CN107241364B - File downloading method and device - Google Patents

File downloading method and device Download PDF

Info

Publication number
CN107241364B
CN107241364B CN201710679533.0A CN201710679533A CN107241364B CN 107241364 B CN107241364 B CN 107241364B CN 201710679533 A CN201710679533 A CN 201710679533A CN 107241364 B CN107241364 B CN 107241364B
Authority
CN
China
Prior art keywords
information
file
preset
identity
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710679533.0A
Other languages
Chinese (zh)
Other versions
CN107241364A (en
Inventor
谭巍
魏西鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Jiezhiliang Software Co ltd
Original Assignee
Guangzhou Jiezhiliang Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Jiezhiliang Software Co ltd filed Critical Guangzhou Jiezhiliang Software Co ltd
Priority to CN201710679533.0A priority Critical patent/CN107241364B/en
Publication of CN107241364A publication Critical patent/CN107241364A/en
Application granted granted Critical
Publication of CN107241364B publication Critical patent/CN107241364B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a file downloading method and device, and relates to the technical field of internet. The file downloading method is applied to a server of a file downloading system, and comprises the following steps: receiving a downloading request sent by a user terminal according to the operation of a user, wherein the downloading request comprises address information, verification information, identity information and file information; judging whether the address information is in a preset address information range or not, if so, performing identity authentication on the user according to the authentication information to obtain an identity authentication result; if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information; and if the file information is judged to be downloadable, encrypting the file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal. The file downloading method has high safety and reliability.

