CN102684877B - A kind of method and device carrying out user profile process - Google Patents
A kind of method and device carrying out user profile process Download PDFInfo
- Publication number
- CN102684877B CN102684877B CN201210093575.3A CN201210093575A CN102684877B CN 102684877 B CN102684877 B CN 102684877B CN 201210093575 A CN201210093575 A CN 201210093575A CN 102684877 B CN102684877 B CN 102684877B
- Authority
- CN
- China
- Prior art keywords
- user
- key
- data
- local
- browser
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 78
- 230000008569 process Effects 0.000 title claims abstract description 28
- 239000000284 extract Substances 0.000 claims description 27
- 230000008859 change Effects 0.000 claims description 15
- 239000011159 matrix material Substances 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 2
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
This application provides a kind of method and apparatus carrying out user profile process.Described method comprises: receive the request be encrypted user profile; The logging status current according to user obtains corresponding encryption key; According to described encryption key, described user profile is encrypted; The data of encryption are encoded, the data after coding are preserved as the first enciphered data.The application can improve the fail safe of user data.
Description
Technical field
The application relates to data security arts, particularly relates to a kind ofly carrying out the method for user profile process and a kind of device carrying out user profile process.
Background technology
Internet is an open system, and anyone can share the resource of oneself by it, the information needed for acquisition.When people carry out information interchange on network time, such as receiving and dispatching mail, or need the website that personal information is provided when logging in, these packets of information that contain important personal information are are probably intercepted and captured by third party before reaching its final destination and crack.
Base64 is one of modal cipher mode on network, first, each character conversion of the text that will encrypt becomes the ASCII decimal code of standard, then, foundation translation table is string of binary characters, and be divided into 61 group, become decimal equivalent number according to corresponding translation table, convert Base64 coding to finally by Base64 table.Change the probability of original character appearance through Base64 coding, data encoding is become the character that cannot with the naked eye identify, have not readable, and then ensure that the fail safe of transmission data.
Base64 is usually used in the webserver and completes Basic Authentication based on HTTP.When some file of server wants limiting access, by using the Basic Authentication system based on HTTP, just cryptoguard can be carried out to these files.And Basic Authentication uses Base64 coding standard to be encrypted username and password.Like this, when hackers use TCP to connect ESMTP server by port, manual input variable will increase greatly.In addition, most email client all uses Base64 to pass through Internet Transmission to after document No..
Above prior art Problems existing is, because the ciphering process of Base64 is simple, once be identified by people, just can decipher by means of only very simple inverse algorithm, and the data by Base64 encryption are converted to the decimal system, then convert binary coding to by calculating.Binary coding is divided into 61 group, obtains decimal code, finally equivalence is encoded to corresponding ASCII again.Therefore, Base64 enciphered data safety is used to can not get reliable guarantee.
Therefore, the technical problem needing those skilled in the art to solve at present is exactly provide a kind of mechanism of carrying out user profile process, improves the fail safe of user data.
Summary of the invention
Technical problems to be solved in this application are to provide a kind of method of carrying out user profile process, improve the fail safe of user data.
Present invention also provides a kind of device carrying out user profile process, in order to ensure said method application in practice and realization.
In order to solve the problem, this application discloses a kind of method of carrying out user profile process, comprising:
Receive the request that user profile is encrypted;
The logging status current according to user obtains corresponding encryption key;
According to described encryption key, described user profile is encrypted;
The data of encryption are encoded, the data after coding are preserved as the first enciphered data.
Preferably, described method comprises further:
Generate decoding request, and obtain the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data;
Described first enciphered data is decoded;
According to described decruption key to decoded decrypt data;
According to the data after deciphering, automatically log in or automatically register.
Preferably, described user profile comprises log-on message or the subscriber identity information of user.
Preferably, user profile described in described foundation enciphering/deciphering double secret key carries out the algorithm of enciphering/deciphering is symmetry algorithm.
Preferably, described first enciphered data is kept at browser this locality or server side.
Preferably, the step that the described logging status current according to user obtains corresponding encryption key comprises:
If user does not log in browser, then extract local key as encryption key in client, described local key foundation and subscriber equipment one to one hardware parameter generate;
If user logs in browser, then extract netkey as encryption key at server end.
Preferably, when user logs in browser, the secret key of described encryption comprises local key further, then
Before being encrypted user profile according to described encryption key, described method comprises further:
Be encrypted according to user profile described in described local double secret key;
The data of described local secret key encryption are encoded.
Preferably, the described step according to the secret key of the corresponding deciphering of user's current logged-on status acquisition comprises:
If user does not log in browser, then extract local key as decruption key in client, described local key foundation and subscriber equipment one to one hardware parameter generate;
If user logs in browser, then extract netkey as decruption key at server end.
Preferably, when user logs in browser, the secret key of described deciphering comprises local key further, then
After foundation netkey is to decoded decrypt data, described method also comprises:
To the data after being decrypted according to described netkey, decode;
Be decrypted according to described local key.
Preferably, during login user and when not logging in, described first enciphered data is stored in network user's encrypting database and Public Subscriber encrypting database respectively.
Preferably, user the logging status of browser end never log in change login into time, described method also comprises:
Extract the first enciphered data and the netkey of user in local key, Public Subscriber database, be decrypted by local double secret key first enciphered data, and use netkey to be encrypted the data after deciphering, and be kept at network subscriber database.
Preferably, when user the logging status of browser end never log in change login into time, described method also comprises:
Extract the first enciphered data and the netkey of user in Public Subscriber database, use first enciphered data of netkey to user to be encrypted, and be kept at network subscriber database.
Preferably, described symmetry algorithm is AES64, AES128 or AES256 algorithm.
Preferably, described coding/decoding algorithm is Base64 coding/decoding.
Present invention also provides a kind of device carrying out user profile process, comprising:
CIPHERING REQUEST receiver module, for receiving the request be encrypted user profile;
Encryption key acquisition module, obtains corresponding encryption key for the logging status current according to user;
Encrypting module, for being encrypted described user profile according to described encryption key;
Data after coding, for encoding to the data of encryption, are preserved as the first enciphered data by coding module.
Preferably, described device comprises further:
Decoding request generation module, for generating decoding request, and obtains the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data;
Decoder module, for decoding to described first enciphered data;
Deciphering module, for according to described decruption key to decoded decrypt data;
Automatic load-on module, for according to the data after deciphering, automatically logs in or automatically registers.
Preferably, described user profile comprises log-on message or the subscriber identity information of user.
Preferably, user profile described in described foundation enciphering/deciphering double secret key carries out the algorithm of enciphering/deciphering is symmetry algorithm.
Preferably, described first enciphered data is kept at browser this locality or server side.
Preferably, described encryption key acquisition module comprises:
The secret key of first encryption obtains submodule, if do not log in browser for user, then extracts local key as encryption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
The secret key of second encryption obtains submodule, if log in browser for user, then extracts netkey as encryption key at server end.
Preferably, when user logs in browser, described encryption key comprises local key further, then
Before encrypting module, described device also comprises:
Local encryption module, for being encrypted according to user profile described in described local double secret key;
Local cipher data coding module, for encoding to the data of local secret key encryption.
Preferably, described decoding request generation module comprises:
First decruption key obtains submodule, if do not log in browser for user, then extracts local key as decruption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
Second decruption key obtains submodule, if log in browser for user, then extracts netkey as decruption key at server end.
Preferably, when user logs in browser, described encryption key comprises local key further, then
After deciphering module, described device also comprises:
Local decode module, for the data be decrypted according to netkey, decodes;
Local deciphering module, for being decrypted according to local key.
Preferably, during login user and when not logging in, described first enciphered data is stored in network user's encrypting database and Public Subscriber encrypting database respectively.
Preferably, when user the logging status of browser end never log in change login into time, described device also comprises:
First data batchmove module, for extracting the first enciphered data and the netkey of user in local key, Public Subscriber database, be decrypted by the final enciphered data of local double secret key, and use netkey to be encrypted the data after deciphering, and be kept at network subscriber database.
Preferably, when user the logging status of browser end never log in change login into time, described device also comprises:
Second data batchmove module, for extracting the first enciphered data and the netkey of user in Public Subscriber database, using the final enciphered data of netkey to user to be encrypted, and being kept at network subscriber database.
Preferably, described symmetry algorithm is AES64, AES128 or AES256 algorithm.
Preferably, described coding/decoding algorithm is Base64 coding/decoding.
Compared with prior art, the application has the following advantages:
The situation whether the application logs in browser for user adopts local key or netkey to be encrypted respectively, first by AES encryption method, be-encrypted data is converted into random data, then random data is carried out Base64 coding, be converted into the data of naked eyes None-identified, encrypt relative to simple Base64, hacker's Water demand deciphering order, carry out secondary deciphering, difficulty increases greatly.Therefore, the encryption method of the application can strengthen Information Security, allows hacker cannot data decryption easily.
Because netkey is kept at server end, download to this locality through network request, higher compared to local key safety, avoid because the instability of client causes the leakage of password, like this, even if hacker has known the order of deciphering, if do not get netkey, still can not decipher.Further, because login user is different with the cipher mode of login user, also certain difficulty is caused to hack.
Meanwhile, for listed user, first an AES encryption and Base64 encryption can be carried out with local key, and then carry out an AES encryption and Base64 encryption with netkey, encryption logic is more complicated, and the difficulty cracked is larger, and the data of user also can be safer.
In addition, the enciphered data of login user is placed on server end by the application, and enciphered data is safer.Further, when the login situation of user changes, the corresponding deposit position changing cipher mode and enciphered data, if when user never logs in and changes login into, netkey can be used to be encrypted, and enciphered data is placed on server end, user data is safer.
Accompanying drawing explanation
Fig. 1 is a kind of flow chart carrying out the embodiment of the method 1 of user profile process of the application;
Fig. 2 is a kind of flow chart carrying out the embodiment of the method 2 of user profile process of the application;
Fig. 3 is a kind of structured flowchart carrying out the device embodiment 1 of user profile process of the application;
Fig. 4 is a kind of structured flowchart carrying out the device embodiment 2 of user profile process of the application.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the application more become apparent, below in conjunction with the drawings and specific embodiments, the application is described in further detail.
With reference to figure 1, show a kind of flow chart carrying out the embodiment of the method 1 of user profile process of the application, can comprise the following steps:
Step 101, receive the request that user profile is encrypted.
In concrete realization, described user profile can comprise log-on message or the subscriber identity information of user.
Step 102, obtain corresponding encryption key according to the current logging status of user.
Described encryption key can comprise local key or netkey.Its identity information can be obtained after user logs in, therefore can different users be distinguished, netkey is the key bound with current user identities information that network terminal produces at random, if user logs in browser, then extracts netkey as encryption key at server end.Because netkey is deposited in the server, download to this locality through network request, for login user, password is preserved on the server, reduces from the uncontrollable risk of client, more safer than local key.In concrete realization, can arrange user log in after can obtain netkey, if this key can be got, be then encrypted with netkey, if obtain less than, be then encrypted with local key.
Each user not logging in browser cannot distinguish in the identity of network terminal, and local key can be used as encryption key.Described local key foundation and subscriber equipment one to one hardware parameter generate (volume label of such as local disk), and every platform machine has one and the machine local key one to one, and different machine key is different from each other.
Different cipher modes is taked for login user and A non logged-on user, the difficulty of hack can be improved, even if hacker has known the order of deciphering, if do not get netkey, still can not decipher.
Step 103, according to described encryption key, described user profile to be encrypted;
When carrying out information interchange transmission in the Internet, using encryption key to be encrypted is simple and effective encryption method.What information needed to carry out data according to rule before sending rearranges combination, has upset original data sequence, even if packet is intercepted and captured the fail safe that also can not affect data by third party like this.Preferably, the described algorithm be encrypted described user profile according to encryption key can be symmetry algorithm, and described symmetry algorithm can be AES64, AES128 or AES256 algorithm.
AES (Advanced Encryption Standard, AdvancedEncryptionStandard), also known as Rijndael enciphered method, is a kind of block encryption standard that Federal Government adopts.AES is a kind of symmetric key algorithm, uses 128,192 or 256 keys, and encrypts and decrypts data with 128 bit data block groupings.In this application, described AES encryption can be AES64, AES128 or AES256 encryption.
AES, when being encrypted, often can adopting a key in client, use this key to encode.AES encryption process operates on the byte matrix of 4 × 4, and this matrix is also called " body (state) ", and its initial value is exactly an expressly block (in matrix, element size is exactly a Byte expressly in block).During encryption, each wheel AES encryption circulation (except last is taken turns) all comprises 4 steps:
Each byte in step 1, matrix carries out XOR with this second leg gold key (Roundkey), and each golden key is produced by secret generating scheme;
Step 2, by a nonlinear replacement function, by the mode of look-up table, each byte is replaced to corresponding byte, the result of replacing byte is equivalent to the result of wrong row;
Step 3, circulating displacement is carried out in each line in matrix, through this step, in output matrix, each perpendicular row, is all made up of the element in each different lines in input matrix;
Step 4, in order in abundant hybrid matrix each keep straight on, this step uses linear transformation to mix four bytes in often going, each four byte of keeping straight on be combined with each other through linear transformation, the byte of each input can impact four bytes exported.
Above 4 step cycle are carried out, and last is taken turns in circulation and omits the 4th step, and replace with another the 3rd step, after AES encryption, be-encrypted data can be become one section of random data.
Step 104, to encryption data encode, using coding after data preserve as the first enciphered data.
Preferably, described encryption algorithm is can Base64 coding.Through Base64 coding, first the data after AES encryption are converted into ASCII decimal code, are then converted to the string of binary characters of 61 group, then become the decimal system according to corresponding translation table, convert Base64 coding to finally by Base64 table.In the following example.
