CN106027563A - Sensitive data encryption and decryption device and method, and transaction system - Google Patents
Sensitive data encryption and decryption device and method, and transaction system Download PDFInfo
- Publication number
- CN106027563A CN106027563A CN201610535368.7A CN201610535368A CN106027563A CN 106027563 A CN106027563 A CN 106027563A CN 201610535368 A CN201610535368 A CN 201610535368A CN 106027563 A CN106027563 A CN 106027563A
- Authority
- CN
- China
- Prior art keywords
- sensitive data
- data
- sensitive
- ciphering
- control instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Abstract
The invention belongs to the technical field of transaction data processing, and discloses a sensitive data encryption and decryption device and method, and a transaction system. The device is arranged between a server and a sensitive database in a connected manner, and comprises a monitoring unit, an encryption unit, and a decryption unit, wherein the monitoring unit is used for monitoring a data operation type of a user on the server, and correspondingly generating and outputting a first control command indicating encryption of sensitive data or a second control command indicating decryption of the sensitive data; the encryption unit is used for extracting the sensitive data associated with data operation and carrying out the encryption according to the first control command, and sending the sensitive data to the sensitive database; the decryption unit is used for extracting the sensitive data associated with the data operation and carrying out the decryption according to the second control command, and sending the sensitive data to the server. The method correspondingly comprises an encryption process and a decryption process. The sensitive data encryption and decryption device and method and the transaction system adopting the technical scheme have the beneficial effects that under the premise of ensured cost performance, an overall sensitive data encryption, decryption and modification scheme is provided, and a current transaction business line is not affected.
Description
Technical field
The present invention relates to transaction data processing technology field, particularly relate to a kind of sensitive data ciphering and deciphering device, method and transaction system.
Background technology
Along with the quick growth of transaction business amount, the order data of transaction system produces the most in a large number, the continuous lifting that simultaneous information security needs.Such as; in numerous order data that transaction system produces; there is more sensitive data; the information such as the personal information of such as both parties, bank account information and transaction record; these sensitive datas need to obtain the strictest data security protecting during transmission of transaction data, it should do one's utmost to avoid these sensitive datas to leak.
In the prior art, sensitive data preserving type in data base is usually plain code and preserves, and for the sake of security, needs to be encrypted sensitive data between preserving.And owing to needing to ensure load and the stability of transaction system, therefore the correlation module for service line each in transaction system uses distributed structure/architecture to realize, therefore for the safeguard protection of these sensitive datas, respectively its correlation module would generally be done safe handling and the encryption of sensitive data for each transaction business line, the most relatively time-consuming arduously, relatively costly, and it is easy to omit modifying point, data safety coefficient is not enough, and owing to being in data are cried, sensitive data to be encrypted specially, system burden can be increased, and user cannot be made to start encryption or the program of deciphering while accessing the sensitive data of oneself.
Summary of the invention
According to the above-mentioned problems in the prior art, a kind of sensitive data ciphering and deciphering device, method and the technical scheme of transaction system are now provided, sensitive data encryption and decryption and the scheme of amendment of a kind of overall situation are provided in the case of being meant to ensure that cost performance, do not affect existing transaction business line simultaneously.
Technique scheme specifically includes:
A kind of sensitive data ciphering and deciphering device, it is adaptable in a trade managing system;Wherein, described sensitive data ciphering and deciphering device is arranged between a service end and a sensitive database, and described service end carries out the data manipulation of sensitive data for user, and described sensitive database is used for preserving described sensitive data;
Described sensitive data ciphering and deciphering device includes:
Monitoring unit, for monitoring the action type of the data manipulation that user is carried out in described service end, and generate and export the second control instruction representing that described sensitive data is decrypted by the first control instruction being encrypted described sensitive data or expression according to described action type;
Ciphering unit, connect described monitoring unit, for described first control instruction issued according to described monitoring unit, extract the described sensitive data being associated with described data manipulation of described service end transmission and be encrypted, the described sensitive data through encryption is sent to the preservation of described sensitive database;
Decryption unit, connect described monitoring unit, for described second control instruction issued according to described monitoring unit, extract the described sensitive data being associated with described data manipulation preserved in described sensitive database and be decrypted, the described sensitive data through deciphering is sent to described service end.
Preferably, this sensitive data ciphering and deciphering device, wherein, described monitoring unit monitoring user carries out the described action type of data manipulation, and in described action type for generate when described service end increases described sensitive data newly and to export described first control instruction.
Preferably, this sensitive data ciphering and deciphering device, wherein, described monitoring unit monitoring user carries out the described action type of data manipulation, and in described action type for generating and export described first control instruction when described service end revises described sensitive data.
Preferably, this sensitive data ciphering and deciphering device, wherein, described monitoring unit monitoring user carries out the described action type of data manipulation, and generates and export described second control instruction when described action type is and consults the described sensitive data preserved in described sensitive database.
Preferably, this sensitive data ciphering and deciphering device, wherein, described ciphering unit includes:
First receiver module, for receiving described first control instruction of described monitoring unit output, resolves described first control instruction and exports;
Encrypting module, connect described first receiver module, for according to described first control instruction through resolving, extracting the described sensitive data being associated with described data manipulation of described service end transmission and be encrypted, the described sensitive data through encryption is sent to the preservation of described sensitive database.
Preferably, this sensitive data ciphering and deciphering device, wherein, described decryption unit includes:
Second receiver module, for receiving described second control instruction of described monitoring unit output, resolves described second control instruction and exports;
Decryption unit, connect described second receiver module, for according to described second control instruction through resolving, extracting the described sensitive data being associated with described data manipulation preserved in described sensitive database and be decrypted, the described sensitive data through deciphering is sent to described service end.
A kind of sensitive data encipher-decipher method, it is adaptable to transaction system;Wherein, arranging a sensitive data ciphering and deciphering device between a service end and a sensitive database, described service end carries out the data manipulation of sensitive data for user, and described sensitive database is used for preserving described sensitive data, also includes ciphering process and decrypting process;
Described ciphering process includes:
Step S1a, described sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that described sensitive data is carried out in described service end;
Step S2a, described sensitive data ciphering and deciphering device generates according to described action type and exports and represents the first control instruction being encrypted described sensitive data;
Step S3a, described sensitive data ciphering and deciphering device extracts the described sensitive data being associated with described data manipulation of described service end transmission according to described first control instruction and is encrypted, and sends the described sensitive data through encryption to the preservation of described sensitive database;
Described decrypting process includes:
Step S1b, described sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that described sensitive data is carried out in described service end;
Step S2b, described sensitive data ciphering and deciphering device generates according to described action type and exports and represents the second control instruction being decrypted described sensitive data;
Step S3b, described sensitive data ciphering and deciphering device extracts the described sensitive data being associated with described data manipulation preserved in described sensitive database according to described second control instruction and is decrypted, and sends the described sensitive data through deciphering to described service end.
Preferably, this sensitive data encipher-decipher method, wherein, in described step S1a, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and in described action type for generate when described service end increases described sensitive data newly and to export described first control instruction.
Preferably, this sensitive data encipher-decipher method, wherein, in described step S1a, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and generates and export described first control instruction in described action type constantly for revising described sensitive data in described service end.
Preferably, this sensitive data encipher-decipher method, wherein, in described step S1b, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and generates and export described second control instruction when described action type is and consults the described sensitive data preserved in described sensitive database.
A kind of transaction system, wherein, including above-mentioned sensitive data ciphering and deciphering device.
A kind of transaction system, wherein, uses above-mentioned sensitive data encipher-decipher method.
Technique scheme provides the benefit that:
1) a kind of sensitive data ciphering and deciphering device is provided, it is possible to sensitive data encryption and decryption and the scheme of amendment of a kind of overall situation are provided in the case of ensureing cost performance, do not affect existing transaction business line simultaneously;
2) a kind of sensitive data encipher-decipher method is provided, it would be preferable to support said apparatus is properly functioning.
Accompanying drawing explanation
Fig. 1 is in the preferred embodiment of the present invention, the population structure schematic diagram of a kind of sensitive data ciphering and deciphering device;
Fig. 2-3 is in the preferred embodiment of the present invention, on the basis of Fig. 1, and the clustered architecture schematic diagram of sensitive data ciphering and deciphering device;
Fig. 4-5 is in the preferred embodiment of the present invention, the schematic flow sheet of a kind of sensitive data encipher-decipher method.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art are obtained on the premise of not making creative work, broadly fall into the scope of protection of the invention.
It should be noted that in the case of not conflicting, the embodiment in the present invention and the feature in embodiment can be mutually combined.
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as limiting to the invention.
In the preferred embodiment of the present invention, based on the above-mentioned problems in the prior art, a kind of sensitive data ciphering and deciphering device of existing offer, this device is be applicable to a trade managing system.So-called transaction system, refers to that being supplied to both parties carries out transaction data process and the system of order processing of business transaction, exists the transaction system of more multi-form, does not repeats them here in prior art.
Then in the preferred embodiment of the present invention, as it is shown in figure 1, above-mentioned sensitive data ciphering and deciphering device A is arranged between service end B and a sensitive database C.Specifically, service end B is supplied to the function that sensitive data is operated by user, such as to newly-increased sensitive data, revise sensitive data and consult sensitive data etc..Above-mentioned sensitive database C preserves above-mentioned sensitive data.Therefore, it practice, above-mentioned service end B and above-mentioned sensitive database C carry out data interaction by sensitive data ciphering and deciphering device A.
Then in the preferred embodiment of the present invention, also shown in FIG. 1, above-mentioned sensitive data ciphering and deciphering device A includes:
Monitoring unit A1, for monitoring the action type of the data manipulation that user is carried out in service end B, and generate and export the second control instruction representing that sensitive data is decrypted by the first control instruction being encrypted sensitive data or expression according to action type;
Ciphering unit A2, connects monitoring unit A1, is used for the first control instruction issued according to monitoring unit A1, extracts the sensitive data being associated with data manipulation of service end B transmission and is encrypted, and the sensitive data transmission through encryption is preserved to sensitive database C;
Decryption unit A3, connects monitoring unit A1, for the second control instruction issued according to monitoring unit A1, extracts the sensitive data being associated with data manipulation preserved in sensitive database C and is decrypted, and sends the sensitive data through deciphering to service end B.
Specifically, in above-described embodiment, above-mentioned monitoring unit A1 monitoring user action type to the data manipulation of sensitive data in service end B in, and form and export corresponding first control instruction or the second control instruction according to monitoring the action type obtained:
So-called first control instruction, it can control above-mentioned ciphering unit A2 and perform encryption processing to being associated with the above-mentioned sensitive data in the data manipulation of service end, and send to sensitive database C preservation.Specifically, user can be carried out, by service end B, the sensitive data that data manipulation obtains and is encrypted, will send through the sensitive data of encryption subsequently and preserve to sensitive database C according to the first control instruction by above-mentioned ciphering unit A2.Therefore, the sensitive data preserved in sensitive database C is the data through encryption.
So-called second control instruction, it can control above-mentioned decryption unit A3 and the sensitive data being associated with the above-mentioned data manipulation in service end is performed decryption processing, and send to service end B.Specifically, above-mentioned decryption unit A3 can obtain the corresponding sensitive data through encryption according to the second control instruction, and be decrypted from sensitive database C, sends the sensitive data through encryption to service end B subsequently, carries out data manipulation for user.
In the preferred embodiment of the present invention, monitoring unit A1 monitoring user carries out the action type of data manipulation, and in action type for generate when service end B increases sensitive data newly and to export the first control instruction.
In the preferred embodiment of the present invention, monitoring unit A1 monitoring user carries out the action type of data manipulation, and in action type for generating and export the first control instruction during at service end B amendment sensitive data.
In the preferred embodiment of the present invention, monitoring unit A1 monitoring user carries out the action type of data manipulation, and generates and export the second control instruction when action type is and consults the sensitive data preserved in sensitive database C.
