CN105071935A - Data processing method, heterogeneous system and integrated system - Google Patents

Data processing method, heterogeneous system and integrated system Download PDF

Info

Publication number
CN105071935A
CN105071935A CN201510400102.7A CN201510400102A CN105071935A CN 105071935 A CN105071935 A CN 105071935A CN 201510400102 A CN201510400102 A CN 201510400102A CN 105071935 A CN105071935 A CN 105071935A
Authority
CN
China
Prior art keywords
data
secret key
algorithm
symmetric
symmetry
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510400102.7A
Other languages
Chinese (zh)
Inventor
裴广恩
许仲恺
丁雪松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur General Software Co Ltd
Original Assignee
Inspur General Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur General Software Co Ltd filed Critical Inspur General Software Co Ltd
Priority to CN201510400102.7A priority Critical patent/CN105071935A/en
Publication of CN105071935A publication Critical patent/CN105071935A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention provides a data processing method, a heterogeneous system and an integrated system. The method of the heterogeneous system includes the steps: arranging a digital certificate authority server CA server certificate among heterogeneous systems, the CA server certificate being used for providing a symmetrical encryption algorithm, an asymmetric encryption algorithm and a signature algorithm; obtaining a symmetrical secret key identical to a receiving end; performing symmetrical encryption for to-be-transmitted data by the symmetrical secret key according to the symmetrical encryption algorithm, and performing symmetrical encryption for the symmetrical secret key through the symmetrical encryption algorithm; performing secondary encryption for the data that has undergone symmetrical encryption and for the symmetrical secret key that has undergone symmetrical encryption through a public key in the receiving end, and obtaining target data; and calculating signature data of the target data through the signature algorithm, and sending the target data and the signature data to the receiving end. Through the technical scheme, data security can be improved.

Description

A kind of data processing method, heterogeneous system and integrated system
Technical field
The present invention relates to technical field of data security, particularly a kind of data processing method, heterogeneous system and integrated system.
Background technology
In large enterprise, the relatively independent heterogeneous system that such as human resources managing and control system, financial management system etc. are set up based on the initial object of difference may be there is, development language of their system architecture, database and employing etc. is not identical, but these different heterogeneous systems may be needed when completing some objects to dock, namely needing to carry out data interaction between the heterogeneous system that these are different.
In order to ensure can to carry out data interaction between different isomerization system, can Webservice (Web service) be deployed on each heterogeneous system, to make between heterogeneous system when carrying out data interaction, this Webservice is directly utilized to send the data to the heterogeneous system of opposite end, the heterogeneous system of opposite end, when receiving these data, carries out corresponding operating according to data type.
But data mutual between the heterogeneous system of sing on web serveice are clear data, be easy to cause this mutual clear data leak in transmitting procedure or even be tampered, the fail safe of data is not high.
Summary of the invention
In view of this, the invention provides a kind of data processing method, heterogeneous system and integrated system, the fail safe of data can be improved.
First aspect, the invention provides a kind of data processing method, comprising:
1, a data processing method, is characterized in that, comprising:
S0: dispose digital certificate authentication center CA server certificate between heterogeneous system, wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm;
S1: obtain the symmetry secret key identical with receiving terminal;
S2: according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
S3: according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
S4: and according to described signature algorithm, calculate the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
Further, also comprise before described step S2:
Be JSON form by the format conversion of data waiting for transmission.
Further, described step S1 comprises:
Symmetric key is calculated according to symmetric encipherment algorithm;
Or,
This symmetrical secret key as the secret key of symmetry, and is sent to described receiving terminal by self-defined or random definition character string.
Further, also comprise:
When receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
Second aspect, the invention provides a kind of heterogeneous system, comprising:
Arrange module, for disposing digital certificate authentication center CA server certificate between heterogeneous system, wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm;
Acquisition module, for obtaining the secret key of the symmetry identical with receiving terminal;
Symmetrical encryption module, for according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
Asymmetric encryption module, for according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
Signature blocks, for according to described signature algorithm, calculates the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
Further, also comprise:
Modular converter, for being JSON form by the format conversion of data waiting for transmission.
Further,
Described acquisition module, for calculating symmetric key according to symmetric encipherment algorithm;
Or,
Described acquisition module, for self-defined or random definition character string as the secret key of symmetry, and sends to described receiving terminal by this symmetrical secret key.
Further, also comprise:
Receiver module, for when receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
The third aspect, the invention provides a kind of integrated system, comprises at least two as the heterogeneous system as described in arbitrary in second aspect.
By technical scheme of the present invention, between heterogeneous system, dispose CA (CertificateAuthority ,digital certificate authentication center) server certificate, to ensure can mutually call between heterogeneous system, data sending terminal carries out symmetric cryptography by the symmetrical secret key pair data that use one is identical with receiving terminal, then rivest, shamir, adelman is used to carry out superencipher to obtain target data, and then target data signed and signed data is sent to receiving terminal together with target data, in data transmission procedure, when target data is held as a hostage, even if hijacker knows that the private key of receiving terminal also can only to target data deciphering to obtain the data after symmetric cryptography, the symmetric encipherment algorithm algorithm for inversion corresponding with receiving terminal and the secret key of symmetry is not known and cannot by the decrypt data after symmetric cryptography due to hijacker, thus ensure the safety of data.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of data processing method flow chart that one embodiment of the invention provides;
Fig. 2 is the another kind of data processing method flow chart that one embodiment of the invention provides;
Fig. 3 is a kind of heterogeneous system Organization Chart that one embodiment of the invention provides.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly; below in conjunction with the accompanying drawing in the embodiment of the present invention; technical scheme in the embodiment of the present invention is clearly and completely described; obviously; described embodiment is the present invention's part embodiment, instead of whole embodiments, based on the embodiment in the present invention; the every other embodiment that those of ordinary skill in the art obtain under the prerequisite not making creative work, all belongs to the scope of protection of the invention.
As shown in Figure 1, embodiments provide a kind of data processing method, the method can comprise the following steps:
S0: dispose digital certificate authentication center CA server certificate between heterogeneous system, wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm;
S1: obtain the symmetry secret key identical with receiving terminal;
S2: according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
S3: according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
S4: and according to described signature algorithm, calculate the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
By technical scheme of the present invention, between heterogeneous system, dispose CA server certificate, to ensure can mutually call between heterogeneous system, data sending terminal carries out symmetric cryptography by the symmetrical secret key pair data that use one is identical with receiving terminal, then rivest, shamir, adelman is used to carry out superencipher to obtain target data, and then target data signed and signed data is sent to receiving terminal together with target data, in data transmission procedure, when target data is held as a hostage, even if hijacker knows that the private key of receiving terminal also can only to target data deciphering to obtain the data after symmetric cryptography, the symmetric encipherment algorithm algorithm for inversion corresponding with receiving terminal and the secret key of symmetry is not known and cannot by the decrypt data after symmetric cryptography due to hijacker, thus ensure the safety of data.
Owing to may carry out large data interaction between heterogeneous system, and some data format is when carrying out large data interaction, often causes data to be lost in transmitting procedure, therefore can also comprise: be JSON form by the format conversion of data waiting for transmission.JSON form is applicable to carrying out large data interaction between heterogeneous system, meanwhile, is easy to receiving terminal and resolves and generate original data.
In technique scheme, preferably, described step S1 comprises: calculate symmetric key according to symmetric encipherment algorithm; Or this symmetrical secret key as the secret key of symmetry, and is sent to described receiving terminal by self-defined or random definition character string.
Symmetric key can generate according to symmetric encipherment algorithm; Also can by self-defined or random definition character string as the secret key of symmetry, but the secret key of symmetry of self-defined or random definition sends to receiving terminal, so that receiving terminal carries out corresponding decryption oprerations according to the secret key of the symmetry received.
In technique scheme, preferably, also comprise: when receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
Transmitting terminal also can receive signed data and the target data of receiving terminal transmission, sign test operation is carried out with the integrality determining target data to signed data, when determining that target data possesses integrality, namely target data did not occur to leak or situation about being tampered in transmitting procedure, use the private key deciphering target data of receiving terminal to obtain the data after symmetric cryptography and the secret key of the symmetry after symmetric cryptography, and then the secret key of symmetry called after algorithm for inversion decrypted symmetric encryption corresponding with the symmetry algorithm that receiving terminal uses in CA server certificate is to obtain symmetrical secret key, utilize the data after this symmetrical secret key and the encryption of symmetric cryptography algorithm for inversion decrypted symmetric to obtain original data waiting for transmission.
As shown in Figure 2, embodiments provide another kind of data processing method, the method can comprise the following steps:
Step 201, disposes CA server certificate between heterogeneous system.
In the present embodiment, in order to ensure can to carry out data interaction between heterogeneous system, the CA server certificate that CA manufacturer on market provides can be deployed in each heterogeneous system, to make between heterogeneous system when carrying out data interaction, according to the identity of CA server certificate checking opposite end heterogeneous system, only have when all deploying this CA server certificate in the heterogeneous system of two ends, can being verified its identity.
In the present embodiment, in order to ensure the fail safe of data interaction between heterogeneous system, can by the CA server certificate of disposing for each heterogeneous system provides corresponding algorithm, such as, the heterogeneous system being one end by CA server certificate provides symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm, and provide symmetric cryptography algorithm for inversion, asymmetric decipherment algorithm and sign test algorithm for the heterogeneous system of the other end, so just can realize the encrypting and decrypting to interaction data, and then improve the safety of interaction data.
It should be noted that, when not considering heterogeneous system development cost, also in each heterogeneous system, corresponding algorithm can be developed separately.
The format conversion of data waiting for transmission is JSON form by step 202.
Wherein, the form of data waiting for transmission can comprise: JSON (JavaScriptObjectNotation, JavaScript object representation), XML (extend markup language).
In the present embodiment, when data mutual between heterogeneous system are large data, for the data of XML format and other form, efficiency can be lower when encrypting and decrypting, and the situation of loss of data may be caused, and for the data of JSON, efficiency can be higher when encrypting and decrypting, and can not loss of data be caused, therefore, after the format conversion of target data can being JSON form, subsequent operation is being carried out to target data, the efficiency of transmission of data can be improved, and then improve the integrality of data.
In the present embodiment, if when the space shared by target data is less, the target data of any one form so above-mentioned, can ensure efficiency and the integrality of data interaction.
Step 203, obtains the symmetric key identical with receiving terminal.
In the present embodiment, following two kinds of modes can be used to obtain symmetrical secret key:
1, symmetric key is calculated according to symmetric encipherment algorithm.Wherein, this symmetric key is in the computational process of symmetric encipherment algorithm, carries out encoding obtained via BASE64.
2, self-defined or stochastic generation character string is as the secret key of symmetry, and this symmetrical secret key is sent to receiving terminal, to make transmitting terminal identical with the secret key of the symmetry of receiving terminal.
Step 204, the data to be transmitted utilizing the above-mentioned symmetrical secret key pair determined to convert JSON form to carries out symmetric cryptography, and utilizes this symmetry algorithm to carry out symmetric cryptography to this symmetrical secret key.
In the present embodiment, symmetrical for this utilization secret key pair data can be carried out symmetric cryptography to be referred to as once to encrypt.Because this symmetrical secret key is the secret key consulted by transmitting terminal and receiving terminal, this symmetrical secret key is not known for heterogeneous system in addition, therefore, utilizes these symmetrical secret key pair data to be encrypted, ensure that the safety of data.
Wherein, symmetric encipherment algorithm can comprise: DES (DataEncryptionStandard, data encryption standard) algorithm.
Step 205, utilizes rivest, shamir, adelman to carry out superencipher to the data of carrying out symmetric cryptography and the secret key of symmetry that carries out symmetric cryptography, obtains target data.
In the present embodiment, namely utilize asymmetric arithmetic to carry out superencipher utilizes the PKI of receiving terminal to be encrypted the data of carrying out symmetric cryptography and the secret key of symmetry that carries out symmetric cryptography, specifically, Digital Envelope Technology can be used, the target data of carrying out symmetric cryptography and the secret key of symmetry that carries out symmetric cryptography are put in digital envelope, the private key of receiving terminal is used to be encrypted this digital envelope, certainly, also other rivest, shamir, adelman can be used to realize this step, such as, RSA cryptographic algorithms.
Step 206, according to the signature algorithm that CA server certificate provides, calculates the signed data of described target data.
In the present embodiment, generate data summarization with a hash function from target data, be then encrypted this data summarization with private key, the data summarization after encryption is using the signed data as target data.Signature algorithm can determine that target data is undertaken signing and sending by transmitting terminal really, can also according to the integrality of signature algorithm determination data.
Wherein, signature algorithm can comprise RSA signature algorithm.
According to step 204 to step 206, the symmetric encipherment algorithm provided by utilizing CA server certificate and rivest, shamir, adelman to be encrypted target data in conjunction with digital signature technology and to sign, the multilayer proofing of data can be realized, even if data are held as a hostage, because hijacker does not know the secret key of symmetry that transmitting terminal and receiving terminal are consulted, by this decrypt data, therefore, can not can improve the fail safe of interaction data.
Step 207, is sent to receiving terminal by signed data and target data.
Step 208, the sign test algorithm that receiving terminal provides according to CA server certificate, carries out sign test operation to signed data, when sign test is passed through, utilize asymmetric decipherment algorithm to carry out corresponding decryption oprerations to target data, and utilize symmetric cryptography algorithm for inversion to decrypt original data.
In the embodiment of the present invention, use the hash function identical with step 206 from the target data received, generate a data summarization, then with the private key of transmitting terminal, the signed data received is decrypted, judges to decipher the data summarization obtained whether identical with the data summarization that receiving terminal generates; If different, then illustrate that the integrality of target data receives destruction in process of transmitting; The private key generation leakage of the reason possibility receiving terminal damaged causes target data in transmitting procedure to be held as a hostage, and receiving terminal can revise private key immediately, thus improves data security; If identical, then illustrate that this signed data is that transmitting terminal sends, and in process of transmitting, the integrality of target data is not damaged.
When sign test operation determines that target data is not damaged, utilize asymmetric decipherment algorithm to decipher target data, namely utilize the private key deciphering target data of receiving terminal; And then utilize symmetrical secret key and symmetry algorithm algorithm for inversion to decrypt original data.
Object due to transmitting terminal data interaction is to store the information such as data to receiving terminal transmit operation instruction, transmission, further, after receiving terminal decrypts original data, can carrying out corresponding operating according to the operation object of these original data.
Wherein, original data correspond to the data to be transmitted being converted to JSON form in step 202.
In the present embodiment, step 203 and 204 and the symmetrical secret key data decryption of use of correspondence can use following code:
In the present embodiment, the digital envelope decryption technology of step 205 and correspondence can use following code:
The sign test operation of step 206 and its correspondence can use following code:
As shown in Figure 3, embodiments provide a kind of heterogeneous system 30, comprising:
Arrange module 301, for disposing digital certificate authentication center CA server certificate between heterogeneous system, wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm;
Acquisition module 302, obtains the symmetry secret key identical with receiving terminal;
Symmetrical encryption module 303, for according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
Asymmetric encryption module 304, according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
Signature blocks 305, for according to described signature algorithm, calculates the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
In a preferred embodiment of the invention, can also comprise:
The format conversion of data waiting for transmission is JSON form by modular converter 306.
In one mode in the cards,
Described acquisition module 302, for calculating symmetric key according to symmetric encipherment algorithm;
Or,
Described acquisition module 302, for self-defined or random definition character string as the secret key of symmetry, and sends to described receiving terminal by this symmetrical secret key.
In a preferred embodiment of the invention, can also comprise:
Receiver module 307, for when receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
The embodiment of the present invention additionally provides a kind of integrated system, comprising: the heterogeneous system described at least two said apparatus embodiments.
The content such as information interaction, implementation between each unit in said apparatus, due to the inventive method embodiment based on same design, particular content can see in the inventive method embodiment describe, repeat no more herein.
Each embodiment of the present invention at least has following beneficial effect:
1, between heterogeneous system, CA server certificate is disposed, to ensure can mutually call between heterogeneous system, data sending terminal carries out symmetric cryptography by the symmetrical secret key pair data that use one is identical with receiving terminal, then rivest, shamir, adelman is used to carry out superencipher to obtain target data, and then target data signed and signed data is sent to receiving terminal together with target data, in data transmission procedure, when target data is held as a hostage, even if hijacker knows that the private key of receiving terminal also can only to target data deciphering to obtain the data after symmetric cryptography, the symmetric encipherment algorithm algorithm for inversion corresponding with receiving terminal and the secret key of symmetry is not known and cannot by the decrypt data after symmetric cryptography due to hijacker, thus ensure the safety of data.
2, CA server certificate is deployed between heterogeneous system by the present invention, on the one hand, CA server certificate is in conjunction with CA certificate mechanism, ensure the identity that heterogeneous system calls mutually, on the other hand, CA server certificate provides corresponding cryptographic algorithm, decipherment algorithm and signature algorithm etc. to data sending terminal and receiving terminal, need not the corresponding algorithm of exploitation separately in each heterogeneous system again, can improve the heterogeneous system of sing on web service integrated time development efficiency.
3, target data format conversion waiting for transmission is JSON form by the present invention, the data interaction carried out between heterogeneous system is all generally large data interaction, the data of extended formatting may cause the situation of loss of data when carrying out large data interaction, and JSON well can carry out large data interaction, and be easy to receiving terminal and resolve and generate target data.
4, receiving terminal is in sign test process, judges that target data is damaged in process of transmitting, then illustrate that the private key of receiving terminal may leak, receiving terminal can change private key immediately, thus improves the fail safe of heterogeneous system data.
It should be noted that, in this article, the relational terms of such as first and second and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element " being comprised a 〃 〃 〃 〃 〃 〃 " limited by statement, and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical factor.
Finally it should be noted that: the foregoing is only preferred embodiment of the present invention, only for illustration of technical scheme of the present invention, be not intended to limit protection scope of the present invention.All any amendments done within the spirit and principles in the present invention, equivalent replacement, improvement etc., be all included in protection scope of the present invention.

Claims (9)

1. a data processing method, is characterized in that, disposes digital certificate authentication center CA server certificate between heterogeneous system, and wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm; Also comprise:
S1: obtain the symmetry secret key identical with receiving terminal;
S2: according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
S3: according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
S4: according to described signature algorithm, calculates the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
2. method according to claim 1, is characterized in that, also comprises before described step S2:
Be JSON form by the format conversion of data waiting for transmission.
3. method according to claim 1, is characterized in that, described step S1 comprises:
Symmetric key is calculated according to symmetric encipherment algorithm;
Or,
This symmetrical secret key as the secret key of symmetry, and is sent to described receiving terminal by self-defined or random definition character string.
4. method according to claim 1, is characterized in that, also comprises:
When receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
5. a heterogeneous system, is characterized in that, comprising:
Arrange module, for disposing digital certificate authentication center CA server certificate between heterogeneous system, wherein, described CA server certificate is used for providing symmetric encipherment algorithm, rivest, shamir, adelman and signature algorithm;
Acquisition module, for obtaining the secret key of the symmetry identical with receiving terminal;
Symmetrical encryption module, for according to described symmetric encipherment algorithm, utilizes the secret key of described symmetry that data waiting for transmission are carried out symmetric cryptography, and utilizes described symmetric encipherment algorithm to carry out symmetric cryptography to the secret key of described symmetry;
Asymmetric encryption module, for according to described rivest, shamir, adelman, utilizes the PKI of receiving terminal by the secret key of described symmetry after the data after symmetric cryptography and symmetric cryptography, carries out superencipher, obtain target data;
Signature blocks, for according to described signature algorithm, calculates the signed data of described target data, and described target data and described signed data are sent to receiving terminal.
6. heterogeneous system according to claim 5, is characterized in that, also comprises:
Modular converter, for being JSON form by the format conversion of data waiting for transmission.
7. system according to claim 5, is characterized in that,
Described acquisition module, for calculating symmetric key according to symmetric encipherment algorithm;
Or,
Described acquisition module, for self-defined or random definition character string as the secret key of symmetry, and sends to described receiving terminal by this symmetrical secret key.
8. system according to claim 5, is characterized in that, also comprises:
Receiver module, for when receiving target data and the signed data of described receiving terminal transmission, according to described signature algorithm, sign test operation is carried out to this signed data, and sign test operation by time, utilize the secret key of described symmetry and the symmetric cryptography algorithm for inversion corresponding with described symmetric encipherment algorithm to be decrypted described target data.
9. an integrated system, is characterized in that, comprising: arbitrary described heterogeneous system at least two the claims 5-8.
CN201510400102.7A 2015-07-09 2015-07-09 Data processing method, heterogeneous system and integrated system Pending CN105071935A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510400102.7A CN105071935A (en) 2015-07-09 2015-07-09 Data processing method, heterogeneous system and integrated system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510400102.7A CN105071935A (en) 2015-07-09 2015-07-09 Data processing method, heterogeneous system and integrated system

Publications (1)

Publication Number Publication Date
CN105071935A true CN105071935A (en) 2015-11-18

Family

ID=54501223

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510400102.7A Pending CN105071935A (en) 2015-07-09 2015-07-09 Data processing method, heterogeneous system and integrated system

Country Status (1)

Country Link
CN (1) CN105071935A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453362A (en) * 2016-11-02 2017-02-22 中车株洲电力机车研究所有限公司 Data transmission method and apparatus of vehicle-mounted device
CN106657040A (en) * 2016-12-09 2017-05-10 申正权 Intelligent solid waste garbage collection data platform and equipment communication encryption method
CN107682380A (en) * 2017-11-23 2018-02-09 上海众人网络安全技术有限公司 A kind of method and device of cross-certification
CN110213041A (en) * 2019-04-26 2019-09-06 五八有限公司 Data ciphering method, decryption method, device, electronic equipment and storage medium
CN110677245A (en) * 2019-09-26 2020-01-10 昆明市测绘研究院 Coordinate transformation parameter encryption and decryption method based on dongle
CN111193723A (en) * 2019-12-13 2020-05-22 上海数据交易中心有限公司 Data transmission, matching and storage method and device, storage medium and terminal
CN111935197A (en) * 2020-10-14 2020-11-13 江西省精彩纵横采购咨询有限公司 Bidding document encryption and decryption method and device
CN112866209A (en) * 2020-12-31 2021-05-28 复旦大学附属华山医院 Dialysis data safety management system and method
CN112927080A (en) * 2021-03-05 2021-06-08 广东电网有限责任公司 Block chain technology-based multi-party information sharing method for power industry
CN113660234A (en) * 2021-08-10 2021-11-16 中和易茂科技服务(北京)有限公司 Data encryption transmission and decryption method, memory and processor
CN113742751A (en) * 2021-09-13 2021-12-03 上海赤气信息科技有限公司 Data encryption method and system
CN114124557A (en) * 2021-11-30 2022-03-01 袁林英 Information security access control method based on big data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459517A (en) * 2008-12-18 2009-06-17 上海宝钢钢材贸易有限公司 B2B data exchange system
CN103220270A (en) * 2013-03-15 2013-07-24 福建联迪商用设备有限公司 Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101459517A (en) * 2008-12-18 2009-06-17 上海宝钢钢材贸易有限公司 B2B data exchange system
CN103220270A (en) * 2013-03-15 2013-07-24 福建联迪商用设备有限公司 Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周典玉: ""中小企业电子商务系统数据安全技术与方法研究"", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453362A (en) * 2016-11-02 2017-02-22 中车株洲电力机车研究所有限公司 Data transmission method and apparatus of vehicle-mounted device
CN106657040A (en) * 2016-12-09 2017-05-10 申正权 Intelligent solid waste garbage collection data platform and equipment communication encryption method
CN107682380B (en) * 2017-11-23 2020-09-08 上海众人网络安全技术有限公司 Cross authentication method and device
CN107682380A (en) * 2017-11-23 2018-02-09 上海众人网络安全技术有限公司 A kind of method and device of cross-certification
CN110213041A (en) * 2019-04-26 2019-09-06 五八有限公司 Data ciphering method, decryption method, device, electronic equipment and storage medium
CN110677245A (en) * 2019-09-26 2020-01-10 昆明市测绘研究院 Coordinate transformation parameter encryption and decryption method based on dongle
CN111193723A (en) * 2019-12-13 2020-05-22 上海数据交易中心有限公司 Data transmission, matching and storage method and device, storage medium and terminal
CN111193723B (en) * 2019-12-13 2022-10-14 上海数据交易中心有限公司 Data transmission, matching and storage method and device, storage medium and terminal
CN111935197A (en) * 2020-10-14 2020-11-13 江西省精彩纵横采购咨询有限公司 Bidding document encryption and decryption method and device
CN112866209A (en) * 2020-12-31 2021-05-28 复旦大学附属华山医院 Dialysis data safety management system and method
CN112927080A (en) * 2021-03-05 2021-06-08 广东电网有限责任公司 Block chain technology-based multi-party information sharing method for power industry
CN113660234A (en) * 2021-08-10 2021-11-16 中和易茂科技服务(北京)有限公司 Data encryption transmission and decryption method, memory and processor
CN113742751A (en) * 2021-09-13 2021-12-03 上海赤气信息科技有限公司 Data encryption method and system
CN114124557A (en) * 2021-11-30 2022-03-01 袁林英 Information security access control method based on big data
CN114124557B (en) * 2021-11-30 2024-05-14 袁林英 Information security access control method based on big data

Similar Documents

Publication Publication Date Title
CN105071935A (en) Data processing method, heterogeneous system and integrated system
CN111079128B (en) Data processing method and device, electronic equipment and storage medium
CN112887338B (en) Identity authentication method and system based on IBC identification password
CN103714642B (en) Key downloading method, management method, downloading management method and device and system
CN103714641B (en) A kind of terminal master key TMK method for safely downloading and system
EP3664360B1 (en) Certificateless public key encryption using pairings
US9166793B2 (en) Efficient authentication for mobile and pervasive computing
CN110535647A (en) Believable data transmission method, system, electronic equipment, storage medium
JP2020530726A (en) NFC tag authentication to remote servers with applications that protect supply chain asset management
CN112702318A (en) Communication encryption method, decryption method, client and server
CN103716322A (en) Secret key download method, management method, download management method, secret key download device, secret key management device and secret key download management system
CN111614621B (en) Internet of things communication method and system
CN107770127A (en) The transmission method and device of a kind of data
CN104144413A (en) Approval method and system based on mobile terminal
CN104424446A (en) Safety verification and transmission method and system
CN103036880A (en) Network information transmission method, transmission equipment and transmission system
CN111970114B (en) File encryption method, system, server and storage medium
CN114697040B (en) Electronic signature method and system based on symmetric key
CN105141635A (en) Method and system for safe communication of group sending messages
CN103905388A (en) Authentication method, authentication device, smart card, and server
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
CN102598575A (en) Method and system for the accelerated decryption of cryptographically protected user data units
CN108933659A (en) A kind of authentication system and verification method of smart grid
CN101296077B (en) Identity authentication system based on bus type topological structure
CN110138544A (en) A kind of encrypting and decrypting system and method for internet of things equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20151118