CN102819696A - Method and device for preventing account data from being illegally accessed - Google Patents
Method and device for preventing account data from being illegally accessed Download PDFInfo
- Publication number
- CN102819696A CN102819696A CN2011103168373A CN201110316837A CN102819696A CN 102819696 A CN102819696 A CN 102819696A CN 2011103168373 A CN2011103168373 A CN 2011103168373A CN 201110316837 A CN201110316837 A CN 201110316837A CN 102819696 A CN102819696 A CN 102819696A
- Authority
- CN
- China
- Prior art keywords
- account data
- field
- request
- kept
- mode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention relates to a method and a device for preventing account data from being illegally accessed. The method comprises the following steps: setting a first field in an account data table, storing the account data into the first field by an encryption mode; decrypting the first field according to a request of accessing the account data, if the decrypting is correct, obtaining the account data and accessing the account data, if the decrypting is incorrect, refusing the request. The account data are stored in a ciphertext manner; the field, where the account data are located, is decrypted, and then whether the accessing request is received or not is determined according to the decrypting result when the account data are accessed, therefore, the security is higher.
Description
Technical field
The present invention relates to field of computer technology, specifically is to prevent that account data is by the method for unauthorized access and device.
Background technology
Existing accumulating card, stored value card, return virtual account such as sharp card, certificate and generally include user profile, the account amount of money, account datas such as detail.The account data of these virtual account often is kept in the Database Systems with clear-text way, has potential safety hazard.If obtain the database access authority through illegal means, just can check or the account data of accesses virtual account, cause enterprise or individual information or economic loss, so security is not high.
Summary of the invention
Fundamental purpose of the present invention provides a kind of safe preventing, and account data is by the method for unauthorized access and device.
The technical solution adopted for the present invention to solve the technical problems is:
A kind of account data that prevents is by the method for unauthorized access, and it comprises:
First field is set in the account data table, said account data is kept in said first field with the mode of encrypting;
Decipher said first field according to the request that said account data is conducted interviews,, then obtain said account data and the processing that conducts interviews of said account data if resolve correctly, if resolve incorrect, rejecting said request then.
Preferably, said account data is kept in said first field with the mode of encrypting, also comprises afterwards: second field is set in the account data table, said account data is kept in said second field;
According to the request that said account data is conducted interviews, access said first field and said second field;
Said first field is deciphered in the request that said basis conducts interviews to account data, afterwards, also comprises:
Account data and the account data of second field of first field after the deciphering are compared, if identical then obtain said account data and to the processing that conducts interviews of said account data, if difference, then rejecting said request.
Preferably, through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode said account data is kept in said first field.
Preferably, said visit comprises to be checked or revises, and this modification comprises to be increased or reduce.
Preferably, after the said refusal request, also comprise: point out said account data that unusual request takes place.
Preferably; Said second field that in the account data table, is provided with; Said account data is kept in said second field, specifically comprises: second field is set in the account data table, the mode of said account data with clear-text way or ciphertext is kept in said second field
The present invention also provides a kind of account data that prevents by the device of unauthorized access, and it comprises:
First field is provided with the unit, is used at the account data table first field being set, and said account data is kept in said first field with the mode of encrypting;
The decryption processing unit is used for deciphering said first field according to the request that said account data is conducted interviews, if resolve correctly, then obtains said account data and to the processing that conducts interviews of said account data, if resolve incorrect, rejecting said request then.
Preferably, also comprise: second field is provided with the unit, is used at the account data table second field being set, and said account data is kept in said second field through the mode expressly or the mode of ciphertext;
Said decryption processing unit is used for basis to the request that said account data conducts interviews, and accesses said first field and said second field; Decipher said first field, account data and the account data of second field of first field after the deciphering compared, if identical then obtain said account data and to the processing that conducts interviews of said account data, if difference, then rejecting said request.
Preferably, through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode said account data is kept in said first field.
Preferably, said decryption processing unit also is used to point out said account data that unusual request takes place.
The technical scheme of embodiment of the present invention; Has following beneficial effect: method provided by the invention and device; Mode through ciphertext is preserved account data, when data conduct interviews (as check, visit etc.) to the account, through the field at deciphering account data place; Come whether to receive the request of this visit then according to analysis result, security is higher.
Description of drawings
The method flow diagram that Fig. 1 provides for the embodiment of the invention;
Another process flow diagram of the method that Fig. 2 provides for the embodiment of the invention;
The structural representation of the device that Fig. 3 provides for the embodiment of the invention;
Another structural representation of the device that Fig. 4 provides for the embodiment of the invention.
The realization of the object of the invention, functional characteristics and advantage will combine embodiment, further specify with reference to accompanying drawing.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
The account data that prevents provided by the invention is realized this method by first kind of embodiment of the method for unauthorized access through computing machine or server, and as shown in Figure 1, this method comprises the steps:
S110, first field is set in the account data table, account data is kept in first field with the mode of encrypting;
Among this step S110, can account data be kept in first field (as: FEBalance field) through DES (symmetric key encryption algorithm), 3DES (3 56 key carries out the symmetric key encryption algorithm of three encryptions to data), IEDA (a kind of AES), RSA (a kind of public key encryption algorithm), DSA (Digital Signature Algorithm), AES (AES of Advanced Encryption Standard) or MDS (a kind of information data AES) mode.This first field and comprise that the account data table of this first field all is kept in computing machine or the data in server storehouse.
S120, decipher first field according to the request that account data is conducted interviews, if resolve correctly, if execution in step S130 then is incorrect then execution in step S140.
If there is the user need visit account data; Then send solicited message; This solicited message comprise check, delete, the solicited message of modification etc.; From database, access this first field according to this solicited message, and then this first field is deciphered the plaintext that obtains account data through the corresponding decipherment algorithm of above-mentioned AES.
S130, obtain account data and to the account data processing that conducts interviews;
This visit is checked, is deleted, modification etc., and this modification comprises to be increased or reduce, like the increase of account balance or reduce.And handle through the db transaction that the correct result of this decrypted result carries out further.
S140, refusal request.In other embodiment, after the refusal request, can also point out account data that unusual request takes place.
The method that present embodiment provides is preserved account data through the mode of ciphertext, when data conduct interviews to the account, through the field at deciphering account data place, comes whether to receive the request of this visit then according to analysis result, and security is higher.
The account data that prevents provided by the invention is by second kind of embodiment of the method for unauthorized access, and as shown in Figure 2, this second embodiment comprises the steps:
S210, first field is set in the account data table, account data is kept at first field with the mode of encrypting;
Among this step S210, can account data be kept in first field through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode.This first field and comprise that the account data table of this first field all is kept in computing machine or the data in server storehouse.
S220, in account tables of data, second field (as: FBalance field) is set, account data is kept in second field with mode expressly; This first field and second field are two fields that are used to preserve data.Second field is used to preserve the account data of not encrypted, and first field is used to preserve the account data through encrypting.In other embodiment, also can the mode of account data with ciphertext be kept in second field, when the account data that uses first field and second field compares, decipher the account data of this second field through other mode.
Concrete, this second field and comprise that the account data table of this second field all is kept in computing machine or the data in server storehouse.
The request that S230, basis conduct interviews to account data accesses first field and second field, and deciphers first field, and the account data of first field after the deciphering and the account data of second field are compared; If it is identical; Execution in step S240 then, if different, execution in step S250 then.
If there is the user need visit account data; Then send solicited message; From database, access this first field and second field according to this solicited message; And then this first field is deciphered the plaintext that obtains account data through the corresponding decipherment algorithm of above-mentioned AES, the account data of this second field be a plaintext.
S240, obtain account data and to the account data processing that conducts interviews;
This visit comprises to be increased or reduces, like the increase or the minimizing of account balance.And handle through the db transaction that the correct result of this decrypted result carries out further.
S250, refusal request.In addition, in other embodiment, after the refusal request, can also point out account data that unusual request takes place.
The method that present embodiment provides is except the advantage with first embodiment; Also through account data is preserved with mode expressly; The account data of preserving with this clear-text way after will deciphering with the account data that encrypted test mode is preserved then compares, and to determine whether to receive the request of data account access, when data analysis, statistics, inquiry into balance, uses plaintext;, use account data the encryption and decryption mode to handle when visiting; Avoided frequent encryption and decryption visit, data processing speed is accelerated, visited easy to use.
The embodiment of the invention also provides a kind of account data that prevents by the device of unauthorized access, and this device can be Intelligent treatment equipment such as computing machine, server, and is as shown in Figure 3, and this device comprises:
First field is provided with unit 310, is used at the account data table first field being set, and account data is kept in first field with the mode of encrypting; More concrete, first field is provided with unit 310 and through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode account data is kept in first field.
The device that present embodiment provides is preserved account data through the mode of ciphertext, when data conduct interviews to the account, through the field at deciphering account data place, comes whether to receive the request of this visit then according to analysis result, and security is higher.
In other embodiment, further, this device is as shown in Figure 4, and also comprise: second field is provided with unit 330, is used at the account data table second field being set, and account data is kept in second field with mode or encrypted test mode expressly; If the mode of ciphertext is kept in second field, then when the account data that uses first field and second field compares, decipher the account data of this second field through other mode.
Wherein, among above-mentioned each embodiment, visit comprises to be increased or reduces.
The device that present embodiment provides is preserved account data through ciphertext and dual mode expressly; When data conduct interviews to the account; Through the field at deciphering account data place, come whether to receive the request of this visit then according to analysis result, security is higher.When data analysis, statistics, inquiry into balance, use expressly, when account data is visited, use the encryption and decryption mode to handle, avoided frequent encryption and decryption visit, data processing speed is accelerated, visit easy to use.
More than be merely preferred embodiment of the present invention,, all any visits of within spirit of the present invention and principle, being done, be equal to and replace and improvement etc., all should be included within protection scope of the present invention not in order to restriction the present invention.
Claims (10)
1. one kind prevents that account data from by the method for unauthorized access, is characterized in that, comprising:
First field is set in the account data table, said account data is kept in said first field with the mode of encrypting;
Decipher said first field according to the request that said account data is conducted interviews,, then obtain said account data and the processing that conducts interviews of said account data if resolve correctly, if resolve incorrect, rejecting said request then.
2. the method for claim 1 is characterized in that, said account data is kept in said first field with the mode of encrypting, and also comprises afterwards: second field is set in the account data table, said account data is kept in said second field;
According to the request that said account data is conducted interviews, access said first field and said second field;
Said first field is deciphered in the request that said basis conducts interviews to account data, afterwards, also comprises:
Account data and the account data of second field of first field after the deciphering are compared, if identical then obtain said account data and to the processing that conducts interviews of said account data, if difference, then rejecting said request.
3. according to claim 1 or claim 2 method is characterized in that, through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode said account data is kept in said first field.
4. the method for claim 1 is characterized in that, said visit comprises to be checked or revise, and this modification comprises to be increased or reduce.
5. according to claim 1 or claim 2 method is characterized in that, after the said refusal request, also comprises: point out said account data that unusual request takes place.
6. method as claimed in claim 2; It is characterized in that; Said second field that in the account data table, is provided with; Said account data is kept in said second field, specifically comprises: second field is set in the account data table, the mode of said account data with clear-text way or ciphertext is kept in said second field.
7. one kind prevents that account data from by the device of unauthorized access, is characterized in that, comprising:
First field is provided with the unit, is used at the account data table first field being set, and said account data is kept in said first field with the mode of encrypting;
The decryption processing unit is used for deciphering said first field according to the request that said account data is conducted interviews, if resolve correctly, then obtains said account data and to the processing that conducts interviews of said account data, if resolve incorrect, rejecting said request then.
8. device as claimed in claim 7 is characterized in that, also comprises: second field is provided with the unit, is used at the account data table second field being set, and said account data is kept in said second field through the mode expressly or the mode of ciphertext;
Said decryption processing unit is used for basis to the request that said account data conducts interviews, and accesses said first field and said second field; Decipher said first field, account data and the account data of second field of first field after the deciphering compared, if identical then obtain said account data and to the processing that conducts interviews of said account data, if difference, then rejecting said request.
9. like claim 7 or 8 described devices, it is characterized in that, said account data is kept in said first field through DES, 3DES, IEDA, RSA, DSA, AES or MDS mode.
10. like claim 7 or 8 described methods, it is characterized in that said decryption processing unit also is used to point out said account data that unusual request takes place.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110316837.3A CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110316837.3A CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102819696A true CN102819696A (en) | 2012-12-12 |
| CN102819696B CN102819696B (en) | 2015-08-19 |
Family
ID=47303806
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110316837.3A Active CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102819696B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104679781A (en) * | 2013-12-02 | 2015-06-03 | 中国移动通信集团福建有限公司 | Data fuzzy processing method and device |
| CN106709374A (en) * | 2017-03-03 | 2017-05-24 | 北京恒华伟业科技股份有限公司 | Key data security assurance method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020077977A1 (en) * | 2000-12-19 | 2002-06-20 | Neely R. Alan | Interactive invoicer interface |
| CN2768089Y (en) * | 2004-09-24 | 2006-03-29 | 四川华旗数据软件有限责任公司 | Data memory card and recognition system |
| CN101647220A (en) * | 2007-02-02 | 2010-02-10 | 塞姆泰克创新解决方案公司 | The PIN piece is replaced |
-
2011
- 2011-10-18 CN CN201110316837.3A patent/CN102819696B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020077977A1 (en) * | 2000-12-19 | 2002-06-20 | Neely R. Alan | Interactive invoicer interface |
| CN2768089Y (en) * | 2004-09-24 | 2006-03-29 | 四川华旗数据软件有限责任公司 | Data memory card and recognition system |
| CN101647220A (en) * | 2007-02-02 | 2010-02-10 | 塞姆泰克创新解决方案公司 | The PIN piece is replaced |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104679781A (en) * | 2013-12-02 | 2015-06-03 | 中国移动通信集团福建有限公司 | Data fuzzy processing method and device |
| CN106709374A (en) * | 2017-03-03 | 2017-05-24 | 北京恒华伟业科技股份有限公司 | Key data security assurance method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102819696B (en) | 2015-08-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3400550B1 (en) | Methods and systems for securing data in the public cloud | |
| US9998441B2 (en) | Client authentication using social relationship data | |
| KR101371608B1 (en) | Database Management System and Encrypting Method thereof | |
| EP2731040B1 (en) | Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method | |
| US8146143B1 (en) | Fraud detection | |
| CN102694794B (en) | A kind of scene information guard method for Android application program | |
| CN105471826A (en) | Ciphertext data query method, device and ciphertext query server | |
| CN106022155A (en) | Method and server for security management in database | |
| US11163867B2 (en) | Method and system for authorizing acquisition of attack alarm information log of terminal | |
| CN104794388B (en) | application program access protection method and application program access protection device | |
| CN102831359A (en) | Encryption file system of portable mobile storage device | |
| CN106452764A (en) | Method for automatically updating identification private key and password system | |
| CN106572076A (en) | Web service access method, client side and server side | |
| CN110990851B (en) | Static data encryption protection method and system | |
| CN100399304C (en) | Method for automatic protecting magnetic disk data utilizing filter driving program combined with intelligent key device | |
| CN110460436A (en) | Hardware device key management method, system, storage medium and computer equipment | |
| CN103973698A (en) | User access right revoking method in cloud storage environment | |
| CN107666420B (en) | Method for production control and identity authentication of intelligent home gateway | |
| CN106713372B (en) | A kind of method of controlling security and safety control system based on permission control | |
| WO2018183344A2 (en) | Management of sensitive information access and use | |
| CN102819696A (en) | Method and device for preventing account data from being illegally accessed | |
| CN106992978A (en) | Network safety managing method and server | |
| CN103745170A (en) | Processing method and device for disk data | |
| CN111212058A (en) | Method, device and system for logging in mobile phone verification code | |
| CN113938878A (en) | Equipment identifier anti-counterfeiting method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |