CN102024126A - Information encryption method and apparatus - Google Patents
Information encryption method and apparatus Download PDFInfo
- Publication number
- CN102024126A CN102024126A CN200910177039XA CN200910177039A CN102024126A CN 102024126 A CN102024126 A CN 102024126A CN 200910177039X A CN200910177039X A CN 200910177039XA CN 200910177039 A CN200910177039 A CN 200910177039A CN 102024126 A CN102024126 A CN 102024126A
- Authority
- CN
- China
- Prior art keywords
- information
- webpage
- input frame
- activex
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The present invention discloses an information encryption method and apparatus. The method comprises the following steps of: recognizing all or a portion of input box information from the code of the webpage according to the preset recognition strategy; replacing all or a portion of the input box information, which has been recognized, with encryption control information to generate a webpage containing encryption controls. Compared with prior art, the information encryption method and apparatus provided by the embodiment of the present invention effectively reduces the repeated labor of coding in the information encryption process, thereby saving human power and material resources and contributing to practicability.
Description
Technical field
The present invention relates to communication technical field, be specifically related to a kind of information ciphering method and device.
Background technology
Along with the Internet technology develop rapidly, network security problem manifests day by day, network security is a very wide problem of involvement aspect, it is main because Internet (internet) is a network opening, no control gear, the computer system of hacker (Hacker) in regular meeting's intrusion network, or steal confidential data and usurp privilege, or destroy significant data, or systemic-function is not in full use until paralysis; The data transmission of Internet (internet) is based on TCP (transmission control protocol, Transmission Control Protocol)/IP (network interconnection agreement, Internet Protocol) carry out, these agreements lack the safety practice that the information in the transmission course is not stolen; The most Unix operating systems of using of communication service on the Internet support that the Security Vulnerability problem that obviously exists in the Unix operating system can directly influence security service; The electronic information of storing on computers, transmitting and handle, also as traditional mail communication, do not carry out envelope protection and sign and seal, whether the source of information and whereabouts be true, whether content is changed, and whether reveal etc., in the service agreement of application layer support, maintain with gentleman's agreement; The possibility that Email exists and opened, miscarries and forges.Use Email to transmit important confidential information and can exist very big danger; Computer virus brings great harm by the propagation of Internet to the Internet user, and virus can make computing machine and computer network system paralysis, data and file lose.Transmitted virus can transmit by public anonymous FTP (file transfer protocol (FTP), File Transfer Protocol) file, also can propagate by the appended document of mail and mail on network.
In the prior art, mainly by the protection of following technological means realization to the network information:
(1) firewall technology: at the external interface of network, adopt firewall technology, in the network layer control that conducts interviews;
(2) NAT (network address translation, Network Address Translation) technology: hide internal network information;
(3) VPN (Virtual Private Network, Virtual Private Network): VPN is the extension of enterprise network on public networks such as the Internet, creates the privately owned connection of a safety on public network by a privately owned passage.It couples together long-distance user, corporate branch office, corporate business partner etc. by the data channel of safety with the enterprise network of company, constitute incorporated business's net of an expansion;
(4) network encryption technology: adopt the network encryption technology, the IP bag that transmits in the public network is encrypted and encapsulated, realize confidentiality, the integrality of data transmission.It can solve the data transmission security problem of network at public network, also can solve the safety problem of remote user access Intranet;
(5) authentication: the authentication based on identity is provided, and in various authentication mechanisms, can selects to use;
(6) Anti-Virus of multi-level multi-level enterprise-level: adopt the Anti-Virus of multi-level multi-level enterprise-level, virus is realized comprehensively protection;
(7) the real-time monitoring of network: adopt intruding detection system, to main frame with network is monitored and early warning, further improve the ability of the external attack of cyber-defence.
Wherein, the network encryption technology also is used in the maintenance of internet information safety as a kind of common technological means, mentions in the prior art not changing the browser kernel, and the mode of only encrypting web page code realizes information protection, and its method mainly contains two kinds:
First kind, the information that needs protection is protected by writing information encryption in the process that generates web page code;
Second kind, after web page code generates, some of them information is replaced with some information encryptions one by one, above-mentioned two kinds of methods can prevent the attack of some malicious codes to a certain extent.
In realizing process of the present invention, the inventor finds that there is following problem at least in prior art:
In the scheme of two kinds of above-mentioned encryption web page codes, the process of writing code is quite complicated, need to drop into a large amount of manpower and materials, when writing the different web pages code, also need to write corresponding information encryption code, this has increased the complicacy and the repeatability of programming process to a great extent, but there is general character in fact a lot of information encryption codes, and the code compiling rule of being followed all is similar with writing flow process, and therefore repetition writes the waste that has caused a large amount of manpower and materials.
Summary of the invention
The invention provides a kind of information ciphering method and device, be used to realize the simplification of information encryption, resource uses manpower and material resources sparingly.
The invention provides a kind of information ciphering method, comprise the steps:
According to default recognition strategy, identification division or whole input frame information in the code of webpage;
The described part or all of input frame information that identifies is replaced with the control information of encrypting, and generation comprises the webpage of encrypting control.
Preferably, the recognition strategy that described basis is default, identification division or whole input frame information in the code of webpage specifically comprise:
But the type information of the type information of the input frame that is comprised in the code according to described webpage or the content input pattern of input frame or input frame input information is discerned the part or all of input frame information in the code of described webpage.
Preferably, the described described part or all of input frame information that will identify replaces with encrypts control information, is specially:
The described part or all of input frame information that identifies is replaced with ActiveX information or JavaApplet information.
Preferably, the described described part or all of input frame information that will identify replaces with ActiveX information, specifically comprises:
According to the code of described webpage, discern the type of described webpage;
According to the type of the described webpage that identifies, the described part or all of input frame information that identifies is replaced with the classification ActiveX information or the acquiescence ActiveX information of corresponding type;
Wherein, the classification ActiveX information of described corresponding type is the ActiveX information default according to the type of webpage.
Preferably, the type of the described webpage that described basis identifies replaces with the described part or all of input frame information that identifies the classification ActiveX information of corresponding type or gives tacit consent to ActiveX information, specifically comprises:
Judge whether to exist information with the corresponding classification of the type of described webpage ActiveX,
If judged result is for being that the described part or all of input frame information that identifies in the code with described webpage replaces with the information with the corresponding classification of the type of described webpage ActiveX;
If judged result is that the described part or all of input frame information that identifies in the code with described webpage does not replace to described acquiescence ActiveX information.
Preferably, the described described part or all of input frame information that will identify replaces with ActiveX information, specifically comprises:
According to the code of described webpage, discern the type of described webpage;
According to default ActiveX information generation strategy, generate the corresponding ActiveX information of type with described webpage, the described described part or all of input frame information that identifies is replaced with the ActiveX information of described generation.
Preferably, described method specifically comprises:
According to default recognition strategy, browser is identification division or whole input frame information in the code of the webpage that receives;
The described part or all of input frame information that described browser will identify replaces with the control information of encrypting, and generates to comprise the webpage of encrypting control, and shows.
Preferably, described method specifically comprises:
According to default recognition strategy, the network equipment is identification division or whole input frame information in the code of webpage to be transmitted;
The described part or all of input frame information that the described network equipment will identify replaces with the control information of encrypting, and generates to comprise the webpage of encrypting control, and transmits to the client of the described webpage of request.
On the other hand, the present invention also proposes a kind of information encryption device, comprising:
Identification module is used for according to default recognition strategy, identification division or whole input frame information in the code of webpage;
Replace module, link to each other with described identification module, the described part or all of input frame information that is used for identifying replaces with the control information of encrypting;
Generation module links to each other with described replacement module, is used to generate the webpage that comprises described encryption control information.
Preferably, but described identification module specifically is used for according to the content input pattern of the type information of the input frame that code comprised of described webpage or input frame or the type information of input frame input information, discerns the part or all of input frame information in the code of described webpage.
Preferably, the described replacement module described part or all of input frame information that is used for that specifically described identification module is identified replaces with ActiveX information or Java Applet information.
Preferably, described device also comprises generation module and memory module:
Described identification module also is used for the code according to described webpage, discerns the type of described webpage;
Described generation module, the type that is used for the webpage discerned according to described identification module generates ActiveX information;
Described memory module is used to store corresponding various type of webpage pairing classification ActiveX information or acquiescence ActiveX information;
Described replacement module, the type that also is used for the described webpage that identifies according to described identification module replaces with the described part or all of input frame information that identifies the classification ActiveX information or the acquiescence ActiveX information of the corresponding type that described memory module stores.
Preferably, described device also comprises judge module, links to each other with described memory module, is used to judge whether to exist the information with the corresponding classification of the type of described webpage ActiveX;
Wherein, if the judged result of described judge module is for being that the described part or all of input frame information that identifies in the code of described replacement module with described webpage replaces with the information with the corresponding classification of the type of described webpage ActiveX;
If the judged result of described judge module is that the described part or all of input frame information that identifies in the code of described replacement module with described webpage does not replace to described acquiescence ActiveX information.
Compared with prior art, the present invention has the following advantages:
A kind of information ciphering method and device proposed by the invention, by being discerned, the input frame information in the web page code replaces with the control information of encrypting then, saved to write in the prior art and encrypted control information or replace the step of encrypting control information one by one, thereby saved corresponding resources costs.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of a kind of information ciphering method of proposing of the present invention;
Fig. 2 is the schematic flow sheet of the information ciphering method in a kind of concrete enforcement scene that proposes of the present invention;
Fig. 3 is the another kind of concrete schematic flow sheet of implementing the information ciphering method in the scene that the present invention proposes;
Fig. 4 is the structural representation of a kind of information encryption device of proposing of the present invention;
Fig. 5 is the structural representation of the information encryption device in a kind of concrete enforcement scene that proposes of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
Core concept of the present invention provides a kind of information ciphering method, is used for discerning partly or entirely input frame information of web page code; And the part or all of input frame information that identification obtains replaced to the web page code of encrypting after control information obtains replacing, realize encryption to web page code.
Below, by specific embodiment a kind of information ciphering method provided by the invention is described in detail, specifically comprise the steps:
S101, the default recognition strategy of basis, identification division or whole input frame information in the code of webpage.
Wherein, concrete recognition strategy comprises:
But the content input pattern of the type information of the input frame that is comprised in the code of webpage or the type information of input frame input information or input frame.
Need further be pointed out that; above-mentioned recognition strategy only is the given preference policy of the embodiment of the invention; other strategies that can realize identical recognition effect also can be applied to technical scheme of the present invention, and the variation of concrete recognition strategy can't influence protection scope of the present invention.
Wherein, the type information of input frame specifically comprises text box, drop-down menu, or the forms such as combination of dissimilar input frames, can discern according to concrete coded representation in web page code.
The content input pattern of input frame is meant the qualification based on web page contents, input frame is pairing content input style in this webpage, specifically comprise user name input frame, password input frame, identification code input frame, routine information input frame or comprise mixed information input frame of multiple foregoing input style etc., but can be in web page code according to the prompting of input frame input information is discerned in the concrete code to the note of input frame or in webpage.
But the type information of the input information of input frame then is meant in input frame, restriction to the character types that can import, only comprise can inputting English letter input frame, input frame that only can input digit, import the input frame of Chinese character, or comprise mixed information input frame of multiple above-mentioned character types etc., the content input type is provided with because being limited in of character types is based in some cases, so, can input frame kind to be identified be limited accordingly by limiting the character types that to import, for example: in most of the cases, the password input frame can only inputting English letter and combination of numbers, can the recognition code input frame by limiting these the two kinds of character types that can import.The above-mentioned character types of importing can be discerned according to the concrete note to input frame in web page code.
In the present embodiment; can also carry out the identification of input frame information according to other characteristic informations of input frame information in the prior art; enumerate no longer one by one at this, but the recognition methods that obtains by conspicuous transplanting or replacement all should belong to protection scope of the present invention.
S102, the part or all of input frame information that will identify replace with the control information of encrypting, and generate to comprise the webpage of encrypting control.
In technical scheme proposed by the invention; encrypting the type of control information can adjust according to the needs of concrete application scenarios; every information type of encrypting the control effect that can play can be applied to technical scheme of the present invention, and the type of specifically encrypting control information changes does not influence protection scope of the present invention.
For example, in concrete application scenarios, this encrypts control information can be ActiveX information or JavaApplet information.
For convenience of description, subsequent embodiment of the present invention is that example describes with ActiveX, but so only be a kind of preferred implementation of the present invention, the encryption control information of other types also can be applied to technical scheme of the present invention, concrete, under the scene of using ActiveX information, S102 can realize by two kinds of different schemes, specify as follows:
Scheme 1, storage classification ActiveX information and acquiescence ActiveX information in advance.
Such as, webpage A is corresponding with the ActiveX information a in the classification ActiveX information, then defining ActiveX information a is and the corresponding encryption control of webpage A information, on the other hand, webpage A is in the corresponding ActiveX information of correspondence a, all right corresponding corresponding ActiveX information b or corresponding ActiveX information c, promptly the number of the ActiveX of the correspondence of webpage A correspondence is indefinite.
Moreover, webpage B also can be simultaneously corresponding and the corresponding ActiveX information of webpage A a, webpage C also can be simultaneously corresponding and the corresponding ActiveX information of webpage A a, that is to say that it also can be a plurality of that the webpage of corresponding same classification ActiveX information a can be one.
What need further specify is that it also can be a plurality of that acquiescence ActiveX information can be one.
Therefore, this step need realize by judging whether to exist with the corresponding classification of webpage ActiveX information, if judged result is for being, then with in the web page code partly or entirely input frame information replace with one or more classification ActiveX information corresponding with webpage; If judged result replaces to one or more acquiescences ActiveX information for not with part or all of input frame information in the web page code.
Scheme 2, according to the code of webpage, the type of identification webpage, such as identifying the website what character webpage belongs to, enterprise portal integrated information website or industry, NEWS FROM ASSOCIATION door transactional services type website or communication exchange platform or government gateway information website or shopping online type website, and the security level required of this webpage, generate and the corresponding ActiveX information of level of security, the part or all of input frame information that identifies is replaced with the ActiveX information of generation.
In this case, need the generation strategy of default ActiveX information, thereby can carry out the generation of ActiveX information according to the recognition result of type of webpage.
Above-mentioned two kinds of schemes have advantage separately respectively:
Scheme 1 can be by default encryption control template, webpage through simple classification identification is carried out the replacement of input frame information, thereby, the safety of guarantee information, in this scheme, default encryption control template can directly be carried out the replacement of input frame information, need not to calculate separately and the control programming, effectively the information of having saved is replaced the needed time, has improved the efficient that information is replaced.
2 of schemes are according to default encryption control generation strategy, webpage is being carried out the corresponding control information of encrypting of corresponding classification identification back generation, and the input frame information in the webpage replaced, such mode has been saved the needed system memory space of storage encryption control template in advance.
Above-mentioned two kinds of schemes all are the technical schemes of carrying out the replacement of input frame information according to the classification recognition result of webpage; in concrete application scenarios; can select suitable scheme to handle according to concrete system's needs, concrete scheme content change can't influence protection scope of the present invention.
Below will be by specific program being embedded the user side browser and two kinds of embodiments of specific program embedded network side certain functional modules being described the present invention:
As shown in Figure 2, be the schematic flow sheet of a kind of information ciphering method proposed by the invention, this technical scheme realizes encrypting in the webpage interpolation of control by specific program being embedded local browser, carries out information encryption, specifically comprises the steps:
S201, local user send request of access at target web by local browser to the web server.
S202, local user receive the access response that the web server returns, and have carried the target web that the local user asked in this access response.
Specific program in S203, the local browser is discerned the part or all of input frame information that is comprised in the code of this target web.
Wherein, above-mentioned specific program is the functional module that presets, and is embedded in the local browser.When local browser receives the access response that the web server returns, the webpage that local browser access transmits by this access response, and, above-mentioned particular module is visited this webpage simultaneously, and according to corresponding recognition strategy, all or part of input frame information that is comprised in the identification web page code.
Wherein, but concrete recognition strategy comprises type information or the type information of input frame input information or the content input pattern of input frame of the input frame that is comprised in the code of webpage.
For example, in concrete application scenarios, need the information of the password input frame that comprised in the web page code of recognition objective webpage, so,,, can discern in the following manner for the information of this password input frame according to the variation of above-mentioned recognition strategy:
If recognition strategy is the content input pattern of input frame, so, the content input pattern of determining input frame in this recognition strategy is the password input frame, above-mentioned particular module is inquired about the input frame information of signs such as subsidiary " password " or " PW " in web page code, or the input frame information that ancillary cryptographic input limits in the web page code note, or in the webpage surface information, search for " password " or " PW " or information such as " passwords ", and the pairing input frame of this information is defined as the password input frame.
If but recognition strategy is the type information of the input information of input frame, so, but the type of determining the input information of input frame in this recognition strategy is can only input digit information, or can input digit and English combined information, above-mentioned particular module inquires about in web page code that be restricted to can only input digit information, or can input digit and the information of the input frame of English combined information, and the pairing input frame of this information be defined as the password input frame.
Above explanation be to be example with the password input frame; the information of inquiring user name input frame then needs to adjust corresponding recognition strategy, by that analogy if desired; recognition strategy can be adjusted according to the identification content change, and such variation can't influence protection scope of the present invention.
Accordingly; in the present embodiment; can also carry out the identification of various input frame information according to other characteristic informations of input frame information in the prior art, enumerate no longer one by one at this, but the recognition methods that obtains by conspicuous transplanting or replacement all should belong to protection scope of the present invention.
The part or all of input frame information that specific program in S204, the local browser will identify replaces with ActiveX information, and generates the webpage that comprises ActiveX information.
If according to above-mentioned scheme 1, need in system, store classification ActiveX information and acquiescence ActiveX information in advance, so, concrete treatment scheme is as follows:
At the input frame information that identifies, whether the specific program inquiry exists and the type of this webpage or the corresponding classification of the input frame type ActiveX information in this webpage.
If exist; then input frame information is replaced with corresponding classification ActiveX information; wherein; this classification ActiveX information is corresponding with the type or the input frame type in this webpage of this webpage; wherein; if more than one of the pairing classification of this webpage ActiveX information; then need in a plurality of and the corresponding classification of current web page ActiveX information, screen; for example; the corresponding classification of webpage A ActiveX information a and classification ActiveX information b; so; need in classification ActiveX information a and classification ActiveX information b, select one according to certain selective rule; replace the input frame information in the current web page, such selective rule can limit by conditions such as priority and matching degrees, and the variation of concrete selective rule does not influence protection scope of the present invention.
If there is no, then with acquiescence ActiveX information input frame information is replaced, wherein, the number of acquiescence ActiveX information also can exist one or more, but when having a plurality of acquiescence ActiveX information, concrete replacement principle can be adjusted according to parameters such as priority equally.
If according to above-mentioned scheme 2, need in system, set in advance the generation strategy of ActiveX information, so, concrete treatment scheme is as follows:
At the input frame information that identifies, specific program is inquired about corresponding ActiveX information generation strategy.
According to Query Result, directly generate corresponding ActiveX information according to ActiveX information generation strategy, input frame information is replaced.
Above-mentioned two kinds of schemes all are the technical schemes of carrying out the replacement of input frame information according to the classification recognition result of webpage; in concrete application scenarios; can select suitable scheme to handle according to concrete system's needs, concrete scheme content change can't influence protection scope of the present invention.
S205, local browser display comprise the webpage of encrypting control.
Local browser is according to amended web page code; generate corresponding webpage; because original input frame information has replaced with corresponding ActiveX information in this web page code; so; also comprised the encryption control in the webpage that is generated accordingly; the user is given with such web displaying of encrypting control that comprises in this locality with browsing, thereby carries out information encryption and protection when the user imports corresponding information.
Present embodiment is by using existing browser kernel, and embed specific program therein and realize information encryption, technical scheme proposed by the invention is finished above-mentioned ciphering process at user side, this is when reducing potential safety hazard, alleviated the workload that network equipment is write code or replaced code to a large extent, on the other hand, realized that above-mentioned purpose is to realize by integrated specific program in local browser, simple and convenient comparatively speaking, help reducing corresponding cost input.
As shown in Figure 3, be the schematic flow sheet of another kind of information ciphering method proposed by the invention, this technical scheme is carried out information encryption by specific program embedded network side apparatus being realized encrypting in the webpage interpolation of control, specifically comprises the steps:
S301, local user send request of access at target web by local browser to the web server.
S302, web server generate or inquire about corresponding target web according to this request of access.
Specific program in S303, the web server is discerned the part or all of input frame information that is comprised in the code of this target web.
Wherein, above-mentioned specific program is the functional module that presets, and is embedded in the wed server.When web server calls related web page, specific program is initiated visit to web page code, and according to corresponding recognition strategy, all or part of input frame information that is comprised in the identification web page code.
Wherein, but concrete recognition strategy comprises type information or the type information of input frame input information or the content input pattern of input frame of the input frame that is comprised in the code of webpage.
The application example at user side given in application corresponding example and the previous embodiment is similar, be the adjustment of carrying out recognition strategy according to input frame type to be identified equally, and in web page code, carry out the identification of input frame information, repeated description no longer in the present embodiment.
Accordingly; in the present embodiment; can also carry out the identification of various input frame information according to other characteristic informations of input frame information in the prior art, enumerate no longer one by one at this, but the recognition methods that obtains by conspicuous transplanting or replacement all should belong to protection scope of the present invention.
Specific program in S304, the web server replaces to the control information of encrypting with part or all of input frame information, and generates the web page code after replacing.
In this step, equally can be according to aforesaid scheme 1, carry out the replacement of input frame information by the corresponding classification ActiveX information or the acquiescence ActiveX information that set in advance, perhaps according to aforesaid scheme 2, by the ActiveX information generation strategy that sets in advance, generate corresponding ActiveX information, and replace corresponding input frame information by this ActiveX information, and the web page code after the corresponding replacement of generation, concrete realization flow and example embodiment as described above are described, at this repeated description no longer.
Above-mentioned two kinds of schemes all are the technical schemes of carrying out the replacement of input frame information according to the classification recognition result of webpage; in concrete application scenarios; can select suitable scheme to handle according to concrete system's needs, concrete scheme content change can't influence protection scope of the present invention.
Web page code after S305, web server will be replaced sends to local browser.
S306, local browser comprise the webpage of encrypting control according to the web page code demonstration after replacing.
Local browser is according to the web page code after replacing; generate corresponding webpage; because original input frame information has replaced with corresponding ActiveX information in this web page code; so; also comprised the encryption control in the webpage that is generated accordingly; the user is given with such web displaying of encrypting control that comprises in this locality with browsing, thereby carries out information encryption and protection when the user imports corresponding information.
Present embodiment of the present invention is by adding specific program in network equipment, be implemented in network side and add the purpose of encrypting control to info web, in the process that generates webpage, directly enroll control information with traditional, perhaps after webpage generates, compare by the mode of replacing.Present embodiment is obviously convenient, and saves the man power and material.
Certainly, the embodiment of information ciphering method provided by the invention is not limited to above-mentioned dual mode, and the refinement that this just does for clear thought of the present invention more in the present invention can not be regarded the qualification that the present invention is done as.
The present invention also provides a kind of information encryption device, as shown in Figure 4, comprising:
Replace module 402, link to each other, be used for the part or all of input frame information that identification module 401 is identified is replaced to the control information of encrypting with identification module 401.
Followingly a kind of information encryption device of the present invention is described in detail in conjunction with embodiment.
As shown in Figure 5, a kind of information encryption device of the present invention specifically comprises:
In concrete application scenarios, but identification module 501 also is used for according to the content input pattern of the type information of the input frame that code comprised of webpage or input frame or the type information of input frame input information, the part or all of input frame information in the code of identification webpage.
Replace module 502, link to each other, be used for the part or all of input frame information that identification module 501 identifies is replaced with the control information of encrypting with identification module 501.
In concrete application scenarios, replace module 502 and also be used for: the part or all of input frame information that will identify replaces with ActiveX information.
In concrete application scenarios, information encryption device proposed by the invention also comprises memory module 504 and judge module 505, under this kind scene:
Under another kind of application scenarios, then do not need the ActiveX information that prestores, but the type of the webpage of being discerned according to identification module 501 by generation module 503 generates corresponding ActiveX information;
Replace the type of the webpage that 502 of modules identify according to identification module 501, with the part or all of input frame information that identifies or replace with the ActiveX information of the corresponding type that generation module 503 generated.
Above-mentioned two kinds of schemes all are the technical schemes of carrying out the replacement of input frame information according to the classification recognition result of webpage; in concrete application scenarios; can select suitable scheme to handle according to concrete system's needs, concrete scheme content change can't influence protection scope of the present invention.
Information ciphering method and device that the application of the invention proposes, input frame information in the web page code discerned replace with the control information of encrypting then, saved to write in the prior art and encrypted control information or replace the step of encrypting control information one by one, thereby saved corresponding resources costs.
Through the above description of the embodiments, those skilled in the art can be well understood to the embodiment of the invention and can realize by hardware, also can realize by the mode that software adds necessary general hardware platform.
Based on such understanding, the technical scheme of the embodiment of the invention can embody with the form of software product, it (can be CD-ROM that this software product can be stored in a non-volatile memory medium, USB flash disk, portable hard drive etc.) in, comprise some instructions with so that computer installation (can be personal computer, server, perhaps network equipment etc.) carry out the described method of each embodiment of the present invention.
It will be appreciated by those skilled in the art that accompanying drawing is the synoptic diagram of a preferred embodiment, module in the accompanying drawing or flow process might not be that the enforcement embodiment of the invention is necessary.
It will be appreciated by those skilled in the art that the module in the device among the embodiment can be distributed in the device of embodiment according to the embodiment description, also can carry out respective change and be arranged in the one or more devices that are different from present embodiment.The module of the foregoing description can be merged into a module, also can further split into a plurality of submodules.
The invention described above embodiment sequence number is not represented the quality of embodiment just to description.
More than disclosed only be several specific embodiment of the present invention, still, the embodiment of the invention is not limited thereto, any those skilled in the art can think variation all should fall into the protection domain of the embodiment of the invention.
Claims (13)
1. an information ciphering method is characterized in that, comprises the steps:
According to default recognition strategy, identification division or whole input frame information in the code of webpage;
The described part or all of input frame information that identifies is replaced with the control information of encrypting, and generation comprises the webpage of encrypting control.
2. method according to claim 1 is characterized in that, the recognition strategy that described basis is default, and identification division or whole input frame information in the code of webpage specifically comprise:
But the type information of the type information of the input frame that is comprised in the code according to described webpage or the content input pattern of input frame or input frame input information is discerned the part or all of input frame information in the code of described webpage.
3. method according to claim 1 is characterized in that, the described described part or all of input frame information that will identify replaces with encrypts control information, is specially:
The described part or all of input frame information that identifies is replaced with ActiveX information or JavaApplet information.
4. method according to claim 3 is characterized in that, the described described part or all of input frame information that will identify replaces with ActiveX information, specifically comprises:
According to the code of described webpage, discern the type of described webpage;
According to the type of the described webpage that identifies, the described part or all of input frame information that identifies is replaced with the classification ActiveX information or the acquiescence ActiveX information of corresponding type;
Wherein, the classification ActiveX information of described corresponding type is the ActiveX information default according to the type of webpage.
5. method according to claim 4, it is characterized in that, the type of the described webpage that described basis identifies replaces with the described part or all of input frame information that identifies the classification ActiveX information of corresponding type or gives tacit consent to ActiveX information, specifically comprises:
Judge whether to exist information with the corresponding classification of the type of described webpage ActiveX,
If judged result is for being that the described part or all of input frame information that identifies in the code with described webpage replaces with the information with the corresponding classification of the type of described webpage ActiveX;
If judged result is that the described part or all of input frame information that identifies in the code with described webpage does not replace to described acquiescence ActiveX information.
6. method according to claim 3 is characterized in that, the described described part or all of input frame information that will identify replaces with ActiveX information, specifically comprises:
According to the code of described webpage, discern the type of described webpage;
According to default ActiveX information generation strategy, generate the corresponding ActiveX information of type with described webpage, the described described part or all of input frame information that identifies is replaced with the ActiveX information of described generation.
7. method according to claim 1 is characterized in that, specifically comprises:
According to default recognition strategy, browser is identification division or whole input frame information in the code of the webpage that receives;
The described part or all of input frame information that described browser will identify replaces with the control information of encrypting, and generates to comprise the webpage of encrypting control, and shows.
8. method according to claim 1 is characterized in that, specifically comprises:
According to default recognition strategy, the network equipment is identification division or whole input frame information in the code of webpage to be transmitted;
The described part or all of input frame information that the described network equipment will identify replaces with the control information of encrypting, and generates to comprise the webpage of encrypting control, and transmits to the client of the described webpage of request.
9. an information encryption device is characterized in that, comprising:
Identification module is used for according to default recognition strategy, identification division or whole input frame information in the code of webpage;
Replace module, link to each other with described identification module, the described part or all of input frame information that is used for that described identification module is identified replaces with the control information of encrypting;
Generation module links to each other with described replacement module, and the web page code that is used for being replaced according to described replacement module generates the webpage that comprises described encryption control information.
10. device according to claim 9, it is characterized in that, but described identification module specifically is used for according to the content input pattern of the type information of the input frame that code comprised of described webpage or input frame or the type information of input frame input information, discerns the part or all of input frame information in the code of described webpage.
11. device according to claim 9 is characterized in that, the described part or all of input frame information that described replacement module is used for that specifically described identification module is identified replaces with ActiveX information or Java Applet information.
12. device according to claim 9 is characterized in that, also comprises memory module:
Described identification module also is used for the code according to described webpage, discerns the type of described webpage;
Described generation module, the type that is used for the webpage discerned according to described identification module generates ActiveX information;
Described memory module is used to store corresponding various type of webpage pairing classification ActiveX information or acquiescence ActiveX information;
Described replacement module, the type that also is used for the described webpage that identifies according to described identification module replaces with the described part or all of input frame information that identifies the classification ActiveX information or the acquiescence ActiveX information of the corresponding type that described memory module stores.
13. device according to claim 12 is characterized in that, also comprises judge module, links to each other with described memory module, is used to judge whether to exist the information with the corresponding classification of the type of described webpage ActiveX;
Wherein, if the judged result of described judge module is for being that the described part or all of input frame information that identifies in the code of described replacement module with described webpage replaces with the information with the corresponding classification of the type of described webpage ActiveX;
If the judged result of described judge module is that the described part or all of input frame information that identifies in the code of described replacement module with described webpage does not replace to described acquiescence ActiveX information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910177039XA CN102024126A (en) | 2009-09-18 | 2009-09-18 | Information encryption method and apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910177039XA CN102024126A (en) | 2009-09-18 | 2009-09-18 | Information encryption method and apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102024126A true CN102024126A (en) | 2011-04-20 |
Family
ID=43865410
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910177039XA Pending CN102024126A (en) | 2009-09-18 | 2009-09-18 | Information encryption method and apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102024126A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104571903A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Input box switching method and input box switching device |
| CN105095776A (en) * | 2015-07-23 | 2015-11-25 | 柳州易旺科技有限公司 | Encryption method for web page data of server side |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN110650161A (en) * | 2019-10-30 | 2020-01-03 | 华南师范大学 | Safe website and working method thereof |
-
2009
- 2009-09-18 CN CN200910177039XA patent/CN102024126A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104571903A (en) * | 2013-10-28 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Input box switching method and input box switching device |
| CN105095776A (en) * | 2015-07-23 | 2015-11-25 | 柳州易旺科技有限公司 | Encryption method for web page data of server side |
| CN105704149A (en) * | 2016-03-24 | 2016-06-22 | 国网江苏省电力公司电力科学研究院 | Safety protection method for power mobile application |
| CN110650161A (en) * | 2019-10-30 | 2020-01-03 | 华南师范大学 | Safe website and working method thereof |
| CN110650161B (en) * | 2019-10-30 | 2021-09-24 | 华南师范大学 | Safe website and working method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Agarwal et al. | The security risks associated with cloud computing | |
| US6438695B1 (en) | Secure wiretap support for internet protocol security | |
| US9286491B2 (en) | Virtual service provider zones | |
| EP3893430A1 (en) | Virtual service provider zones | |
| US20150341322A1 (en) | User privacy protection method and system | |
| Abdulraheem et al. | An efficient lightweight cryptographic algorithm for IoT security | |
| US20180115535A1 (en) | Blind En/decryption for Multiple Clients Using a Single Key Pair | |
| CN103268456A (en) | Method and device for file safety control | |
| CN102821098A (en) | System and method for self-dissolving instant messaging under cloud environment | |
| CN105871805A (en) | Anti-stealing-link method and device | |
| Pande | Introduction to cyber security | |
| CN102024126A (en) | Information encryption method and apparatus | |
| CN109495522A (en) | Data encryption and transmission method and device | |
| CN104243488B (en) | A kind of login authentication method of inter-network site server | |
| CN107257344B (en) | Server access method and system | |
| Zareapoor et al. | Establishing safe cloud: Ensuring data security and performance evaluation | |
| Prasadreddy et al. | A threat free architecture for privacy assurance in cloud computing | |
| Khan | Research Article E-banking: Online Transactions and Security Measures | |
| CN104811421A (en) | Secure communication method and secure communication device based on digital rights management | |
| US20190014089A1 (en) | Data Security Protection Method and Apparatus | |
| KR102211033B1 (en) | Agency service system for accredited certification procedures | |
| Banica et al. | Advanced Security Models for Cloud Infrastructures | |
| Jevremovic et al. | An overview of current security and privacy issues in modern telecommunications | |
| CN106411885A (en) | Safety management method and system for electronic endorsement | |
| Kopacz et al. | Cloud Computing Security and Future |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: ZHANG YAN Free format text: FORMER OWNER: SHANGHAI I2 FINANCE INFORMATION TECHNOLOGY CO., LTD. Effective date: 20110905 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 200120 PUDONG NEW AREA, SHANGHAI TO: 100107 CHAOYANG, BEIJING |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20110905 Address after: 100107 Beijing Chaoyang District Yang Road Wankexingyuan 13 room No. 1106 Applicant after: Zhang Yan Address before: 200120, room 958, No. 910 Lujiazui Ring Road, Shanghai, Pudong New Area Applicant before: Shanghai Ailong Information Technologies Co., Ltd. |
|
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110420 |