Data to be converted are: 101011011011101001110110;
Binary system is: 00101011000110110010100100110110;
The decimal system is: 43274154;
Base64 encoded radio is: rbp2;
Therefore, 24 data to be encoded above through coding after Base64 value be rbp2, people by naked eyes None-identified go out former data.Further, encrypt relative to simple Base64, the encryption method of the application has carried out secondary deciphering to data, and the difficulty of deciphering increases greatly.Therefore, the encryption method of the application can strengthen Information Security, allows hacker cannot data decryption easily.
Preferably, can also according to the decrypt data of the decoding request of user to encryption, as shown in Figure 1, described method can further include step 105.
Step 105, generation decoding request, and obtain the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data.
When browser needs to use information, need to be decrypted first enciphered data of user, user's current logged-on status is different, and the key of deciphering is not identical yet.Specifically, if user does not log in browser, then extract local key as decruption key in client, described local key foundation and subscriber equipment one to one hardware parameter generate.If user logs in browser, then extract netkey as decruption key at server end.
Step 106, described first enciphered data to be decoded.
According to ciphering process above, first need to decode to the first enciphered data, and then be decrypted according to decruption key.Preferably, described decoding algorithm can be decoded for Base64.
Step 107, according to described decruption key to decoded decrypt data;
If use symmetry algorithm to be encrypted data, also need the key used when using encryption to be decrypted when deciphering, preferably, described symmetry algorithm is AES64, AES128 or AES256 algorithm.
Step 108, according to deciphering after data, automatically log in or automatically register.
After being decrypted user profile, may be used for logging in or registering used.In specific implementation, after user inputs password on webpage, the option whether user logs in automatically can be supplied to, user can be encrypted user login information, when next user logs in same web page after determining automatically to have logged in next time, take out the log-on message of user encryption, be decrypted, the log-on message Auto-writing then deciphering obtained, in login frame, realizes automatically logging in.
Equally, when user registers multiple website, may need to fill in multiple identity information, cumbersome, after user has filled in identity information on a website or browser, identity information can be encrypted, when next time, user needed to fill in identity information, the identity of encryption letter can be taken out, and be decrypted, by the identity information Auto-writing after deciphering in registration box, realize automatically registering.
Preferably, described first enciphered data can be kept at browser this locality or server side.When user logs in and when not logging in, described first enciphered data can be stored in preset network user's encrypting database and Public Subscriber encrypting database respectively.After encryption completes, the final enciphered data of described login user can be placed in network user's encrypting database, this cryptographic libraries is for login user, and password leaves in the proprietary file folder of each network user; The final enciphered data of non-login user can be placed in Public Subscriber encrypting database, and this cryptographic libraries is for non-login user, and password leaves in the proprietary file folder of local Public Subscriber.
When user the logging status of browser end never log in change login into time, can also the cipher mode of corresponding change user, and change the database that final enciphered data stores.Specifically, the first enciphered data and the netkey of user in local key, Public Subscriber database can be extracted, be decrypted by local double secret key first enciphered data, and use netkey to be encrypted the data after deciphering, and be kept at network subscriber database.
With reference to figure 2, show a kind of flow chart carrying out the embodiment of the method 2 of user profile process of the application, specifically can comprise the following steps:
In the present embodiment, user logs in browser, and encryption key comprises local key and netkey, can also according to local key be encrypted before being encrypted according to netkey.
Step 201, receive the request that user profile is encrypted;
Step 202, obtain corresponding encryption key according to the current logging status of user, described encryption key comprises local key and netkey;
Step 203, to be encrypted according to described local double secret key user profile.
Step 204, the data of described local secret key encryption to be encoded.
Step 205, to be encrypted according to described netkey;
Step 206, the data that described netkey is encrypted to be encoded, data after coding are preserved as the first enciphered data.
According to the present embodiment, for listed user, first can carry out an AES encryption with local key, and then once encrypt with netkey and encode.Can also once encrypt after carrying out local cipher, compare and original mode be encrypted according to netkey, encryption logic is more complicated, and the difficulty cracked is larger, and the data of user also can be safer again.
Step 207, generation decoding request, and obtain the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data, described decruption key comprises local key and netkey.
In the present embodiment, when first enciphered data is decrypted, if user logs in browser, described decruption key can comprise local key and netkey, can netkey be first used to be decrypted, re-use local key to be decrypted, before carrying out this locality deciphering, can also first decode.
Step 208, described first enciphered data to be decoded.
Step 209, according to described netkey to decoded decrypt data;
Step 210, to the data after being decrypted according to described netkey, to decode;
Step 211, to be decrypted according to described local key.
Step 212, according to deciphering after data, automatically log in or automatically register.
In sum, the situation whether the application logs in browser for user adopts local key or netkey to be encrypted respectively, first by AES encryption method, be-encrypted data is converted into random data, then random data is carried out Base64 coding, be converted into the data of naked eyes None-identified, encrypt relative to simple Base64, hacker's Water demand deciphering order, carry out secondary deciphering, difficulty increases greatly.Therefore, the encryption method of the application can strengthen Information Security, allows hacker cannot data decryption easily.
Because netkey is kept at server end, download to this locality through network request, higher compared to local key safety, avoid because the instability of client causes the leakage of password, like this, even if hacker has known the order of deciphering, if do not get netkey, still can not decipher.Further, because login user is different with the cipher mode of login user, also certain difficulty is caused to hack.
Meanwhile, for listed user, first an AES encryption and Base64 encryption can be carried out with local key, and then carry out an AES encryption and Base64 encryption with netkey, encryption logic is more complicated, and the difficulty cracked is larger, and the data of user also can be safer.
In addition, the enciphered data of login user is placed on server end by the application, and enciphered data is safer.Further, when the login situation of user changes, the corresponding deposit position changing cipher mode and enciphered data, if when user never logs in and changes login into, netkey can be used to be encrypted, and enciphered data is placed on server end, user data is safer.
For embodiment of the method, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in specification all belongs to preferred embodiment, and involved action and module might not be that the application is necessary.
With reference to figure 3, show a kind of structured flowchart carrying out the device embodiment 1 of user profile process of the application, specifically can comprise with lower module:
CIPHERING REQUEST receiver module 301, for receiving the request be encrypted user profile;
Encryption key acquisition module 302, obtains corresponding encryption key for the logging status current according to user;
Encrypting module 303, for being encrypted described user profile according to described encryption key;
Data after coding, for encoding to the data of encryption, are preserved as the first enciphered data by coding module 304.
Preferably, can also according to the decrypt data of the decoding request of user to encryption, as shown in Figure 3, described device can further include module 305.
Decoding request generation module 305, for generating decoding request, and obtains the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data;
Decoder module 306, for decoding to described first enciphered data;
Deciphering module 307, for according to described decruption key to decoded decrypt data;
Automatic load-on module 308, for according to the data after deciphering, automatically logs in or automatically registers.
Preferably, described user profile can comprise log-on message or the subscriber identity information of user.
Preferably, user profile described in described foundation enciphering/deciphering double secret key carries out the algorithm of enciphering/deciphering can be symmetry algorithm.
Further, described first enciphered data can be kept at browser this locality or server side.
In a preferred embodiment of the present application, described encryption key acquisition module can comprise:
The secret key of first encryption obtains submodule, if do not log in browser for user, then extracts local key as encryption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
The secret key of second encryption obtains submodule, if log in browser for user, then extracts netkey as encryption key at server end.
In a preferred embodiment of the present application, described decoding request generation module can comprise:
First decruption key obtains submodule, if do not log in browser for user, then extracts local key as decruption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
Second decruption key obtains submodule, if log in browser for user, then extracts netkey as decruption key at server end.
In a preferred embodiment of the present application, during login user and when not logging in, described first enciphered data can be stored in network user's encrypting database and Public Subscriber encrypting database respectively.
Preferably, when user the logging status of browser end never log in change login into time, described device can also comprise:
First data batchmove module, for extracting the first enciphered data and the netkey of user in local key, Public Subscriber database, be decrypted by the final enciphered data of local double secret key, and use netkey to be encrypted the data after deciphering, and be kept at network subscriber database.
Preferably, described symmetry algorithm can be AES64, AES128 or AES256 algorithm.Described coding/decoding algorithm can be Base64 coding/decoding.
With reference to figure 4, show a kind of structured flowchart carrying out the device embodiment 2 of user profile process of the application, specifically can comprise with lower module:
In the present embodiment, user logs in browser, and described encryption key comprises local key and netkey, local key first can be used to be encrypted, re-use netkey and be encrypted.
CIPHERING REQUEST receiver module 401, for receiving the request be encrypted user profile;
Encryption key acquisition module 402, obtains corresponding encryption key for the logging status current according to user;
Local encryption module 403, for being encrypted according to user profile described in described local double secret key;
Local cipher data coding module 404, for encoding to the data of local secret key encryption.
Network encryption module 405, for being encrypted described user profile according to described netkey;
Data after coding, for encoding to the data of network encryption, are preserved as the first enciphered data by network enciphered data coding module 406.
In the present embodiment, when first enciphered data is decrypted, if user logs in browser, described decruption key can comprise local key and netkey, can netkey be first used to be decrypted, re-use local key to be decrypted, before carrying out this locality deciphering, can also first decode.
Decoding request generation module 407, for generating decoding request, and obtains the secret key of corresponding deciphering according to user's current logged-on status, and described first enciphered data;
Network decoding module 408, for decoding to described first enciphered data;
Network decryption module 409, for according to described netkey to decoded decrypt data;
Local decode module 410, for the data be decrypted according to netkey, decodes;
Local deciphering module 411, for being decrypted according to local key.
Automatic load-on module 412, for according to the data after deciphering, automatically logs in or automatically registers.
Preferably, when user the logging status of browser end never log in change login into time, described device can also comprise:
Second data batchmove module, for extracting the first enciphered data and the netkey of user in Public Subscriber database, using the final enciphered data of netkey to user to be encrypted, and being kept at network subscriber database.
Because described device embodiment is substantially corresponding to the embodiment of the method shown in earlier figures 1 and Fig. 2, therefore not detailed part in the description of the present embodiment, see the related description in previous embodiment, just can not repeat at this.
The application can be used in numerous general or special purpose computing system environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multicomputer system, system, set top box, programmable consumer-elcetronics devices, network PC, minicom, mainframe computer, the distributed computing environment (DCE) comprising above any system or equipment etc. based on microprocessor.
The application can describe in the general context of computer executable instructions, such as program module.Usually, program module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the application in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium comprising memory device.
In this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
Above to a kind of method of carrying out user profile process that the application provides, and a kind of device carrying out user profile process is described in detail, apply specific case herein to set forth the principle of the application and execution mode, the explanation of above embodiment is just for helping method and the core concept thereof of understanding the application; Meanwhile, for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this description should not be construed as the restriction to the application.
Claims (26)
1. carry out a method for user profile process, it is characterized in that, comprising:
Receive the request that user profile is encrypted;
The difference of the browser logging status that foundation user is current obtains different encryption keys; Comprise further: if user does not log in browser, then extract local key as encryption key in client, described local key foundation and subscriber equipment one to one hardware parameter generate; If user logs in browser, then extract netkey as encryption key at server end;
According to described encryption key, described user profile is encrypted;
The data of encryption are encoded, the data after coding are preserved as the first enciphered data.
2. the method for claim 1, is characterized in that, comprises further:
Generate decoding request, and obtain corresponding decruption key according to user's current logged-on status, and described first enciphered data;
Described first enciphered data is decoded;
According to described decruption key to decoded decrypt data;
According to the data after deciphering, automatically log in or automatically register.
3. the method for claim 1, is characterized in that, described user profile comprises log-on message or the subscriber identity information of user.
4. method as claimed in claim 2, is characterized in that, the algorithm carrying out enciphering/deciphering according to user profile described in enciphering/deciphering double secret key is symmetry algorithm.
5. the method for claim 1, is characterized in that, described first enciphered data is kept at browser this locality or server side further.
6. the method for claim 1, is characterized in that, when user logs in browser, described encryption key comprises local key further, then
Before being encrypted user profile according to described encryption key, described method comprises further:
Be encrypted according to user profile described in described local double secret key;
The data of described local secret key encryption are encoded.
7. method as claimed in claim 2, is characterized in that, the step that described foundation user current logged-on status obtains corresponding decruption key comprises:
If user does not log in browser, then extract local key as decruption key in client, described local key foundation and subscriber equipment one to one hardware parameter generate;
If user logs in browser, then extract netkey as decruption key at server end.
8. method as claimed in claim 7, it is characterized in that, when user logs in browser, described decruption key comprises local key further, then
After foundation netkey is to decoded decrypt data, described method also comprises:
To the data after being decrypted according to described netkey, decode;
Be decrypted according to described local key.
9. the method as described in claim 1 or 7, is characterized in that, during login user and when not logging in, described first enciphered data is stored in network user's encrypting database and Public Subscriber encrypting database respectively.
10. method as claimed in claim 9, is characterized in that, when user the logging status of browser end never log in change login into time, described method also comprises:
Extract first enciphered data of user in local key, netkey and Public Subscriber encrypting database, be decrypted by local double secret key first enciphered data, and use netkey to be encrypted the data after deciphering, and be kept at network user's encrypting database.
11. methods as claimed in claim 9, is characterized in that, when user the logging status of browser end never log in change login into time, described method also comprises:
Extract first enciphered data of user in netkey and Public Subscriber encrypting database, use first enciphered data of netkey to user to be encrypted, and be kept at network user's encrypting database.
12. methods as claimed in claim 4, it is characterized in that, described symmetry algorithm is AES64, AES128 or AES256 algorithm.
13. methods as claimed in claim 2, it is characterized in that, the algorithm that described coding/decoding adopts is Base64 coding/decoding.
14. 1 kinds of devices carrying out user profile process, is characterized in that, comprising:
CIPHERING REQUEST receiver module, for receiving the request be encrypted user profile;
Encryption key acquisition module, for obtaining different encryption keys according to the difference of the current browser logging status of user; Wherein, described encryption key acquisition module comprises:
First encryption key obtains submodule, if do not log in browser for user, then extracts local key as encryption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
Second encryption key obtains submodule, if log in browser for user, then extracts netkey as encryption key at server end;
Encrypting module, for being encrypted described user profile according to described encryption key;
Data after coding, for encoding to the data of encryption, are preserved as the first enciphered data by coding module.
15. devices as claimed in claim 14, is characterized in that, comprise further:
Decoding request generation module, for generating decoding request, and obtains corresponding decruption key according to user's current logged-on status, and described first enciphered data;
Decoder module, for decoding to described first enciphered data;
Deciphering module, for according to described decruption key to decoded decrypt data;
Automatic load-on module, for according to the data after deciphering, automatically logs in or automatically registers.
16. devices as claimed in claim 14, it is characterized in that, described user profile comprises log-on message or the subscriber identity information of user.
17. devices as claimed in claim 15, is characterized in that, the algorithm carrying out enciphering/deciphering according to user profile described in enciphering/deciphering double secret key is symmetry algorithm.
18. devices as claimed in claim 14, is characterized in that, described first enciphered data is kept at browser this locality or server side further.
19. devices as claimed in claim 14, it is characterized in that, when user logs in browser, described encryption key comprises local key further, then
Described device comprises:
Local encryption module, for being encrypted according to user profile described in described local double secret key;
Local cipher data coding module, for encoding to the data of local secret key encryption.
20. devices as claimed in claim 15, it is characterized in that, described decoding request generation module comprises:
First decruption key obtains submodule, if do not log in browser for user, then extracts local key as decruption key in client, and described local key foundation and subscriber equipment one to one hardware parameter generate;
Second decruption key obtains submodule, if log in browser for user, then extracts netkey as decruption key at server end.
21. devices as claimed in claim 20, it is characterized in that, when user logs in browser, described decruption key comprises local key further, then
Described device comprises:
Local decode module, for the data be decrypted according to netkey, decodes;
Local deciphering module, for being decrypted according to local key.
22. devices as described in claim 14 or 20, it is characterized in that, during login user and when not logging in, described first enciphered data is stored in network user's encrypting database and Public Subscriber encrypting database respectively.
23. devices as claimed in claim 22, is characterized in that, when user the logging status of browser end never log in change login into time, described device also comprises:
First data batchmove module, for extracting first enciphered data of user in local key, netkey and Public Subscriber encrypting database, be decrypted by local double secret key first enciphered data, and use netkey to be encrypted the data after deciphering, and be kept at network user's encrypting database.
24. devices as claimed in claim 22, is characterized in that, when user the logging status of browser end never log in change login into time, described device also comprises:
Second data batchmove module, for extracting first enciphered data of user in netkey and Public Subscriber encrypting database, using first enciphered data of netkey to user to be encrypted, and being kept at network user's encrypting database.
25. devices as claimed in claim 17, it is characterized in that, described symmetry algorithm is AES64, AES128 or AES256 algorithm.
26. devices as claimed in claim 15, it is characterized in that, the algorithm that described coding/decoding adopts is Base64 coding/decoding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210093575.3A CN102684877B (en) | 2012-03-31 | 2012-03-31 | A kind of method and device carrying out user profile process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210093575.3A CN102684877B (en) | 2012-03-31 | 2012-03-31 | A kind of method and device carrying out user profile process |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102684877A CN102684877A (en) | 2012-09-19 |
| CN102684877B true CN102684877B (en) | 2016-03-30 |
Family
ID=46816280
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210093575.3A Active CN102684877B (en) | 2012-03-31 | 2012-03-31 | A kind of method and device carrying out user profile process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102684877B (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103580851A (en) * | 2013-11-13 | 2014-02-12 | 福建省视通光电网络有限公司 | Information encryption and decryption method |
| CN103714298A (en) * | 2013-12-11 | 2014-04-09 | 北京奇虎科技有限公司 | Privacy protection method and device |
| CN105812341B (en) * | 2014-12-31 | 2019-03-29 | 阿里巴巴集团控股有限公司 | A kind of method and device of identity user identity |
| CN106452770B (en) | 2015-08-12 | 2020-10-13 | 深圳市腾讯计算机系统有限公司 | Data encryption method, data decryption method, device and system |
| CN107196840B (en) * | 2016-03-14 | 2020-10-02 | 阿里巴巴集团控股有限公司 | Data processing method, device and equipment |
| CN106790135B (en) * | 2016-12-27 | 2020-04-28 | Tcl集团股份有限公司 | Data encryption method and system based on cloud and communication equipment |
| CN108282485B (en) * | 2018-01-31 | 2020-09-08 | 深圳创维-Rgb电子有限公司 | Method for controlling user login, smart television and storage device |
| CN108471329B (en) * | 2018-02-05 | 2021-11-30 | 杭州电子科技大学 | System architecture in visible light communication system based on LED and mobile phone camera |
| CN108551366B (en) * | 2018-02-05 | 2021-11-30 | 杭州电子科技大学 | Visible light communication method based on LED and mobile phone camera |
| CN108647262B (en) * | 2018-04-27 | 2021-03-09 | 平安科技(深圳)有限公司 | Picture management method and device, computer equipment and storage medium |
| CN109040011A (en) * | 2018-06-14 | 2018-12-18 | 深圳市买买提信息科技有限公司 | Method, apparatus, system and the terminal device of data processing |
| CN109688072A (en) * | 2018-12-27 | 2019-04-26 | Tcl通力电子(惠州)有限公司 | Speaker method of network entry, speaker and computer readable storage medium |
| CN109993759A (en) * | 2019-02-27 | 2019-07-09 | 深圳点猫科技有限公司 | A kind of data calling method and device for education resource platform |
| CN113139203A (en) * | 2020-01-19 | 2021-07-20 | 上海臻客信息技术服务有限公司 | User information leakage prevention method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000011835A1 (en) * | 1998-08-19 | 2000-03-02 | Qualcomm Incorporated | Secure processing for authentication of a wireless communications device |
| CN101282214A (en) * | 2007-06-14 | 2008-10-08 | 北京大学 | Method for protection of encipherment of digital document as well as client terminal equipment |
| CN101588348A (en) * | 2008-05-22 | 2009-11-25 | 中国电信股份有限公司 | System logging method and system logging device based on Web |
-
2012
- 2012-03-31 CN CN201210093575.3A patent/CN102684877B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000011835A1 (en) * | 1998-08-19 | 2000-03-02 | Qualcomm Incorporated | Secure processing for authentication of a wireless communications device |
| CN101282214A (en) * | 2007-06-14 | 2008-10-08 | 北京大学 | Method for protection of encipherment of digital document as well as client terminal equipment |
| CN101588348A (en) * | 2008-05-22 | 2009-11-25 | 中国电信股份有限公司 | System logging method and system logging device based on Web |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102684877A (en) | 2012-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102684877B (en) | A kind of method and device carrying out user profile process | |
| CN101677269B (en) | Method and system for transmitting keys | |
| CN104618334A (en) | Method and system for generating and verifying dynamic two-dimensional code | |
| CN107277059A (en) | A kind of one-time password identity identifying method and system based on Quick Response Code | |
| CN103684760A (en) | Method, device and system for encryption and decryption of communication | |
| CN102282798A (en) | Bandwidth efficient method and system for obscuring the existence of encryption in a communications channel | |
| WO2016056987A1 (en) | Generating a symmetric encryption key | |
| CN112822228B (en) | Browser file encryption uploading method and system based on cryptographic algorithm | |
| CN105025019A (en) | Data safety sharing method | |
| CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
| CN102833244A (en) | Communication method for authentication by fingerprint information | |
| CN103327034A (en) | Safe login method, system and device | |
| CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
| EP3205049A1 (en) | Method and system for establishing a secure communication channel | |
| CN105282090A (en) | Public URL encryption coding method for preventing illegal access on internet | |
| WO2016056988A1 (en) | Mutual authentication | |
| EP3204885A1 (en) | Improved security through authentication tokens | |
| CN104486756B (en) | A kind of encryption and decryption method and system of close writing paper short message | |
| CN103873477A (en) | Access authentication method based on two-dimension code and asymmetric encryption in agricultural material Internet of Things | |
| CN102624892B (en) | A kind of method preventing plug-in client simulation HTTP request | |
| CN1599313A (en) | Password dynamic enciphering inputmethod of public emipering mode | |
| Sahu et al. | Securing messages from brute force attack by combined approach of honey encryption and blowfish | |
| CN106790135B (en) | Data encryption method and system based on cloud and communication equipment | |
| CN103916372B (en) | A kind of third party's log-on message trustship method and system | |
| CN104038337A (en) | Data encryption method based on AES128 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: BEIJING QIHU TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20121101 Owner name: QIZHI SOFTWARE (BEIJING) CO., LTD. Effective date: 20121101 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100016 CHAOYANG, BEIJING TO: 100088 XICHENG, BEIJING |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20121101 Address after: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant after: Qizhi software (Beijing) Co.,Ltd. Address before: The 4 layer 100016 unit of Beijing city Chaoyang District Jiuxianqiao Road No. 14 Building C Applicant before: Qizhi software (Beijing) Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220719 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |