CN102819696B - Prevent account data by the method for unauthorized access and device - Google Patents
Prevent account data by the method for unauthorized access and device Download PDFInfo
- Publication number
- CN102819696B CN102819696B CN201110316837.3A CN201110316837A CN102819696B CN 102819696 B CN102819696 B CN 102819696B CN 201110316837 A CN201110316837 A CN 201110316837A CN 102819696 B CN102819696 B CN 102819696B
- Authority
- CN
- China
- Prior art keywords
- account data
- field
- request
- mode
- kept
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention relates to a kind of account data that prevents by the method for unauthorized access and device, the method comprises: in account data table, arrange the first field, preserves in the first field by account data in the mode of encryption; Decipher the first field according to the request conducted interviews to account data, if resolve correct, then obtain account data and account data is conducted interviews process, if resolve incorrect, then refusing to ask.The present invention preserves account data by the mode of ciphertext, and when to the account, data conduct interviews, by deciphering the field at account data place, then whether receive the request of this access according to analysis result, security is higher.
Description
Technical field
The present invention relates to field of computer technology, specifically prevent account data by the method for unauthorized access and device.
Background technology
Existing accumulating card, stored value card, return virtual account such as profit card, certificate etc. and generally include user profile, the account amount of money, detailed account data such as grade.The account data of these virtual account is often kept in Database Systems with clear-text way, there is potential safety hazard.If obtain database-access rights by illegal means, just can check or the account data of accesses virtual account, cause information or the economic loss of enterprise or individual, therefore security is not high.
Summary of the invention
Fundamental purpose of the present invention be to provide a kind of security high prevent account data by the method for unauthorized access and device.
The technical solution adopted for the present invention to solve the technical problems is:
Prevent account data by a method for unauthorized access, it comprises:
First field is set in account data table, described account data is kept in described first field in the mode of encryption;
Second field is set in account data table, described account data is kept in described second field in mode expressly;
According to the request conducted interviews to described account data, recall described first field and described second field;
Decipher described first field, the account data of the first field after deciphering and the account data of the second field are compared, if the same obtain described account data and described account data is conducted interviews process, if different, then rejecting said request.
Preferably, by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode, described account data is kept in described first field.
Preferably, described access comprises amendment, and this amendment comprises to be increased or reduce.
Preferably, after described refusal request, also comprise: point out described account data that abnormal request occurs.
The present invention also provides a kind of account data that prevents by the device of unauthorized access, and it comprises:
First field setting unit, for arranging the first field in account data table, is kept in described first field by described account data in the mode of encryption;
Second field setting unit, for arranging the second field in account data table, is kept in described second field by described account data by mode expressly;
Described decryption processing unit, for according to the request conducted interviews to described account data, recalls described first field and described second field; Decipher described first field, the account data of the first field after deciphering and the account data of the second field are compared, if the same obtain described account data and described account data is conducted interviews process, if different, then rejecting said request.
Preferably, by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode, described account data is kept in described first field.
Preferably, described decryption processing unit, also for pointing out described account data that abnormal request occurs.
Implement technical scheme of the present invention, there is following beneficial effect: method provided by the invention and device, account data is preserved by the mode of ciphertext, conducting interviews to the account data time (as check, access etc.), by deciphering the field at account data place, then whether receive the request of this access according to analysis result, security is higher.
Accompanying drawing explanation
The method flow diagram that Fig. 1 provides for the embodiment of the present invention;
Another process flow diagram of the method that Fig. 2 provides for the embodiment of the present invention;
The structural representation of the device that Fig. 3 provides for the embodiment of the present invention;
Another structural representation of the device that Fig. 4 provides for the embodiment of the present invention.
The realization of the object of the invention, functional characteristics and advantage will in conjunction with the embodiments, are described further with reference to accompanying drawing.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
The account data that prevents provided by the invention is by the first embodiment of the method for unauthorized access, and realize the method by computing machine or server, as shown in Figure 1, the method comprises the steps:
S110, the first field is set in account data table, account data is preserved in the first field in the mode of encryption;
In this step S110, by DES (symmetric key encryption algorithm), 3DES (3 the double secret key data of 56 carry out the symmetric key encryption algorithm of Tertiary infilling), IEDA (a kind of cryptographic algorithm), RSA (a kind of public key encryption algorithm), DSA (Digital Signature Algorithm), AES (cryptographic algorithm of Advanced Encryption Standard) or MDS (a kind of information data encryption algorithm) mode, account data can be kept in the first field (as: FEBalance field).This first field and the account data table comprising this first field are all kept in the database of computing machine or server.
S120, basis decipher the first field to the request that account data conducts interviews, if resolve correct, then perform step S130, if incorrect, perform step S140.
If there is user to need access account data, then transmission request information, this solicited message comprise check, delete, the solicited message of amendment etc., from database, recall this first field according to this solicited message, and then by the decipherment algorithm that above-mentioned cryptographic algorithm is corresponding, the plaintext obtaining account data is decrypted to this first field.
S130, obtain account data and account data is conducted interviews process;
This access is checked, delete, amendment etc., and this amendment comprises to be increased or reduce, as increase or the minimizing of account balance.And carry out further db transaction process by the result that this decrypted result is correct.
S140, refusal request.In other examples, after refusal request, can also point out account data that abnormal request occurs.
The method that the present embodiment provides preserves account data by the mode of ciphertext, and when to the account, data conduct interviews, by deciphering the field at account data place, then whether receive the request of this access according to analysis result, security is higher.
The account data that prevents provided by the invention is by the second embodiment of the method for unauthorized access, and as shown in Figure 2, this second embodiment comprises the steps:
S210, the first field is set in account data table, account data is kept at the first field in the mode of encryption;
In this step S210, by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode, account data can be preserved in the first field.This first field and the account data table comprising this first field are all kept in the database of computing machine or server.
S220, the second field (as: FBalance field) is set in account tables of data, account data is kept in the second field in mode expressly; This first field and the second field are two fields for preserving data.Second field is for preserving the account data of not encrypted, and the first field is for preserving the account data through encryption.In other examples, also can account data be kept in the second field in the mode of ciphertext, when the account data of use first field and the second field contrasts, decipher the account data of this second field in other way.
Concrete, this second field and the account data table comprising this second field are all kept in the database of computing machine or server.
S230, basis recall the first field and the second field to the request that account data conducts interviews, and decipher the first field, the account data of the first field after deciphering and the account data of the second field are compared, if identical, then perform step S240, if different, then perform step S250.
If there is user to need access account data, then transmission request information, from database, this first field and the second field is recalled according to this solicited message, and then by the decipherment algorithm that above-mentioned cryptographic algorithm is corresponding, the plaintext obtaining account data being decrypted to this first field, the account data of this second field is expressly.
S240, obtain account data and account data is conducted interviews process;
This access comprises to be increased or reduces, as increase or the minimizing of account balance.And carry out further db transaction process by the result that this decrypted result is correct.
S250, refusal request.In addition, in other examples, after refusal request, can also point out account data that abnormal request occurs.
The method that the present embodiment provides is except having the advantage of the first embodiment, also by account data is preserved in mode expressly, then the account data that rear for the account data preserved with encrypted test mode deciphering and this clear-text way are preserved is contrasted, to determine whether the request receiving data account access, use expressly when data analysis, statistics, inquiry into balance, use encryption and decryption mode to process when account data is accessed, avoid the access of encryption and decryption frequently, data processing speed is accelerated, accesses easy to use.
The embodiment of the present invention also provides a kind of account data that prevents by the device of unauthorized access, and this device can be the Intelligent treatment such as computing machine, server equipment, and as shown in Figure 3, this device comprises:
First field setting unit 310, for arranging the first field in account data table, preserves in the first field by account data in the mode of encryption; More specifically, account data is preserved in the first field by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode by the first field setting unit 310.
Decryption processing unit 320, for according to deciphering the first field to the request that account data conducts interviews, if resolve correct, then obtains account data and to conduct interviews process to account data, if resolve incorrect, then refusing to ask.In addition, in other examples, decryption processing unit 320, also for pointing out account data that abnormal request occurs.
The device that the present embodiment provides preserves account data by the mode of ciphertext, and when to the account, data conduct interviews, by deciphering the field at account data place, then whether receive the request of this access according to analysis result, security is higher.
In other examples, further, this device as shown in Figure 4, also comprises: the second field setting unit 330, for arranging the second field in account data table, is kept in the second field by account data with mode expressly or encrypted test mode; If the mode of ciphertext is kept in the second field, then, when the account data of use first field and the second field contrasts, decipher the account data of this second field in other way.
Decryption processing unit 320, for according to the request conducted interviews to account data, recalls the first field and the second field; Decipher the first field, the account data of the first field and the account data of the second field after deciphering are compared, if the same obtain account data and account data is conducted interviews process, if different, then refusing to ask.In addition, in other examples, decryption processing unit 320, also for pointing out account data that abnormal request occurs.
Wherein, in the various embodiments described above, access comprises to be increased or reduces.
The device that the present embodiment provides preserves account data by ciphertext and two kinds of modes expressly, when to the account, data conduct interviews, by deciphering the field at account data place, then whether receive the request of this access according to analysis result, security is higher.Use when data analysis, statistics, inquiry into balance expressly, use when account data is accessed encryption and decryption mode to process, avoid the access of encryption and decryption frequently, data processing speed is accelerated, accesses easy to use.
These are only preferred embodiment of the present invention, not in order to limit the present invention, all any access done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (6)
1. prevent account data by a method for unauthorized access, it is characterized in that, comprising:
First field is set in account data table, described account data is kept in described first field in the mode of encryption;
Second field is set in account data table, described account data is kept in described second field in mode expressly;
According to the request conducted interviews to described account data, recall described first field and described second field;
Decipher described first field, the account data of the first field after deciphering and the account data of the second field are compared, if the same obtain described account data and described account data is conducted interviews process, if different, then reject said request, wherein, access process comprises deletion, increases or reduce.
2. the method for claim 1, is characterized in that, is kept in described first field by described account data by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode.
3. the method for claim 1, is characterized in that, after described refusal request, also comprises: point out described account data that abnormal request occurs.
4. prevent account data by a device for unauthorized access, it is characterized in that, comprising:
First field setting unit, for arranging the first field in account data table, is kept in described first field by described account data in the mode of encryption;
Second field setting unit, for arranging the second field in account data table, is kept in described second field by described account data by mode expressly;
Decryption processing unit, for according to the request conducted interviews to described account data, recalls described first field and described second field; Decipher described first field, the account data of the first field after deciphering and the account data of the second field are compared, if the same obtain described account data and described account data is conducted interviews process, if different, then reject said request, wherein, access process comprises deletion, increases or reduce.
5. device as claimed in claim 4, be is characterized in that, be kept in described first field by described account data by DES, 3DES, IEDA, RSA, DSA, AES or MDS mode.
6. device as claimed in claim 4, is characterized in that, described decryption processing unit, also for pointing out described account data that abnormal request occurs.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110316837.3A CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110316837.3A CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102819696A CN102819696A (en) | 2012-12-12 |
CN102819696B true CN102819696B (en) | 2015-08-19 |
Family
ID=47303806
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110316837.3A Active CN102819696B (en) | 2011-10-18 | 2011-10-18 | Prevent account data by the method for unauthorized access and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102819696B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104679781A (en) * | 2013-12-02 | 2015-06-03 | 中国移动通信集团福建有限公司 | Data fuzzy processing method and device |
CN106709374A (en) * | 2017-03-03 | 2017-05-24 | 北京恒华伟业科技股份有限公司 | Key data security assurance method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN2768089Y (en) * | 2004-09-24 | 2006-03-29 | 四川华旗数据软件有限责任公司 | Data memory card and recognition system |
CN101647220A (en) * | 2007-02-02 | 2010-02-10 | 塞姆泰克创新解决方案公司 | The PIN piece is replaced |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7702579B2 (en) * | 2000-12-19 | 2010-04-20 | Emergis Technologies, Inc. | Interactive invoicer interface |
-
2011
- 2011-10-18 CN CN201110316837.3A patent/CN102819696B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN2768089Y (en) * | 2004-09-24 | 2006-03-29 | 四川华旗数据软件有限责任公司 | Data memory card and recognition system |
CN101647220A (en) * | 2007-02-02 | 2010-02-10 | 塞姆泰克创新解决方案公司 | The PIN piece is replaced |
Also Published As
Publication number | Publication date |
---|---|
CN102819696A (en) | 2012-12-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9832225B2 (en) | Identity theft countermeasures | |
US7971246B1 (en) | Identity theft countermeasures | |
US8146143B1 (en) | Fraud detection | |
CN111917773B (en) | Service data processing method and device and server | |
CN106022155A (en) | Method and server for security management in database | |
CN105471826A (en) | Ciphertext data query method, device and ciphertext query server | |
CN109600377B (en) | Method and device for preventing unauthorized use computer device and storage medium | |
CN109756460B (en) | Replay attack prevention method and device | |
CN112825520B (en) | User privacy data processing method, device, system and storage medium | |
CN106452764A (en) | Method for automatically updating identification private key and password system | |
CN102831359A (en) | Encryption file system of portable mobile storage device | |
Lee et al. | A study of the security of Internet banking and financial private information in South Korea | |
CN102223354A (en) | Network payment authentication method, server and system | |
Wang et al. | A new personal information protection approach based on RSA cryptography | |
CN102819696B (en) | Prevent account data by the method for unauthorized access and device | |
CN111681105B (en) | Account management method and device | |
CN114372242A (en) | Ciphertext data processing method, authority management server and decryption server | |
CN112685755A (en) | Database encryption and decryption method and device, storage medium and electronic equipment | |
CN106992978A (en) | Network safety managing method and server | |
CN109547404B (en) | Data acquisition method and server | |
CN106850592A (en) | A kind of information processing method, server and terminal | |
CN110020533A (en) | A kind of method for security protection and terminal of VR resource | |
CN114640524A (en) | Method, apparatus, device and medium for processing transaction replay attack | |
CN110175475B (en) | Smart card data processing method and device and computer readable storage medium | |
CN113938878A (en) | Equipment identifier anti-counterfeiting method and device and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |