CN105991284A - Method and apparatus for sending to-be-verified data, and data receiving verification method and apparatus - Google Patents
Method and apparatus for sending to-be-verified data, and data receiving verification method and apparatus Download PDFInfo
- Publication number
- CN105991284A CN105991284A CN201510082737.7A CN201510082737A CN105991284A CN 105991284 A CN105991284 A CN 105991284A CN 201510082737 A CN201510082737 A CN 201510082737A CN 105991284 A CN105991284 A CN 105991284A
- Authority
- CN
- China
- Prior art keywords
- data
- endorsing
- verified
- encryption
- endorsed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 122
- 238000012795 verification Methods 0.000 title claims abstract description 13
- 238000012545 processing Methods 0.000 claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims abstract description 18
- 230000008569 process Effects 0.000 claims description 74
- 238000004422 calculation algorithm Methods 0.000 claims description 30
- 230000002441 reversible effect Effects 0.000 claims description 14
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 230000008859 change Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000002427 irreversible effect Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000005070 sampling Methods 0.000 description 2
- 230000035945 sensitivity Effects 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a data receiving verification method. The method comprises: encryption data and first signed data are received; the encryption data are decrypted to obtain decryption data; signing processing is carried out on the decryption data to obtain second signing data; and consistency of the first signed data and the second signed data is verified. According to the application, the encryption data and signing data that are generated by same data are received simultaneously; and after processing, the data are verified and compared. Therefore, a problem that a data receiver can not verify the data after non-security-domain transmission and processing of data in the prior art can be solved. Besides, the application also discloses a method and apparatus for sending to-be-verified data and a data receiving verification apparatus.
Description
Technical field
The application relates to field of computer technology, particularly relates to that a kind of data to be verified send, data receiver tests
Card method and device.
Background technology
Internet, applications penetrates in daily life more and more, particularly mobile Internet send out
Exhibition defines the main trend of whole people's online, and the daily habits of people changes, and starts to get used to passing through network
Process many routine matters easily, such as do shopping, pay the fees, payment etc..Thus, Internet era,
Particularly in financial field, the Internet, the safety of user profile seems of crucial importance.
Third-party payment industry data safety criterion defines the standard of a user profile: defines and is positioned at safety
System in fire wall is in security domain, and the system being positioned at outside security firewall is in non-secure domains.System exists
Can not contact user data under non-secure domains, the data of user's input just can be entered after needing to be converted to add confidential information
Row transmission, and add after confidential information transmits under current internet environment, processes, in fact it could happen that error in data
Situation, and the data after this deciphering cannot be verified by receiving terminal, causes receiving terminal finally cannot know
Whether not these data make mistakes so that carrying out the transaction of mistake.
Summary of the invention
The embodiment of the present application provides a kind of data receiver verification method, passes through in order to solve data in prior art
After non-secure domains transmission, process, data receiver's cannot verify data to wrong problem.
The embodiment of the present application also provides for a kind of data receiver checking device, in order to solve data warp in prior art
After crossing non-secure domains transmission, process, data receiver's cannot verify data to wrong problem.
The embodiment of the present application also provides for a kind of data transmission method for uplink to be verified and device.
The embodiment of the present application employing following technical proposals:
A kind of data receiver verification method, including:
Receive encryption data to endorse data with first;
Decipher described encryption data to obtain solving ciphertext data;
Process of endorsing described solution ciphertext data obtains second and endorses data;
Verify the concordance of first, second two data of endorsing.
A kind of data transmission method for uplink to be verified, including:
Obtain the data to be verified of user's input;
Encrypt described data to be verified form encryption data and send;
Process of endorsing described data to be verified forms Data Concurrent of endorsing and send.
A kind of data receiver checking device, including:
Receive unit, be used for receiving encryption data and endorse data with first;
Decryption unit, is used for deciphering described encryption data, and obtains solving ciphertext data;
Endorse unit, obtain second for process that described solution ciphertext data is endorsed and endorse data;
Authentication unit, for verifying the concordance of described first, second two data of endorsing.
A kind of data sending device to be verified, including:
Acquiring unit, for obtaining the data to be verified of user's input;
Ciphering unit, is used for encrypting described data to be verified and forms encryption data and send;
Endorse unit, form, for process that described data to be verified are endorsed, Data Concurrent of endorsing and send.
At least one technical scheme above-mentioned that the embodiment of the present application uses can reach following beneficial effect: system
By receiving the encryption data by same data genaration and data of endorsing, then described encryption data is solved
The process that carries out again after close process endorsing obtains another data of endorsing, then verifies that the concordance of two data of endorsing can
Know in data transmission procedure and whether make mistakes, solve data in prior art and transmit through non-secure domains, locate
After reason, data receiver's cannot verify data to wrong problem.
Accompanying drawing explanation
Accompanying drawing described herein is used for providing further understanding of the present application, constitutes of the application
Point, the schematic description and description of the application is used for explaining the application, is not intended that to the application not
Work as restriction.In the accompanying drawings:
The data receiver verification method flow chart that Fig. 1 provides for the embodiment of the present application one;
The data transmission method for uplink flow chart to be verified that Fig. 2 provides for the embodiment of the present application two;
The data receiver checking device schematic diagram that Fig. 3 provides for the embodiment of the present application three;
The data sending device schematic diagram to be verified that Fig. 4 provides for the embodiment of the present application four;
Data sampling and processing that Fig. 5 provides for the embodiment of the present application five, checking flow chart.
Detailed description of the invention
For making the purpose of the application, technical scheme and advantage clearer, specifically real below in conjunction with the application
Execute example and technical scheme is clearly and completely described by corresponding accompanying drawing.Obviously, described
Embodiment is only some embodiments of the present application rather than whole embodiments.Based on the enforcement in the application
Example, the every other enforcement that those of ordinary skill in the art are obtained under not making creative work premise
Example, broadly falls into the scope of the application protection.
Below in conjunction with accompanying drawing, describe the technical scheme that each embodiment of the application provides in detail.
Embodiment 1
The data receiver verification method flow process that Fig. 1 provides for the embodiment of the present application one, is primarily referred to as being positioned at safety
The data receiver in territory receives from the data of non-secure domains the method that carries out verification process, specifically include with
Lower step:
S101: receive encryption data and endorse data with first.
Described encryption data is all by the data acquisition transmitting terminal being positioned at non-secure domains with the first data of endorsing
The same data genaration gathered, the data of described collection are generally the data of important sensitivity, as fiscard is believed
Breath etc..Receive described encryption data and be positioned at security domain, described encryption number with the first receiving terminal endorsing data
According to the first data of endorsing from transmitting terminal to receiving terminal, in non-secure domains, carried out transmission, processed.
The executive agent of this step is generally positioned at particular server or the PC of security domain.Described reception
End generally service end, needs the user data to gathering to carry out verification process.As in Third-party payment scene
In, Third-party payment platform is positioned at the server of security domain and needs to receive from paying user mobile whole
The financial card information etc. of input on end or PC webpage.
S102: decipher described encryption data and obtain solving ciphertext data.
This step refers to that the decryption system in calling system is decrypted operation and obtains described encryption data
Solve ciphertext data, the data phase of user's input that described solution ciphertext data and described data acquisition transmitting terminal collect
With.
S103: described solution ciphertext data is carried out pretreatment operation.
This step refers to carry out pretreatment operation for the described data decrypted, and it is right that described pretreatment refers to
Described solution ciphertext data is carried out organizing by uniform rules and the pretreatment such as sequence, as to solving ciphertext data key value to shape
Formula carries out data tissue, obtains the solution ciphertext data through data tissue;Then according to described key-value pair to described
Solution ciphertext data through data tissue is ranked up processing.
Described first data of endorsing, before data acquisition transmitting terminal carries out endorsing operation, have been also carried out same
Pretreatment operation.
This step is optional step in this application, it is also possible to need not data are carried out pretreatment operation,
And the process that directly carries out endorsing, and the mode of deciphering data prediction can be become because of different application scenarios
Change.
S104: obtain second to described endorse data through the process of endorsing of pretreated solution ciphertext data.
The process of endorsing of this step refers to utilize non-reversible algorithm to described through pretreated solution ciphertext data
Carry out endorsing process obtain second and endorse data, and described non-reversible algorithm refers to Secure Hash Algorithm (Secure
Hash Algorithm, SHA), Message Digest 5 (Message Digest Algorithm, MD5) etc..
Described first data of endorsing also use same irreversible algorithm of endorsing at data acquisition transmitting terminal and enter
Capable process of endorsing.
S105: the concordance of first, second two data of endorsing of checking.
Verify the concordance of described first, second two data of endorsing, it can be determined that described encryption data,
One endorses whether there occurs the problem that data are modified in data transmission in non-secure domains, processing procedure,
System is allowed to can interpolate that the accuracy of data and to determine next step handling process.
The two is mainly compared by checking first, second data of endorsing:
When two comparings of endorsing are identical, continue follow-up processing flow, continue follow-up flow process third party
Pay in application scenarios, be directed to bank send described in endorse data being traded with bank;
When two endorse comparing difference time, then illustrate the transmitting procedure of data makes a mistake, it should
3rd payment platform terminates follow-up flow process, and sends bomp information.
Embodiment 2
The data transmission method for uplink flow process to be verified that Fig. 2 provides for the embodiment of the present application two, is primarily referred to as being positioned at non-
The method that the user data collected is processed and sends by the data acquisition transmitting terminal in security domain, specifically
Comprise the following steps:
S201: obtain the data to be verified of user's input.
Described data acquisition transmitting terminal refers to run on the web browser in mobile terminal, PC, in institute
State web browser deployment script language Javascript assembly.
First this step pushes specific webpage to user;Then, use is obtained by script JavaScript
The fiscard data that family inputs in described specific webpage are as data to be verified, due to JavaScript assembly portion
Affix one's name in terminal, and the fiscard data to be verified of user's input that JavaScript assembly collects will not pass
Pass the system in non-secure domains.
S202: encrypt described data to be verified and form encryption data and send.
Data encryption system is deployed in security domain, owing to data acquisition transmitting terminal is positioned at non-secure domains, institute
State when described data to be verified are encrypted, gather transmitting terminal and use pattern JSONP, call security domain
Described data to be verified are encrypted by interior data encryption system, generate encryption data, then by institute
State encryption data and be sent to be positioned at the recipient of security domain.
S203: described data to be verified are carried out pretreatment operation.
Pretreatment operation rule in this step is with the pretreatment in embodiment one carried out described solution ciphertext data
Operation rules is the same, i.e. organizes described data to be verified by uniform rules and the pre-place such as sequence
Reason, as data key value to be verified is carried out data tissue to form, obtain through data tissue is to be verified
Data;Then according to described key-value pair to described through data tissue represent certificate data be ranked up place
Reason.
But the pretreatment operation difference in this step is: pretreatment operation is by being positioned at web browser
Script JavaScript carry out.
The pretreatment operation of this step is optional step in this application, it is also possible to need not number to be verified
According to carrying out pretreatment operation, and the process that directly carries out endorsing, and can be because of to the mode of data prediction to be verified
Different application scenarios and change.But the pretreatment operation in this step and the pretreatment operation in embodiment one
Corresponding.
S204: formed to described endorse Data Concurrent through the process of endorsing of pretreated data to be verified
Send.
The data to be verified carrying out endorsing in this step be step S201 collects user input to be tested
One in pretreated data to be verified in card data or S203.
Described solution ciphertext data is added in step S104 in embodiment one by the processing procedure of endorsing of this step
The method that label process is identical, i.e. endorses described data to be verified process shape first with non-reversible algorithm
Become data of endorsing;Then, described data of endorsing are sent to be positioned at the recipient of security domain.
Described non-reversible algorithm refers to Secure Hash Algorithm (Secure Hash Algorithm, SHA), message
Digest algorithm (Message Digest Algorithm, MD5) etc..
Embodiment 3
The data receiver checking device that Fig. 3 provides for the embodiment of the present application three, is primarily referred to as being positioned at security domain
Data receiver receives from the data of non-secure domains and carries out the device of verification process, specifically includes:
Receive unit 301, be used for receiving encryption data and endorse data with first;
Decryption unit 302, is used for deciphering described encryption data, and obtains solving ciphertext data;
Pretreatment unit 303, for carrying out pretreatment operation to described solution ciphertext data;
Endorse unit 304, processes for described solution ciphertext data after pretreatment operation is endorsed
Endorse data to second;
Authentication unit 305, for verifying the concordance of described first, second two data of endorsing.
The encryption data that described reception unit 301 receives is all by being positioned at non-secure domains with the first data of endorsing
The same data genaration that gathers of data acquisition transmitting terminal, the data of described collection are generally important sensitivity
Data, such as financial card information etc..Receive described encryption data and be positioned at safety with the first receiving terminal endorsing data
In territory, described encryption data and the first data of endorsing, from transmitting terminal to receiving terminal, are carried out in non-secure domains
Transmission, process.
This device is positioned on particular server or the PC of security domain.This device is positioned at service end, needs
The user data gathered is carried out verification process.As in Third-party payment scene, Third-party payment platform position
Server in security domain needs to receive from paying what user inputted on mobile terminal or PC webpage
Financial card information etc..
Described decryption unit 302 refers to that the decryption system in calling system is decrypted behaviour to described encryption data
Make and obtain to solve ciphertext data, user's input that described solution ciphertext data and described data acquisition transmitting terminal collect
Data are identical.
Described pretreatment unit 303 refers to organize described solution ciphertext data by uniform rules and sequence etc. is pre-
Process, as solution ciphertext data key value is carried out data tissue to form, obtain the deciphering number through data tissue
According to;Then it is ranked up processing to the described solution ciphertext data through data tissue according to described key-value pair.
Described first data of endorsing, before data acquisition transmitting terminal carries out endorsing operation, have been also carried out same
Pretreatment operation.
Described pretreatment unit 303 is unnecessary devices in this application, in actual treatment, it is also possible to no
Need data are carried out pretreatment operation, and directly carried out endorsing process by unit 303 of endorsing, and to deciphering
The mode of data prediction can change because of different application scenarios.
Described unit 304 of endorsing utilizes non-reversible algorithm to add through pretreated solution ciphertext data described
Label process and obtain second and endorse data, and described non-reversible algorithm refers to Secure Hash Algorithm (Secure Hash
Algorithm, SHA), Message Digest 5 (Message Digest Algorithm, MD5) etc..
Described first data of endorsing also use same irreversible algorithm of endorsing at data acquisition transmitting terminal and enter
Capable process of endorsing.
Described authentication unit 305 verifies the concordance of described first, second two data of endorsing, and thus sentences
Disconnected described encryption data, first endorse whether data transmission in non-secure domains, processing procedure there occurs
The problem that data are modified, allows system can interpolate that the accuracy of data and to determine next step handling process.
Described authentication unit 305 verifies that the two is mainly compared by first, second data of endorsing:
When two comparings of endorsing are identical, continue follow-up processing flow, continue follow-up flow process third party
Pay in application scenarios, be directed to bank send described in endorse data being traded with bank;
When two endorse comparing difference time, then illustrate the transmitting procedure of data makes a mistake, it should
3rd payment platform terminates follow-up flow process, and sends bomp information.
Embodiment 4
The data sending device to be verified that Fig. 4 provides for the embodiment of the present application four, is primarily referred to as being positioned at non-security
The method that the user data collected is processed and sends by the data acquisition transmitting terminal in territory, specifically wraps
Include:
Acquiring unit 401, for obtaining the data to be verified of user's input;
Ciphering unit 402, is used for encrypting described data to be verified and forms encryption data and send;
Pretreatment unit 403, for carrying out pretreatment operation to described data to be verified;
Endorse unit 404, for described after pretreatment operation data to be verified endorse process shape
Data Concurrent of endorsing is become to send.
Described data acquisition transmitting terminal refers to run on the web browser in mobile terminal, PC, in institute
State web browser deployment script language Javascript assembly.
First described acquiring unit 401 pushes specific webpage to user;Then, script is passed through
JavaScript obtains fiscard data that user inputs in described specific webpage as data to be verified, due to
JavaScript deployment of components is in terminal, and the gold to be verified of user's input that JavaScript assembly collects
Melt the system that card data are not transferred in non-secure domains.
Data encryption system is deployed in security domain, owing to data acquisition transmitting terminal is positioned at non-secure domains, institute
State ciphering unit 402 when described data to be verified are encrypted, gather transmitting terminal and use pattern
JSONP, described data to be verified are encrypted by the data encryption system called in security domain, generate
Encryption data, is then sent to be positioned at the recipient of security domain by described encryption data.
Described solution ciphertext data is carried out by the pretreatment operation rule of described pretreatment unit 403 with in embodiment three
Pretreatment operation rule be the same, i.e. described data to be verified organized by uniform rules and sort
Deng pretreatment, as data key value to be verified is carried out data tissue to form, obtain through data tissue
Data to be verified;Then represent certificate data through data tissue according to described key-value pair arrange described
Sequence processes.
But the pretreatment operation difference of this device is: pretreatment operation is by being positioned at web browser
Script JavaScript is carried out.
The pretreatment unit 403 of the application is unnecessary devices, it is also possible to need not carry out data to be verified
Pretreatment operation, and directly carried out endorsing process by unit 404 of endorsing, and to data prediction to be verified
Mode can change because of different application scenarios.
That described unit 404 of endorsing carries out endorsing but checking data are that the user that acquiring unit 401 collects is defeated
The data to be verified entered or the pretreatment unit 403 one in pretreated data to be verified.
The unit 304 of endorsing endorsed in processing procedure and embodiment three of described unit 404 of endorsing is to described solution
What ciphertext data was carried out endorse, and process is identical, i.e. endorses described data to be verified first with non-reversible algorithm
Process and form data of endorsing;Then, described data of endorsing are sent to be positioned at the recipient of security domain.
Described non-reversible algorithm refers to Secure Hash Algorithm (Secure Hash Algorithm, SHA), message
Digest algorithm (Message Digest Algorithm, MD5) etc..
Embodiment 5
Data sampling and processing that Fig. 5 provides for the embodiment of the present application five, checking flow chart, be primarily referred to as knot
Conjunction embodiment one, embodiment two, in one, are described in data acquisition transmitting terminal, the non-secure domains of transmission, peace
The whole flow chart of data processing of the reception verifying end in universe.
The present embodiment is at user terminal, namely data acquisition transmitting terminal collects the fiscard number of user's input
According to, user terminal is encrypted acquisition encryption data S1 and through non-secure domains to described fiscard data
The receiving terminal being transferred in security domain.The most described user terminal also carries out pretreatment to described fiscard data
The process acquisition that carries out after operation endorsing is endorsed data S2, and described data S2 of endorsing is passed via non-secure domains
It is defeated by receiving terminal.
Described encryption data S1, data S2 of endorsing arrive security domain after the transmission, process of non-secure domains
Interior receiving terminal;Receiving terminal carry out after first deciphering described encryption data S1 with identical pre-of user terminal
The process that carries out endorsing after processing operation obtains another data S3 of endorsing;Finally, in receiving terminal comparison said two
Endorse data S2, S3.
It should be noted that the executive agent of each step of embodiment 1, the provided method of embodiment 2
To be same equipment, or, the method also by distinct device as executive agent.
Those skilled in the art are it should be appreciated that embodiments of the invention can be provided as method, system or meter
Calculation machine program product.Therefore, the present invention can use complete hardware embodiment, complete software implementation or knot
The form of the embodiment in terms of conjunction software and hardware.And, the present invention can use and wherein wrap one or more
Computer-usable storage medium containing computer usable program code (include but not limited to disk memory,
CD-ROM, optical memory etc.) form of the upper computer program implemented.
The present invention is with reference to method, equipment (system) and computer program product according to embodiments of the present invention
The flow chart of product and/or block diagram describe.It should be understood that can by computer program instructions flowchart and
/ or block diagram in each flow process and/or flow process in square frame and flow chart and/or block diagram and/
Or the combination of square frame.These computer program instructions can be provided to general purpose computer, special-purpose computer, embedding
The processor of formula datatron or other programmable data processing device is to produce a machine so that by calculating
The instruction that the processor of machine or other programmable data processing device performs produces for realizing at flow chart one
The device of the function specified in individual flow process or multiple flow process and/or one square frame of block diagram or multiple square frame.
These computer program instructions may be alternatively stored in and computer or the process of other programmable datas can be guided to set
In the standby computer-readable memory worked in a specific way so that be stored in this computer-readable memory
Instruction produce and include the manufacture of command device, this command device realizes in one flow process or multiple of flow chart
The function specified in flow process and/or one square frame of block diagram or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, makes
Sequence of operations step must be performed to produce computer implemented place on computer or other programmable devices
Reason, thus the instruction performed on computer or other programmable devices provides for realizing flow chart one
The step of the function specified in flow process or multiple flow process and/or one square frame of block diagram or multiple square frame.
In a typical configuration, calculating equipment includes one or more processor (CPU), input/defeated
Outgoing interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory
(RAM) and/or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM).
Internal memory is the example of computer-readable medium.
Computer-readable medium includes that removable media permanent and non-permanent, removable and non-can be by appointing
Where method or technology realize information storage.Information can be computer-readable instruction, data structure, program
Module or other data.The example of the storage medium of computer includes, but are not limited to phase transition internal memory
(PRAM), static RAM (SRAM), dynamic random access memory (DRAM), its
The random access memory (RAM) of his type, read only memory (ROM), electrically erasable are read-only
Memorizer (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read only memory
(CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassette tape, tape magnetic
Disk storage or other magnetic storage apparatus or any other non-transmission medium, can be used for storage can be calculated
The information that equipment accesses.According to defining herein, computer-readable medium does not include temporary computer-readable matchmaker
Body (transitory media), such as data signal and the carrier wave of modulation.
Also, it should be noted term " includes ", " comprising " or its any other variant are intended to non-
Comprising of exclusiveness, so that include that the process of a series of key element, method, commodity or equipment not only wrap
Include those key elements, but also include other key elements being not expressly set out, or also include for this process,
The key element that method, commodity or equipment are intrinsic.In the case of there is no more restriction, statement " include
One ... " key element that limits, it is not excluded that including the process of described key element, method, commodity or setting
Other identical element is there is also in Bei.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer journey
Sequence product.Therefore, the application can use complete hardware embodiment, complete software implementation or combine software and
The form of the embodiment of hardware aspect.And, the application can use and wherein include calculating one or more
The computer-usable storage medium of machine usable program code (include but not limited to disk memory, CD-ROM,
Optical memory etc.) form of the upper computer program implemented.
The foregoing is only embodiments herein, be not limited to the application.For this area skill
For art personnel, the application can have various modifications and variations.All institutes within spirit herein and principle
Any modification, equivalent substitution and improvement etc. made, within the scope of should be included in claims hereof.
Claims (24)
1. a data receiver verification method, it is characterised in that including:
Receive encryption data to endorse data with first;
Decipher described encryption data to obtain solving ciphertext data;
Process of endorsing described solution ciphertext data obtains second and endorses data;
Verify the concordance of first, second two data of endorsing.
2. the method for claim 1, it is characterised in that described encryption data and first is endorsed number
According to all being transmitted via non-secure domains.
3. the method for claim 1, it is characterised in that described encryption data and first is endorsed number
According to being the same data genaration according to user's input.
4. the method for claim 1, it is characterised in that the described first data of endorsing are endorsed
Before process, described solution ciphertext data carries out endorsing and all carried out identical pretreatment operation before process.
5. method as claimed in claim 4, it is characterised in that described pretreatment operation, including:
Pending data key value is carried out data tissue to form, obtains the data through data tissue;
It is ranked up processing to the described data through data tissue according to described key-value pair.
6. the method as described in any one of claim 1-5, it is characterised in that described solution ciphertext data is entered
Row process of endorsing obtains second and endorses data, including:
By utilizing non-reversible algorithm described solution ciphertext data to be endorsed process, generate second and endorse data.
7. method as claimed in claim 6, it is characterised in that the described first data of endorsing are to use institute
State what non-reversible algorithm obtained.
8. method as claimed in claim 7, it is characterised in that verify first, second two numbers of endorsing
According to concordance, including:
Contrast two data of endorsing the most identical:
When two data of endorsing are identical, continue follow-up processing flow;
When two endorse data difference time, send bomp information.
9. a data transmission method for uplink to be verified, it is characterised in that including:
Obtain the data to be verified of user's input;
Encrypt described data to be verified form encryption data and send;
Process of endorsing described data to be verified forms Data Concurrent of endorsing and send.
10. method as claimed in claim 9, it is characterised in that obtain the data to be verified of user's input,
Including:
Specific webpage is pushed to user;
The fiscard data conduct that user inputs is obtained in described specific webpage by script JavaScript
Data to be verified.
11. methods as described in claim 9 or 10, it is characterised in that encrypt described data to be verified
Form encryption data and send, including:
Use pattern JSONP, described data to be verified are added by the data encryption system called in security domain
Close process, generates encryption data;
Described encryption data is sent to be positioned at the recipient of security domain.
12. methods as claimed in claim 9, it is characterised in that described data to be verified are endorsed
Process forms Data Concurrent of endorsing and send, including:
By script JavaScript, described data key value to be verified is carried out data tissue to form,
Obtain the data to be verified through data tissue;
According to described key-value pair, it is ranked up the described data to be verified through data tissue processing, obtains
Data to be endorsed;
Utilize non-reversible algorithm that described data to be endorsed are endorsed process and form data of endorsing;
Described data of endorsing are sent to be positioned at the recipient of security domain.
13. 1 kinds of data receiver checking devices, it is characterised in that including:
Receive unit, be used for receiving encryption data and endorse data with first;
Decryption unit, is used for deciphering described encryption data, and obtains solving ciphertext data;
Endorse unit, obtain second for process that described solution ciphertext data is endorsed and endorse data;
Authentication unit, for verifying the concordance of described first, second two data of endorsing.
14. devices as claimed in claim 13, it is characterised in that described encryption data and first is endorsed
Data are all transmitted via non-secure domains.
15. devices as claimed in claim 13, it is characterised in that described encryption data and first is endorsed
Data are the same data genaration according to user's input.
16. devices as claimed in claim 13, it is characterised in that described device also includes:
Pretreatment unit, the data before data of endorsing to described first endorse process, described solution
The ciphertext data data before processing that carry out endorsing carry out pretreatment operation.
17. devices as claimed in claim 16, it is characterised in that described pretreatment unit, for right
Described first data carry out the endorsing pending data before processing, described solution ciphertext data of endorsing carries out the place that endorses
Pending data before reason carry out pretreatment operation, including:
Pending data key value is carried out data tissue to form, obtains the data through data tissue;
It is ranked up processing to the described data through data tissue according to described key-value pair.
18. devices as described in any one of claim 13-17, it is characterised in that described in endorse unit,
Obtain second for process that described solution ciphertext data is endorsed to endorse data, including:
By utilizing non-reversible algorithm described solution ciphertext data to be endorsed process, generate second and endorse data.
19. devices as claimed in claim 18, it is characterised in that described first endorse data be use
Described non-reversible algorithm obtains.
20. devices as claimed in claim 19, it is characterised in that described authentication unit, are used for verifying
The concordance of first, second two data of endorsing, including:
Contrast two data of endorsing the most identical:
When two data of endorsing are identical, continue follow-up processing flow;
When two endorse data difference time, send bomp information.
21. 1 kinds of data sending devices to be verified, it is characterised in that including:
Acquiring unit, for obtaining the data to be verified of user's input;
Ciphering unit, is used for encrypting described data to be verified and forms encryption data and send;
Endorse unit, form, for process that described data to be verified are endorsed, Data Concurrent of endorsing and send.
22. devices as claimed in claim 21, it is characterised in that described acquiring unit, are used for obtaining
The data to be verified of user's input, including:
Specific webpage is pushed to user;
The fiscard data conduct that user inputs is obtained in described specific webpage by script JavaScript
Data to be verified.
23. devices as described in claim 21 or 22, it is characterised in that described ciphering unit, are used for
Encrypt described data to be verified form encryption data and send, including:
Use pattern JSONP, described data to be verified are added by the data encryption system called in security domain
Close process, generates encryption data;
Described encryption data is sent to be positioned at the recipient of security domain.
24. devices as claimed in claim 21, it is characterised in that described in endorse unit, for institute
State the data to be verified process that carries out endorsing to form Data Concurrent of endorsing and send, including:
By script JavaScript, described data key value to be verified is carried out data tissue to form,
Obtain the data to be verified through data tissue;
According to described key-value pair, it is ranked up the described data to be verified through data tissue processing, obtains
Data to be endorsed;
Utilize non-reversible algorithm that described data to be endorsed are endorsed process and form data of endorsing;
Described data of endorsing are sent to be positioned at the recipient of security domain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510082737.7A CN105991284B (en) | 2015-02-15 | 2015-02-15 | A kind of data transmission, data receiver verification method and device to be verified |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510082737.7A CN105991284B (en) | 2015-02-15 | 2015-02-15 | A kind of data transmission, data receiver verification method and device to be verified |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105991284A true CN105991284A (en) | 2016-10-05 |
| CN105991284B CN105991284B (en) | 2019-08-09 |
Family
ID=57041391
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510082737.7A Active CN105991284B (en) | 2015-02-15 | 2015-02-15 | A kind of data transmission, data receiver verification method and device to be verified |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105991284B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109636948A (en) * | 2019-01-31 | 2019-04-16 | 上海易点时空网络有限公司 | Data processing method and device based on onboard system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102956000A (en) * | 2011-08-18 | 2013-03-06 | 招商银行股份有限公司 | Method and device for payment intermediation transaction data processing and payment intermediation network system |
| CN103942687A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
| CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
| CN104200177A (en) * | 2014-09-12 | 2014-12-10 | 罗满清 | Mobile medical sensitive data encryption method |
-
2015
- 2015-02-15 CN CN201510082737.7A patent/CN105991284B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102956000A (en) * | 2011-08-18 | 2013-03-06 | 招商银行股份有限公司 | Method and device for payment intermediation transaction data processing and payment intermediation network system |
| CN103942687A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
| CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
| CN104200177A (en) * | 2014-09-12 | 2014-12-10 | 罗满清 | Mobile medical sensitive data encryption method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109636948A (en) * | 2019-01-31 | 2019-04-16 | 上海易点时空网络有限公司 | Data processing method and device based on onboard system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105991284B (en) | 2019-08-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11651082B2 (en) | Blockchain applicability framework | |
| CN111247511B (en) | System and method for aggregating authentication-determined client data and network data | |
| EP3610622B1 (en) | Location-based detection of unauthorized use of interactive computing environment functions | |
| CN106506146A (en) | Based on the Transaction Information method of calibration of block chain technology, apparatus and system | |
| CN112132198A (en) | Data processing method, device and system and server | |
| US20160028735A1 (en) | Private analytics with controlled information disclosure | |
| CN108347361B (en) | Application program testing method and device, computer equipment and storage medium | |
| US8683563B1 (en) | Soft token posture assessment | |
| CA3166439A1 (en) | Blockchain cybersecurity solutions | |
| Bowers et al. | Characterizing security and privacy practices in emerging digital credit applications | |
| CN111431918B (en) | Method and system for determining state label of target user based on block chain | |
| CN112182509A (en) | Method, device and equipment for detecting abnormity of compliance data | |
| CN105991284A (en) | Method and apparatus for sending to-be-verified data, and data receiving verification method and apparatus | |
| Jadwani et al. | 22 Cybersecurity Techniques for Business and Finance Systems | |
| CN113114681B (en) | Test message processing method, device, computer system and readable storage medium | |
| KR20160123416A (en) | Information security device, terminal, network having information security system and terminal | |
| CN114553516A (en) | Data processing method, device and equipment | |
| Zafir et al. | Enhancing security of internet of robotic things: A review of recent trends, practices, and recommendations with encryption and blockchain techniques | |
| Mohamed et al. | Protecting wireless data transmission in mobile application systems using digital watermarking technique | |
| Shin et al. | An Investigation of PSA Certified | |
| Iqbal et al. | Bridging Two Worlds: Framework for Secure Implementation of Blockchain Oracles | |
| Forsberg | Penetration Testing and PrivacyAssessment of Top-RankedHealth and Fitness Apps: An Empirical Study | |
| CN110381452A (en) | The anti-sniff method of GMS short message, terminal and server | |
| Jain et al. | Detection of SQLite Database Vulnerabilities in Android Apps | |
| CN114124542B (en) | Method for exporting confidential data to shared security area after approval by research and development network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200921 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200921 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman, British Islands Patentee after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: Alibaba Group Holding Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240219 Address after: Guohao Times City # 20-01, 128 Meizhi Road, Singapore Patentee after: Advanced Nova Technology (Singapore) Holdings Ltd. Country or region after: Singapore Address before: Ky1-9008 business centre, 27 Hospital Road, Georgetown, grand caiman, UK Patentee before: Innovative advanced technology Co.,Ltd. Country or region before: Cayman Islands |
|
| TR01 | Transfer of patent right |