CN105765941A - Illegal access server prevention method and device - Google Patents

Illegal access server prevention method and device Download PDF

Info

Publication number
CN105765941A
CN105765941A CN201580002054.4A CN201580002054A CN105765941A CN 105765941 A CN105765941 A CN 105765941A CN 201580002054 A CN201580002054 A CN 201580002054A CN 105765941 A CN105765941 A CN 105765941A
Authority
CN
China
Prior art keywords
access request
digital signature
parameter
server
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201580002054.4A
Other languages
Chinese (zh)
Inventor
刘均
杨唐鹤
陈明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Launch Technology Co Ltd
Original Assignee
Hesvit Health Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hesvit Health Technology Co Ltd filed Critical Hesvit Health Technology Co Ltd
Publication of CN105765941A publication Critical patent/CN105765941A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

一种非法访问服务器防止方法以及装置,所述方法包括:智能终端获取准备向服务器发出的第一访问请求中请求参数,通过MD5算法将所述请求参数加密生成第一数字签名串,并将所述第一数字签名串封装到所述第一访问请求中,以将所述第一访问请求向所述服务器发送;所述服务器接收并街封装具有所述第一数字签名串的第二访问请求得到请求参数,通过所述MD5算法将从所述第二访问请求中解封装得到的请求参数加密生成第二数字签名串,判断所述第一数字签名串和所述第二数字签名串是否一致,如果是,则判断根据所述第二访问请求即为所述第一访问请求,所述服务器允许所述智能终端进行访问。通过上述方法能够识别请求是否合法,避免用户信息外泄。

A method and device for preventing illegal access to a server, the method comprising: an intelligent terminal acquires a request parameter in a first access request to be sent to a server, encrypts the request parameter through an MD5 algorithm to generate a first digital signature string, and sends the Encapsulate the first digital signature string into the first access request, so as to send the first access request to the server; the server receives and encapsulates the second access request with the first digital signature string Obtaining the request parameter, encrypting the request parameter obtained from decapsulating the second access request through the MD5 algorithm to generate a second digital signature string, and judging whether the first digital signature string is consistent with the second digital signature string , if yes, judging that the second access request is the first access request, and the server allows the smart terminal to access. Through the above method, it is possible to identify whether the request is legal, and to avoid leakage of user information.

Description

一种非法访问服务器防止方法以及装置Method and device for preventing illegal access to server

技术领域technical field

本发明涉及通讯领域,特别涉及一种非法访问服务器防止方法以及装置。The invention relates to the communication field, in particular to a method and device for preventing illegal access to a server.

背景技术Background technique

目前,大部分APP软件都是以客户端和服务器相结合的结构来开发。客户端主要指智能终端APP软件,而服务器主要用来存取APP交互的数据。现在客户端与服务器的交互接口大部分都是通过http的方式实现,然而,现在有很多抓包工具,它能抓取到APP客户端发出的请求连接,篡改请求连接中的参数信息,但是服务器不能识别篡改后请求连接是否合法,从而响应篡改后的请求,而导致他人获取用户在服务器中储存的信息,造成个人信息的外泄。At present, most APP software is developed with a structure combining client and server. The client mainly refers to the smart terminal APP software, and the server is mainly used to access the data interacted by the APP. Now most of the interactive interface between the client and the server is implemented through http. However, there are many packet capture tools that can capture the request connection sent by the APP client and tamper with the parameter information in the request connection. However, the server It cannot identify whether the tampered request connection is legal, so as to respond to the tampered request, which will cause others to obtain the information stored by the user in the server, resulting in the leakage of personal information.

发明内容Contents of the invention

本发明实施例所要解决的技术问题在于,提供一种非法访问服务器防止方法以及装置,能够识别请求是否合法,避免用户信息外泄。The technical problem to be solved by the embodiments of the present invention is to provide a method and device for preventing illegal access to a server, which can identify whether a request is legal or not, and avoid leakage of user information.

本发明提供了一种非法访问服务器防止方法,包括:The invention provides a method for preventing illegal access to a server, including:

智能终端获取请求参数,其中,所述请求参数为所述智能终端准备向服务器发出的第一访问请求中携带的参数,所述请求参数包含所述智能终端与所述服务器通信的接口的参数;The smart terminal obtains a request parameter, wherein the request parameter is a parameter carried in the first access request that the smart terminal prepares to send to the server, and the request parameter includes a parameter of an interface between the smart terminal and the server;

所述智能终端通过MD5算法将所述请求参数加密生成第一数字签名串,并将所述第一数字签名串封装到所述第一访问请求中,以将所述第一访问请求向所述服务器发送;The smart terminal encrypts the request parameters through the MD5 algorithm to generate a first digital signature string, and encapsulates the first digital signature string into the first access request, so as to send the first access request to the Server sends;

所述服务器接收具有所述第一数字签名串的第二访问请求,并从所述第二访问请求中解封装得到请求参数;The server receives a second access request having the first digital signature string, and decapsulates the second access request to obtain request parameters;

所述服务器通过所述MD5算法将从所述第二访问请求中解封装得到的请求参数加密生成第二数字签名串;The server encrypts the request parameters obtained by decapsulating the second access request through the MD5 algorithm to generate a second digital signature string;

所述服务器判断所述第一数字签名串和所述第二数字签名串是否一致,如果是,则判断根据所述第二访问请求即为所述第一访问请求,所述服务器允许所述智能终端进行访问。The server judges whether the first digital signature string is consistent with the second digital signature string, and if so, judges that the second access request is the first access request, and the server allows the smart Terminal access.

可选地,所述请求参数包括包含所述智能终端与所述服务器通信的接口的参数在内的多个参数,所述智能终端通过MD5算法将所述请求参数加密生成第一数字签名串包括:Optionally, the request parameters include a plurality of parameters including the parameters of the interface between the smart terminal and the server, and the smart terminal encrypts the request parameters through the MD5 algorithm to generate a first digital signature string including :

将所述请求参数中的多个参数通过预设符号连接起来。Multiple parameters in the request parameters are connected through preset symbols.

可选地,所述请求参数包括应用软件标识、软件版本号、国际语言编码、接口的参数。Optionally, the request parameters include application software identification, software version number, international language code, and interface parameters.

可选地,所述将所述请求参数中的多个参数通过预设符号连接起来之前还包括:Optionally, before connecting multiple parameters in the request parameters through preset symbols, the method further includes:

将所述请求参数中的多个参数按照预设顺序排列。Arranging multiple parameters in the request parameters according to a preset order.

可选地,所述请求参数中的多个参数按照预设顺序排列包括:Optionally, arranging multiple parameters in the request parameters according to a preset order includes:

将所述请求参数中的多个参数按照字母顺序排列。Arranging multiple parameters in the request parameters in alphabetical order.

一种非法访问服务器防止装置,包括:A device for preventing illegal access to a server, comprising:

获取单元,用于获取请求参数,其中,所述请求参数为所述智能终端准备向服务器发出的第一访问请求中携带的参数,所述请求参数包含所述智能终端与所述服务器通信的接口的参数;An acquiring unit, configured to acquire a request parameter, wherein the request parameter is a parameter carried in the first access request that the smart terminal prepares to send to the server, and the request parameter includes an interface through which the smart terminal communicates with the server parameters;

生成封装单元,用于通过MD5算法将所述请求参数加密生成第一数字签名串,并将所述第一数字签名串封装到所述第一访问请求中;Generating an encapsulation unit, configured to encrypt the request parameters through the MD5 algorithm to generate a first digital signature string, and encapsulate the first digital signature string into the first access request;

发送单元,用于将所述第一访问请求向所述服务器发送;a sending unit, configured to send the first access request to the server;

接收单元,用于接收具有所述第一数字签名串的第二访问请求,并从所述第二访问请求中解封装得到请求参数;a receiving unit, configured to receive a second access request having the first digital signature string, and decapsulate the second access request to obtain request parameters;

解封生成单元,用于通过所述MD5算法将从所述第二访问请求中解封装得到的请求参数加密生成第二数字签名串;A decapsulation generating unit, configured to encrypt the request parameters obtained by decapsulating the second access request through the MD5 algorithm to generate a second digital signature string;

判断单元,用于判断所述第一数字签名串和所述第二数字签名串是否一致,如果是,则判断根据所述第二访问请求即为所述第一访问请求,所述服务器允许所述智能终端进行访问。A judging unit, configured to judge whether the first digital signature string is consistent with the second digital signature string, and if so, judge that the second access request is the first access request, and the server allows the access to the smart terminal mentioned above.

可选地,所述请求参数包括包含所述智能终端与所述服务器通信的接口的参数在内的多个参数,所述生成封装单元还用于,Optionally, the request parameters include a plurality of parameters including the parameters of the interface between the smart terminal and the server, and the generation and encapsulation unit is further configured to:

将所述请求参数中的多个参数通过预设符号连接起来。Multiple parameters in the request parameters are connected through preset symbols.

可选地,所述请求参数包括应用软件标识、软件版本号、国际语言编码、接口的参数。Optionally, the request parameters include application software identification, software version number, international language code, and interface parameters.

可选地,所述生成封装单元还用于,Optionally, the generating encapsulation unit is also used to:

将所述请求参数中的多个参数按照预设顺序排列。Arranging multiple parameters in the request parameters according to a preset order.

可选地,所述请求参数中的多个参数按照预设顺序排列包括:Optionally, arranging multiple parameters in the request parameters according to a preset order includes:

将所述请求参数中的多个参数按照字母顺序排列。Arranging multiple parameters in the request parameters in alphabetical order.

上述发明,智能终端获取请求参数,并通过MD5算法将请求参数加密生成第一数字签名串,并将第一数字签名串封装到第一访问请求中,将第一访问请求向服务器发送;服务器接收具有第一数字签名串的第二访问请求,并从第二访问请求中解封装得到请求参数,并通过MD5算法将从第二访问请求中解封装得到的请求参数加密生成第二数字签名串,判断第一数字签名串和第二数字签名串是否一致,如果是,则判断根据第二访问请求即为第一访问请求,服务器允许智能终端进行访问。通过上述方法能够识别请求是否合法,避免用户信息外泄。In the above invention, the smart terminal obtains the request parameters, encrypts the request parameters through the MD5 algorithm to generate the first digital signature string, encapsulates the first digital signature string into the first access request, and sends the first access request to the server; the server receives a second access request having the first digital signature string, and decapsulating the request parameters from the second access request, and encrypting the request parameters obtained from the decapsulating the second access request through the MD5 algorithm to generate a second digital signature string, Judging whether the first digital signature string is consistent with the second digital signature string, if yes, judging that the second access request is the first access request, and the server allows the smart terminal to access. Through the above method, it is possible to identify whether the request is legal, and to avoid leakage of user information.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the accompanying drawings required in the embodiments. Obviously, the accompanying drawings in the following description are only some of the present invention. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained based on these drawings without any creative effort.

图1是本发明一种非法访问服务器防止方法实施方式的流程图;Fig. 1 is a flow chart of an embodiment of a method for preventing illegal access to a server in the present invention;

图2是本发明一种非法访问服务器防止装置实施方式的结构示意图。Fig. 2 is a schematic structural diagram of an embodiment of an illegal access server prevention device according to the present invention.

具体实施方式detailed description

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

请参阅图1,图1是本发明一种非法访问服务器防止方法实施方式的流程图。该方法包括:Please refer to FIG. 1 . FIG. 1 is a flow chart of an embodiment of a method for preventing illegal access to a server in the present invention. The method includes:

步骤S101:智能终端获取请求参数。Step S101: the smart terminal acquires request parameters.

智能终端与服务器的交互接口大部分是以http方式实现。http请求方式有两种,一种是GET方式,请求参数会用“?”作为分隔符跟在请求资源后面;另一种是POST方式,请求参数放在了最后面的位置。Most of the interactive interfaces between the smart terminal and the server are implemented in the form of http. There are two http request methods, one is the GET method, and the request parameters will be followed by the request resource with "?" as a separator; the other is the POST method, and the request parameters will be placed at the end.

具体地,请求参数为智能终端准备向服务器发出的第一访问请求中携带的参数,该请求参数包含智能终端与服务器通信的接口的参数,包括应用软件标识、软件版本号、国际语言编码、接口的参数等等,应用软件标识是用来表示应用软件的一个符号,每个应用软件对应唯一的标识号;软件版本号是软件名称后面的一些英文和数字,为软件版本的标志;国际语言编码用于表示文档的语言编码;接口是智能终端与服务器间通信的通道,接口的参数包含了发出请求的用户信息。智能终端可以通过request对象调用相关方法来获取请求参数。Specifically, the request parameter is the parameter carried in the first access request that the smart terminal prepares to send to the server. The request parameter includes the parameters of the interface between the smart terminal and the server, including application software identification, software version number, international language code, interface The parameters of the application software, etc., the application software identification is a symbol used to represent the application software, each application software corresponds to a unique identification number; the software version number is some English and numbers behind the software name, which is the sign of the software version; international language code It is used to represent the language code of the document; the interface is the communication channel between the smart terminal and the server, and the parameters of the interface include the information of the user who sent the request. Smart terminals can call related methods through the request object to obtain request parameters.

步骤S102:智能终端通过MD5算法将请求参数加密生成第一数字签名串,并将该第一数字签名串封装到第一访问请求中。Step S102: The smart terminal encrypts the request parameters using the MD5 algorithm to generate a first digital signature string, and encapsulates the first digital signature string into the first access request.

数字签名(又称公钥数字签名、电子签章)是附加在数据单元上的一些数据,或是对数据单元所作的密码变换。这种数据或变换允许数据单元的接收者用以确认数据单元的来源和数据单元的完整性并保护数据,防止被他人进行伪造,同时也是对信息的发送者发送信息真实性的一个有效证明。它是对电子形式的消息进行签名的一种方法,一个签名消息能在一个通信网络中传输。A digital signature (also known as a public key digital signature, electronic signature) is some data attached to a data unit, or a cryptographic transformation of a data unit. This kind of data or transformation allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit and protect the data from being forged by others. It is also an effective proof of the authenticity of the information sent by the sender of the information. It is a method of signing messages in electronic form so that a signed message can be transmitted over a communication network.

MD5(MessageDigestAlgorithm5)(中文名为消息摘要算法第五版)为计算机安全领域广泛使用的一种散列函数,用以提供消息的完整性保护。MD5就可以为任何文件(不管其大小、格式、数量)产生一个同样独一无二的MD5值,也可以称为“数字指纹”,如果任何人对文件做了任何改动,其MD5值也就是对应的“数字指纹”都会发生变化。MD5 (MessageDigestAlgorithm5) (Chinese name is the fifth edition of Message Digest Algorithm) is a hash function widely used in the field of computer security to provide message integrity protection. MD5 can generate an equally unique MD5 value for any file (regardless of its size, format, and quantity), which can also be called a "digital fingerprint". If anyone makes any changes to the file, its MD5 value is also the corresponding " "digital fingerprint" will change.

具体地,请求参数可以包含多个参数,智能终端可以选取其中的部分或全部参数,通过MD5算法将请求参数中的部分或全部参数加密生成第一数字签名串,第一数字签名串即为该请求参数的“数字指纹”,用于保护请求参数的完整,然后,将该第一数字签名串封装到第一访问请求中。Specifically, the request parameter may contain multiple parameters, and the smart terminal may select some or all of the parameters, and encrypt some or all of the parameters in the request parameter through the MD5 algorithm to generate a first digital signature string, which is the first digital signature string. The "digital fingerprint" of the request parameter is used to protect the integrity of the request parameter, and then encapsulate the first digital signature string into the first access request.

需要说明的是,通过MD5算法加密的多个参数在加密之前可以按照预设顺序排列,例如将多个参数按照首字母的字母顺序排列,也可以将多个参数用连接符号将多个参数连接起来,该连接符号可以是特定的字母、数字或符号等等。例如,假设请求参数中appID=ebcad75de0d42a844d98a755644e30(应用唯一标识号)、softwareVersion=1.0.1(软件版本号)、lanCode=zh-cn(国际语言编码)、restKey=user.login(接口的参数),在进行MD5加密之前,根据等号前的参数按字母顺序排序,并用&符号连接得到排序连接后的请求参数appID=ebcad75de0d42a844d98a755644e30&lanCode=zh-cn&restKey=user.login&softwareVersion=1.0.1,然后对排序连接后的请求参数进行MD5加密,得到第一数字签名串。It should be noted that multiple parameters encrypted by the MD5 algorithm can be arranged in a preset order before encryption, for example, multiple parameters can be arranged in alphabetical order according to the first letter, or multiple parameters can be connected with a connection symbol In general, the connection symbol can be a specific letter, number or symbol and so on. For example, assuming that appID=ebcad75de0d42a844d98a755644e30 (application unique identification number), softwareVersion=1.0.1 (software version number), lanCode=zh-cn (international language code), restKey=user.login (interface parameter) in the request parameter, in Before MD5 encryption, sort the parameters in alphabetical order according to the parameters before the equal sign, and use the & symbol to connect to get the request parameter appID=ebcad75de0d42a844d98a755644e30&lanCode=zh-cn&restKey=user. The parameters are encrypted with MD5 to obtain the first digital signature string.

步骤S103:智能终端向服务器发送第一访问请求。Step S103: the smart terminal sends a first access request to the server.

具体地,智能终端可以通过有线网、无线网或移动网等等向服务器发送第一访问请求。Specifically, the smart terminal may send the first access request to the server through a wired network, a wireless network, or a mobile network.

步骤S104:服务器接收具有第一数字签名串的第二访问请求,并从第二访问请求中解封装得到请求参数。Step S104: the server receives the second access request with the first digital signature string, and decapsulates the second access request to obtain request parameters.

具体地,服务器不能判定所接收的具有第一数字签名串的第二访问请求是否为第一访问请求,第一访问请求中的请求参数也可能已经被修改,服务器接收具有第一数字签名串的第二访问请求,并从第二访问请求中解封装得到该第二访问请求所包含的请求参数。Specifically, the server cannot determine whether the received second access request with the first digital signature string is the first access request, and the request parameters in the first access request may have been modified. The server receives the second access request with the first digital signature string. the second access request, and decapsulate the second access request to obtain the request parameters included in the second access request.

步骤S105:服务器通过MD5算法将从第二访问请求中解封装得到的请求参数加密生成第二数字签名串。Step S105: The server encrypts the request parameters obtained by decapsulating the second access request through the MD5 algorithm to generate a second digital signature string.

具体地,第二访问请求中解封装得到的请求参数可以包含多个参数,服务器可以选取其中的部分或全部参数,需要说明的是,服务器所选取的部分或全部参数与步骤S102中智能终端选取的部分或全部参数类型一致,通过MD5算法将请求参数中的部分或全部参数加密生成第二数字签名串,还需要说明的是,步骤S105中的MD5算法和步骤S102中的MD5算法一致。Specifically, the request parameters obtained by decapsulating in the second access request may contain multiple parameters, and the server may select some or all of the parameters. Some or all of the parameter types are the same, and the MD5 algorithm is used to encrypt some or all of the parameters in the request parameters to generate a second digital signature string. It should also be noted that the MD5 algorithm in step S105 is consistent with the MD5 algorithm in step S102.

还需要说明的是,步骤S102中,如果通过MD5算法加密的多个参数在加密之前按照预设顺序排列,那么步骤S105中,服务器通过MD5算法加密的多个参数之前也需要按照与步骤S102中相同的预设顺序排列。It should also be noted that in step S102, if the multiple parameters encrypted by the MD5 algorithm are arranged in a preset order before encryption, then in step S105, the server also needs to follow the same sequence as in step S102 before the multiple parameters encrypted by the MD5 algorithm. Arranged in the same preset order.

步骤S106:服务器判断第一数字签名串和第二数字签名串是否一致。Step S106: The server judges whether the first digital signature string is consistent with the second digital signature string.

具体地,服务器判断第一数字签名串和第二数字签名串是否一致,如果是,则第二访问请求即为第一访问请求,该第一访问请求未被篡改,为合法请求,允许智能终端进行访问;否则,第二访问请求不是第一访问请求,该第一访问请求已被篡改,为非法请求,不允许该智能终端进行访问。Specifically, the server judges whether the first digital signature string is consistent with the second digital signature string. If yes, the second access request is the first access request. The first access request has not been tampered with and is a legal request, allowing the smart terminal to otherwise, the second access request is not the first access request, and the first access request has been tampered with, which is an illegal request, and the smart terminal is not allowed to access.

具体地,智能终端根据第一访问请求中的请求参数通过MD5算法得出的第一数字签名串是唯一的,并且MD5加密的过程是不可逆的。当第一访问请求被他人获取并修改为第二访问请求后,其中,第二访问请求中的请求参数与第一访问请求中的请求参数不一致,它们接口的参数不同。MD5算法是根据请求参数的内容加密生成的数字签名串,当请求参数发生变化后,通过MD5算法生成的数字签名串也将发生变化。服务器接收第二访问请求后,如果第二访问请求中的请求参数与第一访问请求中的请求参数不一致,那么根据第二访问请求中的请求参数所得到的第二数字签名串与第一数字签名串不一致。就可以知道,有黑客意图通过抓包工具抓取到APP客户端发出的请求连接以获取用户在服务器中储存的信息。Specifically, the first digital signature string obtained by the smart terminal through the MD5 algorithm according to the request parameters in the first access request is unique, and the MD5 encryption process is irreversible. After the first access request is acquired by others and modified into a second access request, the request parameters in the second access request are inconsistent with those in the first access request, and the parameters of their interfaces are different. The MD5 algorithm is a digital signature string generated by encrypting the content of the request parameters. When the request parameters change, the digital signature string generated by the MD5 algorithm will also change. After the server receives the second access request, if the request parameter in the second access request is inconsistent with the request parameter in the first access request, then the second digital signature string obtained according to the request parameter in the second access request is the same as the first digital signature string. The signature strings are inconsistent. It can be known that a hacker intends to capture the request connection sent by the APP client through the packet capture tool to obtain the information stored by the user in the server.

步骤S107:允许智能终端进行访问。Step S107: Allow the smart terminal to access.

具体地,如果第一数字签名串和第二数字签名串一致,则第二访问请求即为第一访问请求,该第一访问请求未被篡改,为合法请求,允许智能终端进行访问。Specifically, if the first digital signature string is consistent with the second digital signature string, the second access request is the first access request, the first access request has not been tampered with, is a legal request, and the smart terminal is allowed to access.

上述发明,智能终端获取请求参数,并通过MD5算法将请求参数加密生成第一数字签名串,并将第一数字签名串封装到第一访问请求中,将第一访问请求向服务器发送;服务器接收具有第一数字签名串的第二访问请求,并从第二访问请求中解封装得到请求参数,并通过MD5算法将从第二访问请求中解封装得到的请求参数加密生成第二数字签名串,判断第一数字签名串和第二数字签名串是否一致,如果是,则判断根据第二访问请求即为第一访问请求,服务器允许智能终端进行访问。通过上述方法能够识别请求是否合法,避免用户信息外泄。In the above invention, the smart terminal obtains the request parameters, encrypts the request parameters through the MD5 algorithm to generate the first digital signature string, encapsulates the first digital signature string into the first access request, and sends the first access request to the server; the server receives a second access request having the first digital signature string, and decapsulating the request parameters from the second access request, and encrypting the request parameters obtained from the decapsulating the second access request through the MD5 algorithm to generate a second digital signature string, Judging whether the first digital signature string is consistent with the second digital signature string, if yes, judging that the second access request is the first access request, and the server allows the smart terminal to access. Through the above method, it is possible to identify whether the request is legal, and to avoid leakage of user information.

请参见图2,图2是本发明一种非法访问服务器防止装置实施方式的结构示意图,该装置200包括:获取单元201、生成封装单元202、发送单元203、接收单元204、解封生成单元205以及判断单元206。Please refer to FIG. 2. FIG. 2 is a schematic structural diagram of an embodiment of an illegal access server prevention device of the present invention. The device 200 includes: an acquisition unit 201, a generating and encapsulating unit 202, a sending unit 203, a receiving unit 204, and an unpacking generating unit 205 and a judging unit 206 .

获取单元201,用于获取请求参数,其中,请求参数为智能终端准备向服务器发出的第一访问请求中携带的参数,请求参数包含智能终端与服务器通信的接口的参数。The obtaining unit 201 is configured to obtain request parameters, wherein the request parameters are parameters carried in the first access request that the smart terminal prepares to send to the server, and the request parameters include parameters of an interface for communication between the smart terminal and the server.

生成封装单元202,用于通过MD5算法将请求参数加密生成第一数字签名串,并将第一数字签名串封装到第一访问请求中。The generation encapsulation unit 202 is configured to encrypt the request parameters through the MD5 algorithm to generate a first digital signature string, and encapsulate the first digital signature string into the first access request.

发送单元203,用于将第一访问请求向服务器发送。The sending unit 203 is configured to send the first access request to the server.

接收单元204,用于接收具有第一数字签名串的第二访问请求,并从第二访问请求中解封装得到请求参数。The receiving unit 204 is configured to receive the second access request with the first digital signature string, and decapsulate the second access request to obtain request parameters.

解封生成单元205,用于通过MD5算法将从第二访问请求中解封装得到的请求参数加密生成第二数字签名串。The decapsulation generating unit 205 is configured to encrypt the request parameters obtained by decapsulating the second access request through the MD5 algorithm to generate a second digital signature string.

判断单元206,用于判断第一数字签名串和第二数字签名串是否一致,如果是,则判断根据第二访问请求即为第一访问请求,服务器允许智能终端进行访问。The judging unit 206 is configured to judge whether the first digital signature string is consistent with the second digital signature string, and if so, judge that the second access request is the first access request, and the server allows the smart terminal to access.

可选地,请求参数包括包含智能终端与服务器通信的接口的参数在内的多个参数,生成封装单元202还用于,Optionally, the request parameters include a plurality of parameters including the parameters of the interface between the smart terminal and the server, and the generating encapsulation unit 202 is also used to:

将请求参数中的多个参数通过预设符号连接起来。Connect multiple parameters in the request parameters through preset symbols.

可选地,请求参数包括应用软件标识、软件版本号、国际语言编码、接口的参数。Optionally, the request parameters include application software identification, software version number, international language code, and interface parameters.

可选地,生成封装单元202还用于,Optionally, generating encapsulation unit 202 is also used to:

将请求参数中的多个参数按照预设顺序排列。Arrange multiple parameters in the request parameters in a preset order.

可选地,请求参数中的多个参数按照预设顺序排列包括:Optionally, multiple parameters in the request parameters are arranged in a preset order including:

将请求参数中的多个参数按照字母顺序排列。Arrange multiple parameters in request parameters in alphabetical order.

需要说明的是,获取单元201、生成封装单元202以及发送单元203位于智能终端;接收单元204、解封生成单元205以及判断单元206位于服务器。It should be noted that the acquiring unit 201, generating encapsulation unit 202, and sending unit 203 are located in the smart terminal; the receiving unit 204, decapsulating generating unit 205, and judging unit 206 are located in the server.

需要说明的是,对于前述的各方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为根据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that for the foregoing method embodiments, for the sake of simple description, they are expressed as a series of action combinations, but those skilled in the art should know that the present invention is not limited by the described action sequence. Because according to the present invention, certain steps may be performed in other order or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.

在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the foregoing embodiments, the descriptions of each embodiment have their own emphases, and for parts not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments.

本发明实施例方法中的步骤可以根据实际需要进行顺序调整、合并和删减。The steps in the methods of the embodiments of the present invention can be adjusted, combined and deleted according to actual needs.

本发明实施例装置中的单元可以根据实际需要进行合并、划分和删减。本领域的技术人员可以将本说明书中描述的不同实施例以及不同实施例的特征进行结合或组合。The units in the device of the embodiment of the present invention can be combined, divided and deleted according to actual needs. Those skilled in the art may combine or combine different embodiments and features of different embodiments described in this specification.

通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本发明可以用硬件实现,或固件实现,或它们的组合方式来实现。当使用软件实现时,可以将上述功能存储在计算机可读介质中或作为计算机可读介质上的一个或多个指令或代码进行传输。计算机可读介质包括计算机存储介质和通信介质,其中通信介质包括便于从一个地方向另一个地方传送计算机程序的任何介质。存储介质可以是计算机能够存取的任何可用介质。以此为例但不限于:计算机可读介质可以包括随机存取存储器(RandomAccessMemory,RAM)、只读存储器(Read-OnlyMemory,ROM)、电可擦可编程只读存储器(ElectricallyErasableProgrammableRead-OnlyMemory,EEPROM)、只读光盘(CompactDiscRead-OnlyMemory,CD-ROM)或其他光盘存储、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质。此外。任何连接可以适当的成为计算机可读介质。例如,如果软件是使用同轴电缆、光纤光缆、双绞线、数字用户线(DigitalSubscriberLine,DSL)或者诸如红外线、无线电和微波之类的无线技术从网站、服务器或者其他远程源传输的,那么同轴电缆、光纤光缆、双绞线、DSL或者诸如红外线、无线和微波之类的无线技术包括在所属介质的定影中。如本发明所使用的,盘(Disk)和碟(disc)包括压缩光碟(CD)、激光碟、光碟、数字通用光碟(DVD)、软盘和蓝光光碟,其中盘通常磁性的复制数据,而碟则用激光来光学的复制数据。上面的组合也应当包括在计算机可读介质的保护范围之内。Through the above description of the implementation manners, those skilled in the art can clearly understand that the present invention can be implemented by hardware, firmware, or a combination thereof. When implemented in software, the functions described above may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a computer. Take this as an example but not limited to: the computer-readable medium may include Random Access Memory (Random Access Memory, RAM), Read-Only Memory (Read-Only Memory, ROM), Electrically Erasable Programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM) , CD-ROM (Compact Disc Read-Only Memory, CD-ROM) or other optical disk storage, magnetic disk storage medium or other magnetic storage devices, or can be used to carry or store desired program codes in the form of instructions or data structures and can be stored by a computer any other medium. also. Any connection can suitably be a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair wire, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the same Coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwave are included in the fixation of the respective media. As used herein, disk and disc include compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disc, and Blu-ray disc, where discs usually reproduce data magnetically, and discs Lasers are used to optically reproduce the data. Combinations of the above should also be included within the scope of computer-readable media.

总之,以上所述仅为本发明技术方案的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。In a word, the above descriptions are only preferred embodiments of the technical solutions of the present invention, and are not intended to limit the protection scope of the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (10)

1. a unauthorized access server prevention method, it is characterised in that including:
Intelligent terminal obtains required parameter, and wherein, described required parameter is that described intelligent terminal prepares to service The parameter carried in the first access request that device sends, described required parameter comprises described intelligent terminal with described The parameter of the interface of server communication;
The encryption of described required parameter is generated the first digital signature string by MD5 algorithm by described intelligent terminal, and Described first digital signature string is encapsulated in described first access request, with by described first access request to Described server sends;
Described server receives second access request with described first digital signature string, and from described second In access request, decapsulation obtains required parameter;
Described server will decapsulate, from described second access request, the request obtained by described MD5 algorithm Parameter encryption generates the second digital signature string;
Described server judges that described first digital signature string is the most consistent with described second digital signature string, as Fruit is, then judge to be described first access request according to described second access request, and described server allows Described intelligent terminal conducts interviews.
Method the most according to claim 1, it is characterised in that described required parameter includes comprising described Intelligent terminal passes through at interior multiple parameters, described intelligent terminal with the parameter of the interface of described server communication The encryption of described required parameter is generated the first digital signature string and includes by MD5 algorithm:
Multiple parameters in described required parameter are coupled together by predetermined symbol.
Method the most according to claim 2, it is characterised in that described required parameter includes application software Mark, software version number, International Language coding, the parameter of interface.
Method the most according to claim 3, it is characterised in that described by many in described required parameter Individual parameter is also included before being coupled together by predetermined symbol:
Multiple parameters in described required parameter are arranged according to preset order.
Method the most according to claim 4, it is characterised in that the multiple parameters in described required parameter Include according to preset order arrangement:
Multiple parameters in described required parameter are arranged in alphabetical order.
6. the anti-locking apparatus of unauthorized access server, it is characterised in that including:
Acquiring unit, is used for obtaining required parameter, and wherein, described required parameter is that described intelligent terminal prepares The parameter carried in the first access request that server sends, described required parameter comprises described intelligent terminal Parameter with the interface of described server communication;
Generate encapsulation unit, for the encryption of described required parameter being generated the first digital signature by MD5 algorithm String, and described first digital signature string is encapsulated in described first access request;
Transmitting element, for sending described first access request to described server;
Receive unit, for receiving second access request with described first digital signature string, and from described In second access request, decapsulation obtains required parameter;
Deblocking signal generating unit, for will decapsulate by described MD5 algorithm from described second access request The required parameter encryption arrived generates the second digital signature string;
Judging unit, is used for judging that described first digital signature string is the most consistent with described second digital signature string, If it is, judge to be described first access request according to described second access request, described server is permitted Permitted described intelligent terminal to conduct interviews.
Device the most according to claim 6, it is characterised in that described required parameter includes comprising described The parameter of the interface of intelligent terminal and described server communication is at interior multiple parameters, described generation encapsulation unit It is additionally operable to,
Multiple parameters in described required parameter are coupled together by predetermined symbol.
Device the most according to claim 7, it is characterised in that described required parameter includes application software Mark, software version number, International Language coding, the parameter of interface.
Device the most according to claim 8, it is characterised in that described generation encapsulation unit is additionally operable to,
Multiple parameters in described required parameter are arranged according to preset order.
Device the most according to claim 9, it is characterised in that the multiple ginsengs in described required parameter Number includes according to preset order arrangement:
Multiple parameters in described required parameter are arranged in alphabetical order.
CN201580002054.4A 2015-10-23 2015-10-23 Illegal access server prevention method and device Pending CN105765941A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/092693 WO2017066995A1 (en) 2015-10-23 2015-10-23 Method and device for preventing unauthorized access to server

Publications (1)

Publication Number Publication Date
CN105765941A true CN105765941A (en) 2016-07-13

Family

ID=56343050

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580002054.4A Pending CN105765941A (en) 2015-10-23 2015-10-23 Illegal access server prevention method and device

Country Status (2)

Country Link
CN (1) CN105765941A (en)
WO (1) WO2017066995A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107896145A (en) * 2017-11-10 2018-04-10 郑州云海信息技术有限公司 A kind of anti-method for implanting of interface interchange and system
CN108055230A (en) * 2017-10-19 2018-05-18 福建中金在线信息科技有限公司 The method and apparatus of data request processing
CN108322418A (en) * 2017-01-16 2018-07-24 深圳兆日科技股份有限公司 The detection method and device of unauthorized access
CN108322302A (en) * 2017-01-17 2018-07-24 北京京东尚科信息技术有限公司 A kind of anti-brush method, apparatus of the page, electronic equipment and storage medium
CN108400979A (en) * 2018-02-06 2018-08-14 武汉斗鱼网络科技有限公司 Communication means and electronic equipment applied to client and server
CN108494759A (en) * 2018-03-14 2018-09-04 北京思特奇信息技术股份有限公司 A kind of access request processing method, system, equipment and storage medium
CN111291393A (en) * 2020-01-21 2020-06-16 上海悦易网络信息技术有限公司 Request checking method and device
CN112383548A (en) * 2020-11-13 2021-02-19 杭州弗兰科信息安全科技有限公司 Database access method, transmitting device, receiving device and terminal host
CN115767201A (en) * 2022-09-26 2023-03-07 北京翼马科技有限公司 Teaching voice transcription subtitle real-time playing platform, playing method and playing device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115712888B (en) * 2022-10-10 2025-04-15 中国电信股份有限公司 Interface calling method, device, storage medium and electronic device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222509A (en) * 2008-01-22 2008-07-16 中兴通讯股份有限公司 A data protection transmission method of point-to-point network
US20100064138A1 (en) * 2008-07-16 2010-03-11 Samsung Electronics Co., Ltd. Apparatus and method for providing security service of user interface
CN102065573A (en) * 2010-12-28 2011-05-18 北京高信达通信技术有限公司福州分公司 WAP gateway agent service data processing method and server
CN102647461A (en) * 2012-03-29 2012-08-22 奇智软件(北京)有限公司 Communication method, server and terminal based on hypertext transfer protocol
CN102946392A (en) * 2012-11-15 2013-02-27 亚信联创科技(中国)有限公司 URL (Uniform Resource Locator) data encrypted transmission method and system
CN103973695A (en) * 2014-05-16 2014-08-06 浪潮电子信息产业股份有限公司 Signature algorithm for server validation

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9141647B2 (en) * 2012-04-26 2015-09-22 Sap Se Configuration protection for providing security to configuration files
CN104104650B (en) * 2013-04-02 2017-07-21 联想(北京)有限公司 data file access method and terminal device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101222509A (en) * 2008-01-22 2008-07-16 中兴通讯股份有限公司 A data protection transmission method of point-to-point network
US20100064138A1 (en) * 2008-07-16 2010-03-11 Samsung Electronics Co., Ltd. Apparatus and method for providing security service of user interface
CN102065573A (en) * 2010-12-28 2011-05-18 北京高信达通信技术有限公司福州分公司 WAP gateway agent service data processing method and server
CN102647461A (en) * 2012-03-29 2012-08-22 奇智软件(北京)有限公司 Communication method, server and terminal based on hypertext transfer protocol
CN102946392A (en) * 2012-11-15 2013-02-27 亚信联创科技(中国)有限公司 URL (Uniform Resource Locator) data encrypted transmission method and system
CN103973695A (en) * 2014-05-16 2014-08-06 浪潮电子信息产业股份有限公司 Signature algorithm for server validation

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322418A (en) * 2017-01-16 2018-07-24 深圳兆日科技股份有限公司 The detection method and device of unauthorized access
CN108322302A (en) * 2017-01-17 2018-07-24 北京京东尚科信息技术有限公司 A kind of anti-brush method, apparatus of the page, electronic equipment and storage medium
CN108055230A (en) * 2017-10-19 2018-05-18 福建中金在线信息科技有限公司 The method and apparatus of data request processing
CN107896145A (en) * 2017-11-10 2018-04-10 郑州云海信息技术有限公司 A kind of anti-method for implanting of interface interchange and system
CN108400979A (en) * 2018-02-06 2018-08-14 武汉斗鱼网络科技有限公司 Communication means and electronic equipment applied to client and server
CN108400979B (en) * 2018-02-06 2021-07-30 武汉斗鱼网络科技有限公司 Communication method applied to client and server and electronic equipment
CN108494759A (en) * 2018-03-14 2018-09-04 北京思特奇信息技术股份有限公司 A kind of access request processing method, system, equipment and storage medium
CN108494759B (en) * 2018-03-14 2021-06-01 北京思特奇信息技术股份有限公司 Access request processing method, system, device and storage medium
CN111291393A (en) * 2020-01-21 2020-06-16 上海悦易网络信息技术有限公司 Request checking method and device
CN112383548A (en) * 2020-11-13 2021-02-19 杭州弗兰科信息安全科技有限公司 Database access method, transmitting device, receiving device and terminal host
CN115767201A (en) * 2022-09-26 2023-03-07 北京翼马科技有限公司 Teaching voice transcription subtitle real-time playing platform, playing method and playing device

Also Published As

Publication number Publication date
WO2017066995A1 (en) 2017-04-27

Similar Documents

Publication Publication Date Title
CN105765941A (en) Illegal access server prevention method and device
CN107770182B (en) Data storage method of home gateway and home gateway
CN107786331B (en) Data processing method, device, system and computer readable storage medium
CN105682253A (en) Method and equipment for communication establishment, terminal and computer readable storage medium
JP6880055B2 (en) Message anti-counterfeiting implementation method and device
CN112511514A (en) HTTP encrypted transmission method and device, computer equipment and storage medium
CN110601815B (en) Block chain data processing method and equipment
CN110210270B (en) QR code information security reinforcement method and system and QR code image analysis method and system
CN107864129B (en) Method and device for ensuring network data security
WO2020102974A1 (en) Data access method, data access apparatus, and mobile terminal
CN110535877A (en) Internet-of-things terminal identity identifying method and Verification System based on double authentication
CN116830525A (en) Data transmission method, device, system, electronic equipment and readable medium
US20150124969A1 (en) Method and Device for Obtaining a Security Key
CN105025102A (en) A network storage calling method and storage system for 3D printing model files
CN114978769A (en) Unidirectional lead-in device, method, medium, and apparatus
CN104935783B (en) A kind of safe active distorted image detection method and device
CN107395350B (en) Method and system for generating key and key handle and intelligent key safety equipment
CN109391473B (en) Electronic signature method, device and storage medium
CN114679299B (en) Communication protocol encryption method, device, computer equipment and storage medium
CN115001871A (en) File encryption sharing method and system based on block chain technology
CN113517982A (en) Password generation method, password execution method and terminal
CN115913571B (en) File encryption, decryption method and device, and digital copyright protection system
CN117118972A (en) Method, device, equipment and medium capable of recording file circulation process
CN111049798B (en) Information processing method and device and computer readable storage medium
CN115834071A (en) Automatic electronic seal updating method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20190507

Address after: 518000 Yuanzheng Industrial Park, North of Fifth Avenue, Bantian Street, Longgang District, Shenzhen City, Guangdong Province

Applicant after: Yuanzheng Science and Technology Co., Ltd., Shenzhen City

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Applicant before: HESVIT HEALTH TECH CO., LTD.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160713