CN106713372B - A kind of method of controlling security and safety control system based on permission control - Google Patents

A kind of method of controlling security and safety control system based on permission control Download PDF

Info

Publication number
CN106713372B
CN106713372B CN201710189481.9A CN201710189481A CN106713372B CN 106713372 B CN106713372 B CN 106713372B CN 201710189481 A CN201710189481 A CN 201710189481A CN 106713372 B CN106713372 B CN 106713372B
Authority
CN
China
Prior art keywords
data
character string
forms
converted
dimension
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710189481.9A
Other languages
Chinese (zh)
Other versions
CN106713372A (en
Inventor
陈长成
郝敬全
公飞
郑其荣
马俊华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taihua Wisdom Industry Group Co Ltd
Original Assignee
Taihua Wisdom Industry Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taihua Wisdom Industry Group Co Ltd filed Critical Taihua Wisdom Industry Group Co Ltd
Priority to CN201710189481.9A priority Critical patent/CN106713372B/en
Publication of CN106713372A publication Critical patent/CN106713372A/en
Application granted granted Critical
Publication of CN106713372B publication Critical patent/CN106713372B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention proposes a kind of method of controlling security and system based on permission control, and method includes: that front-end server receives account information, input data, data processing request and request address information;Input data is encrypted, forms the first data, and account information, the first data, data processing request and request address information are sent to background server;If the first data group is matched with second data group in first database, the first data are decrypted, the second data after forming decryption;If the second data are matched with predefined input parameter, third data group is matched with the second database;If third data group is matched with the 4th data group in the second database, data processing is carried out according to the second data and data processing request, generates third data;Third data are sent to front-end server by background server.The safety of the accuracy and data of guarantee operation of the present invention.

Description

A kind of method of controlling security and safety control system based on permission control
Technical field
The present invention relates to communication technique field, more particularly, to a kind of method of controlling security based on permission control and Safety control system.
Background technique
With information-based high speed development, demand of the people to information security comes one after another, talent competition, market competition, Financial crisis etc. all brings great risk to the development of enterprises and institutions, and inside steals secret information, hacker attack, unconscious divulge a secret etc. are stolen secret information Means become between interpersonal, enterprise and enterprise, inter-State security risk.
The demand in market, the awareness of safety of people, environment factors promote the information security high speed development in China, believe Breath safety experienced prevents from traditional single protection such as firewall to information security total solution, from traditional external network Protect intranet security, Host Security etc..
When transmitting data in current client application platform, the operation data of user can be passed through operation circle by client Face is sent to front-end server, then is forwarded to background server by front-end server, and generated with user's by background server The corresponding business datum of operation data is to complete corresponding operation flow.
But operation interface is easy to be tampered, so that the priority assignation of user does not play a role, user can obtain this and not answer The data that can be obtained.Also, during front-end server sends operation data to background server, if operation data is non- Method is distorted, then background server will receive the operation data after being tampered, and be generated according to the operation data after being tampered The business datum of mistake, this will cause operation flow that entanglement occurs, seriously affect the safety and accuracy of data.
Therefore it provides a kind of method of controlling security and safety control system based on permission control, to ensure operation interface Safety and accuracy with data transmission are this field urgent problems to be solved.
Summary of the invention
In view of this, the present invention provides a kind of method of controlling security and safety control system based on permission control, solution It has determined the technical issues of easily illegally being distorted, influence Information Security and accuracy in data transmission procedure in the prior art.
In order to solve the above-mentioned technical problem, the present invention proposes a kind of method of controlling security based on permission control, comprising:
Front-end server receives account information, input data, data processing request and request address information;
The front-end server encrypts the input data, forms encrypted first data, and by the account Family information, first data, the data processing request and the request address information are sent to background server;Its In, the account information, the request address information and the data processing request form the first data group;
The background server matches first data group received with first database;Wherein, described First database includes at least one second data group, and second data group is account information, request address information and number The predefined combination formed according to processing request;
If first data group is matched with second data group in the first database, the background service First data are decrypted in device, the second data after forming decryption;Then by second data with it is predefined defeated Enter parameter to be matched;Wherein, the account information and second data form third data group;
If second data are matched with the predefined input parameter, the background server is by the third number It is matched according to group with the second database;Wherein, second database includes at least one the 4th data group, the 4th number It is account information and the predefined combination that input data is formed according to group;
If the third data group is matched with the 4th data group in second database, the backstage Server carries out data processing according to second data and the data processing request, generates third data;
The third data are sent to the front-end server by the background server.
Further, wherein added when the front-end server encrypts the input data using RSA Algorithm It is close, comprising:
According to character sequencing, the input data is split as multiple first character strings, each first character The maximum length of string is 30 bytes, forms the first character string dimension;
First character string dimension is recycled, the first character string in each first character string dimension is converted to Then the first byte array is converted to 16 systems by one byte array, form the first BigInteger type number;
The first BigInteger type number is encrypted using rsa encryption formula, and is converted to the of 16 systems Two character strings;It circuits sequentially, ultimately forms the second character string dimension;
According to the sequencing of the second character string in second character string dimension, second character string dimension is recycled, Increase Chinese branch after each second character string, final splicing becomes an encrypted character string, forms the first number According to.
Further, wherein solved when first data are decrypted in the background server using RSA Algorithm It is close, comprising:
According to the sequencing of character, first data are split as multiple third character strings using Chinese branch, often The maximum length of a third character string is 30 bytes, forms third character string dimension;
The third character string dimension is recycled, the third character string in each third character string dimension by 16 systems Character string is converted to the 2nd byte array, and the 2nd byte array is then converted to 16 systems, forms second BigInteger type number, and the 2nd BigInteger type number being decrypted using RSA decryption formula, formed 16 into The 3rd BigInteger type number, is finally converted to the 3rd byte array by the 3rd BigInteger type number of system, and The 3rd byte array is converted to the 4th character string;It circuits sequentially, ultimately forms the 4th character string dimension;
According to the sequencing of the 4th character string in the 4th character string dimension, the 4th character string dimension is turned It is changed to the 5th character string, forms the second data.
Further, wherein the third data are sent to the front-end server by the background server, comprising:
The background server encrypts the third data, forms encrypted 4th data, and by described the Four data are sent to the front-end server;And
The front-end server receives the 4th data, and the 4th data are decrypted, after forming decryption 5th data.
Further, wherein added when the background server encrypts the third data using RSA Algorithm It is close, comprising:
According to character sequencing, the third data are split as multiple 6th character strings, each 6th character The maximum length of string is 30 bytes, forms the 5th character string dimension;
The 5th character string dimension is recycled, the 6th character string in each 5th character string dimension is converted to Then the 4th byte array is converted to 16 systems by four byte arrays, form the 4th BigInteger type number;
The 4th BigInteger type number is encrypted using rsa encryption formula, and is converted to the of 16 systems Seven character strings;It circuits sequentially, ultimately forms the 6th character string dimension;
According to the sequencing of the 7th character string in the 6th character string dimension, the 6th character string dimension is recycled, Increase Chinese branch after each 7th character string, final splicing becomes an encrypted character string, forms described the Four data.
Further, wherein described to be decrypted using RSA Algorithm when 4th data are decrypted, comprising:
According to the sequencing of character, the 4th data are split as multiple 8th character strings using Chinese branch, often The maximum length of a 8th character string is 30 bytes, forms the 7th character string dimension;
The 7th character string dimension is recycled, the 8th character string in each 7th character string dimension by 16 systems Character string is converted to the 5th byte array, and the 5th byte array is then converted to 16 systems, forms the 5th BigInteger type number, and the 5th BigInteger type number being decrypted using RSA decryption formula, formed 16 into The 6th BigInteger type number, is finally converted to the 6th byte array by the 6th BigInteger type number of system, and The 6th byte array is converted to the 9th character string;It circuits sequentially, ultimately forms the 8th character string dimension;
According to the sequencing of the 9th character string in the 8th character string dimension, the 8th character string dimension is turned It is changed to the tenth character string, forms the 5th data.
On the other hand, the invention also provides a kind of safety control systems based on permission control, which is characterized in that packet It includes: front-end server and background server, wherein the background server includes:
Encrypted data reception module is believed for receiving encrypted first data, account from the front-end server Breath, data processing request and request address information;Wherein, the account information, the request address information and the number It requests to form the first data group according to processing;
First data match module, for matching first data group with first database;Wherein, described One database includes at least one second data group, and second data group is account information, request address information and data The predefined combination that processing request is formed;
Encryption data deciphering module, for first data to be decrypted, the second data after forming decryption;
Parameter matching module, for matching second data with predefined input parameter;Wherein, the account Family information and second data form third data group;
Second data match module, for matching the third data group with the second database;Wherein, described Two databases include at least one the 4th data group, the 4th data group is account information and input data formed it is predefined Combination;
Data generation module is generated for carrying out data processing according to second data and the data processing request Third data;And
Data transmission blocks are generated, for the third data to be sent to the front-end server.
Further, wherein the front-end server includes:
Input data receiving module, for receiving account information, input data, data processing request and request address letter Breath;
Data encryption module forms encrypted first data for encrypting to the input data;
Encryption data sending module, for by the account information, first data, the data processing request and The request address information is sent to background server;And
Data reception module is generated, for receiving the third data from the background server.
Further, wherein the background server further includes generating data encryption module, for the third data It is encrypted, forms encrypted 4th data;Wherein, the generation data encryption module is encrypted using RSA Algorithm, is wrapped It includes:
According to character sequencing, the third data are split as multiple 6th character strings, each 6th character The maximum length of string is 30 bytes, forms the 5th character string dimension;
The 5th character string dimension is recycled, the 6th character string in each 5th character string dimension is converted to Then the 4th byte array is converted to 16 systems by four byte arrays, form the 4th BigInteger type number;
The 4th BigInteger type number is encrypted using rsa encryption formula, and is converted to the of 16 systems Seven character strings;It circuits sequentially, ultimately forms the 6th character string dimension;
According to the sequencing of the 7th character string in the 6th character string dimension, the 6th character string dimension is recycled, Increase Chinese branch after each 7th character string, final splicing becomes an encrypted character string, forms described the Four data;
Also, the front-end server further includes generating data decryption module, for the 4th data to be decrypted, The 5th data after forming decryption;Wherein, the generation data decryption module is decrypted using RSA Algorithm, comprising:
According to the sequencing of character, the 4th data are split as multiple 8th character strings using Chinese branch, often The maximum length of a 8th character string is 30 bytes, forms the 7th character string dimension;
The 7th character string dimension is recycled, the 8th character string in each 7th character string dimension by 16 systems Character string is converted to the 5th byte array, and the 5th byte array is then converted to 16 systems, forms the 5th BigInteger type number, and the 5th BigInteger type number being decrypted using RSA decryption formula, formed 16 into The 6th BigInteger type number, is finally converted to the 6th byte array by the 6th BigInteger type number of system, and The 6th byte array is converted to the 9th character string;It circuits sequentially, ultimately forms the 8th character string dimension;
According to the sequencing of the 9th character string in the 8th character string dimension, the 8th character string dimension is turned It is changed to the tenth character string, forms the 5th data.
Further, wherein the input data includes any filled in by data query, list, in data importing The business datum of approach typing.
Compared with prior art, a kind of method of controlling security and safety control system based on permission control of the invention, Realize it is following the utility model has the advantages that
(1) method of controlling security and safety control system of the present invention based on permission control, by input number According to the transmission for carrying out data after being encrypted again, avoids and illegally distorted in data transmission procedure, and data deciphering It is preceding to carry out corresponding function privilege verifying, it avoids being tampered because of operation interface, causes function privilege setting not play a role, then Data permission verifying is carried out, prevents user from obtaining the data outside permission;The duplicate protection means of data encryption and Authority Verification are protected Hinder the safety of the accuracy and data of operation.
(2) it is of the present invention based on permission control method of controlling security and safety control system, front-end server and Background server is both needed to carry out the encryption and decryption process of data when transmitting data, carries out to input data and output data comprehensive Protection, avoids data in network transmission process from being tampered, causes leaking data.
Detailed description of the invention
It is combined in the description and the attached drawing for constituting part of specification shows the embodiment of the present invention, and even With its explanation together principle for explaining the present invention.
Fig. 1 is a kind of flow diagram of method of controlling security based on permission control provided in an embodiment of the present invention;
Fig. 2 is a kind of flow diagram of input data encryption provided in an embodiment of the present invention;
Fig. 3 is the flow diagram provided in an embodiment of the present invention that the first data are decrypted;
Fig. 4 is the flow diagram of priority assignation of the invention;
Fig. 5 is the flow diagram of another method of controlling security based on permission control provided in an embodiment of the present invention;
Fig. 6 is the flow diagram provided in an embodiment of the present invention encrypted to third data;
Fig. 7 is the flow diagram provided in an embodiment of the present invention that the 4th data are decrypted;
Fig. 8 is a kind of structural schematic diagram of background server provided in an embodiment of the present invention;
Fig. 9 is a kind of structural schematic diagram of front-end server provided in an embodiment of the present invention;
Figure 10 is the structural schematic diagram of another background server provided in an embodiment of the present invention;
Figure 11 is the structural schematic diagram of another front-end server provided in an embodiment of the present invention.
Specific embodiment
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should also be noted that unless in addition having Body explanation, the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally The range of invention.
Be to the description only actually of at least one exemplary embodiment below it is illustrative, never as to the present invention And its application or any restrictions used.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable In the case of, the technology, method and apparatus should be considered as part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without It is as limitation.Therefore, other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Embodiment 1
Fig. 1 is a kind of flow diagram of method of controlling security based on permission control provided in an embodiment of the present invention, institute The method of stating includes:
Step 101, front-end server receive account information, input data, data processing request and request address information.
Specifically, front-end server can obtain account information, when client is in front-end server when client logs in Operation interface on input data and when filing a request, front-end server is ready to receive to arrive corresponding input data, data processing Request and request address information.
Step 102, front-end server encrypt input data, form encrypted first data, and account is believed Breath, the first data, data processing request and request address information are sent to background server;
Wherein, account information, request address information and data processing request form the first data group.
It can be to avoid input data from front end server transport to background server by being encrypted to input data During illegally distorted.
Optionally, input data may include filled in by data query, list, the business for the approach typing such as data import Data.
Wherein, the algorithm encrypted to input data can be RSA (Rivest-Shamir-Adleman, password system System) or DES (Date Encryption Standard, data encryption standards) or IDEA (International Date Encryption Algorithm, international data encryption algorithm) or AES (Advanced Encryption Standard, it is advanced Encryption standard) or other existing Encryption Algorithm.
In some alternative embodiments, RSA Algorithm progress can be used when front-end server encrypts input data Encryption.Fig. 2 is a kind of flow diagram of input data encryption provided in an embodiment of the present invention, wherein this method includes as follows Step:
Step 201, according to character sequencing, input data is split as multiple first character strings, each first character The maximum length of string is 30 bytes, forms the first character string dimension;
The first character string in each first character string dimension, is converted to the by step 202, the first character string dimension of circulation Then first byte array is converted to 16 systems by one byte array, form the first BigInteger type number;
First BigInteger number is encrypted using rsa encryption formula, and is converted to 16 systems by step 203 Second character string;It circuits sequentially, ultimately forms the second character string dimension;
Step 204, according to the sequencing of the second character string in the second character string dimension, recycle the second character string dimension, Increase Chinese branch after each second character string, final splicing becomes an encrypted character string, forms the first data.
RSA cryptographic algorithms are current most influential Encryption Algorithm, it can resist up to the present known big absolutely Most cryptographic attacks, are recommended as data encryption standards by ISO.
Step 103, background server match the first data group received with first database.
Wherein, first database includes at least one second data group, and the second data group is account information, request address letter The predefined combination that breath and data processing request are formed;
Specifically, when background server receive front-end server transmission by account information, request address information and Data processing request formed after the first data group, the first data group is matched with the second data group, with the first number of detection According to whether have in library in the first data group account information, request address information and data processing request it is all the same second Data group is to judge whether user has the function privilege for handling the input data.
If step 104, the first data group are matched with second data group in first database, background server pair First data are decrypted, the second data after forming decryption, then by the second data and the progress of predefined input parameter Match;
Wherein, account information and the second data form third data group.
Specifically, when detecting in first database there is second data group, the account information for being included, request ground Location information and data processing request information match with the first data group, illustrate that user has and use the data processing function Permission, the first data can be decrypted in background server at this time, formed decryption after the second data.
Otherwise, if not found in first database and matched second data group of the first data group, background server Forward end server returns to error message.
After decryption obtains the second data, the second data after decryption are matched with predefined input parameter, with inspection Survey whether the second data match with input parameter predefined in system.In some alternative embodiments, background server RSA Algorithm can be used when the first data are decrypted to be decrypted.Fig. 3 be it is provided in an embodiment of the present invention to the first data into The flow diagram of row decryption, wherein this method comprises the following steps:
First data are split as multiple third characters using Chinese branch by step 301, the sequencing according to character String, the maximum length of each third character string are 30 bytes, form third character string dimension;
Step 302, circulation third character string dimension, the third character string in each third character string dimension by 16 systems Character string is converted to the 2nd byte array, and the 2nd byte array is then converted to 16 systems, forms the 2nd BigInteger type Number, and the 2nd BigInteger type number is decrypted using RSA decryption formula, form the third of 16 systems 3rd BigInteger type number, is finally converted to the 3rd byte array, and the 3rd byte number by BigInteger type number Group is converted to the 4th character string;It circuits sequentially, ultimately forms the 4th character string dimension;
Step 303, according to the sequencing of the 4th character string in the 4th character string dimension, the 4th character string dimension is turned It is changed to the 5th character string, forms the second data.
Input data after encryption is decrypted by RSA Algorithm, it is ensured that the accuracy and safety of decryption.
If step 105, the second data are matched with predefined input parameter, background server is by third data group and the Two databases are matched.
Wherein, the second database includes at least one the 4th data group, and the 4th data group is account information and input data The predefined combination formed.
Specifically, illustrating that background server is decrypted to obtain when detecting that the second data are matched with predefined input parameter The second data can be used for requested data processing, then background server can will be in third data group and the second database The 4th data group matched, whether have in the second database and account information in third data group and the second number to detect According to the 4th data group all the same.
If step 106, third data group are matched with the 4th data group in the second database, background server root Data processing is carried out according to the second data and data processing request, generates third data.
Specifically, when detect account information in the 4th data group in the second database and input data with Third data group matches, and illustrates that user has the permission for accessing the data.Then background server can be to the second data sum number It requests to carry out data processing according to processing, generates third data.
Otherwise, if can not be found in the second database and matched 4th data group of third data group, background server Terminate the process, and forward end server returns to error message.
Third data are sent to front-end server by step 107, background server.
User can check the data information by the operation interface of front-end server.
Front-end server in the embodiment of the present invention is first encrypted user by the input data that client is sent, shape Background server is sent at the first data, then by the first data and the first data group, and background server is by by the first data Group is after first database matching judgment user has the permission using the data processing function, then the first data are decrypted To obtain the second data, background server passes through the third data group for forming the second data and account information and the second database It is matched, judges that user has the permission for accessing the data, the second data are finally subjected to processing and generate third Data Concurrent It send to front-end server.It can be seen that data quilt in transmission process can be effectively prevented by carrying out encryption to input data It illegally distorts, to guarantee the safety of data, and passes through the matching judgment of data group and Relational database, it is ensured that backstage Server, which only has relevant function treatment or data access rights in limited time in judgement user, can just be decrypted related data Or data processing, to ensure that the safety and accuracy of data.
Method of controlling security of the present invention based on permission control, is carried out on the basis of rights management.Fig. 4 is The flow diagram of priority assignation of the invention, this method comprises the following steps:
Step 401, administrator log in;
The administrator of system is the manager of system, and the user being responsible in management system, administrator can be in front end services The function privilege and data permission of user are set in the operation interface of device, achieve the purpose that manage user.
User is the object of system service, and user can be used the function of system and obtain the data of system.
Step 402, administrator select the user of system;
Each user has an account.When user uses the data in system or system, after needing logon account information Data can be obtained.This step mainly selects specific user that associated rights are arranged from the user of system.
Step 403, setting function privilege;
The interface of front-end server can be accessed by background server or menu is defined as function privilege, each function The URL of the corresponding HTTP request of permission.
The business function that use object when function privilege is user's operation, i.e. user can be used.For example, inquiring certain public affairs The record or to inquire someone identification card number be business function of paying taxes of department.The unusable business function of user is the user's Front-end server is in hidden state.
User can have multiple function privileges, and the corresponding relationship of user and function privilege is stored in authority information library.
Step 404, setting data permission;
System classifies data, and every one kind data have corresponding data parameters.As data permission.Such as statistics bureau Data parameters be TJJ, the data parameters of public security bureau are GAJ etc..The permission of the accessible data parameters of user, that is, data power Limit.
User can have multiple data permissions, and the corresponding relationship of user and data permission is stored in authority information library In.
Step 405, authority information storage.
After the function privilege and data permission at the handy family of administrator setting, setting rights objects storage to authority information library In, in case being called when authorization check.Authority information library can be file or database.
Embodiment 2
As shown in figure 5, for the process of another method of controlling security based on permission control provided in an embodiment of the present invention Schematic diagram, this method comprises the following steps:
Step 501, front-end server receive account information, input data, data processing request and request address information.
Specifically, front-end server can obtain account information, when client is in front-end server when client logs in Operation interface on input data and when filing a request, front-end server is ready to receive to arrive corresponding input data, data processing Request and request address information.For example, being filled in after logging in system by user in operation interface: name " Zhang San ", gender " male " submits the application of personnel query identification card number.Wherein, the log-on message of user can be account information, name ": " Three ", " gender ": " male " } it is input data, personnel query identification card number is data processing request, during information transmission certainly So generate request address information.
Step 502, front-end server encrypt input data, form encrypted first data, and account is believed Breath, the first data, data processing request and request address information are sent to background server;
Wherein, account information, request address information and data processing request form the first data group.
Specifically, front-end server receives account information, input data, data processing request and request address information Afterwards, input data { " name ": " Zhang San ", " gender ": " male " } is encrypted, forms encrypted first data, this first If data are printed as a messy code data, to ensure that the safety of data.
Then account information, the first data, data processing request and request address information are sent to background server; Wherein, account information, request address information and data processing request form the first data group.
It can be to avoid input data from front end server transport to background server by being encrypted to input data During illegally distorted.
Wherein, algorithm input data encrypted can for RSA or DES or IDEA or AES or other it is existing plus Close algorithm.
Step 503, background server match the first data group received with first database;Wherein, first Database includes at least one second data group, and the second data group is that account information, request address information and data processing are asked Ask the predefined combination to be formed.
Specifically, when background server receive front-end server transmission by account information, request address information and Data processing request formed after the first data group, the first data group is matched with first database;With the first number of detection According to whether have in library in the first data group account information, request address information and data processing request it is all the same second Data group, that is, can determine whether user has the permission of inquiry identity card function.
If step 504, the first data group are matched with second data group in first database, background server pair First data are decrypted, the second data after forming decryption,
Then the second data are matched with predefined input parameter;
Wherein, account information and the second data form third data group.
Specifically, when detecting in first database there is second data group, the account information for being included, request ground Location information and data processing request information match with the first data group, illustrate that user has the power of inquiry identity card function Limit.Then background server can be decrypted the first data, { " Zhang San ", " male " } after forming decryption;Otherwise, if the first number According to not finding in library and matched second data group of the first data group, then forward end server returns to error message.
After decryption obtains the second data, by the second data and predefined input parameter such as { " name ", " property after decryption It is not matched " }, to detect whether the second data match with input parameter predefined in system.
If step 505, the second data are matched with predefined input parameter, background server is by third data group and the Two databases are matched;
Wherein, the second database includes at least one the 4th data group, and the 4th data group is account information and input data The predefined combination formed.
Specifically, if detect the second data be { " Zhang San ", " male " }, with predefined input parameter " name ", " gender " } match, the second data { " Zhang San ", " male " } for illustrating that background server is decrypted can be used for inquiring identity card Data processing.Then background server carries out the third data group formed by account information and the second data and the second database Matching, to detect whether third data group matches with the 4th data group in the second database.
If step 506, third data group are matched with the 4th data group in the second database, background server root Data processing is carried out according to the second data and data processing request, generates third data.
Specifically, when detect account information in the 4th data group in the second database and input data with Third data group matches, and illustrates that user has the permission of identification card number of access Zhang San (male).Then background server can be right Second data carry out data processing, generate third data, the i.e. identification card number of Zhang San.
Otherwise, if can not be found in the second database and matched 4th data group of third data group, background server Terminate the process, and forward end server returns to error message.
Step 507, background server encrypt third data, form encrypted 4th data, and the 4th is counted According to being sent to front-end server.
Specifically, background server encrypts third data (for example, identification card number of Zhang San), formed encrypted 4th data, and the 4th data are sent to front-end server.
Being encrypted by the identification card number to Zhang San can be to avoid its identification card number before being transferred to from background server It is illegally distorted during platform server, to guarantee the safety of data transmission procedure.
The algorithm wherein encrypted to third data can be RSA or IDEA or AES or other existing Encryption Algorithm.
In some alternative embodiments, RSA Algorithm progress can be used when background server encrypts third data Encryption, as shown in fig. 6, being the flow diagram provided in an embodiment of the present invention encrypted to third data, wherein this method Include the following steps:
Step 601, according to character sequencing, third data are split as multiple 6th character strings, each 6th character The maximum length of string is 30 bytes, forms the 5th character string dimension;
The 6th character string in each 5th character string dimension, is converted to the by step 602, the 5th character string dimension of circulation Then 4th byte array is converted to 16 systems by four byte arrays, form the 4th BigInteger type number;
4th BigInteger number is encrypted using rsa encryption formula, and is converted to 16 systems by step 603 7th character string;It circuits sequentially, ultimately forms the 6th character string dimension;
Step 604, according to the sequencing of the 7th character string in the 6th character string dimension, recycle the 6th character string dimension, Increase Chinese branch after each 7th character string, final splicing becomes an encrypted character string, forms the 4th data.
Step 508, front-end server receive the 4th data, and the 4th data are decrypted, the 5th after forming decryption Data.
Specifically, front-end server receives the 4th data, and the 4th data are decrypted, the 5th number after forming decryption According to the i.e. identification card number of Zhang San.Due to the 4th data received be it is encrypted, such as wanting to read the data first needs pair The data ensure that the safety of data transmission into Xie Hangmi processing.
In some alternative embodiments, RSA Algorithm can be used when the 4th data are decrypted to be decrypted, such as Fig. 7 It is shown, it is the flow diagram provided in an embodiment of the present invention that the 4th data are decrypted, wherein this method includes following step It is rapid:
4th data are split as multiple 8th characters using Chinese branch by step 701, the sequencing according to character String, the maximum length of each 8th character string are 30 bytes, form the 7th character string dimension;
Step 702, the 7th character string dimension of circulation, the 8th character string in each 7th character string dimension by 16 systems Character string is converted to the 5th byte array, and the 5th byte array is then converted to 16 systems, forms the 5th BigInteger type Number, and the 5th BigInteger type number is decrypted using RSA decryption formula, form the 6th of 16 systems 6th BigInteger type number, is finally converted to the 6th byte array, and the 6th byte number by BigInteger type number Group is converted to the 9th character string;It circuits sequentially, ultimately forms the 8th character string dimension;
Step 703, according to the sequencing of the 9th character string in the 8th character string dimension, the 8th character string dimension is turned It is changed to the tenth character string, forms the 5th data.
Front-end server in the embodiment of the present invention first encrypts the input data that user sends through client, is formed First data, then the first data and the first data group are sent to background server, background server is by by the first data group After the permission whether with first database matching judgment user with the data processing function, then to the first data be decrypted with Obtain the second data, background server by by the third data group and the second database of the second data and account information formation into Row matching judges that user has the permission for accessing inputted data, and the second data are finally carried out processing and generate third data, Background server again encrypts third data, is then delivered to front-end server, front-end server is with the encryption data The data that can be obtained that treated after decryption.It can be seen that can be effective by being encrypted to input data and inquiry data It prevents data from illegally being distorted in transmission process, to guarantee the safety of data, and passes through data group and Relational database Matching judgment, it is ensured that background server only determine user have relevant function treatment or access authority Shi Caihui Related data is decrypted, encrypt or data transmission, to ensure that the accuracy of data.
Embodiment 3
Present embodiment describes a kind of safety control systems based on permission control, which includes: front end services Device and background server.Wherein, the structure of background server and front-end server is respectively as can be seen from figures 8 and 9, wherein Fig. 8 is A kind of structural schematic diagram of background server provided in an embodiment of the present invention;Fig. 9 is a kind of front end provided in an embodiment of the present invention The structural schematic diagram of server.
As shown in figure 8, the background server 80 include: encrypted data reception module 801, the first data match module 802, Encryption data deciphering module 803, the second data match module 805, data generation module 806, generates parameter matching module 804 Data transmission blocks 807.
Encrypted data reception module 801 is believed for receiving encrypted first data, account from front-end server 90 Breath, data processing request and request address information;Wherein, account information, request address information and data processing request shape At the first data group;
Specifically, encrypted data reception module 801 can receive encrypted first data from front-end server 90, keep away Exempt from directly to receive input data, information is illegally distorted during transmission, guarantees the safety of data.
Optionally, input data may include filled in by data query, list, the business for the approach typing such as data import Data.
First data match module 802, for matching the first data group with first database;Wherein, the first number It include at least one second data group according to library, the second data group is account information, request address information and data processing request The predefined combination formed.
Specifically, after encrypted data reception module 801 receives encrypted first data and the first data group, pass through by First data group is matched with first database, for detecting whether the user has power using the data processing function Limit.
Encryption data deciphering module 803, for the first data to be decrypted, the second data after forming decryption;
Specifically, when the first data match module 802 detects the second data in the first data group and first database Group matches, then illustrates that user has the permission using the data processing function.Encryption data deciphering module can be passed through 803, the first data are decrypted, the second data after forming decryption.
Parameter matching module 804, for matching the second data with predefined input parameter;Wherein, account is believed Breath and the second data form third data group;
Specifically, working as encryption data deciphering module 803, the first data are decrypted after generating the second data, parameter With module 804, the second data can be matched with predefined input parameter, decrypt to obtain for detecting background server The second data whether can be used for handling requested data.
Second data match module 805, for matching third data group with the second database;Wherein, the second number It include at least one the 4th data group according to library, the 4th data group is account information and the predefined combination that input data is formed;
Specifically, working as parameter matching module 804, when detecting that the second data and predefined input parameter match, say Bright the second obtained data of decrypting can be used for handling requested data.Second data match module 805, so that it may Third data group is matched with the second database, to detect whether the user has the permission for accessing the data.
Data generation module 806 generates third number for carrying out data processing according to the second data and data processing request According to;
Specifically, when the second data match module 805 detects one the 4th number of third data group Yu the second database When matching according to group, illustrate that user has the permission for accessing the data.Data generation module 806, so that it may to the second data into Row processing, generates third data.
Data transmission blocks 807 are generated, for third data to be sent to front-end server 90.
Specifically, data generation module 806, handles the second data, after generating third data, by generating data Third data are sent to front-end server 90 by sending module 807.
As shown in figure 9, the front-end server 90 includes: input data receiving module 901, data encryption module 902, encryption Data transmission blocks 903 generate data reception module 904.
Input data receiving module 901, for receiving account information, input data, data processing request and request ground Location information;
Data encryption module 902 forms encrypted first data for encrypting to input data;
Specifically, work as input data receiving module 901, receive account information, input data, data processing request and After request address information, by data encryption module 902, input data is encrypted, forms encrypted first data.It is logical Cross the safety for carrying out being encrypted to ensure that data transmission to input data.
Encryption data sending module 903 is used for account information, the first data, data processing request and request address Information is sent to background server 80;
Specifically, working as data encryption module 902, input data is encrypted, forms encrypted first data.Pass through Encryption data sending module 903, after being sent to account information, the first data, data processing request and request address information Platform server 80.By carry out data transmission again after encryption forms the first data to input data, input data is avoided to exist It is illegally distorted when being sent to background server 80 from front-end server 90.
Data reception module 904 is generated, for receiving the third data from background server 80.
Specifically, after the second data that decryption obtains are converted to third data by background server 80, through background service Third data are sent to front-end server 90, the generation data receiver of front-end server 90 by the generation data transmission blocks of device 80 Module 904 can receive third data.
It as shown in Figure 10, is the structural schematic diagram of another background server provided in an embodiment of the present invention, background service Device 80 may include encrypted data reception module 801 in embodiment corresponding to above-mentioned Fig. 8, the first data match module 802 plus Ciphertext data deciphering module 803, the second data match module 805, data generation module 806, generates number at parameter matching module 804 According to sending module 807, further, background server can also include: to generate data encryption module 808;
Data encryption module 808 is generated for encrypting to third data, forms encrypted 4th data;
Specifically, working as data generation module 806, the second data are handled, after generating third data, then by generating Data encryption module 808 encrypts third data, forms encrypted 4th data, sends mould finally by data are generated 4th data are sent to front-end server 90 by block 807.
Further, the present embodiment is generated data encryption module 808 and is encrypted using RSA Algorithm, to third data The algorithm encrypted flow diagram shown in Figure 6 and above-mentioned respective description.
It as shown in figure 11, is the structural schematic diagram of another front-end server provided in an embodiment of the present invention, front end services Device 90 may include input data receiving module 901, data encryption module 902, encryption number in embodiment corresponding to above-mentioned Fig. 9 According to sending module 903, data reception module 904 is generated, further, front-end server further includes generating data decryption module 905;
Data decryption module 905 is generated, for the 4th data to be decrypted, the 5th data after forming decryption;
Specifically, the generation data encryption module 808 when background server 80 encrypts third data, encryption is formed 4th data are sent to front-end server 90, front end clothes then by generating data transmission blocks 807 by the 4th data afterwards The generation data reception module 904 of business device 90 receives the 4th data, then by generating data decryption module 905, to the 4th Data are decrypted, the 5th data after forming decryption.
Further, the present embodiment is decrypted to data decryption module is generated using RSA Algorithm, to the 4th data into The algorithm flow diagram shown in Figure 7 of row decryption and above-mentioned respective description.
Through the foregoing embodiment it is found that it is of the invention based on permission control method of controlling security and safety control system, Reached it is following the utility model has the advantages that
(1) method of controlling security and safety control system of the present invention based on permission control, by input number According to the transmission for carrying out data after being encrypted again, avoids and illegally distorted in data transmission procedure, and data deciphering It is preceding to carry out corresponding function privilege verifying, it avoids being tampered because of operation interface, causes function privilege setting not play a role, then Data permission verifying is carried out, prevents user from obtaining the data outside permission;The duplicate protection means of data encryption and Authority Verification are protected Hinder the safety of the accuracy and data of operation.
(2) it is of the present invention based on permission control method of controlling security and safety control system, front-end server and Background server is both needed to carry out the encryption and decryption process of data when transmitting data, carries out to input data and output data comprehensive Protection, avoids data in network transmission process from being tampered, causes leaking data.
Although some specific embodiments of the invention are described in detail by example, the skill of this field Art personnel it should be understood that example above merely to being illustrated, the range being not intended to be limiting of the invention.The skill of this field Art personnel are it should be understood that can without departing from the scope and spirit of the present invention modify to above embodiments.This hair Bright range is defined by the following claims.

Claims (10)

1. a kind of method of controlling security based on permission control characterized by comprising
Front-end server receives account information, input data, data processing request and request address information;
The front-end server encrypts the input data, forms encrypted first data, and the account is believed Breath, first data, the data processing request and the request address information are sent to background server;Wherein, institute It states account information, the request address information and the data processing request and forms the first data group;
The background server matches first data group received with first database;Wherein, described first Database includes at least one second data group, and second data group is at account information, request address information and data The predefined combination that reason request is formed;
If first data group is matched with second data group in the first database, the background server pair First data are decrypted, the second data after forming decryption;Then second data and predefined input are joined Number is matched;Wherein, the account information and second data form third data group;
If second data are matched with the predefined input parameter, the background server is by the third data group It is matched with the second database;Wherein, second database includes at least one the 4th data group, the 4th data group The predefined combination formed for account information and input data;
If the third data group is matched with the 4th data group in second database, the background service Device carries out data processing according to second data and the data processing request, generates third data;
The third data are sent to the front-end server by the background server.
2. the method for controlling security according to claim 1 based on permission control, which is characterized in that the front-end server It is encrypted when being encrypted to the input data using RSA Algorithm, comprising:
According to character sequencing, the input data is split as multiple first character strings, each first character string Maximum length is 30 bytes, forms the first character string dimension;
First character string dimension is recycled, the first character string in each first character string dimension is converted to first Then the first byte array is converted to 16 systems by byte array, form the first BigInteger type number;
The first BigInteger type number is encrypted using rsa encryption formula, and is converted to the second word of 16 systems Symbol string;It circuits sequentially, ultimately forms the second character string dimension;
According to the sequencing of the second character string in second character string dimension, second character string dimension is recycled, every Increase Chinese branch after a second character string, final splicing becomes an encrypted character string, forms the first data.
3. the method for controlling security according to claim 2 based on permission control, which is characterized in that the background server It is decrypted when first data are decrypted using RSA Algorithm, comprising:
According to the sequencing of character, first data are split as multiple third character strings, Mei Gesuo using Chinese branch The maximum length for stating third character string is 30 bytes, forms third character string dimension;
The third character string dimension is recycled, the third character string in each third character string dimension by 16 system characters String is converted to the 2nd byte array, and the 2nd byte array is then converted to 16 systems, forms the 2nd BigInteger type Number, and the 2nd BigInteger type number is decrypted using RSA decryption formula, form the third of 16 systems The 3rd BigInteger type number is finally converted to the 3rd byte array by BigInteger type number, and described the Three byte arrays are converted to the 4th character string;It circuits sequentially, ultimately forms the 4th character string dimension;
According to the sequencing of the 4th character string in the 4th character string dimension, the 4th character string dimension is converted to 5th character string forms the second data.
4. the method for controlling security according to claim 1 based on permission control, which is characterized in that the background server The third data are sent to the front-end server, comprising:
The background server encrypts the third data, forms encrypted 4th data, and the described 4th is counted According to being sent to the front-end server;And
The front-end server receives the 4th data, and the 4th data are decrypted, the 5th after forming decryption Data.
5. the method for controlling security according to claim 4 based on permission control, which is characterized in that the background server It is encrypted when being encrypted to the third data using RSA Algorithm, comprising:
According to character sequencing, the third data are split as multiple 6th character strings, each 6th character string Maximum length is 30 bytes, forms the 5th character string dimension;
The 5th character string dimension is recycled, the 6th character string in each 5th character string dimension is converted to the 4th Then the 4th byte array is converted to 16 systems by byte array, form the 4th BigInteger type number;
The 4th BigInteger type number is encrypted using rsa encryption formula, and is converted to the 7th word of 16 systems Symbol string;It circuits sequentially, ultimately forms the 6th character string dimension;
According to the sequencing of the 7th character string in the 6th character string dimension, the 6th character string dimension is recycled, every Increase Chinese branch after a 7th character string, final splicing becomes an encrypted character string, forms the 4th number According to.
6. the method for controlling security according to claim 5 based on permission control, which is characterized in that described to the described 4th It is decrypted when data are decrypted using RSA Algorithm, comprising:
According to the sequencing of character, the 4th data are split as multiple 8th character strings, Mei Gesuo using Chinese branch The maximum length for stating the 8th character string is 30 bytes, forms the 7th character string dimension;
The 7th character string dimension is recycled, the 8th character string in each 7th character string dimension by 16 system characters String is converted to the 5th byte array, and the 5th byte array is then converted to 16 systems, forms the 5th BigInteger type Number, and the 5th BigInteger type number is decrypted using RSA decryption formula, form the 6th of 16 systems The 6th BigInteger type number is finally converted to the 6th byte array by BigInteger type number, and described the Six byte arrays are converted to the 9th character string;It circuits sequentially, ultimately forms the 8th character string dimension;
According to the sequencing of the 9th character string in the 8th character string dimension, the 8th character string dimension is converted to Tenth character string forms the 5th data.
7. a kind of safety control system based on permission control characterized by comprising front-end server and background server, Wherein, the background server includes:
Encrypted data reception module, for receiving encrypted first data from the front-end server, account information, number According to processing request and request address information;Wherein, the account information, the request address information and the data processing Request forms the first data group;
First data match module, for matching first data group with first database;Wherein, first number It include at least one second data group according to library, second data group is account information, request address information and data processing Request the predefined combination formed;
Encryption data deciphering module, for first data to be decrypted, the second data after forming decryption;
Parameter matching module, for matching second data with predefined input parameter;Wherein, the account letter Breath and second data form third data group;
Second data match module, for matching the third data group with the second database;Wherein, second number It include at least one the 4th data group according to library, the 4th data group is predefined group of account information and input data formation It closes;
Data generation module generates third for carrying out data processing according to second data and the data processing request Data;And
Data transmission blocks are generated, for the third data to be sent to the front-end server.
8. the safety control system according to claim 7 based on permission control, which is characterized in that the front-end server Include:
Input data receiving module, for receiving account information, input data, data processing request and request address information;
Data encryption module forms encrypted first data for encrypting to the input data;
Encryption data sending module, for by the account information, first data, the data processing request and described Request address information is sent to background server;And
Data reception module is generated, for receiving the third data from the background server.
9. the safety control system according to claim 8 based on permission control, which is characterized in that the background server Further include generating data encryption module, for encrypting to the third data, forms encrypted 4th data;Wherein, The generation data encryption module is encrypted using RSA Algorithm, comprising:
According to character sequencing, the third data are split as multiple 6th character strings, each 6th character string Maximum length is 30 bytes, forms the 5th character string dimension;
The 5th character string dimension is recycled, the 6th character string in each 5th character string dimension is converted to the 4th Then the 4th byte array is converted to 16 systems by byte array, form the 4th BigInteger type number;
The 4th BigInteger type number is encrypted using rsa encryption formula, and is converted to the 7th word of 16 systems Symbol string;It circuits sequentially, ultimately forms the 6th character string dimension;
According to the sequencing of the 7th character string in the 6th character string dimension, the 6th character string dimension is recycled, every Increase Chinese branch after a 7th character string, final splicing becomes an encrypted character string, forms the 4th number According to;
Also, the front-end server further includes generating data decryption module, for the 4th data to be decrypted, is formed The 5th data after decryption;Wherein, the generation data decryption module is decrypted using RSA Algorithm, comprising:
According to the sequencing of character, the 4th data are split as multiple 8th character strings, Mei Gesuo using Chinese branch The maximum length for stating the 8th character string is 30 bytes, forms the 7th character string dimension;
The 7th character string dimension is recycled, the 8th character string in each 7th character string dimension by 16 system characters String is converted to the 5th byte array, and the 5th byte array is then converted to 16 systems, forms the 5th BigInteger type Number, and the 5th BigInteger type number is decrypted using RSA decryption formula, form the 6th of 16 systems The 6th BigInteger type number is finally converted to the 6th byte array by BigInteger type number, and described the Six byte arrays are converted to the 9th character string;It circuits sequentially, ultimately forms the 8th character string dimension;
According to the sequencing of the 9th character string in the 8th character string dimension, the 8th character string dimension is converted to Tenth character string forms the 5th data.
10. the safety control system according to claim 7 based on permission control, which is characterized in that the input data The business datum of any approach typing including being filled in by data query, list, in data importing.
CN201710189481.9A 2017-03-27 2017-03-27 A kind of method of controlling security and safety control system based on permission control Active CN106713372B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710189481.9A CN106713372B (en) 2017-03-27 2017-03-27 A kind of method of controlling security and safety control system based on permission control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710189481.9A CN106713372B (en) 2017-03-27 2017-03-27 A kind of method of controlling security and safety control system based on permission control

Publications (2)

Publication Number Publication Date
CN106713372A CN106713372A (en) 2017-05-24
CN106713372B true CN106713372B (en) 2019-07-05

Family

ID=58887071

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710189481.9A Active CN106713372B (en) 2017-03-27 2017-03-27 A kind of method of controlling security and safety control system based on permission control

Country Status (1)

Country Link
CN (1) CN106713372B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107395600B (en) * 2017-07-25 2019-12-06 金在(北京)金融信息服务有限公司 Service data verification method, service platform and mobile terminal
CN109617895A (en) * 2018-12-27 2019-04-12 东莞见达信息技术有限公司 Access safety control method and system
CN111555880B (en) * 2019-02-12 2023-05-30 北京京东尚科信息技术有限公司 Data collision method and device, storage medium and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401561A (en) * 2013-07-25 2013-11-20 百度在线网络技术(北京)有限公司 Methods and devices for compressing and decompressing map data
CN106339760A (en) * 2016-08-31 2017-01-18 湖北既济电力集团有限公司科技信息分公司 Communication cable maintenance management information system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4375715B2 (en) * 2003-07-11 2009-12-02 本田技研工業株式会社 Front structure of motorcycle
KR101371608B1 (en) * 2011-10-10 2014-03-14 주식회사 알티베이스 Database Management System and Encrypting Method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103401561A (en) * 2013-07-25 2013-11-20 百度在线网络技术(北京)有限公司 Methods and devices for compressing and decompressing map data
CN106339760A (en) * 2016-08-31 2017-01-18 湖北既济电力集团有限公司科技信息分公司 Communication cable maintenance management information system

Also Published As

Publication number Publication date
CN106713372A (en) 2017-05-24

Similar Documents

Publication Publication Date Title
AU667925B2 (en) Cryptographic data security in a secured computer system
US7058971B1 (en) Access privilege transferring method
CN106302328B (en) Sensitive user data processing system and method
CN106790250A (en) Data processing, encryption, integrity checking method and authentication identifying method and system
CN105827574B (en) A kind of file access system, method and device
CN102170350B (en) Multiple uncertainty encryption system with misleading function
CN103455744B (en) A kind of data security protection method based on vein identification technology and system
CN206212040U (en) A kind of real-name authentication system for express delivery industry
CN106452764A (en) Method for automatically updating identification private key and password system
CN111954211B (en) Novel authentication key negotiation system of mobile terminal
CN103108028A (en) Cloud computing processing system with security architecture
US8316437B2 (en) Method for protecting the access to an electronic object connected to a computer
CN106713372B (en) A kind of method of controlling security and safety control system based on permission control
US9516059B1 (en) Using mock tokens to protect against malicious activity
CN110225014B (en) Internet of things equipment identity authentication method based on fingerprint centralized issuing mode
CN105743905A (en) Method, device and system for realizing security login and security equipment
US10615975B2 (en) Security authentication method for generating secure key by combining authentication elements of multi-users
CN116743470A (en) Service data encryption processing method and device
CN108667801A (en) A kind of Internet of Things access identity safety certifying method and system
CN106992978A (en) Network safety managing method and server
Said et al. A multi-factor authentication-based framework for identity management in cloud applications
CN113918977A (en) User information transmission device based on Internet of things and big data analysis
CN109145557A (en) A kind of computer data protection system
CN107451483A (en) A kind of safe encryption method of data platform
CN111464543B (en) Teaching information safety protection system based on cloud platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant