CN102594557A - Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL - Google Patents
Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL Download PDFInfo
- Publication number
- CN102594557A CN102594557A CN2012100054318A CN201210005431A CN102594557A CN 102594557 A CN102594557 A CN 102594557A CN 2012100054318 A CN2012100054318 A CN 2012100054318A CN 201210005431 A CN201210005431 A CN 201210005431A CN 102594557 A CN102594557 A CN 102594557A
- Authority
- CN
- China
- Prior art keywords
- url
- dark
- civilian
- sensitive information
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method and a device for encrypting a uniform resource locator (URL). The method comprises the following steps that: a server responds to a data request of user access, reads data and splices the data into a plaintext URL; sensitive information in the plaintext URL is coded and the coded sensitive information is subjected to encryption to obtain a ciphertext; and a new URL' is obtained by splicing the coded sensitive information, the ciphertext and the plaintext URL and provided for a user to access. The invention also discloses a method and a device for authenticating the URL, and a double-secret-key comparison algorithm is adopted in the method for authenticating the URL. The method and the device for encrypting the URL and the method and the device for authenticating the URL have the advantages that: resources and overhead of the server are saved, the security of the conventional URL encryption algorithm is improved and the timeliness of URL authentication is realized.
Description
Technical field
The present invention relates to field of computer technology, relate in particular to a kind of method and device URL (Uniform/Universal Resource Locator, URL) method of encrypting and device, URL checking.
Background technology
URL also is called as web page address, is to the position of the resource that can obtain from the internet and a kind of succinct expression of access method.URL provides a kind of abstract recognition methods for the position of resource, and locatees to resource in this way; As long as can locate resource, system just can carry out various operations to resource, like access, renewal, replace and search its attribute.URL is equivalent to the expansion of a filename at network range, be with machine that the internet links to each other on a pointer of any accessible object.
In the internet exploitation, administrative staff carry out Authority Verification through regular meeting to the resource that the user uses at present.Existing solution is that the resource number that the active user is used is ID (Identification; Identification) is delivered to the backstage, website; Deposit this ID and current login user on the backstage in session ID is delivered in the Database Systems to be verified, checks whether the active user possesses the authority of using this ID.This way is no problem on safety; But when data volume greatly to a certain degree and related data operate when many; Must relate to the Authority Verification of the enterprising line correlation of operation of this resource at each; Greatly increase Internet server end and the mutual number of times of database service, increased the resource overhead and the processing time of server.
Prior art addresses the above problem the method that is adopted: current I D is encrypted obtain dark literary composition and be marked at Energy Resources Service, avoid current I D is exposed to the user.Suppose that original resource ID is 3, the traditional URL of generation is:
http://domainname.com/page.aspx?id=3;
URL after the encryption is:
http://domainname.com/page.aspx?id=SDFSERWER3S;
Utilize this URL request server, server can be deciphered this ID and be reduced into expressly ID, and corresponding ID is directly presented to the user, removes the operation of checking from.This URL encryption method has taken ample resources and expense and has not possessed ageingly, has big security risk simultaneously, in case encrypted link is cracked, just can use this linked operation always.
Summary of the invention
Main purpose of the present invention provides a kind of method to URL method of encrypting and a kind of URL checking, the resource and the expense that are intended to save server end, and the fail safe that further improves existing URL AES has realized the ageing of URL checking.
The invention provides a kind ofly, may further comprise the steps the URL method of encrypting:
The request of data of server end response user capture reads said data and it is spliced into expressly URL;
Sensitive information after sensitive information among the said plaintext URL encoded and will encode is encrypted and is obtained dark literary composition;
Sensitive information behind the said coding, said dark literary composition and said plaintext URL splicing are obtained new URL ' confession user capture.
Preferably, said sensitive information after sensitive information among the said plaintext URL is encoded and will be encoded is encrypted the step that obtains dark literary composition and is specifically comprised:
Sensitive information M among the said plaintext URL is encoded into sensitive information M1;
Initialization public keys PK
BAnd PK '
B
According to said public keys PK
BSensitive information M1 behind the said coding is encrypted the dark civilian M2 of acquisition.
Preferably, said initialization public keys PK
BAnd PK '
BStep specifically comprise:
At public keys PK
BAnd PK '
BAccessor in, obtain the time attribute character string of any time of current time and the previous day current time respectively;
Said time attribute character string is formatd respectively, obtain new character string;
Said new character string is combined as public keys PK with unique log-on message of active user respectively
BAnd PK '
B
The present invention also provides a kind of device that URL is encrypted, and comprising:
The data response module is used to respond the request of data of user capture, reads said data and it is spliced into expressly URL;
Message processing module, the sensitive information after being used for the sensitive information of said plaintext URL encoded and will encode are encrypted and are obtained dark literary composition;
The information concatenation module is used for the sensitive information behind the said coding, said dark literary composition and said plaintext URL splicing are obtained new URL ' confession user capture.
Preferably, said message processing module specifically comprises:
The information coding unit is used for the sensitive information M of said plaintext URL is encoded into sensitive information M1;
The key initialization unit is used for initialization public keys PK
BAnd PK '
B
The information encryption unit is used for according to said public keys PK
BSensitive information M1 behind the said coding is encrypted the dark civilian M2 of acquisition.
Preferably, said key initialization unit specifically is used for:
At public keys PK
BAnd PK '
BAccessor in, obtain the time attribute character string of any time of current time and the previous day current time respectively;
Said time attribute character string is formatd respectively, obtain new character string;
Said new character string is combined as public keys PK with unique log-on message of active user respectively
BAnd PK '
B
The present invention also provides a kind of method of URL checking, and said URL is based on the above-mentioned URL ' to obtaining in the URL method of encrypting, and the method for said URL checking may further comprise the steps:
Server end receives the request of the said URL ' of user capture, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly;
Sensitive information M1 behind said coding decoding is obtained sensitive information M;
Sensitive information after sensitive information M encrypted and will encrypt and the said dark civilian M2 checking of comparing; If verify successfully, then allow user capture.
Preferably, sensitive information after said server end is encrypted said sensitive information M and will encrypt and the said dark civilian M2 checking of comparing if verify successfully, then allows the step of user capture to comprise:
Server end utilizes public keys PKB and PK ' B to encrypt respectively sensitive information M, obtains the first dark civilian H1 and the second dark civilian H2;
With the said first dark civilian H1 and the said dark civilian M2 checking of comparing,, then verify successfully the permission user capture if the said first dark civilian H1 is identical with said dark civilian M2;
If the said first dark civilian H1 is different with said dark civilian M2, then will the said second dark civilian H2 and the said dark civilian M2 checking of comparing, identical as if the said second dark civilian H2 with said dark civilian M2, then verify successfully the permission user capture; If the said second dark civilian H2 is different with said dark civilian M2, then whole verification process failure, refusing user's visit.
The present invention also provides a kind of device of URL checking, and said URL is based on above-mentioned URL ' to obtaining in the URL method of encrypting, and the device of said URL checking comprises:
Information reading module is used to receive the request of the said URL ' of user capture, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly;
The information decoding module is used for the decoding of the sensitive information M1 behind the said coding is obtained sensitive information M;
The checking of comparing of information encryption and authentication module, sensitive information after being used for sensitive information M encrypted and will encrypt and said dark civilian M2; If verify successfully, then allow user capture.
Preferably, said information encryption and authentication module specifically comprise:
The information encryption unit is used for sensitive information M is utilized said public keys PK respectively
BAnd PK '
BEncrypt, obtain the first dark civilian H1 and the second dark civilian H2;
The Information Authentication unit is used for:
With the said first dark civilian H1 and the said dark civilian M2 checking of comparing,, then verify successfully the permission user capture if the said first dark civilian H1 is identical with said dark civilian M2;
If the said first dark civilian H1 is different with said dark civilian M2, then will the said second dark civilian H2 and the said dark civilian M2 checking of comparing, identical as if the said second dark civilian H2 with said dark civilian M2, then verify successfully the permission user capture; If the said second dark civilian H2 is different with said dark civilian M2, then whole verification process failure, refusing user's visit.
After the present invention carries out encryption through the request of server end response data and to said data; The method that adopts dual key comparison method that ciphered data is verified, improves existing URL AES fail safe and URL verifies ageing beneficial effect at the resource that has realized saving server end and expense.
Description of drawings
Fig. 1 is that the present invention is to URL method of encrypting one embodiment schematic flow sheet;
Fig. 2 be the present invention in the URL method of encrypting, the sensitive information after server end is encoded to sensitive information and will be encoded is encrypted an embodiment schematic flow sheet;
Fig. 3 be the present invention in the URL method of encrypting, initialization public keys one embodiment schematic flow sheet;
Fig. 4 is the structural representation of the present invention to device one embodiment of URL encryption;
Fig. 5 is the structural representation of the present invention to message processing module one embodiment in the device of URL encryption;
Fig. 6 is the method one embodiment schematic flow sheet of URL checking of the present invention;
Fig. 7 encrypts and the checking one embodiment schematic flow sheet of comparing sensitive information in the method for URL of the present invention checking;
Fig. 8 is the device one example structure sketch map of URL checking of the present invention;
Fig. 9 is the structural representation of information encryption and authentication module one embodiment in the device of URL of the present invention checking.
The realization of the object of the invention, functional characteristics and advantage will combine embodiment, further specify with reference to accompanying drawing.
Embodiment
Further specify technical scheme of the present invention below in conjunction with Figure of description and specific embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
With reference to Fig. 1, Fig. 1 is that the present invention is to URL method of encrypting one embodiment schematic flow sheet.As shown in Figure 1, in the embodiment of the invention, the URL method of encrypting is comprised:
The request of data of step S01, server end response user capture reads said data and it is spliced into expressly URL.
After the request of data of server end response user capture, read the data message of said user capture and it is spliced into expressly URL, in the present embodiment, is the plaintext URL that is spliced into preferably: XXX.XXX? Id=3&age=18&info=test.
Step S02, the sensitive information after the sensitive information among the said plaintext URL encoded and will encode are encrypted and are obtained dark literary composition.
Sensitive information has different understanding in different applications.Sensitive information on the common meaning is meant that it is lost, improper use or can be unfavorable for the implementation of national interests or federal government's plan by people's contact or modification without permission or be unfavorable for all information of the personal privacy right that the individual enjoys in accordance with the law.In computer realm, connection string, user rs credentials or encryption key, need the backstage to have the ID etc. of checking resource can think sensitive information.In embodiments of the present invention, the sensitive information among the plaintext URL is assumed to M and it is encoded, the sensitive information that obtains behind the coding is assumed to M1; Further, in a preferred embodiment, sensitive information M is: id=3; Described coding can be chosen the different coding mode according to user's needs, like BASE64 coded system, ASCII coded system, GBK coded system etc.Sensitive information M1 to behind the coding encrypts, and the dark literary composition after obtaining encrypting is assumed to M2.Said encryption refers to certain special algorithm and changes original information data, even make undelegated user obtain information encrypted, but the method because of not knowing to decipher, still can't understand the content of information.
Step S03, the sensitive information behind the said coding, said dark literary composition and said plaintext URL splicing are obtained new URL ' confession user capture.
Dark civilian M2 and said plaintext URL after sensitive information M1 behind the coding, the encryption are combined into new URL '; In the present embodiment, is new URL ' preferably: XXX.XXX? Sc=SDETRTREGDSFRETRERT&oc=FDSETG, server end sends and presents to the user with said comprising simultaneously expressly with dark civilian new URL ' simultaneously.
The present invention expansion to the URL method of encrypting through the response data request and to said data encode and encrypt and will be expressly with encrypt after the dark literary composition method of sending simultaneously; Remove the operation of dark literary composition decoding from; Make being implemented as for maybe of AES that some fail safes are higher such as One-way encryption algorithm; And the dark literary composition that obtains can directly carry out logic and Business Processing, has realized saving the resource of server end and the beneficial effect of expense, the fail safe that has also improved the URL AES simultaneously.
With reference to Fig. 2, Fig. 2 be the present invention in the URL method of encrypting, the sensitive information after server end is encoded to sensitive information and will be encoded is encrypted an embodiment schematic flow sheet.As shown in Figure 2, the present invention is in the URL method of encrypting, and the step that the sensitive information after server end is encoded to sensitive information and will be encoded is encrypted specifically comprises:
Step S021, the sensitive information M among the said plaintext URL is encoded into sensitive information M1;
Sensitive information M among the said plaintext URL is encoded, and in an embodiment preferred, said sensitive information M is: id=3; With obtaining sensitive information M1 behind the said sensitive information M coding; Described coding can be chosen the different coding mode according to user's needs, like BASE64 coded system, ASCII coded system, GBK coded system etc.
Step S022, initialization public keys PK
BAnd PK '
B
The method of initialization public keys can adopt different initialization modes according to the different demands of different user.Owing to encrypt the key that uses is absolute hiding, and therefore is encrypted in to have higher fail safe in a way.Because if a side obtains ciphered data,,, can not open the information of encrypted protection if there is not encrypted secret key even obtained AES.
Step S023, according to said public keys PK
BSensitive information M1 behind the said coding is encrypted the dark civilian M2 of acquisition;
Through said public keys PK
BAnd public keys PK
BCorresponding AES is encrypted the sensitive information M1 behind the coding, and making sensitive information M1 behind the said coding be transformed into a kind of fake information is described dark civilian M2.
The present invention in the URL method of encrypting through sensitive information being encoded and processing such as encryption has reached the beneficial effect that improves existing URL AES fail safe.
With reference to Fig. 3, Fig. 3 be the present invention in the URL method of encrypting, initialization public keys one embodiment schematic flow sheet.As shown in Figure 3, the present invention specifically comprises the step of initialization public keys in the URL method of encrypting:
Step S11, at public keys PK
BAnd PK '
BAccessor in, obtain the time attribute character string of any time of current time and the previous day current time respectively;
Step S12, said time attribute character string is formatd respectively, obtain new character string;
Step S13, said new character string is combined as public keys PK with unique log-on message of active user respectively
BAnd PK '
B
At public keys PK
BAnd PK '
BAccessor in, need obtain the time attribute character string of any time of current time and the previous day current time.If this is when the time is in the such critical value of 23:59:59 on January 1; Server end is presented to the user with the URL link; And the user clicks this link on the January after several seconds 2, and the dark literary composition that will cause like this using first key (key of this moment is the key on January 2) to obtain when encrypting can't mate with the dark literary composition that system passes over.Use second key (being the key in the January 1 of 2 the previous day of January) then can guarantee after this situation takes place, checking is able to success once more.After obtaining the time attribute character string of said current time and the previous day current time, said time attribute character string is formatd respectively, obtain new character string; Described format can be adopted different format modes according to user's different demands.Server end combines said new character string as common encryption key PK with unique log-on message of active user respectively
BAnd PK '
B
The present invention is to the time attribute character string of any time of URL method of encrypting through obtaining current time and the previous day current time and with combining as the method for public keys with unique log-on message of active user after the said string formatization, reached the realization system ageing with the beneficial effect that improves existing URL AES fail safe.
With reference to Fig. 4, Fig. 4 is the structural representation of the present invention to device one embodiment of URL encryption.As shown in Figure 4, the present invention comprises the device that URL encrypts:
After the request of data of the data response module 01 response user capture of server end; Read the data message of said user's request and it is spliced into expressly URL; In the present embodiment, is the plaintext URL that is spliced into preferably: XXX.XXX? Id=3&age=18&info=test.
Dark civilian M2 and said plaintext URL after sensitive information M1 after information concatenation module 03 will be encoded, the encryption are combined into new URL '; In the present embodiment, new URL ' is preferably:
XXX.XXX? Sc=SDETRTREGDSFRETRERT&oc=FDSETG, server end sends and presents to the user with said comprising simultaneously expressly with dark civilian new URL ' simultaneously.
The device that the present invention encrypts URL through 02 pair of sensitive information of request of data, message processing module of data response module 01 response user capture encode, information processing such as encryption and information concatenation module 03 splice all relevant informations and obtain new URL ' confessions user capture, reached the beneficial effect that the resource of saving server end and expense, raising have the fail safe of URL AES now.
With reference to Fig. 5, Fig. 5 is the structural representation of the present invention to message processing module one embodiment in the device of URL encryption.As shown in Figure 5, the present invention specifically comprises message processing module 02 in the device of URL encryption:
Through said public keys PK
BAnd public keys PK
BCorresponding AES, the sensitive information M1 after will encoding in information encryption unit 023 encrypts, and making sensitive information M1 behind the said coding be transformed into a kind of fake information is described dark civilian M2.
In the device that the present invention encrypts URL through 02 pair of sensitive information of message processing module encode, processings such as encryption reached and improved the beneficial effect that has the fail safe of URL AES now.
With reference to Fig. 6, Fig. 6 is the method one embodiment schematic flow sheet of URL checking of the present invention.In the embodiment of the invention, URL ' to obtaining in the URL method of encrypting, wherein includes sensitive information M1, dark civilian M2 and plaintext URL according to aforementioned.As shown in Figure 6, the method for URL checking of the present invention comprises:
Step S21, server end receive the request of the said URL ' of user capture, read the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly;
Step S22, the sensitive information M1 behind said coding decoding is obtained sensitive information M;
Compare checking and judge whether to verify successfully of step S23, the sensitive information after sensitive information M encrypted and will encrypt and said dark civilian M2; Be, then execution in step S24; Deny, then execution in step S25;
Step S24, permission user capture;
Step S25, refusing user's visit.
Server end receives the request of the said URL ' of user capture, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly; Sensitive information M1 behind the said coding is decoded, obtain sensitive information M.Described decoding can need be chosen different decoding processes based on the user, like graceful sign indicating number decoding process, cyclic code decoding process etc.After sensitive information M encrypted, again with the sensitive information after the said encryption and the said dark civilian M2 checking of comparing.Said encryption refers to certain special algorithm and changes original information data, even make undelegated user obtain information encrypted, but the method because of not knowing to decipher, still can't understand the content of information.In a preferred embodiment, dual key comparison proof method is adopted in the said checking of comparing; If verify successfully, then allow user capture; If authentication failed, then refusing user's visit.
The present invention through the resource of said data being carried out the go forward side by side method of line data comparison checking of handled, having reached practicing thrift server end with expense and realize the ageing beneficial effect that URL verifies.
With reference to Fig. 7, Fig. 7 encrypts and the checking one embodiment schematic flow sheet of comparing sensitive information in the method for URL of the present invention checking.As shown in Figure 7, in the method for URL checking of the present invention, the sensitive information encryption and the step of verifying of comparing are comprised:
Step S231, server end utilize said public keys PK respectively with sensitive information M
BAnd PK '
BEncrypt, obtain the first dark civilian H1 and the second dark civilian H2;
Step S232, with the said first dark civilian H1 and said dark civilian M2 compare the checking and judge whether the said first dark civilian H1 identical with said dark civilian M2; Be, then execution in step S233; Deny, then execution in step S234;
Step S233, verify successfully, allow user capture;
Step S234, with the said second dark civilian H2 and said dark civilian M2 compare the checking and judge whether the said second dark civilian H2 identical with said dark civilian M2; If the said second dark civilian H2 is identical with said dark civilian M2, execution in step S233 then; If the said second dark civilian H2 is different with said dark civilian M2, execution in step S235 then;
Step S235, authentication failed, the refusing user's visit.
The method that the comparison checking of present embodiment is adopted is a dual key comparison proof method; If this is when the time is in the such critical value of 23:59:59 on January 1; Server end is presented to the user with the URL link; And the user clicks this link on the January after several seconds 2, and the dark literary composition that will cause like this using first key (key of this moment is the key on January 2) to obtain when encrypting can't mate with the dark literary composition that system passes over.Use second key (being the key in the January 1 of 2 the previous day of January) then can guarantee after this situation takes place, checking is able to success once more.
The method of the method for URL checking of the present invention through adopting dual key comparison proof method to carry out data verification reached the ageing beneficial effect of realizing the URL checking.
With reference to Fig. 8, Fig. 8 is the device one example structure sketch map of URL checking of the present invention.In the embodiment of the invention, URL ' to obtaining in the URL method of encrypting, wherein includes sensitive information M1, dark civilian M2 and plaintext URL according to aforementioned.As shown in Figure 8, the device of URL checking of the present invention comprises:
The checking of comparing of information encryption and authentication module 13, sensitive information after being used for sensitive information M encrypted and will encrypt and said dark civilian M2; If verify successfully, then allow user capture.
The information reading module 11 of server end receives the request of the said URL ' of user captures, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly; The sensitive information M1 of information decoding module 12 after with said coding decodes, and obtains sensitive information M; Described decoding can be chosen different decoding processes according to user's needs, like graceful sign indicating number decoding process, cyclic code decoding process etc.Information encryption and authentication module 13 are encrypted said sensitive information M, and the sensitive information after will encrypting and the said dark civilian M2 checking of comparing.Said encryption refers to certain special algorithm and changes original information data, even make undelegated user obtain information encrypted, but the method because of not knowing to decipher, still can't understand the content of information.In a preferred embodiment, dual key comparison proof method is adopted in the said checking of comparing; If verify successfully, then allow user capture; If authentication failed, then refusing user's visit.
The device of URL of the present invention checking receive users' request through information reading module 11 and read that the sensitive information that corresponding information, information decoding module 12 encoded is decoded, relevant information was encrypted and verified to information encryption and 13 pairs of said sensitive informations of authentication module method, the resource that has reached the system that saves is with expense and realize that existing URL verifies ageing beneficial effect.
With reference to Fig. 9, Fig. 9 is the structural representation of information encryption and authentication module one embodiment in the device of URL of the present invention checking.As shown in Figure 9, in the device of URL checking of the present invention, information encryption and authentication module 13 comprise:
With the said first dark civilian H1 and the said dark civilian M2 checking of comparing,, then verify successfully the permission user capture if the said first dark civilian H1 is identical with said dark civilian M2;
If the said first dark civilian H1 is different with said dark civilian M2, then will the said second dark civilian H2 and the said dark civilian M2 checking of comparing, identical as if the said second dark civilian H2 with said dark civilian M2, then verify successfully the permission user capture; If the said second dark civilian H2 is different with said dark civilian M2, then whole verification process failure, refusing user's visit.
The method that the comparison checking of present embodiment is adopted is a dual key comparison proof method; If this is when the time is in the such critical value of 23:59:59 on January 1; Server end is presented to the user with the URL link; And the user clicks this link on the January after several seconds 2, and the dark literary composition that will cause like this using first key (key of this moment is the key on January 2) to obtain when encrypting can't mate with the dark literary composition that system passes over.Use second key (being the key in the January 1 of 2 the previous day of January) then can guarantee after this situation takes place, checking is able to success once more.
The method of the device of URL checking of the present invention through said data being carried out handled and adopting the dual key comparison to carry out data verification reached conserve system resources and expense and realized the ageing beneficial effect of URL checking.
The above is merely the preferred embodiments of the present invention; Be not so limit its claim; Every equivalent structure or equivalent flow process conversion that utilizes specification of the present invention and accompanying drawing content to be done; Directly or indirectly be used in other relevant technical fields, all in like manner be included in the scope of patent protection of the present invention.
Claims (10)
1. one kind to the URL method of encrypting, it is characterized in that, may further comprise the steps:
The request of data of server end response user capture reads said data and it is spliced into expressly URL;
Sensitive information after sensitive information among the said plaintext URL encoded and will encode is encrypted and is obtained dark literary composition;
Sensitive information behind the said coding, said dark literary composition and said plaintext URL splicing are obtained new URL ' confession user capture.
2. based on claim 1 is described the URL method of encrypting is characterized in that said sensitive information after sensitive information among the plaintext URL is encoded and will be encoded is encrypted the step that obtains dark literary composition and specifically comprised:
Sensitive information M among the said plaintext URL is encoded into sensitive information M1;
Initialization public keys PK
BAnd PK '
B
According to said public keys PK
BSensitive information M1 behind the said coding is encrypted the dark civilian M2 of acquisition.
3. according to claim 2ly the URL method of encrypting is characterized in that said initialization public keys PK
BAnd PK '
BStep specifically comprise:
At public keys PK
BAnd PK '
BAccessor in, obtain the time attribute character string of any time of current time and the previous day current time respectively;
Said time attribute character string is formatd respectively, obtain new character string;
Said new character string is combined as public keys PK with unique log-on message of active user respectively
BAnd PK '
B
4. the device that URL is encrypted is characterized in that, comprising:
The data response module is used to respond the request of data of user capture, reads said data and it is spliced into expressly URL;
Message processing module, the sensitive information after being used for the sensitive information of said plaintext URL encoded and will encode are encrypted and are obtained dark literary composition;
The information concatenation module is used for the sensitive information behind the said coding, said dark literary composition and said plaintext URL splicing are obtained new URL ' confession user capture.
5. the device that URL is encrypted according to claim 4 is characterized in that said message processing module specifically comprises:
The information coding unit is used for the sensitive information M of said plaintext URL is encoded into sensitive information M1;
The key initialization unit is used for initialization public keys PK
BAnd PK '
B
The information encryption unit is used for according to said public keys PK
BSensitive information M1 behind the said coding is encrypted the dark civilian M2 of acquisition.
6. the device that URL is encrypted according to claim 5 is characterized in that said key initialization unit specifically is used for:
At public keys PK
BAnd PK '
BAccessor in, obtain the time attribute character string of any time of current time and the previous day current time respectively;
Said time attribute character string is formatd respectively, obtain new character string;
Said new character string is combined as public keys PK with unique log-on message of active user respectively
BAnd PK '
B
7. the method for URL checking, said URL is characterized in that for based on the described URL ' to obtaining in the URL method of encrypting of claim 1 method of said URL checking may further comprise the steps:
Server end receives the request of the said URL ' of user capture, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly;
Sensitive information M1 behind said coding decoding is obtained sensitive information M;
Sensitive information after sensitive information M encrypted and will encrypt and the said dark civilian M2 checking of comparing; If verify successfully, then allow user capture.
8. the method for URL checking according to claim 7; It is characterized in that; Sensitive information after said server end is encrypted said sensitive information M and will encrypt and the said dark civilian M2 checking of comparing if verify successfully, then allows the step of user capture to comprise:
Server end utilizes public keys PK respectively with sensitive information M
BAnd PK '
BEncrypt, obtain the first dark civilian H1 and the second dark civilian H2;
With the said first dark civilian H1 and the said dark civilian M2 checking of comparing,, then verify successfully the permission user capture if the said first dark civilian H1 is identical with said dark civilian M2;
If the said first dark civilian H1 is different with said dark civilian M2, then will the said second dark civilian H2 and the said dark civilian M2 checking of comparing, identical as if the said second dark civilian H2 with said dark civilian M2, then verify successfully the permission user capture; If the said second dark civilian H2 is different with said dark civilian M2, then whole verification process failure, refusing user's visit.
9. the device of URL checking, said URL is characterized in that for based on the described URL ' to obtaining in the URL method of encrypting of claim 1 device of said URL checking comprises:
Information reading module is used to receive the request of the said URL ' of user capture, reads the sensitive information M1 behind the middle coding of said URL ', dark civilian M2 and URL expressly;
The information decoding module is used for the decoding of the sensitive information M1 behind the said coding is obtained sensitive information M;
The checking of comparing of information encryption and authentication module, sensitive information after being used for sensitive information M encrypted and will encrypt and said dark civilian M2; If verify successfully, then allow user capture.
10. the device of URL checking according to claim 9 is characterized in that said information encryption and authentication module specifically comprise:
The information encryption unit is used for sensitive information M is utilized said public keys PK respectively
BAnd PK '
BEncrypt, obtain the first dark civilian H1 and the second dark civilian H2;
The Information Authentication unit is used for:
With the said first dark civilian H1 and the said dark civilian M2 checking of comparing,, then verify successfully the permission user capture if the said first dark civilian H1 is identical with said dark civilian M2;
If the said first dark civilian H1 is different with said dark civilian M2, then will the said second dark civilian H2 and the said dark civilian M2 checking of comparing, identical as if the said second dark civilian H2 with said dark civilian M2, then verify successfully the permission user capture; If the said second dark civilian H2 is different with said dark civilian M2, then whole verification process failure, refusing user's visit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100054318A CN102594557A (en) | 2012-01-10 | 2012-01-10 | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100054318A CN102594557A (en) | 2012-01-10 | 2012-01-10 | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102594557A true CN102594557A (en) | 2012-07-18 |
Family
ID=46482782
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012100054318A Pending CN102594557A (en) | 2012-01-10 | 2012-01-10 | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102594557A (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102801810A (en) * | 2012-08-24 | 2012-11-28 | 乐视网信息技术(北京)股份有限公司 | Method for hiding URL (Uniform Resource Locator) in content delivery network |
| CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
| CN103701946A (en) * | 2013-12-20 | 2014-04-02 | 珠海金山网络游戏科技有限公司 | Method and system for client-side to be in communication with server through URL (Universal Resource Locator) |
| CN104244235A (en) * | 2013-06-20 | 2014-12-24 | 中国移动通信集团安徽有限公司 | Method and system for encryption and decryption of sensitive information of telecommunication call bill |
| CN105025019A (en) * | 2015-07-07 | 2015-11-04 | 深圳奥联信息安全技术有限公司 | Data safety sharing method |
| CN105282090A (en) * | 2014-06-03 | 2016-01-27 | 江南大学 | Public URL encryption coding method for preventing illegal access on internet |
| WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
| CN105721425A (en) * | 2015-12-31 | 2016-06-29 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN105827582A (en) * | 2015-09-14 | 2016-08-03 | 维沃移动通信有限公司 | Communication encryption method, device and system |
| CN105871827A (en) * | 2016-03-28 | 2016-08-17 | 乐视控股(北京)有限公司 | Anti-leech method and system |
| CN106453277A (en) * | 2016-09-02 | 2017-02-22 | 长城汽车股份有限公司 | Vehicle virtual key authorization method and system, mobile terminals and server |
| CN107154920A (en) * | 2016-03-04 | 2017-09-12 | 神讯电脑(昆山)有限公司 | Encryption method, decryption method and the reception device to receive security information of security information |
| CN107612692A (en) * | 2017-09-25 | 2018-01-19 | 咪咕文化科技有限公司 | A kind of information processing method, device and storage medium |
| CN107707532A (en) * | 2017-09-15 | 2018-02-16 | 北京小米移动软件有限公司 | URL generations, query argument verification method, device, equipment and storage medium |
| CN107835159A (en) * | 2017-10-20 | 2018-03-23 | 福建中金在线信息科技有限公司 | Access path time slot scrambling, device and server |
| CN105429953B (en) * | 2015-10-30 | 2018-11-13 | 上海红神信息技术有限公司 | A kind of methods, devices and systems for accessing website |
| CN109040006A (en) * | 2018-06-06 | 2018-12-18 | 中融万博网络科技有限公司 | A kind of secret letter systems approach |
| CN109271797A (en) * | 2018-09-12 | 2019-01-25 | 郑州云海信息技术有限公司 | A kind of method and system improving the safety of database sensitive information |
| CN112003847A (en) * | 2020-08-14 | 2020-11-27 | 苏州浪潮智能科技有限公司 | Front-end authority access method and equipment |
| CN114567476A (en) * | 2022-02-23 | 2022-05-31 | 平安普惠企业管理有限公司 | Data security protection method and device, electronic equipment and medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1744504A (en) * | 2004-08-31 | 2006-03-08 | 国际商业机器公司 | Method for requesting service source positioning character |
| JP2006216002A (en) * | 2005-02-02 | 2006-08-17 | Foward Network:Kk | Url security system |
| CN101373504A (en) * | 2008-08-04 | 2009-02-25 | 北京大学 | Management method and system for downloading digital content |
| CN101662364A (en) * | 2009-09-17 | 2010-03-03 | 北京飞天诚信科技有限公司 | Method and system for safe login |
| CN101981888A (en) * | 2008-01-26 | 2011-02-23 | 思杰系统有限公司 | Policy driven fine grain URL encoding mechanism for SSL VPN clientless access |
-
2012
- 2012-01-10 CN CN2012100054318A patent/CN102594557A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1744504A (en) * | 2004-08-31 | 2006-03-08 | 国际商业机器公司 | Method for requesting service source positioning character |
| JP2006216002A (en) * | 2005-02-02 | 2006-08-17 | Foward Network:Kk | Url security system |
| CN101981888A (en) * | 2008-01-26 | 2011-02-23 | 思杰系统有限公司 | Policy driven fine grain URL encoding mechanism for SSL VPN clientless access |
| CN101373504A (en) * | 2008-08-04 | 2009-02-25 | 北京大学 | Management method and system for downloading digital content |
| CN101662364A (en) * | 2009-09-17 | 2010-03-03 | 北京飞天诚信科技有限公司 | Method and system for safe login |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102801810A (en) * | 2012-08-24 | 2012-11-28 | 乐视网信息技术(北京)股份有限公司 | Method for hiding URL (Uniform Resource Locator) in content delivery network |
| CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
| CN103067156B (en) * | 2012-12-28 | 2016-01-20 | 北京移数通电讯有限公司 | The URL encryption of mobile Internet user resources access, verification method and device |
| CN104244235A (en) * | 2013-06-20 | 2014-12-24 | 中国移动通信集团安徽有限公司 | Method and system for encryption and decryption of sensitive information of telecommunication call bill |
| CN103701946B (en) * | 2013-12-20 | 2017-02-08 | 珠海金山网络游戏科技有限公司 | Method and system for client-side to be in communication with server through URL (Universal Resource Locator) |
| CN103701946A (en) * | 2013-12-20 | 2014-04-02 | 珠海金山网络游戏科技有限公司 | Method and system for client-side to be in communication with server through URL (Universal Resource Locator) |
| CN105282090B (en) * | 2014-06-03 | 2018-11-27 | 江南大学 | A kind of open URL scrambled method of anti-unauthorized access on internet |
| CN105282090A (en) * | 2014-06-03 | 2016-01-27 | 江南大学 | Public URL encryption coding method for preventing illegal access on internet |
| WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
| US10505934B2 (en) | 2014-09-03 | 2019-12-10 | Alibaba Group Holding Limited | Sensitive information processing method, device and server, and security determination system |
| CN105025019A (en) * | 2015-07-07 | 2015-11-04 | 深圳奥联信息安全技术有限公司 | Data safety sharing method |
| CN105025019B (en) * | 2015-07-07 | 2018-09-28 | 深圳奥联信息安全技术有限公司 | A kind of data safety sharing method |
| CN105827582B (en) * | 2015-09-14 | 2019-07-26 | 维沃移动通信有限公司 | A kind of communication encrypting method, device and system |
| CN105827582A (en) * | 2015-09-14 | 2016-08-03 | 维沃移动通信有限公司 | Communication encryption method, device and system |
| CN105429953B (en) * | 2015-10-30 | 2018-11-13 | 上海红神信息技术有限公司 | A kind of methods, devices and systems for accessing website |
| CN105721425A (en) * | 2015-12-31 | 2016-06-29 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN107154920A (en) * | 2016-03-04 | 2017-09-12 | 神讯电脑(昆山)有限公司 | Encryption method, decryption method and the reception device to receive security information of security information |
| CN105871827A (en) * | 2016-03-28 | 2016-08-17 | 乐视控股(北京)有限公司 | Anti-leech method and system |
| CN106453277A (en) * | 2016-09-02 | 2017-02-22 | 长城汽车股份有限公司 | Vehicle virtual key authorization method and system, mobile terminals and server |
| CN107707532B (en) * | 2017-09-15 | 2022-05-13 | 北京小米移动软件有限公司 | URL (Uniform resource locator) generation and query parameter verification method, device, equipment and storage medium |
| CN107707532A (en) * | 2017-09-15 | 2018-02-16 | 北京小米移动软件有限公司 | URL generations, query argument verification method, device, equipment and storage medium |
| CN107612692A (en) * | 2017-09-25 | 2018-01-19 | 咪咕文化科技有限公司 | A kind of information processing method, device and storage medium |
| CN107612692B (en) * | 2017-09-25 | 2020-06-12 | 咪咕文化科技有限公司 | Information processing method, device and storage medium |
| CN107835159A (en) * | 2017-10-20 | 2018-03-23 | 福建中金在线信息科技有限公司 | Access path time slot scrambling, device and server |
| CN109040006A (en) * | 2018-06-06 | 2018-12-18 | 中融万博网络科技有限公司 | A kind of secret letter systems approach |
| CN109271797A (en) * | 2018-09-12 | 2019-01-25 | 郑州云海信息技术有限公司 | A kind of method and system improving the safety of database sensitive information |
| CN112003847A (en) * | 2020-08-14 | 2020-11-27 | 苏州浪潮智能科技有限公司 | Front-end authority access method and equipment |
| CN114567476A (en) * | 2022-02-23 | 2022-05-31 | 平安普惠企业管理有限公司 | Data security protection method and device, electronic equipment and medium |
| CN114567476B (en) * | 2022-02-23 | 2024-02-13 | 天翼安全科技有限公司 | Data security protection method and device, electronic equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102594557A (en) | Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL | |
| CN109983466B (en) | Account management system and method based on block chain and storage medium | |
| CN105099692B (en) | Security verification method and device, server and terminal | |
| CN104065653B (en) | A kind of interactive auth method, device, system and relevant device | |
| CN105515783B (en) | Identity identifying method, server and certification terminal | |
| CN104065652B (en) | A kind of auth method, device, system and relevant device | |
| CN103051628B (en) | Obtain the method and system of authentication token based on server | |
| CN109347635A (en) | A kind of Internet of Things security certification system and authentication method based on national secret algorithm | |
| CN102055768B (en) | Network logon method and system | |
| CN103546432B (en) | Realize method and system and browser, the name server of cross-domain redirect | |
| CN101741843B (en) | Method, device and system for realizing user authentication by utilizing public key infrastructure | |
| CN104618334A (en) | Method and system for generating and verifying dynamic two-dimensional code | |
| US20110283106A1 (en) | Method for realizing authentication center and authentication system | |
| CN103051453A (en) | Digital certificate-based mobile terminal network security trading system and digital certificate-based mobile terminal network security trading method | |
| US10133861B2 (en) | Method for controlling access to a production system of a computer system not connected to an information system of said computer system | |
| CN104281866A (en) | Two-dimensional code application method and device | |
| CN103326859B (en) | System and method for safety certification based on catalog | |
| CN102946314A (en) | Client-side user identity authentication method based on browser plug-in | |
| CN104063650B (en) | A kind of key storage device and using method thereof | |
| CN112511514A (en) | HTTP encrypted transmission method and device, computer equipment and storage medium | |
| CN106330829A (en) | Method and system for realizing single signing on by using middleware | |
| CN115842680B (en) | Network identity authentication management method and system | |
| CN109902462A (en) | A kind of unified identity authentication method towards power scheduling control system | |
| CN102404337A (en) | Data encryption method and device | |
| CN110611661A (en) | Acquired information sharing method and system based on double-authentication multiple-protection measures |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120718 |