Therefore, in one preferred embodiment of the present invention, above-mentioned monitoring unit A1 has user when performing the operation of newly-increased/amendment sensitive data monitoring in service end B, generate and export the first control instruction, the most above-mentioned ciphering unit A2 obtains the sensitive data increase newly/revised from service end according to this first control instruction, and it is encrypted, will be saved in sensitive database C through the sensitive data of encryption.
Correspondingly, above-mentioned monitoring unit A1 has user when performing to consult sensitive data (i.e. send sensitive data consult request) monitoring in service end B, generate and export the second control instruction, the most above-mentioned decryption unit A3 is transferred in requisition for the sensitive data consulted according to this second control instruction from sensitive database C, and it is decrypted, subsequently the sensitive data transmission through deciphering is consulted for user to service end B.
In the preferred embodiment of the present invention, as in figure 2 it is shown, above-mentioned ciphering unit A2 specifically includes:
First receiver module A21, for receiving the first control instruction of monitoring unit A2 output, resolves the first control instruction and exports;
Encrypting module A22, connects the first receiver module A21, for according to the first control instruction through parsing, extracting the sensitive data being associated with data manipulation of above-mentioned service end B transmission and be encrypted, sends the sensitive data through encryption to sensitive database preservation.
Specifically, in the preferred embodiment of the present invention, in above-mentioned ciphering unit A2, use the first receiver module A21 obtain above-mentioned first control instruction and resolve, will send to above-mentioned encrypting module A22 through the first control instruction resolved subsequently.The sensitive data that service end B is finally increased newly/revises according to above-mentioned the first control instruction through resolving by encrypting module A22 is encrypted, and will preserve subsequently in the sensitive data of encryption sends into sensitive database C.
Similarly, in the preferred embodiment of the present invention, as it is shown on figure 3, above-mentioned decryption unit A3 includes:
Second receiver module A31, for receiving the second control instruction of monitoring unit A1 output, resolves the second control instruction and exports;
Decryption unit A32, connects the second receiver module A31, for according to the second control instruction through resolving, extracting the sensitive data being associated with data manipulation preserved in sensitive database C and be decrypted, sends the sensitive data through deciphering to service end B.
The structure of above-mentioned decryption unit A3 is similar with above-mentioned ciphering unit A2, i.e. uses the second receiver module A21 receive above-mentioned second control instruction and resolve, and will send to above-mentioned deciphering module A22 through the second control instruction resolved.Corresponding sensitive data, according to above-mentioned the second control instruction through resolving, is taken out from sensitive database C and is decrypted by above-mentioned deciphering module A22, sends the sensitive data through deciphering to service end B subsequently.
In the preferred embodiment of the present invention, above-mentioned monitoring unit A1 based on orm mapping framework user-defined dada type, and can call ciphering unit A2 when there is newly-added information (such as increase sensitive data newly or modify original sensitive data) sensitive data being increased newly accordingly or revising be encrypted and be saved in sensitive database C.
In the preferred embodiment of the present invention, above-mentioned decryption unit A3 can call decrypted packet based on oracle needs the sensitive data consulted be decrypted and be back to service end B service end B.
In sum, in technical solution of the present invention, in transaction system, sensitive data ciphering and deciphering device is set between service end and sensitive database, when user carries out data manipulation in service end, sensitive data ciphering and deciphering device monitors the action type of this data manipulation, and according to action type, sensitive data is encrypted/decryption oprerations.Specifically, when action type be the sensitive data to service end increase/revise operation newly time, the sensitive data being increased newly accordingly/revising is encrypted operation by above-mentioned sensitive data ciphering and deciphering device, and sends to sensitive database and preserve.When action type is to ask to consult the sensitive data being stored in sensitive database, above-mentioned sensitive data ciphering and deciphering device will extract and carry out decryption oprerations from sensitive database in requisition for the sensitive data consulted, and sensitive data transmission is consulted to service end for user subsequently.
In the preferred embodiment of the present invention, based on the above sensitive data ciphering and deciphering device, a kind of sensitive data encipher-decipher method of existing offer, the method is equally applicable in transaction system.Then in the method, arranging a sensitive data ciphering and deciphering device between a service end and a sensitive database, service end carries out the data manipulation of sensitive data for user, and sensitive database is used for preserving sensitive data.
Above-mentioned sensitive data encipher-decipher method specifically includes ciphering process and decrypting process.
As shown in Figure 4, above-mentioned ciphering process specifically includes:
Step S1a ,Sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that sensitive data is carried out in service end;
Step S2a ,Sensitive data ciphering and deciphering device generates according to action type and exports and represents the first control instruction being encrypted sensitive data;
Step S3a ,Sensitive data ciphering and deciphering device extracts the sensitive data being associated with data manipulation of service end transmission according to the first control instruction and is encrypted, and the sensitive data transmission through encryption is preserved to sensitive database.
As it is shown in figure 5, above-mentioned decrypting process specifically includes:
Step S1b ,Sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that sensitive data is carried out in service end;
Step S2b ,Sensitive data ciphering and deciphering device generates according to action type and exports and represents the second control instruction being decrypted sensitive data;
Step S3b ,Sensitive data ciphering and deciphering device extracts, according to the second control instruction, the sensitive data being associated with data manipulation preserved in sensitive database and is decrypted, and sends the sensitive data through deciphering to service end.
In one preferred embodiment of the present invention, in above-mentioned steps S1a, sensitive data ciphering and deciphering device monitoring user carries out the action type of data manipulation, and in action type for generate when service end increases sensitive data newly and to export the first control instruction.
In another preferred embodiment of the present invention, in above-mentioned steps S1a, sensitive data ciphering and deciphering device monitoring user carries out the action type of data manipulation, and in action type for generating constantly at service end amendment sensitive data and export the first control instruction.
In another preferred embodiment of the present invention, in above-mentioned steps S1b, sensitive data ciphering and deciphering device monitoring user carries out the action type of data manipulation, and generates and export the second control instruction when action type is and consults the sensitive data preserved in sensitive database.
In the preferred embodiment of the present invention, also provide for a kind of transaction system, including the above sensitive data ciphering and deciphering device.
In the preferred embodiment of the present invention, also providing for a kind of transaction system, its feature uses the above sensitive data encipher-decipher method.
The foregoing is only preferred embodiment of the present invention; not thereby embodiments of the present invention and protection domain are limited; to those skilled in the art; the equivalent done by all utilization description of the invention and diagramatic content and the scheme obtained by obvious change should be can appreciate that, all should be included in protection scope of the present invention.
Claims (12)
1. a sensitive data ciphering and deciphering device, it is adaptable in a trade managing system;It is characterized in that, described sensitive data ciphering and deciphering device is arranged between a service end and a sensitive database, and described service end carries out the data manipulation of sensitive data for user, and described sensitive database is used for preserving described sensitive data;
Described sensitive data ciphering and deciphering device includes:
Monitoring unit, for monitoring the action type of the data manipulation that user is carried out in described service end, and generate and export the second control instruction representing that described sensitive data is decrypted by the first control instruction being encrypted described sensitive data or expression according to described action type;
Ciphering unit, connect described monitoring unit, for described first control instruction issued according to described monitoring unit, extract the described sensitive data being associated with described data manipulation of described service end transmission and be encrypted, the described sensitive data through encryption is sent to the preservation of described sensitive database;
Decryption unit, connect described monitoring unit, for described second control instruction issued according to described monitoring unit, extract the described sensitive data being associated with described data manipulation preserved in described sensitive database and be decrypted, the described sensitive data through deciphering is sent to described service end.
2. sensitive data ciphering and deciphering device as claimed in claim 1, it is characterized in that, described monitoring unit monitoring user carries out the described action type of data manipulation, and in described action type for generate when described service end increases described sensitive data newly and to export described first control instruction.
3. sensitive data ciphering and deciphering device as claimed in claim 1, it is characterized in that, described monitoring unit monitoring user carries out the described action type of data manipulation, and in described action type for generating and export described first control instruction when described service end revises described sensitive data.
4. sensitive data ciphering and deciphering device as claimed in claim 1, it is characterized in that, described monitoring unit monitoring user carries out the described action type of data manipulation, and generates and export described second control instruction when described action type is and consults the described sensitive data preserved in described sensitive database.
5. sensitive data ciphering and deciphering device as claimed in claim 1, it is characterised in that described ciphering unit includes:
First receiver module, for receiving described first control instruction of described monitoring unit output, resolves described first control instruction and exports;
Encrypting module, connect described first receiver module, for according to described first control instruction through resolving, extracting the described sensitive data being associated with described data manipulation of described service end transmission and be encrypted, the described sensitive data through encryption is sent to the preservation of described sensitive database.
6. sensitive data ciphering and deciphering device as claimed in claim 1, it is characterised in that described decryption unit includes:
Second receiver module, for receiving described second control instruction of described monitoring unit output, resolves described second control instruction and exports;
Decryption unit, connect described second receiver module, for according to described second control instruction through resolving, extracting the described sensitive data being associated with described data manipulation preserved in described sensitive database and be decrypted, the described sensitive data through deciphering is sent to described service end.
7. a sensitive data encipher-decipher method, it is adaptable to transaction system;It is characterized in that, one sensitive data ciphering and deciphering device is set between a service end and a sensitive database, described service end carries out the data manipulation of sensitive data for user, and described sensitive database is used for preserving described sensitive data, also includes ciphering process and decrypting process;
Described ciphering process includes:
Step S1a, described sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that described sensitive data is carried out in described service end;
Step S2a, described sensitive data ciphering and deciphering device generates according to described action type and exports and represents the first control instruction being encrypted described sensitive data;
Step S3a, described sensitive data ciphering and deciphering device extracts the described sensitive data being associated with described data manipulation of described service end transmission according to described first control instruction and is encrypted, and sends the described sensitive data through encryption to the preservation of described sensitive database;
Described decrypting process includes:
Step S1b, described sensitive data ciphering and deciphering device monitors the user action type to the data manipulation that described sensitive data is carried out in described service end;
Step S2b, described sensitive data ciphering and deciphering device generates according to described action type and exports and represents the second control instruction being decrypted described sensitive data;
Step S3b, described sensitive data ciphering and deciphering device extracts the described sensitive data being associated with described data manipulation preserved in described sensitive database according to described second control instruction and is decrypted, and sends the described sensitive data through deciphering to described service end.
8. sensitive data encipher-decipher method as claimed in claim 7, it is characterized in that, in described step S1a, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and in described action type for generate when described service end increases described sensitive data newly and to export described first control instruction.
9. sensitive data encipher-decipher method as claimed in claim 7, it is characterized in that, in described step S1a, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and generates and export described first control instruction in described action type constantly for revising described sensitive data in described service end.
10. sensitive data encipher-decipher method as claimed in claim 7, it is characterized in that, in described step S1b, described sensitive data ciphering and deciphering device monitoring user carries out the described action type of data manipulation, and generates and export described second control instruction when described action type is and consults the described sensitive data preserved in described sensitive database.
11. 1 kinds of transaction systems, it is characterised in that include the sensitive data ciphering and deciphering device as described in claim 1-6.
12. 1 kinds of transaction systems, it is characterised in that use the sensitive data encipher-decipher method as described in claim 7-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610535368.7A CN106027563A (en) | 2016-07-08 | 2016-07-08 | Sensitive data encryption and decryption device and method, and transaction system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610535368.7A CN106027563A (en) | 2016-07-08 | 2016-07-08 | Sensitive data encryption and decryption device and method, and transaction system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106027563A true CN106027563A (en) | 2016-10-12 |
Family
ID=57108872
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610535368.7A Pending CN106027563A (en) | 2016-07-08 | 2016-07-08 | Sensitive data encryption and decryption device and method, and transaction system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106027563A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106503585A (en) * | 2016-11-09 | 2017-03-15 | 济南浪潮高新科技投资发展有限公司 | A kind of method of ERP sensitive datas security isolation |
| CN107016542A (en) * | 2016-12-06 | 2017-08-04 | 阿里巴巴集团控股有限公司 | A kind of business data processing method, verification method, apparatus and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034424A (en) * | 2007-01-12 | 2007-09-12 | 深圳兆日技术有限公司 | Date safety storing system, device and method |
| US20130262879A1 (en) * | 2012-03-29 | 2013-10-03 | Aptos Technology Inc. | Secure type storage device and information security system |
| CN104077533A (en) * | 2014-07-17 | 2014-10-01 | 北京握奇智能科技有限公司 | Sensitive data operating method and device |
-
2016
- 2016-07-08 CN CN201610535368.7A patent/CN106027563A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034424A (en) * | 2007-01-12 | 2007-09-12 | 深圳兆日技术有限公司 | Date safety storing system, device and method |
| US20130262879A1 (en) * | 2012-03-29 | 2013-10-03 | Aptos Technology Inc. | Secure type storage device and information security system |
| CN104077533A (en) * | 2014-07-17 | 2014-10-01 | 北京握奇智能科技有限公司 | Sensitive data operating method and device |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106503585A (en) * | 2016-11-09 | 2017-03-15 | 济南浪潮高新科技投资发展有限公司 | A kind of method of ERP sensitive datas security isolation |
| CN106503585B (en) * | 2016-11-09 | 2019-01-29 | 济南浪潮高新科技投资发展有限公司 | A kind of method of ERP sensitive data security isolation |
| CN107016542A (en) * | 2016-12-06 | 2017-08-04 | 阿里巴巴集团控股有限公司 | A kind of business data processing method, verification method, apparatus and system |
| US10789356B2 (en) | 2016-12-06 | 2020-09-29 | Alibaba Group Holding Limited | Method, apparatus, and system for service data processing and verification |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10657284B2 (en) | Secure high speed data storage, access, recovery, and transmission | |
| CN107295069A (en) | Data back up method, device, storage medium and server | |
| CN101404056B (en) | Software protection method, apparatus and equipment | |
| US20140281520A1 (en) | Secure cloud data sharing | |
| WO2013069770A1 (en) | Database device, method and program | |
| CN107920081B (en) | Login authentication method and device | |
| US20210067326A1 (en) | Cryptographic operation method, method for creating working key, cryptographic service platform, and cryptographic service device | |
| CN101840471B (en) | Document right control method and device | |
| CN107948152A (en) | Information storage means, acquisition methods, device and equipment | |
| CN111385084A (en) | Key management method and device for digital assets and computer readable storage medium | |
| CN104978542B (en) | The method and system of safe data storage and access data | |
| CN104144174B (en) | Protect method, user equipment and the server of privacy of user data | |
| CN109802832A (en) | A kind of processing method of data file, system, big data processing server and computer storage medium | |
| CN104601820A (en) | Mobile terminal information protection method based on TF password card | |
| CN106027563A (en) | Sensitive data encryption and decryption device and method, and transaction system | |
| CN105515757A (en) | Security information interaction equipment based on trusted execution environment | |
| CN104182691B (en) | data encryption method and device | |
| CN104636662A (en) | Data processing method and terminal device | |
| CN107967430B (en) | A kind of document protection method, equipment and system | |
| CN110138750A (en) | Encryption method, apparatus and system, storage medium, the terminal of configuration file | |
| CN115150193A (en) | Method and system for encrypting sensitive information in data transmission and readable storage medium | |
| CN105245347B (en) | A kind of encryption system implementation method being adapted to a variety of storage products | |
| CN104796401B (en) | A kind of method and system that enciphoring voice telecommunication is realized by halfpace | |
| CN112966045A (en) | Data synchronization method and system | |
| CN108846290A (en) | A kind of method for generating cipher code and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161012 |
|
| RJ01 | Rejection of invention patent application after publication |