的等级;Step S210: Determine the level corresponding to the bill data based on the score corresponding to the bill and the pre-stored score corresponding level table;
步骤S220:基于所述单据数据对应的等级,将所述单据数据存储至相应的存储服务器。Step S220: Based on the level corresponding to the bill data, store the bill data in a corresponding storage server.
所述单据数据对应的分值表明该单据数据的重要程度,为了更好的存储并保护相应的单据数据,基于所述单据数据对应的分值,将所述单据数据存储至不同的存储服务器中,以提高单据数据的安全性。The score corresponding to the bill data indicates the importance of the bill data. In order to better store and protect the corresponding bill data, based on the score corresponding to the bill data, store the bill data in a different storage server , In order to improve the security of the document data.
在本申请的一实施例中,若订单合同一对应的分值为1000分,订单合同二 对应的分值为2000分,根据预存的分值对应等级表,可确定订单合同一对应的等级为1级,订单合同二对应的等级为4级,等级1—3对应的存储服务器为存储服务器1,等级4—6对应的存储服务器为存储服务器2,则将订单合同一加密后存储至存储服务器1,订单合同二加密后存储至存储服务器2。In an embodiment of the present application, if the score corresponding to order contract one is 1000 points, and the score corresponding to order contract two is 2000 points, according to the pre-stored score corresponding grade table, it can be determined that the corresponding grade of order contract one is Level 1, order contract 2 corresponds to level 4, level 1 to 3 corresponds to storage server 1, and level 4 to 6 corresponds to storage server 2, then order contract 1 is encrypted and stored to the storage server 1. The order and contract two are encrypted and stored in the storage server 2.
在本申请的一实施例中,如图3所示,在图2步骤S220之后还可以包括:In an embodiment of the present application, as shown in FIG. 3, after step S220 in FIG. 2, it may further include:
步骤S230:响应于用户端发送的调用请求,提取所述调用请求中包含的用户标识与调取单据数据标识;Step S230: In response to the call request sent by the user terminal, extract the user identification and the call receipt data identification included in the call request;
步骤S240:基于所述用户标识确定所述用户对应的等级,基于所述调取单据数据标识确定所述调取单据数据对应的等级;Step S240: Determine the level corresponding to the user based on the user identifier, and determine the level corresponding to the retrieved receipt data based on the retrieved receipt data identifier;
步骤S250:基于所述用户对应的等级与所述调取单据数据对应的等级间的关系,确定所述用户是否能调取所述调取单据数据。Step S250: Based on the relationship between the level corresponding to the user and the level corresponding to the retrieved receipt data, it is determined whether the user can retrieve the retrieved receipt data.
如前所述所述单据数据对应的分值表明所述单据数据对应的重要程度,当用户调用单据数据时,根据用户对应等级与所要调取的单据数据对应的等级间的关系确定所述用户是否能调取相应的单据数据,以防止单据数据的泄露,进而保证单据数据的安全性。As mentioned above, the score corresponding to the bill data indicates the degree of importance of the bill data. When the user calls the bill data, the user is determined according to the relationship between the user's corresponding level and the level corresponding to the bill data to be retrieved. Whether the corresponding document data can be retrieved to prevent the leakage of the document data and to ensure the security of the document data.
在本申请的一实施例中,若用户A对应的等级为2级,而其所要调取的单据数据a对应的等级为1级,单据数据b对应的等级为3级,因1<2<3,所述用户A可以调用单据数据a,而不能调取单据数据b。In an embodiment of the present application, if the level corresponding to user A is level 2, and the level corresponding to the document data a to be retrieved is level 1, the level corresponding to document data b is level 3, because 1<2< 3. The user A can call the bill data a, but cannot call the bill data b.
本公开还提供了一种单据数据加密的装置。参考图4所示,所述单据数据加密的装置400包括:提取模块410,第一确定模块420,第二确定模块430,第三确定模块440,第四确定模块450,第五确定模块460,加密模块470。其中:The present disclosure also provides a device for document data encryption. Referring to FIG. 4, the device 400 for encrypting document data includes: an extraction module 410, a first determination module 420, a second determination module 430, a third determination module 440, a fourth determination module 450, and a fifth determination module 460, Encryption module 470. among them:
提取模块410,用于响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;The extraction module 410 is configured to extract the document data contained in the encryption request in response to the document data encryption request sent by the user terminal;
第一确定模块420,用于确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;The first determining module 420 is configured to determine the field type corresponding to each field in the bill data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, and the item identification and the item identification corresponding to the item Quantity and the estimated value of a single item;
第二确定模块430,用于基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;The second determination module 430 is configured to determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item factor;
第三确定模块440,用于基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;The third determining module 440 is configured to determine the score corresponding to the document data based on the first reference factor and the second reference factor;
第四确定模块450,用于基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;The fourth determining module 450 is configured to determine the fields that need to be encrypted in the document data based on the score value corresponding to the document data and the pre-stored score value corresponding encrypted field table;
第五确定模块460,用于基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;The fifth determining module 460 is configured to determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
加密模块470,用于对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。The encryption module 470 is configured to encrypt each field to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted.
