CN101321057B - Electronic official document safety transmission method based on Web service - Google Patents
Electronic official document safety transmission method based on Web service Download PDFInfo
- Publication number
- CN101321057B CN101321057B CN2008101169897A CN200810116989A CN101321057B CN 101321057 B CN101321057 B CN 101321057B CN 2008101169897 A CN2008101169897 A CN 2008101169897A CN 200810116989 A CN200810116989 A CN 200810116989A CN 101321057 B CN101321057 B CN 101321057B
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- des
- rsa
- soap message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
An electronic document secure transmission method based on the Web service is disclosed, comprising: encrypting by the client-end and reading the electronic document information and the related cipher key by the Javascript, performing the encryption by the Java-Applet program; finally constructing the SOAP information, transmitting to the receiver; decrypting the by the client-end, receiving the SOAP information by the Javascript and extracting the electronic document information and the encrypted information, then performing the decrypting process by the Java-Applet program, exhibiting to the user through the HTML form. The encryption of the server end is the same to that of the client-end, with the difference in that, the JAVA program is used in the encrypting process on the electronic document information, rather than the Java-Applet program; the server directly uses the Java program on the server to search the private cipher key information, rather than on the USBKey, and in the decrypting process, the server end uses the Java program to perform the decrypting process rather than the Java-Applet program. According to the invention, the transmission safety between the end to end transmission and the multipoint is ensured.
Description
Technical field
The present invention relates to a kind of electronic official document safety transmission method, be mainly used in the E-Government field based on Web service.
Background technology
The electronic government documents exchange is meant a technology with AJAX technology and the combination of Web service technology.By designing a kind of electronic government documents exchanging mechanism, the unified standard problem that is intended to solve electronic document transmission between the different government affairs office department and handles improves during this period fail safe and validity.Business characteristic according to E-Government, take the B/S pattern as the structure between the client and server, adopt distributed architecture as government affairs information alternant way between all departments, adopt the support technology of Web service technology as this electronic government documents exchanging mechanism.System follows " based on the electronic government documents format specification of XML " as the standard of describing and represent electronic official, has improved the compatibility and the interoperability of system.
But in the electronic government documents exchange based on Web service, safety problem has progressively become a great challenge.In the application scenarios of Electronic Official Document Interchange System, information is in the inter-sectional transmission of difference, and Content of Communication often has important business information, and data communication need guarantee not obtained and grasp by the third party.Particularly the characteristics of Web service loose coupling have improved the requirement to fail safe, also become the problem that the user is concerned about most in the service-oriented environment.Web service will be accepted by numerous enterprise customers, must solve the safety problem that it faced.And traditional security mechanism can't realize a kind of good safety guarantee at the loose couplings of Web service, the characteristics of distribution.
Specifically, the security protocol that traditional security mechanism mainly adopts transport layer to support is as SSL, TLS etc.And the Web service technology can be utilized the basis of these technology as security mechanism as the technical pattern that is based upon the conventional network structure upper strata, realizes demands for security such as data encryption, authentication, data integrity and mandate.But, to compare with the characteristics of the message-level of SOAP own, these technology can only be encrypted whole soap message, and security mechanism can not be refine to message inside, form fine-grained level of security, often cause the large-scale data performance loss in when transmission, formed the bottleneck of Web service.Simultaneously, according to the characteristics of demand of Web service, also need to adopt other multiple transmission means, as SMTP, FTP and Reliable HTTP etc., these agreements might not be suitable for the safe transmission method that is based upon on the HTTP basis.
In addition, in the Web service environment, in the process that soap message transmits,, might pass through a plurality of intermediate points from the transmit leg to recipient according to the needs of concrete business.Therefore, must consider transmit leg between intermediate point, the intermediate point and intermediate point to recipient's process safe mechanism, to guarantee soap message safety in the process transmission course of a plurality of intermediate points, i.e. security mechanism end to end.The transmitting stage agreement SSL/TLS can only provide the safety of point-to-point, and safety end to end can't be provided.
Meanwhile, the number of applying for a patent is 200410057153.6 the special-purpose character library of passing through, in official document exchange or print procedure, automatic encrypted electronic official document or document, the every part of electronic government documents or the document that make that recruiting unit prints have nuance each other on the part font, form the specific coding of electronic government documents or document, and differentiate the source and the true and false of official document or document by craft or OCR technology.Yet it is not high that this technology exists encryption strength, can illegally read electronic government documents information, is vulnerable to shortcomings such as network man-in-the-middle attack.
Summary of the invention
Technology of the present invention is dealt with problems: overcome the deficiencies in the prior art, a kind of electronic official document safety transmission method based on Web service is provided, thereby guarantee the transmission security of electronic government documents between end-to-end transmission and multiple spot, trans-regional, the inter-organization security feature of electronic document system is obtained effectively and assurance.
The present invention is by the following technical solutions: a kind of electronic official document safety transmission method based on Web service is characterized in that: electronic government documents secure exchange process comprises three kinds of situations: client encrypt-client deciphering; Client encrypt-server end deciphering; The deciphering of server end encryption-client, its step is as follows respectively;
The client encrypt process
(1) read electronic government documents information and association key to be sent by the Javascript program, described association key comprises the publicly-owned key in DES symmetric key and the RSA rivest, shamir, adelman;
(2) the DES symmetric key that reads by the utilization of Java-Applet program carries out encryption to electronic government documents information, obtains ciphertext M1;
(3) the publicly-owned key in the RSA rivest, shamir, adelman that reads by the utilization of Java-Applet program carries out encryption to the DES symmetric cryptographic key, the key K 1 after obtaining encrypting;
(4) obtain key K 1 and cryptographic algorithm DES and RSA after the encryption that ciphertext M1, step (3) obtain according to above-mentioned steps (2), the structure soap message is transferred to the recipient;
The client decrypting process
(5) by the Javascript program soap message that receives is resolved, extract ciphertext M1 after the encryption, key K 1 and cryptographic algorithm DES and RSA after encrypting;
(6) utilize the private cipher key in the RSA Algorithm that the DES symmetric key is decrypted operation by the Java-Applet program, obtain the DES decruption key;
(7) the Java-Applet program is decrypted operation to the ciphertext M1 that extracts in the above-mentioned steps (5), the electronic government documents information after obtaining deciphering by the DES decruption key;
(8) the electronic government documents information after decryption processing is represented to the associated user by the HTML form; The server end ciphering process
(9) read relevant key information and electronic government documents information to be encrypted by java applet, described association key comprises the publicly-owned key in DES symmetric key and the RSA rivest, shamir, adelman;
(10) use the DES symmetric key that reads in the described step (9) by java applet, carry out encryption, obtain ciphertext M2 to sent electronic government documents information;
(11) the publicly-owned key in the RSA rivest, shamir, adelman that reads by the java applet utilization carries out encryption to the DES symmetric cryptographic key, the key K 2 after obtaining encrypting;
(12) obtain key K 2 and cryptographic algorithm DES and RSA after the encryption that ciphertext M2, step (11) obtain according to above-mentioned steps (10), the structure soap message is transferred to the recipient;
The server end decrypting process
(13) by java applet the soap message that receives is resolved, extract ciphertext M2 after the encryption, key K 2 and cryptographic algorithm DES and RSA after encrypting;
(14) utilize private cipher key in the RSA Algorithm by java applet, utilize private cipher key that the DES symmetric key is decrypted operation, obtain the DES decruption key;
(15) java applet is decrypted operation to the ciphertext M2 that extracts in the step (13), the electronic government documents information after obtaining deciphering by the DES decruption key.
The present invention's advantage compared with prior art is:
(1), guarantees trans-regional, the inter-organization security feature of the electronic document system among the present invention based on the safe transmission method of Web service.
The present invention is by realizing the related specifications standard of WS-Security agreement, more original Security Assurance Mechanisms all are based upon on the soap protocol basis, mainly solve the safety problems such as confidentiality of Web service in transmission course, it has advantages such as extensibility, platform-neutral.The security mechanism that is adopted in the present invention based on Web service, in fact be a kind of expansion to soap message, thereby integrated effectively more original safe handling mechanism are guaranteed trans-regional, the inter-organization security feature of the electronic document system among the present invention.
(2) the encryption and decryption mechanism that combines of symmetric encipherment algorithm and rivest, shamir, adelman reaches the effect that efficient and fail safe take into account.
Symmetric encipherment algorithm is meant that identical key is used in encryption and decryption, and promptly encryption key also can be used as decruption key.Symmetric encipherment algorithm uses simple and fast, and key is shorter, and decodes difficulty.The shortcoming of symmetric cryptography is that it requires transmit leg and recipient before secure communication, decides through consultation a key.The fail safe of symmetry algorithm depends on key, leaks the decrypt messages that key just means that anyone can send or receive them, and therefore, the fail safe of symmetric encipherment algorithm is not high.And rivest, shamir, adelman is meant, two keys of encryption and decryption process need: public-key cryptography and private cipher key.Public-key cryptography and private cipher key are a pair of, if with public-key cryptography data are encrypted, have only with corresponding private cipher key and could decipher; If data are encrypted, have only so with corresponding public-key cryptography and could decipher with private cipher key.Though the fail safe of rivest, shamir, adelman has improved, the shortcoming of asymmetric encryption is that the efficient after algorithm is realized is low, speed is slow.
In the present invention, in the DOC DATA transmission course, be the method that combines by utilization symmetric encipherment algorithm and rivest, shamir, adelman, thereby reach the effect that efficient and fail safe take into account.
(3), improve the user friendly and the ease for use of system based on the Ajax+Applet visit of Web browser.
In the present invention,, improve the user friendly and the ease for use of system, adopt the Ajax technology, form soap message by Ajax for reducing load of server.But, therefore adopt the Applet technology among the Java to realize as auxiliary because Ajax technology itself is limited to the mechanism support of encrypting and decrypting.Applet is a technology of following Java language to be born and to develop.The user can download to it in the browser by network and move.And Applet can be embedded in the webpage, form the page effect of supporting Applet.Therefore, show the operation with SOAP by Ajax in the system, the function of encrypting and decrypting is carried out by Applet, and Applet can be used as component code, is embedded in the middle of the Ajax page, and expressly soap message changes the dark text soap message into, sends to server end.Server end is decrypted, and becomes the expressly execution of the laggard industry affair of SOAP function.
(4) in addition, private cipher key of the present invention adopts the USBKey mode to store, and reads based on the key of Javascript, has further guaranteed the fail safe of authentification of user.
Traditional information security and safeguard measure are to realize encrypting and signature by software.But there are many potential danger in this method, because software realize to be encrypted and during signature, must be performed in the processor of computer, means that processor can obtain key fully.Potential safety hazard has occurred, because the hacker has the ability to invade your computer fully, even obtains key from the network communication process, and use this key under unauthorized situation.In case the hacker has had this key, it just can carry out encryption and decryption to the data of intercepting and capturing outside system.In the face of the hacker attacks incident that frequently occurs now, the bulk information wealth of individual and enterprises is being faced with various danger.Therefore, in the present invention,, be to have adopted USBKey mode storage key in the Ajax client in order better to improve fail safe.
USB Key is a kind of hardware device of USB interface.Its built-in single-chip microcomputer or intelligent card chip has certain memory space, can store user's private key and digital certificate, utilizes the authentication of the built-in public key algorithm realization of USB Key to user identity.Because private key for user is kept in the coded lock, make in theory in any way and all can't read, therefore further guaranteed the fail safe of authentification of user.
Description of drawings
The client encrypt process schematic diagram that Fig. 1 adopts for the present invention;
The client decrypting process schematic diagram that Fig. 2 adopts for the present invention;
The server end ciphering process schematic diagram that Fig. 3 adopts for the present invention;
The server end decrypting process schematic diagram that the present invention of Fig. 4 position adopts;
Fig. 5 reads private cipher key process schematic diagram for the Javascript program that the present invention adopts.
Embodiment
The present invention realizes a kind of electronic government documents security mechanism based on Web service, and concrete implementation is as follows:
1, the basic ciphering process of client as shown in Figure 1, concrete steps are as follows:
(1) read electronic government documents information and association key to be sent by the Javascript program, described association key comprises the publicly-owned key in DES symmetric key and the RSA rivest, shamir, adelman;
The process that reads electronic government documents information to be sent and association key by the Javascript program is:
The a.Javascript program reads electronic government documents information to be sent by the specified path of search place main frame;
The b.Javascript program reads the DES symmetric cryptographic key, so that use by the specified path of search place main frame when encryption;
The c.Javascript program reads the publicly-owned key in the rivest, shamir, adelman, so that use by the specified path of search place main frame when encryption.
(2) utilize the above-mentioned DES symmetric key that reads that electronic government documents information is carried out encryption by the Java-Applet program, obtain ciphertext M1;
(3) utilize the publicly-owned key in the above-mentioned RSA rivest, shamir, adelman that reads the DES symmetric cryptographic key to be carried out encryption, the key K 1 after obtaining encrypting by the Java-Applet program;
(4) obtain key K 1 and cryptographic algorithm DES and RSA after the encryption that ciphertext M1, step (3) obtain according to above-mentioned steps (2), the structure soap message is transferred to the recipient;
The structure soap message comprises following concrete steps:
At the head of soap message, add the security information meet WS-Sercurity safety standard agreement, comprise the key K 1 after the encryption, and employed cryptographic algorithm and key information in encrypting, concrete security information deposit position, as follows:
| The position of enciphered message in soap message |
| <Soap:Envelope> <Soap:Header> |
| <wsse:Security><xenc:EncryptedKey>Enciphered message<xenc:EncryptedKey><wsse:Security></Soap:Header><soap:Body>...</Soap:Body></Soap:Envelope> |
B. the ciphertext after will encrypting is integrated into the body of soap message, and concrete deposit position is as follows:
| Data encrypted in the body of soap message |
| <s:Body><xenc:EncryptedData Type=xmlenc#ElementId="002″><xenc:EncryptionMethod Algorithm=" xmlenc#3des-cbc "/><xenc:CipherData><xenc:CipherValue>The data encrypted value</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></S:Body> |
C. last, will send to the recipient by the soap message that above-mentioned steps is constructed, wherein, the complete form of the soap message of constructing according to above-mentioned steps is as follows:
| Soap message form after the encryption: |
| <S:Header> <wsse:Security> |
| <xenc:EncryptedKey><xenc:EncryptionMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#rsa "/><ds:KeyInfo><ds:KeyName>Key name after encrypted</ds:KeyName></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>DES key value after encrypted</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI=" #dataheader "/><xenc:DataReference URI=" #databody "/></xenc:ReferenceList></xenc:EncryptedKey></wsse:Security></S:Header><s:Body><xenc:EncryptedData Type=" http://www.w3.org/2001/04/xmlenc#Element " Id=" databody "><xenc:EncryptionMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#des "/><xenc:CipherData><xenc:CipherValue>Ciphertext after the encryption</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></S:Body> |
2, the basic decrypting process of client as shown in Figure 2, concrete steps are as follows:
(5) by the Javascript program soap message that receives is resolved, extract ciphertext M1 after the encryption, key K 1 and cryptographic algorithm DES and RSA after encrypting;
The process that soap message is resolved is as follows:
A. pass through the Javascript program on the specified path of local host, after finding the soap message that has cipher-text information, extract the body of soap message again, promptly in the ciphertext M1 after the encryption, the head<wsse:Security</wsse:Security key K 1 and cryptographic algorithm DES and RSA after the encryption that comprised;
B. resolve in the soap message head<wsse:Security by the Javascript program, therefrom extract key K 1 and cryptographic algorithm DES and RSA after the encryption.
(6) utilize the private cipher key in the RSA Algorithm that the DES symmetric key is decrypted operation by the Java-Applet program, obtain the DES decruption key;
Above-mentioned private cipher key is preserved by the USBKey mode, and is extracted by the Javascript program.
The process that extracts the private cipher key in the RSA Algorithm of being preserved by the USBKey mode by the Javascript program is as shown in Figure 5:
A. at first main frame is searched for by the Javascript program, whether search has USB flash disk or other movable memory equipments, if Search Results is not have, then points out the user " not find movable memory equipment as yet ", and wait for that the user inserts the USB flash disk that stores key;
If b. the Javascript program search is to USB flash disk, then therefrom read the file that stores private cipher key.
(7) the Java-Applet program is decrypted operation to the ciphertext M1 that extracts in the above-mentioned steps (5), the electronic government documents information after obtaining deciphering by the DES decruption key;
(8) the electronic government documents information after decryption processing is represented to the associated user by the HTML form;
In this step, mainly be to generate html file by the XSLT transducer, detailed process is as follows: generate html file by the XSLT transducer, wherein, XSLT represents XSL conversion (XSL Transformations), XSLT is used for the XML file conversion is become another part XML file, perhaps converts the file such as HTML and XHTML type that another kind of viewed device is discerned to.Generally, XSLT finishes by each XML element is converted to (X) html file.
3, the server end ciphering process as shown in Figure 3, with the client encrypt process relatively, the server end ciphering process is similar substantially, what difference was electronic government documents information is carried out using in the encrypted process is java applet, rather than the Java-Applet program, concrete steps are as follows:
(9) read relevant key information and electronic government documents information to be encrypted by java applet, described association key comprises the publicly-owned key in DES symmetric key and the RSA rivest, shamir, adelman;
(10) use the DES symmetric key that reads in the described step (9) by java applet, carry out encryption, obtain ciphertext M2 to sent electronic government documents information;
(11) the publicly-owned key in the RSA rivest, shamir, adelman that reads by the java applet utilization carries out encryption to the DES symmetric cryptographic key, the key K 2 after obtaining encrypting;
(12) obtain key K 2 and cryptographic algorithm DES and RSA after the encryption that ciphertext M2, step (11) obtain according to above-mentioned steps (10), the structure soap message is transferred to the recipient;
The process of soap message is in this step:
A. at the head of soap message, add the security information that meets WS-Sercurity safety standard agreement, comprise key K 2 and cryptographic algorithm DES and RSA after the encryption;
B. the ciphertext M2 after will encrypting is integrated into the body of soap message.
(4) the server end decrypting process as shown in Figure 4, compare with the client decrypting process, the server end decrypting process is similar substantially, difference is 2 points: first at server end, directly use java applet on server, to search for private cipher key information, rather than at the enterprising line search of USBKey equipment; Second in decrypting process server end be to use java applet to be decrypted operation, rather than Java-Applet program.Concrete steps are as follows:
(13) by java applet the soap message that receives is resolved, extract ciphertext M2 after the encryption, key K 2 and cryptographic algorithm DES and RSA after encrypting;
The process that this step is resolved the soap message that receives by java applet is:
A. by java applet on the specified path of local host, after finding the soap message that has cipher-text information, extract the body of soap message again, promptly in the ciphertext M2 after the encryption, the head<wsse:Security</wsse:Security key K 2 and cryptographic algorithm DES and RSA after the encryption that comprised;
B. resolve in the soap message head<wsse:Security by java applet, therefrom extract key K 2 and cryptographic algorithm DES and RSA after the encryption.
(14) utilize private cipher key in the RSA Algorithm by java applet, utilize private cipher key that the DES symmetric key is decrypted operation, obtain the DES decruption key;
(15) java applet is decrypted operation to the ciphertext M2 that extracts in the step (13), the electronic government documents information after obtaining deciphering by the DES decruption key.
The present invention does not describe part in detail and belongs to techniques well known.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (9)
1. electronic official document safety transmission method based on Web service, it is characterized in that: electronic government documents secure exchange process comprises three kinds of situations: client encrypt-client deciphering; Client encrypt-server end deciphering; The deciphering of server end encryption-client, step is as follows:
The client encrypt process
(1) read electronic government documents information and association key to be sent by the Javascript program, described association key comprises the publicly-owned key in DES symmetric cryptographic key and the RSA rivest, shamir, adelman;
(2) the DES symmetric cryptographic key that reads by the utilization of Java-Applet program carries out encryption to electronic government documents information, obtains ciphertext M1;
(3) the publicly-owned key in the RSA rivest, shamir, adelman that reads by the utilization of Java-Applet program carries out encryption to the DES symmetric cryptographic key, the key K 1 after obtaining encrypting;
(4) obtain key K 1 and cryptographic algorithm DES and RSA after the encryption that ciphertext M1, step (3) obtain according to above-mentioned steps (2), the structure soap message is transferred to the recipient;
The client decrypting process
(5) by the Javascript program soap message that receives is resolved, extract ciphertext M1 after the encryption, key K 1 and cryptographic algorithm DES and RSA after encrypting;
(6) utilize the private cipher key in the RSA Algorithm that the key K 1 after encrypting is decrypted operation by the Java-Applet program, obtain the DES decruption key;
(7) the Java-Applet program is decrypted operation to the ciphertext M1 that extracts in the above-mentioned steps (5), the electronic government documents information after obtaining deciphering by the DES decruption key;
(8) the electronic government documents information after decryption processing is represented to the associated user by the HTML form; The server end ciphering process;
(9) read relevant key information and electronic government documents information to be encrypted by java applet, described association key comprises the publicly-owned key in DES symmetric cryptographic key and the RSA rivest, shamir, adelman;
(10) use the DES symmetric cryptographic key that reads in the described step (9) by java applet, carry out encryption, obtain ciphertext M2 to sent electronic government documents information;
(11) the publicly-owned key in the RSA rivest, shamir, adelman that reads by the java applet utilization carries out encryption to the DES symmetric cryptographic key, the key K 2 after obtaining encrypting;
(12) obtain key K 2 and cryptographic algorithm DES and RSA after the encryption that ciphertext M2, step (11) obtain according to above-mentioned steps (10), the structure soap message is transferred to the recipient;
The server end decrypting process;
(13) by java applet the soap message that receives is resolved, extract ciphertext M2 after the encryption, key K 2 and cryptographic algorithm DES and RSA after encrypting;
(14) utilize the private cipher key in the RSA Algorithm that the key K 2 after encrypting is decrypted operation by java applet, obtain the DES decruption key;
(15) java applet is decrypted operation to the ciphertext M2 that extracts in the step (13), the electronic government documents information after obtaining deciphering by the DES decruption key.
2. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: step (1) in the described client encrypt process, read electronic government documents information to be sent and the association key step is by the Javascript program:
(1) the Javascript program reads electronic government documents information to be sent by the specified path of search place main frame;
(2) the Javascript program reads the DES symmetric cryptographic key, so that use by the specified path of search place main frame when encryption;
(3) the Javascript program reads the publicly-owned key in the RSA rivest, shamir, adelman, so that use by the specified path of search place main frame when encryption.
3. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: in the step of described client encrypt process (4), the structure soap message is as follows:
(1) at the head of soap message, add the security information that meets WS-Sercurity safety standard agreement, comprise key K 1 and cryptographic algorithm DES and RSA after the encryption;
(2) the ciphertext M1 after will encrypting is integrated into the body of soap message.
4. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: private cipher key is preserved by the USBKey mode in the described client decrypting process step (6), and is extracted by the Javascript program.
5. the electronic official document safety transmission method based on Web service according to claim 4 is characterized in that: the described process that extracts the private cipher key in the RSA Algorithm of being preserved by the USBKey mode by the Javascript program is as follows:
(1) the Javascript program is at first searched for main frame, and whether search has USB flash disk or other movable memory equipments, if Search Results is not have, then points out the user " not find movable memory equipment as yet ", and waits for that the user inserts the USB flash disk that stores key;
(2) if the Javascript program search to USB flash disk, then therefrom reads the file that stores private cipher key.
6. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: the implementation procedure in the described client decrypting process step (5) is:
(1) passes through the Javascript program on the specified path of local host, after finding the soap message that has cipher-text information, extract the body of soap message again, promptly in the ciphertext M1 after the encryption, the head<wsse:Security</wsse:Security key K 1 and cryptographic algorithm DES and RSA after the encryption that comprised;
(2) resolve in the soap message head<wsse:Security by the Javascript program, therefrom extract key K 1 and cryptographic algorithm DES and RSA after the encryption.
7. the electronic official document safety transmission method based on Web service according to claim 1, it is characterized in that: will the electronic government documents information after decryption processing in the step of described client decrypting process (7) represent to associated user's process and be: generate html file by the XSLT transducer by the HTML form, wherein XSLT represents the XSL conversion, XSLT is used for the XML file conversion is become another part XML file, perhaps converts the HTML that another kind of viewed device discerns and the file of XHTML type to.
8. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: the process of the structure soap message of the step of described server end ciphering process (12) is:
(1) at the head of soap message, add the security information that meets WS-Sercurity safety standard agreement, comprise key K 2 and cryptographic algorithm DES and RSA after the encryption;
(2) the ciphertext M2 after will encrypting is integrated into the body of soap message.
9. the electronic official document safety transmission method based on Web service according to claim 1 is characterized in that: the implementation procedure of the step of described server end decrypting process (13) is:
(1) by java applet on the specified path of local host, after finding the soap message that has cipher-text information, extract the body of soap message again, promptly in the ciphertext M2 after the encryption, the head<wsse:Security</wsse:Security key K 2 and cryptographic algorithm DES and RSA after the encryption that comprised;
(2) resolve in the soap message head<wsse:Security by java applet, therefrom extract key K 2 and cryptographic algorithm DES and RSA after the encryption.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101169897A CN101321057B (en) | 2008-07-22 | 2008-07-22 | Electronic official document safety transmission method based on Web service |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101169897A CN101321057B (en) | 2008-07-22 | 2008-07-22 | Electronic official document safety transmission method based on Web service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101321057A CN101321057A (en) | 2008-12-10 |
| CN101321057B true CN101321057B (en) | 2011-06-15 |
Family
ID=40180914
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101169897A Expired - Fee Related CN101321057B (en) | 2008-07-22 | 2008-07-22 | Electronic official document safety transmission method based on Web service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101321057B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101814124A (en) * | 2010-04-20 | 2010-08-25 | 浪潮电子信息产业股份有限公司 | Java-based method for enhancing software security |
| CN102624931B (en) * | 2012-04-21 | 2015-02-25 | 华为技术有限公司 | Method, device and system for interaction between Web client and server |
| CN103699480B (en) * | 2013-11-29 | 2016-03-23 | 杭州安恒信息技术有限公司 | A kind of WEB dynamic security leak detection method based on JAVA |
| CN103945348A (en) * | 2014-04-25 | 2014-07-23 | 长沙市梦马软件有限公司 | Asymmetrical secret key short message encryption method and system |
| CN104486321A (en) * | 2014-12-11 | 2015-04-01 | 上海斐讯数据通信技术有限公司 | Web data interaction method and system and corresponding Web server |
| CN105025001A (en) * | 2015-06-03 | 2015-11-04 | 浪潮电子信息产业股份有限公司 | Apparatus, system and method for protecting files |
| DE102016205122A1 (en) | 2016-03-29 | 2017-10-05 | Siemens Aktiengesellschaft | Method for exchanging messages between security-relevant devices |
| CN108540495A (en) * | 2018-05-08 | 2018-09-14 | 北京顶象技术有限公司 | Encryption and decryption method and device |
| CN109840425B (en) * | 2019-01-22 | 2020-07-31 | 北京数科网维技术有限责任公司 | File encryption method and device |
| CN110188549A (en) * | 2019-05-14 | 2019-08-30 | 河北世窗信息技术股份有限公司 | A kind of method and system realizing electronic government documents and importing and exporting safely |
| CN110555303A (en) * | 2019-08-01 | 2019-12-10 | 苏宁云计算有限公司 | Method and device for preventing machine script from being maliciously accessed |
| CN112260986B (en) * | 2020-09-04 | 2022-12-27 | 浪潮云信息技术股份公司 | Electronic official document exchange method and tool based on ISO/OSI reference model |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1363172A (en) * | 2000-02-10 | 2002-08-07 | 第八特许科技公司 | Method for managing multimedia data transmission via Internet and smart card thereof |
| CN1564508A (en) * | 2004-03-22 | 2005-01-12 | 西安电子科技大学 | Anonymous connection method of broadband radio IP network |
| CN1708973A (en) * | 2002-12-13 | 2005-12-14 | 艾利森电话股份有限公司 | Error messaging method in HTTP based communication systems |
| CN1960254A (en) * | 2006-11-22 | 2007-05-09 | 北京邮电大学 | Method and system for implementing pass check service of videophone based on IP multimedia subsystem |
-
2008
- 2008-07-22 CN CN2008101169897A patent/CN101321057B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1363172A (en) * | 2000-02-10 | 2002-08-07 | 第八特许科技公司 | Method for managing multimedia data transmission via Internet and smart card thereof |
| CN1708973A (en) * | 2002-12-13 | 2005-12-14 | 艾利森电话股份有限公司 | Error messaging method in HTTP based communication systems |
| CN1564508A (en) * | 2004-03-22 | 2005-01-12 | 西安电子科技大学 | Anonymous connection method of broadband radio IP network |
| CN1960254A (en) * | 2006-11-22 | 2007-05-09 | 北京邮电大学 | Method and system for implementing pass check service of videophone based on IP multimedia subsystem |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101321057A (en) | 2008-12-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101321057B (en) | Electronic official document safety transmission method based on Web service | |
| CN102082790B (en) | Method and device for encryption/decryption of digital signature | |
| US20070101145A1 (en) | Framework for obtaining cryptographically signed consent | |
| CN106685905A (en) | Systems and methods of encrypted transmission of web pages | |
| Devi et al. | A review on DES, AES and blowfish for image encryption & decryption | |
| KR20140046474A (en) | Communication method utilizing fingerprint information for authentication | |
| CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
| CN101232377A (en) | Authentication method and authentication system | |
| CN102055685A (en) | Method for encrypting webmail information | |
| CN102404120A (en) | Encryption method and encryption system for electronic documents | |
| Zhao et al. | Safety Protection of E-Commerce Logistics Information Data Under The Background Of Big Data. | |
| Olaniyi et al. | A survey of cryptographic and stegano-cryptographic models for secure electronic voting system | |
| JP2023532976A (en) | Method and system for verification of user identity | |
| JP2008219742A (en) | Attached file encryption method and mail server implementing the same method | |
| CN112800462A (en) | Method for storing confidential information in cloud computing environment | |
| CN108337233B (en) | Method for encrypting content information, electronic equipment and storage medium | |
| EP2587743A1 (en) | Hypertext link verification in encrypted e-mail for mobile devices | |
| CN1949196A (en) | Method, device and system for storage data in portable device safely | |
| Shahgholi et al. | A new security framework against Web services' XML attacks in SOA | |
| Abur et al. | Personal identifiable information privacy model for securing of users’ attributes transmitted to a federated cloud environment | |
| CN101572698B (en) | Network transmission common encryption method for files | |
| JP4698261B2 (en) | Cryptographic communication system and method, and program | |
| US9355274B2 (en) | Method and device for archiving a document | |
| CN103413099A (en) | Data storage method and device and enciphered data accessing method and device | |
| Ma et al. | A security extension framework based on SOAP header |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110615 Termination date: 20140722 |
|
| EXPY | Termination of patent right or utility model |