在本申请的一实施例中,所述第二确定模块430,还可配置为:确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;In an embodiment of the present application, the second determining module 430 may also be configured to determine the number of different transfer-in party identifiers included in the transfer-in party identifier and the difference between the number of transfer-in party identifiers included in the transfer-out party identifier. The number of transfer-out party IDs; based on the transfer-in party ID and transfer-out party ID and the pre-stored transfer-in party and transfer-out party ID corresponding score table, determine the score corresponding to each of the different transfer-in party IDs and each Points corresponding to each of the different transfer-out party identifiers;
通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
Figure PCTCN2020087458-appb-000004
Figure PCTCN2020087458-appb-000004
其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
在本申请的一实施例中,所述第二确定模块430,还可配置为:确定所述物品标识中包含的不同物品标识个数;基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;In an embodiment of the present application, the second determining module 430 may also be configured to: determine the number of different item identifiers contained in the item identifier; based on the score table corresponding to the item identifier and the pre-stored item identifier , Determine the score corresponding to each item identifier in the different item identifiers;
通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
Figure PCTCN2020087458-appb-000005
Figure PCTCN2020087458-appb-000005
其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
在本申请的一实施例中,所述第三确定模块440,还可配置为:基于所述第一参考因子与所述第二参考因子,通过以下公式,确定所述单据数据对应的分值:In an embodiment of the present application, the third determining module 440 may be further configured to determine the score corresponding to the document data by the following formula based on the first reference factor and the second reference factor :
M=log zF+S M=log z F+S
其中M为所述单据数据对应的分值,z为大于1的常数,F为所述第二参考因子,s为所述第一参考因子。Where M is the score corresponding to the receipt data, z is a constant greater than 1, F is the second reference factor, and s is the first reference factor.
在本申请的一实施例中,所述单据数据加密的装置400还包括:存储模块用于,基于所述单据对应的分值与预存的分值对应等级表,确定所述单据数据 对应的等级;基于所述单据数据对应的等级,将所述单据数据存储至相应的存储服务器。In an embodiment of the present application, the device 400 for encrypting document data further includes: a storage module for determining the level corresponding to the document data based on the corresponding level table of the score corresponding to the document and the pre-stored score value. ; Based on the level corresponding to the bill data, store the bill data to the corresponding storage server.
在本申请的一实施例中,所述单据数据加密的装置400还包括:调取模块用于,响应于用户端发送的调用请求,提取所述调用请求中包含的用户标识与调取单据数据标识;基于所述用户标识确定所述用户对应的等级,基于所述调取单据数据标识确定所述调取单据数据对应的等级;基于所述用户对应的等级与所述调取单据数据对应的等级间的关系,确定所述用户是否能调取所述调取单据数据。In an embodiment of the present application, the device 400 for encrypting bill data further includes: an invocation module configured to, in response to an invocation request sent by the user terminal, extract the user identification and the invocation bill data contained in the invocation request Identification; determine the level corresponding to the user based on the user identifier, determine the level corresponding to the call receipt data based on the call receipt data identification; determine the rank corresponding to the call receipt data based on the user The relationship between the levels determines whether the user can retrieve the retrieval receipt data.
上述对图像中的单据数据加密的装置中各模块的具体细节已经在对应的方法中进行了详细的描述,因此此处不再赘述。The specific details of each module in the above apparatus for encrypting document data in an image have been described in detail in the corresponding method, and therefore will not be repeated here.
应当注意,尽管在上文详细描述中提及了用于动作执行的设备的若干模块或者单元,但是这种划分并非强制性的。实际上,根据本公开的实施方式,上文描述的两个或更多模块或者单元的特征和功能可以在一个模块或者单元中具体化。反之,上文描述的一个模块或者单元的特征和功能可以进一步划分为由多个模块或者单元来具体化。It should be noted that although several modules or units of the device for action execution are mentioned in the above detailed description, this division is not mandatory. In fact, according to the embodiments of the present disclosure, the features and functions of two or more modules or units described above may be embodied in one module or unit. Conversely, the features and functions of a module or unit described above can be further divided into multiple modules or units to be embodied.
此外,尽管在附图中以特定顺序描述了本公开中方法的各个步骤,但是,这并非要求或者暗示必须按照所述特定顺序来执行这些步骤,或是必须执行全部所示的步骤才能实现期望的结果。附加的或备选的,可以省略某些步骤,将多个步骤合并为一个步骤执行,以及/或者将一个步骤分解为多个步骤执行等。In addition, although the various steps of the method in the present disclosure are described in a specific order in the drawings, this does not require or imply that these steps must be performed in the specific order, or that all the steps shown must be performed to achieve the desired the result of. Additionally or alternatively, some steps may be omitted, multiple steps may be combined into one step for execution, and/or one step may be decomposed into multiple steps for execution, etc.
通过以上的实施方式的描述,本领域的技术人员易于理解,这里描述的示例实施方式可以通过软件实现,也可以通过软件结合必要的硬件的方式来实现。因此,根据本公开实施方式的技术方案可以以软件产品的形式体现出来,所述软件产品可以存储在一个非易失性存储介质(可以是CD-ROM,U盘,移动硬盘等)中或网络上,包括若干指令以使得一台计算设备(可以是个人计算机、服务器、移动终端、或者网络设备等)执行根据本公开实施方式的方法。Through the description of the above embodiments, those skilled in the art can easily understand that the example embodiments described here can be implemented by software, or can be implemented by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, and the software product can be stored in a non-volatile storage medium (which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.) or a network The above includes several instructions to make a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) execute the method according to the embodiment of the present disclosure.
图5示出根据本公开一示例实施方式的单据数据加密的系统架构框图。所述系统架构包括:用户端310、服务器320。Fig. 5 shows a block diagram of a system architecture for document data encryption according to an exemplary embodiment of the present disclosure. The system architecture includes: a client 310 and a server 320.
在一实施例中,用户端310发送加密请求给服务器320,服务器320从接收到的加密请求中提取单据数据,服务器320确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值,服务器320基于所述转入方标识和转出方标识确定第一参考因子,服务器320基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;服务器320基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;服务器320再基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;服务器320基于所述单据数据中每个字段对应 的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;服务器320对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。In one embodiment, the client 310 sends an encryption request to the server 320. The server 320 extracts the receipt data from the received encryption request. The server 320 determines the field type corresponding to each field in the receipt data and extracts the receipt data. The transfer-in party identification and the transfer-out party identification contained in the transfer-in party identification and the transfer-out party identification, the item identification and the number of items corresponding to the item identification and the evaluation value of a single item, the server 320 determines the first reference factor based on the transfer-in party identification and the transfer-out party identification , The server 320 determines a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item; the server 320 determines the receipt based on the first reference factor and the second reference factor The score corresponding to the data; the server 320 then determines the fields to be encrypted in the document data based on the score corresponding to the document data and the pre-stored score corresponding to the encrypted field table; the server 320 corresponds to each field in the document data The field type of the field to be encrypted and the field to be encrypted are determined, and the field type corresponding to each field to be encrypted in the field to be encrypted is determined; The key corresponding to the field type of the field to be encrypted is encrypted.
需要说明的是,本公开实施例所提供的单据数据加密的方法一般由服务器320执行,相应地,单据数据加密的装置一般设置于服务器320中。但是,在本公开的其它实施例中,终端也可以与服务器具有相似的功能,从而执行本公开实施例所提供的单据数据加密的方案。It should be noted that the method for encrypting the document data provided by the embodiments of the present disclosure is generally executed by the server 320, and accordingly, the device for encrypting the document data is generally set in the server 320. However, in other embodiments of the present disclosure, the terminal and the server may also have similar functions, so as to implement the document data encryption solution provided by the embodiments of the present disclosure.
通过以上对系统架构的描述,本领域的技术人员易于理解,这里描述的系统架构能够实现图4所示的单据数据加密的装置中各个模块的功能。Through the above description of the system architecture, those skilled in the art can easily understand that the system architecture described here can realize the functions of each module in the device for document data encryption shown in FIG. 4.
在本公开的示例性实施例中,还提供了一种能够实现上述方法的电子设备。In an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
所属技术领域的技术人员能够理解,本申请的各个方面可以实现为系统、方法或程序产品。因此,本申请的各个方面可以具体实现为以下形式,即:完全的硬件实施方式、完全的软件实施方式(包括固件、微代码等),或硬件和软件方面结合的实施方式,这里可以统称为“电路”、“模块”或“系统”。Those skilled in the art can understand that various aspects of the present application can be implemented as a system, a method, or a program product. Therefore, each aspect of the present application can be specifically implemented in the following forms, namely: complete hardware implementation, complete software implementation (including firmware, microcode, etc.), or a combination of hardware and software implementations, which can be collectively referred to herein as "Circuit", "Module" or "System".
下面参照图6来描述根据本申请的这种实施方式的电子设备500。图6显示的电子设备500仅仅是一个示例,不应对本申请实施例的功能和使用范围带来任何限制。The electronic device 500 according to this embodiment of the present application will be described below with reference to FIG. 6. The electronic device 500 shown in FIG. 6 is only an example, and should not bring any limitation to the function and scope of use of the embodiments of the present application.
如图6所示,电子设备500以通用计算设备的形式表现。电子设备500的组件可以包括但不限于:上述至少一个处理单元510、上述至少一个存储单元520、连接不同系统组件(包括存储单元520和处理单元510)的总线530。As shown in FIG. 6, the electronic device 500 is represented in the form of a general-purpose computing device. The components of the electronic device 500 may include, but are not limited to: the aforementioned at least one processing unit 510, the aforementioned at least one storage unit 520, and a bus 530 connecting different system components (including the storage unit 520 and the processing unit 510).
其中,所述存储单元存储有程序代码,所述程序代码可以被所述处理单元510执行,使得所述处理单元510执行本说明书上述“示例性方法”部分中描述的根据本申请各种示例性实施方式的步骤。例如,所述处理单元510可以执行如图1中所示步骤S100:响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;步骤S110:确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;步骤S120:基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;步骤S130:基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;步骤S140:基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;步骤S150:基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;步骤S160:对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。Wherein, the storage unit stores program code, and the program code can be executed by the processing unit 510, so that the processing unit 510 executes the various exemplary methods described in the “Exemplary Method” section of this specification. Steps of implementation. For example, the processing unit 510 may perform step S100 as shown in FIG. 1: in response to the document data encryption request sent by the user terminal, extract the document data contained in the encryption request; step S110: determine every item in the document data Field types corresponding to each field, and extract the transfer-in party identification and transfer-out party identification contained in the document data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item; step S120: based on the transfer The incoming party identifier and the outgoing party identifier determine a first reference factor, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item; step S130: based on the first reference factor Determine the score corresponding to the document data with the second reference factor; Step S140: Determine the field to be encrypted in the document data based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score; Step S150: Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted; Step S160: Check all the fields in the document data Each field to be encrypted in the fields to be encrypted is encrypted according to the key corresponding to the field type of each field to be encrypted.
存储单元520可以包括易失性存储单元形式的可读介质,例如随机存取存 储单元(RAM)5201和/或高速缓存存储单元5202,还可以进一步包括只读存储单元(ROM)5203。The storage unit 520 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 5201 and/or a cache storage unit 5202, and may further include a read-only storage unit (ROM) 5203.
存储单元520还可以包括具有一组(至少一个)程序模块5205的程序/实用工具5204,这样的程序模块5205包括但不限于:操作系统、一个或者多个应用程序、其它程序模块以及程序数据,这些示例中的每一个或某种组合中可能包括网络环境的实现。The storage unit 520 may also include a program/utility tool 5204 having a set (at least one) program module 5205. Such program module 5205 includes but is not limited to: an operating system, one or more application programs, other program modules, and program data, Each of these examples or some combination may include the implementation of a network environment.
总线530可以为表示几类总线结构中的一种或多种,包括存储单元总线或者存储单元控制器、外围总线、图形加速端口、处理单元或者使用多种总线结构中的任意总线结构的局域总线。The bus 530 may represent one or more of several types of bus structures, including a storage unit bus or a storage unit controller, a peripheral bus, a graphics acceleration port, a processing unit, or a local area using any bus structure among multiple bus structures. bus.
电子设备500也可以与一个或多个外部设备600(例如键盘、指向设备、蓝牙设备等)通信,还可与一个或者多个使得用户能与该电子设备500交互的设备通信,和/或与使得该电子设备500能与一个或多个其它计算设备进行通信的任何设备(例如路由器、调制解调器等等)通信。这种通信可以通过输入/输出(I/O)接口550进行。并且,电子设备500还可以通过网络适配器560与一个或者多个网络(例如局域网(LAN),广域网(WAN)和/或公共网络,例如因特网)通信。如图所示,网络适配器560通过总线530与电子设备500的其它模块通信。应当明白,尽管图中未示出,可以结合电子设备500使用其它硬件和/或软件模块,包括但不限于:微代码、设备驱动器、冗余处理单元、外部磁盘驱动阵列、RAID系统、磁带驱动器以及数据备份存储系统等。The electronic device 500 may also communicate with one or more external devices 600 (such as keyboards, pointing devices, Bluetooth devices, etc.), and may also communicate with one or more devices that enable users to interact with the electronic device 500, and/or communicate with Any device (such as a router, modem, etc.) that enables the electronic device 500 to communicate with one or more other computing devices. Such communication can be performed through an input/output (I/O) interface 550. In addition, the electronic device 500 may also communicate with one or more networks (for example, a local area network (LAN), a wide area network (WAN), and/or a public network, such as the Internet) through the network adapter 560. As shown in the figure, the network adapter 560 communicates with other modules of the electronic device 500 through the bus 530. It should be understood that although not shown in the figure, other hardware and/or software modules can be used in conjunction with the electronic device 500, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives And data backup storage system, etc.
通过以上的实施方式的描述,本领域的技术人员易于理解,这里描述的示例实施方式可以通过软件实现,也可以通过软件结合必要的硬件的方式来实现。因此,根据本公开实施方式的技术方案可以以软件产品的形式体现出来,该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM,U盘,移动硬盘等)中或网络上,包括若干指令以使得一台计算设备(可以是个人计算机、服务器、终端装置、或者网络设备等)执行根据本公开实施方式的方法。Through the description of the above embodiments, those skilled in the art can easily understand that the example embodiments described here can be implemented by software, or can be implemented by combining software with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, U disk, mobile hard disk, etc.) or on the network , Including several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the embodiment of the present disclosure.
在本公开的示例性实施例中,还提供了一种计算机可读存储介质,其上存储有能够实现本说明书上述方法的程序产品。在一些可能的实施方式中,本申请的各个方面还可以实现为一种程序产品的形式,其包括程序代码,当所述程序产品在终端设备上运行时,所述程序代码用于使所述终端设备执行本说明书上述“示例性方法”部分中描述的根据本申请各种示例性实施方式的步骤。In an exemplary embodiment of the present disclosure, a computer-readable storage medium is also provided, on which a program product capable of implementing the above method of this specification is stored. In some possible implementation manners, various aspects of the present application can also be implemented in the form of a program product, which includes program code. When the program product runs on a terminal device, the program code is used to make the The terminal device executes the steps according to various exemplary embodiments of the present application described in the above-mentioned "Exemplary Method" section of this specification.
参考图7所示,描述了根据本申请的实施方式的用于实现上述方法的程序产品700,其可以采用便携式紧凑盘只读存储器(CD-ROM)并包括程序代码,并可以在终端设备,例如个人电脑上运行。然而,本申请的程序产品不限于此,在本文件中,可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。Referring to FIG. 7, a program product 700 for implementing the above method according to an embodiment of the present application is described. It can adopt a portable compact disk read-only memory (CD-ROM) and include program code, and can be stored in a terminal device, For example, running on a personal computer. However, the program product of this application is not limited to this. In this document, the readable storage medium can be any tangible medium that contains or stores a program, and the program can be used by or in combination with an instruction execution system, device, or device.
所述程序产品可以采用一个或多个可读介质的任意组合。可读介质可以是 可读信号介质或者可读存储介质。可读存储介质例如可以为但不限于电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。可读存储介质的更具体的例子(非穷举的列表)包括:具有一个或多个导线的电连接、便携式盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。The program product can use any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or a combination of any of the above. More specific examples (non-exhaustive list) of readable storage media include: electrical connections with one or more wires, portable disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable Type programmable read only memory (EPROM or flash memory), optical fiber, portable compact disk read only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
计算机可读信号介质可以包括在基带中或者作为载波一部分传播的数据信号,其中承载了可读程序代码。这种传播的数据信号可以采用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组合。可读信号介质还可以是可读存储介质以外的任何可读介质,所述存储介质为易失性存储介质或非易失性存储介质,该可读介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。The computer-readable signal medium may include a data signal propagated in baseband or as a part of a carrier wave, and readable program code is carried therein. This propagated data signal can take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. The readable signal medium may also be any readable medium other than a readable storage medium. The storage medium is a volatile storage medium or a non-volatile storage medium. The readable medium can be sent, propagated or transmitted for use by the instruction Execute programs used by or in combination with systems, devices or devices.
可读介质上包含的程序代码可以用任何适当的介质传输,包括但不限于无线、有线、光缆、RF等等,或者上述的任意合适的组合。The program code contained on the readable medium can be transmitted by any suitable medium, including but not limited to wireless, wired, optical cable, RF, etc., or any suitable combination of the above.
可以以一种或多种程序设计语言的任意组合来编写用于执行本申请操作的程序代码,所述程序设计语言包括面向对象的程序设计语言—诸如Java、C++等,还包括常规的过程式程序设计语言—诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算设备上执行、部分地在用户设备上执行、作为一个独立的软件包执行、部分在用户计算设备上部分在远程计算设备上执行、或者完全在远程计算设备或服务器上执行。在涉及远程计算设备的情形中,远程计算设备可以通过任意种类的网络,包括局域网(LAN)或广域网(WAN),连接到用户计算设备,或者,可以连接到外部计算设备(例如利用因特网服务提供商来通过因特网连接)。The program code used to perform the operations of the present application can be written in any combination of one or more programming languages. The programming languages include object-oriented programming languages—such as Java, C++, etc., as well as conventional procedural programming languages. Programming language-such as "C" language or similar programming language. The program code can be executed entirely on the user's computing device, partly on the user's device, executed as an independent software package, partly on the user's computing device and partly executed on the remote computing device, or entirely on the remote computing device or server Executed on. In the case of a remote computing device, the remote computing device can be connected to a user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computing device (for example, using Internet service providers). Business to connect via the Internet).
此外,上述附图仅是根据本申请示例性实施例的方法所包括的处理的示意性说明,而不是限制目的。易于理解,上述附图所示的处理并不表明或限制这些处理的时间顺序。另外,也易于理解,这些处理可以是例如在多个模块中同步或异步执行的。In addition, the above-mentioned drawings are merely schematic illustrations of the processing included in the method according to the exemplary embodiments of the present application, and are not intended for limitation. It is easy to understand that the processing shown in the above drawings does not indicate or limit the time sequence of these processings. In addition, it is easy to understand that these processes can be executed synchronously or asynchronously in multiple modules, for example.
本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本公开的其他实施例。本申请旨在涵盖本公开的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本公开的真正范围和精神由权利要求指出。Those skilled in the art will easily think of other embodiments of the present disclosure after considering the specification and practicing the invention disclosed herein. This application is intended to cover any variations, uses, or adaptive changes of the present disclosure. These variations, uses, or adaptive changes follow the general principles of the present disclosure and include common knowledge or conventional technical means in the technical field that are not disclosed in the present disclosure. . The description and the embodiments are only regarded as exemplary, and the true scope and spirit of the present disclosure are pointed out by the claims.

Claims (20)

  1. 一种单据数据加密的方法,所述方法包括:A method for document data encryption, the method includes:
    响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;In response to a bill data encryption request sent by the user terminal, extract the bill data contained in the encryption request;
    确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;Determining the field type corresponding to each field in the document data and extracting the transfer-in party identification and the transfer-out party identification contained in the bill data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item;
    基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;Determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
    基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;Determine the score corresponding to the receipt data based on the first reference factor and the second reference factor;
    基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;Determine the field to be encrypted in the document data based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score;
    基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
    对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。Each field to be encrypted in the fields to be encrypted in the document data is encrypted according to the key corresponding to the field type of each field to be encrypted.
  2. 根据权利要求1所述的方法,所述基于所述转入方标识和转出方标识确定第一参考因子包括:The method according to claim 1, wherein the determining the first reference factor based on the transfer-in party identifier and the transfer-out party identifier comprises:
    确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;Determining the number of different transfer-in party identifiers included in the transfer-in party identifier and the number of different transfer-out party identifiers included in the transfer-out party identifier;
    基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;Based on the transfer-in party identification and the transfer-out party identification and the pre-stored score table corresponding to the transfer-in party and the transfer-out party identification, the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score;
    通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100001
    Figure PCTCN2020087458-appb-100001
    其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
  3. 根据权利要求1所述的方法,所述基于物品标识和所述物品标识对应的物品数量及单个物品的评估值确定第二参考因子包括:The method according to claim 1, wherein the determining the second reference factor based on the item identifier, the number of items corresponding to the item identifier and the evaluation value of a single item comprises:
    确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
    基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
    通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100002
    Figure PCTCN2020087458-appb-100002
    其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
  4. 根据权利要求1所述的方法,所述基于所述第一参考因子与所述第二参考因子确定所述单据数据对应的分值包括:The method according to claim 1, wherein the determining the score corresponding to the document data based on the first reference factor and the second reference factor comprises:
    基于所述第一参考因子与所述第二参考因子,通过以下公式,确定所述单据数据对应的分值:Based on the first reference factor and the second reference factor, the score corresponding to the document data is determined by the following formula:
    M=log zF+S M=log z F+S
    其中M为所述单据数据对应的分值,z为大于1的常数,F为所述第二参考因子,s为所述第一参考因子。Where M is the score corresponding to the receipt data, z is a constant greater than 1, F is the second reference factor, and s is the first reference factor.
  5. 根据权利要求1所述的方法,在所述对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密之后,还包括:The method according to claim 1, after said encrypting each of the fields to be encrypted in the fields to be encrypted in the document data respectively according to a key corresponding to the field type of each field to be encrypted, the method further comprises:
    基于所述单据对应的分值与预存的分值对应等级表,确定所述单据数据对应的等级;Determine the level corresponding to the document data based on the corresponding level table of the score corresponding to the document and the pre-stored score value;
    基于所述单据数据对应的等级,将所述单据数据存储至相应的存储服务器。Based on the level corresponding to the bill data, the bill data is stored in a corresponding storage server.
  6. 根据权利要求5所述的方法,在所述基于所述单据数据对应的等级,将所述单据数据存储至相应的预设数据库之后,还包括:The method according to claim 5, after the storing the bill data in a corresponding preset database based on the level corresponding to the bill data, further comprising:
    响应于用户端发送的调用请求,提取所述调用请求中包含的用户标识与调取单据数据标识;In response to the call request sent by the user terminal, extract the user identification and the call receipt data identification included in the call request;
    基于所述用户标识确定所述用户对应的等级,基于所述调取单据数据标识确定所述调取单据数据对应的等级;Determine the level corresponding to the user based on the user identifier, and determine the level corresponding to the call receipt data based on the call receipt data identifier;
    基于所述用户对应的等级与所述调取单据数据对应的等级间的关系,确定所述用户是否能调取所述调取单据数据。Based on the relationship between the level corresponding to the user and the level corresponding to the call receipt data, it is determined whether the user can call the call receipt data.
  7. 一种单据数据的加密装置,包括:A document data encryption device, including:
    提取模块,用于响应于用户端发送的单据数据加密请求,提取所述加密请 求中包含的单据数据;The extraction module is used to extract the document data contained in the encryption request in response to the document data encryption request sent by the user terminal;
    第一确定模块,用于确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;The first determining module is used to determine the field type corresponding to each field in the bill data and extract the transfer-in party identification and the transfer-out party identification contained in the bill data, the item identification and the number of items corresponding to the item identification And the assessed value of a single item;
    第二确定模块,用于基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;The second determination module is configured to determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item ;
    第三确定模块,用于基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;A third determining module, configured to determine the score corresponding to the document data based on the first reference factor and the second reference factor;
    第四确定模块,用于基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;The fourth determining module is configured to determine the fields in the document data that need to be encrypted based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score;
    第五确定模块,用于基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;A fifth determining module, configured to determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
    加密模块,用于对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。The encryption module is used for encrypting each field to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted.
  8. 根据权利要求7所述的装置,所述第二确定模块,还可配置为:According to the device according to claim 7, the second determining module may be further configured as:
    确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;Determining the number of different transfer-in party identifiers included in the transfer-in party identifier and the number of different transfer-out party identifiers included in the transfer-out party identifier;
    基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;Based on the transfer-in party identification and the transfer-out party identification and the pre-stored score table corresponding to the transfer-in party and the transfer-out party identification, the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score;
    通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100003
    Figure PCTCN2020087458-appb-100003
    其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
  9. 根据权利要求7所述的装置,所述第二确定模块,还可配置为:According to the device according to claim 7, the second determining module may be further configured as:
    确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
    基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
    通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100004
    Figure PCTCN2020087458-appb-100004
    其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
  10. 一种计算机设备,包括:一个或多个处理器;存储器;一个或多个计算机程序,其中所述一个或多个计算机程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个计算机程序配置用于执行一种单据数据加密的方法,其中,所述单据数据加密的方法包括:A computer device includes: one or more processors; a memory; one or more computer programs, wherein the one or more computer programs are stored in the memory and configured to be used by the one or more The processor executes, and the one or more computer programs are configured to execute a method for document data encryption, wherein the method for document data encryption includes:
    响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;In response to a bill data encryption request sent by the user terminal, extract the bill data contained in the encryption request;
    确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;Determining the field type corresponding to each field in the document data and extracting the transfer-in party identification and the transfer-out party identification contained in the bill data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item;
    基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;Determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
    基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;Determine the score corresponding to the receipt data based on the first reference factor and the second reference factor;
    基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;Determine the field to be encrypted in the document data based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score;
    基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
    对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。Each field to be encrypted in the fields to be encrypted in the document data is encrypted according to the key corresponding to the field type of each field to be encrypted.
  11. 根据权利要求10所述的计算机设备,所述基于所述转入方标识和转出方标识确定第一参考因子包括:The computer device according to claim 10, wherein the determining the first reference factor based on the transfer-in party identification and the transfer-out party identification comprises:
    确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;Determining the number of different transfer-in party identifiers included in the transfer-in party identifier and the number of different transfer-out party identifiers included in the transfer-out party identifier;
    基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;Based on the transfer-in party identification and the transfer-out party identification and the pre-stored score table corresponding to the transfer-in party and the transfer-out party identification, the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score;
    通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100005
    Figure PCTCN2020087458-appb-100005
    其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
  12. 根据权利要求10所述的计算机设备,所述基于物品标识和所述物品标识对应的物品数量及单个物品的评估值确定第二参考因子包括:11. The computer device according to claim 10, wherein the determining the second reference factor based on the item identifier and the item number corresponding to the item identifier and the evaluation value of a single item comprises:
    确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
    基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
    通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100006
    Figure PCTCN2020087458-appb-100006
    其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
  13. 根据权利要求10所述的计算机设备,所述基于物品标识和所述物品标识对应的物品数量及单个物品的评估值确定第二参考因子包括:11. The computer device according to claim 10, wherein the determining the second reference factor based on the item identifier and the item number corresponding to the item identifier and the evaluation value of a single item comprises:
    确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
    基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
    通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100007
    Figure PCTCN2020087458-appb-100007
    其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
  14. 根据权利要求10所述的计算机设备,所述基于所述第一参考因子与所述第二参考因子确定所述单据数据对应的分值包括:The computer device according to claim 10, wherein the determining the score corresponding to the document data based on the first reference factor and the second reference factor comprises:
    基于所述第一参考因子与所述第二参考因子,通过以下公式,确定所述单据数据对应的分值:M=log zF+S Based on the first reference factor and the second reference factor, the score corresponding to the document data is determined by the following formula: M=log z F+S
    其中M为所述单据数据对应的分值,z为大于1的常数,F为所述第二参考因子,s为所述第一参考因子。Where M is the score corresponding to the receipt data, z is a constant greater than 1, F is the second reference factor, and s is the first reference factor.
  15. 根据权利要求10所述的计算机设备,在所述对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密之后,还包括:The computer device according to claim 10, after said encrypting each of the fields to be encrypted in the fields to be encrypted in the document data according to the key corresponding to the field type of each field to be encrypted, further comprising: :
    基于所述单据对应的分值与预存的分值对应等级表,确定所述单据数据对应的等级;Determine the level corresponding to the document data based on the corresponding level table of the score corresponding to the document and the pre-stored score value;
    基于所述单据数据对应的等级,将所述单据数据存储至相应的存储服务器。Based on the level corresponding to the bill data, the bill data is stored in a corresponding storage server.
  16. 根据权利要求15所述的计算机设备,在所述基于所述单据数据对应的等级,将所述单据数据存储至相应的预设数据库之后,还包括:The computer device according to claim 15, after storing the bill data in a corresponding preset database based on the level corresponding to the bill data, further comprising:
    响应于用户端发送的调用请求,提取所述调用请求中包含的用户标识与调取单据数据标识;In response to the call request sent by the user terminal, extract the user identification and the call receipt data identification included in the call request;
    基于所述用户标识确定所述用户对应的等级,基于所述调取单据数据标识确定所述调取单据数据对应的等级;Determine the level corresponding to the user based on the user identifier, and determine the level corresponding to the call receipt data based on the call receipt data identifier;
    基于所述用户对应的等级与所述调取单据数据对应的等级间的关系,确定所述用户是否能调取所述调取单据数据。Based on the relationship between the level corresponding to the user and the level corresponding to the call receipt data, it is determined whether the user can call the call receipt data.
  17. 一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,该计算机程序被处理器执行时实现单据数据加密的方法,其中,所述单据数据加密的方法包括以下步骤:A computer-readable storage medium with a computer program stored on the computer-readable storage medium, which implements a method for document data encryption when the computer program is executed by a processor, wherein the method for document data encryption includes the following steps:
    响应于用户端发送的单据数据加密请求,提取所述加密请求中包含的单据数据;In response to a bill data encryption request sent by the user terminal, extract the bill data contained in the encryption request;
    确定所述单据数据中每个字段对应的字段类型并提取所述单据数据中包含的转入方标识和转出方标识,物品标识和所述物品标识对应物品的数量及单个物品的评估值;Determining the field type corresponding to each field in the document data and extracting the transfer-in party identification and the transfer-out party identification contained in the bill data, the number of items corresponding to the item identification and the item identification, and the evaluation value of a single item;
    基于所述转入方标识和转出方标识确定第一参考因子,基于所述物品标识、所述物品标识对应物品的数量及单个物品的评估值确定第二参考因子;Determine a first reference factor based on the transfer-in party identifier and the transfer-out party identifier, and determine a second reference factor based on the item identifier, the number of items corresponding to the item identifier, and the evaluation value of a single item;
    基于所述第一参考因子与所述第二参考因子,确定所述单据数据对应的分值;Determine the score corresponding to the receipt data based on the first reference factor and the second reference factor;
    基于所述单据数据对应的分值与预存的分值对应加密字段表,确定所述单据数据中需加密字段;Determine the field to be encrypted in the document data based on the encrypted field table corresponding to the score corresponding to the document data and the pre-stored score;
    基于所述单据数据中每个字段对应的字段类型与所述需加密字段,确定所述需加密字段中每个需加密字段对应的字段类型;Determine the field type corresponding to each field to be encrypted in the field to be encrypted based on the field type corresponding to each field in the document data and the field to be encrypted;
    对所述单据数据中所述需加密字段中每个需加密字段分别依据每个需加密字段的字段类型对应的密钥进行加密。Each field to be encrypted in the fields to be encrypted in the document data is encrypted according to the key corresponding to the field type of each field to be encrypted.
  18. 根据权利要求17所述的计算机可读存储介质,所述基于所述转入方标识和转出方标识确定第一参考因子包括:The computer-readable storage medium according to claim 17, wherein the determining the first reference factor based on the transfer-in party identifier and the transfer-out party identifier comprises:
    确定所述转入方标识中包含的不同转入方标识个数和所述转出方标识中包含的不同转出方标识个数;Determining the number of different transfer-in party identifiers included in the transfer-in party identifier and the number of different transfer-out party identifiers included in the transfer-out party identifier;
    基于所述转入方标识和转出方标识与预存的转入方与转出方标识对应分数表,确定每个所述不同转入方标识对应的分值与每个所述不同转出方标识对应的分值;Based on the transfer-in party identification and the transfer-out party identification and the pre-stored score table corresponding to the transfer-in party and the transfer-out party identification, the score corresponding to each of the different transfer-in party identifications and each of the different transfer-out parties are determined Identify the corresponding score;
    通过如下公式确定所述第一参考因子:The first reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100008
    Figure PCTCN2020087458-appb-100008
    其中s为所述第一参考因子,a i为所述不同转入方标识中第i个转入方标识对应的分值,n为所述不同转入方标识个数,b c为所述不同转出方标识中第c个转出方标识对应的分值,d为所述不同转出方标识个数。 Where s is the first reference factor, a i is the score corresponding to the i-th transfer-in party identifier among the different transfer-in party identifiers, n is the number of the different transfer-in party identifiers, and b c is the The score corresponding to the c-th transfer-out party identifier in the different transfer-out party identifiers, and d is the number of the different transfer-out party identifiers.
  19. 根据权利要求17所述的计算机可读存储介质,所述基于物品标识和所述物品标识对应的物品数量及单个物品的评估值确定第二参考因子包括:17. The computer-readable storage medium according to claim 17, wherein the determining the second reference factor based on the item identifier, the number of items corresponding to the item identifier and the evaluation value of a single item comprises:
    确定所述物品标识中包含的不同物品标识个数;Determining the number of different item identifiers included in the item identifier;
    基于所述物品标识与预存的物品标识对应分值表,确定所述不同物品标识中每个物品标识对应的分值;Determine the score corresponding to each item identifier in the different item identifiers based on the score table corresponding to the item identifier and the pre-stored item identifier;
    通过如下公式确定第二参考因子:The second reference factor is determined by the following formula:
    Figure PCTCN2020087458-appb-100009
    Figure PCTCN2020087458-appb-100009
    其中F为所述第二参考因子,r为所述单据数据中包含的所述不同物品标识个数,We为所述不同物品标识中第e个物品标识对应的分值,te为所述不同物品标识中第e个物品标识对应的物品数量,he为所述不同物品标识中第e个物品标识对应的单个物品评估值,g为预设的常数,g大于零小于壹。Where F is the second reference factor, r is the number of different item identifiers contained in the bill data, We is the score corresponding to the e-th item identifier in the different item identifiers, and te is the different item identifier. The item quantity corresponding to the e-th item identifier in the item identifier, he is the individual item evaluation value corresponding to the e-th item identifier in the different item identifiers, g is a preset constant, and g is greater than zero and less than one.
  20. 根据权利要求17所述的计算机可读存储介质,所述基于所述第一参考因子与所述第二参考因子确定所述单据数据对应的分值包括:17. The computer-readable storage medium according to claim 17, wherein the determining the score corresponding to the document data based on the first reference factor and the second reference factor comprises:
    基于所述第一参考因子与所述第二参考因子,通过以下公式,确定所述单据数据对应的分值:M=log zF+S Based on the first reference factor and the second reference factor, the score corresponding to the document data is determined by the following formula: M=log z F+S
    其中M为所述单据数据对应的分值,z为大于1的常数,F为所述第二参考因子,s为所述第一参考因子。Where M is the score corresponding to the receipt data, z is a constant greater than 1, F is the second reference factor, and s is the first reference factor.
PCT/CN2020/087458 2019-11-21 2020-04-28 Receipt data encryption method and apparatus, electronic device, and storage medium WO2021098150A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911150333.1 2019-11-21
CN201911150333.1A CN110943982B (en) 2019-11-21 2019-11-21 Document data encryption method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2021098150A1 true WO2021098150A1 (en) 2021-05-27

Family

ID=69907153

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/087458 WO2021098150A1 (en) 2019-11-21 2020-04-28 Receipt data encryption method and apparatus, electronic device, and storage medium

Country Status (2)

Country Link
CN (1) CN110943982B (en)
WO (1) WO2021098150A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110943982B (en) * 2019-11-21 2021-07-30 深圳壹账通智能科技有限公司 Document data encryption method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030196001A1 (en) * 2002-04-12 2003-10-16 Ryuji Nagahama Digital signed document delivery system, digital signed document delivery method, digital signed document delivery program, and recording medium in which the digital signed document delivery program is recorded
US20190220835A1 (en) * 2012-06-22 2019-07-18 Paychief Llc Systems and methods for billing via a symbology
CN110336787A (en) * 2019-05-23 2019-10-15 平安科技(深圳)有限公司 Data encryption method and device, computer equipment and storage medium
CN110474886A (en) * 2019-07-24 2019-11-19 深圳壹账通智能科技有限公司 Data ciphering method, device, electronic equipment and storage medium based on block chain
CN110943982A (en) * 2019-11-21 2020-03-31 深圳壹账通智能科技有限公司 Document data encryption method and device, electronic equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106874781A (en) * 2015-12-11 2017-06-20 阿里巴巴集团控股有限公司 A kind of tables of data encryption method and server
CN105653973A (en) * 2015-12-16 2016-06-08 金蝶软件(中国)有限公司 Data encryption method and apparatus based on business platform
US10536276B2 (en) * 2017-10-30 2020-01-14 International Business Machines Corporation Associating identical fields encrypted with different keys
CN110391906B (en) * 2019-07-25 2022-10-25 深圳壹账通智能科技有限公司 Data processing method based on block chain, electronic device and readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030196001A1 (en) * 2002-04-12 2003-10-16 Ryuji Nagahama Digital signed document delivery system, digital signed document delivery method, digital signed document delivery program, and recording medium in which the digital signed document delivery program is recorded
US20190220835A1 (en) * 2012-06-22 2019-07-18 Paychief Llc Systems and methods for billing via a symbology
CN110336787A (en) * 2019-05-23 2019-10-15 平安科技(深圳)有限公司 Data encryption method and device, computer equipment and storage medium
CN110474886A (en) * 2019-07-24 2019-11-19 深圳壹账通智能科技有限公司 Data ciphering method, device, electronic equipment and storage medium based on block chain
CN110943982A (en) * 2019-11-21 2020-03-31 深圳壹账通智能科技有限公司 Document data encryption method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN110943982B (en) 2021-07-30
CN110943982A (en) 2020-03-31

Similar Documents

Publication Publication Date Title
US10860725B2 (en) Increasing search ability of private, encrypted data
US11252256B2 (en) System for association of customer information across subscribers
US11507683B2 (en) Query processing with adaptive risk decisioning
WO2018188383A1 (en) Data processing method and device, server and storage medium
US11256825B2 (en) Systems and methods for securing data in electronic communications
US20100161566A1 (en) Using relationships in candidate discovery
US9996686B2 (en) Password retrieval system and method involving token usage without prior knowledge of the password
US20240163279A1 (en) Systems and methods for securing login access
WO2023087760A1 (en) Data sharing method and apparatus, device, and storage medium
WO2021098150A1 (en) Receipt data encryption method and apparatus, electronic device, and storage medium
WO2022041714A1 (en) Document processing method and apparatus, electronic device, storage medium, and program
US11055431B2 (en) Securing data storage of personally identifiable information in a database
US9430625B1 (en) Method and system for voice match based data access authorization
WO2023103928A1 (en) Esop system-based data query method and apparatus, medium and device
WO2022110716A1 (en) Cold start recommendation method and apparatus, computer device and storage medium
WO2021027145A1 (en) Non-application payment method and apparatus, and computing device and storage medium
US9332013B2 (en) Neural authentication system
US20230114566A1 (en) Electronic deposit box for data protection and storage
US11727108B2 (en) Systems and methods for providing secure passwords
CN114793156B (en) Data processing method, device, equipment and storage medium
CN113179161B (en) Method and device for replacing secret key, computer equipment and storage medium
US20230086508A1 (en) Methods and systems for similarity searching encrypted data strings
US20220321325A1 (en) Electronic deposit box for data protection and storage
US20230394104A1 (en) System and method of a cloud server for providing content to a user
US20230344844A1 (en) Methods and systems for anomalous operation detection on an enterprise server

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20891203

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 29/09/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 20891203

Country of ref document: EP

Kind code of ref document: A1