Description

File downloading method and device
Technical Field
The invention relates to the technical field of internet, in particular to a file downloading method and device.
Background
With the rapid development of science and technology, the internet technology is becoming mature. At present, the file transmission by utilizing the internet interaction is an essential file transmission mode in daily work and life of people. However, when downloading a file, it is common to make no judgment on the contents of the user, such as address information, identity information, authentication information, and file information, and thus the security of file transmission is not high.
Disclosure of Invention
In view of this, embodiments of the present invention provide a file downloading method and apparatus to solve the above problems.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
a file downloading method is applied to a server of a file downloading system, and comprises the following steps: receiving a downloading request sent by a user terminal according to the operation of a user, wherein the downloading request comprises address information, verification information, identity information and file information; judging whether the address information is in a preset address information range or not, if so, performing identity authentication on the user according to the authentication information to obtain an identity authentication result; if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information; and if the file information is judged to be downloadable, encrypting the file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal.
A file downloading device is applied to a server of a file downloading system and comprises a request receiving module, a first judging module, a second judging module and a file sending module, wherein the request receiving module is used for receiving a downloading request sent by a user terminal according to the operation of a user, and the downloading request comprises address information, verification information, identity information and file information; the first judging module is used for judging whether the address information is in a preset address information range, and if the address information is in the preset address information range, performing identity verification on the user according to the verification information to obtain an identity verification result; the second judging module is used for judging whether the file information can be downloaded according to the identity information if the identity verification result is that the identity verification is successful; and the file sending module is used for encrypting the file content corresponding to the file information to obtain an encrypted file and sending the encrypted file to the user terminal if the file information is judged to be downloadable.
According to the file downloading method and device provided by the embodiment of the invention, the downloading request comprising the address information, the verification information, the identity information and the file information is received; then judging whether the address information is in a preset address information range, if so, performing identity authentication on the user according to authentication information to obtain an identity authentication result; if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information; and finally, if the file information is judged to be downloadable, encrypting the file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal. Therefore, the address information, the verification information, the identity information and the file information are realized in the file downloading process, the safety is improved, and the problem of low safety of file transmission in the prior art is solved.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 illustrates an interaction diagram of a server and a user terminal provided by a preferred embodiment of the present invention;
fig. 2 is a block diagram of a ue according to a preferred embodiment of the present invention;
FIG. 3 is a flowchart illustrating a file downloading method according to a preferred embodiment of the present invention;
FIG. 4 is a flowchart illustrating a step S130 of a file downloading method according to a preferred embodiment of the present invention;
fig. 5 is a functional block diagram of a file downloading device according to a preferred embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Fig. 1 is a schematic diagram illustrating a server 110 and a plurality of user terminals 120 interacting with each other in a file download system 100 according to an embodiment of the present invention. The server 110 is communicatively coupled to one or more user terminals 120 via a network for data communications or interactions. The server 110 may be a web server, a database server, or the like. The user terminal 120 may be a Personal Computer (PC), a tablet PC, a smart phone, a Personal Digital Assistant (PDA), and the like. The server 110 and the user terminal 120 in fig. 1 are only illustrative and not limited to specific examples.
Fig. 2 shows a block diagram of a server applicable to an embodiment of the present invention. As shown in FIG. 2, the server 110 includes a memory 102, a storage controller 104, one or more processors 106 (only one shown), a peripheral interface 108, a radio frequency module 110, an audio module 112, a display unit 114, and the like. These components communicate with each other via one or more communication buses/signal lines 116.
The memory 102 may be used to store software programs and modules, such as program instructions/modules corresponding to the file downloading method and apparatus in the embodiment of the present invention, and the processor 106 executes various functional applications and data processing by running the software programs and modules stored in the memory 102, such as the file downloading apparatus provided in the embodiment of the present invention.
The memory 102 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. Access to the memory 102 by the processor 106, and possibly other components, may be under the control of the memory controller 104.
The peripheral interface 108 couples various input/output devices to the processor 106 as well as to the memory 102. In some embodiments, the peripheral interface 108, the processor 106, and the memory controller 104 may be implemented in a single chip. In other examples, they may be implemented separately from the individual chips.
The rf module 110 is used for receiving and transmitting electromagnetic waves, and implementing interconversion between the electromagnetic waves and electrical signals, so as to communicate with a communication network or other devices.
Audio module 112 provides an audio interface to a user that may include one or more microphones, one or more speakers, and audio circuitry.
The display unit 114 provides a display interface between the server 110 and the user. In particular, display unit 114 displays file outputs to the user, the content of which may include text, graphics, files, and any combination thereof.
It will be appreciated that the configuration shown in fig. 2 is merely illustrative and that server 110 may include more or fewer components than shown in fig. 2 or have a different configuration than shown in fig. 2. The components shown in fig. 2 may be implemented in hardware, software, or a combination thereof.
First embodiment
Fig. 3 is a flowchart illustrating a file downloading method according to an embodiment of the present invention. The file downloading method is applied to a server of a file downloading system, please refer to fig. 3, and the method includes:
step S110: receiving a downloading request sent by a general user terminal according to the operation of a user, wherein the downloading request comprises address information, verification information, identity information and file information.
When a user needs to download a file, a download request can be sent to the server through the user terminal. Correspondingly, the server receives a downloading request sent by the user terminal.
Specifically, the download request includes address information, verification information, identity information, and file information. The address information may be a physical address of the user terminal, i.e., a MAC address. Of course, the address information may also be an IP address. The verification information may be authentication information used for authentication, and specifically may include fingerprint information, face information, unlock image information, password information, and the like, and the user terminal may complete the authentication information by external devices such as an external camera, a fingerprint acquisition device, and an external keyboard. The identity information may be ID information of the user, the ID information of the user and the authority information have a corresponding relationship, and the server stores the corresponding relationship between the ID information of the user and the authority information. The file information may be an identification of the file that the user desires to download, such as a file name. Of course, the specific types and contents of the address information, the authentication information, the identity information, and the file information in the embodiment of the present invention are not limited.
Step S120: and judging whether the address information is in a preset address information range, and if the address information is in the preset address information range, performing identity authentication on the user according to the authentication information to obtain an identity authentication result.
In the embodiment of the present invention, since there is a case where the server serves only a specific user, the server may store therein a plurality of pieces of preset address information that can be served. The plurality of pieces of serviceable preset address information may constitute a preset address information range.
After the address information is obtained, it may be determined whether the address information exists in a plurality of preset address information. For example, the preset address information includes a plurality of preset addresses such as B8-03-05-04-A6-1E, B8-03-05-04-a5-1E, B8-03-05-04-a4-1E, B8-03-05-04-A3-1E, and B8-03-05-04-a2-1E, and the acquired address information is B8-03-05-04-a4-1E, and it is determined that the acquired address information is within the preset address information range; and if the acquired address information is B8-03-05-04-A9-1E, judging that the acquired address information is not in the preset address information range. It should be noted that the above preset address information and the obtained address information are only examples, and do not represent actual preset address information.
And when the address information is judged to be in the preset address information range, the identity of the user is verified. The user can be authenticated according to the authentication information to obtain an authentication result. Specifically, the method may include: judging whether the verification information is matched with preset verification information or not; if the verification information is matched with the preset verification information, the identity verification is successful; and if the verification information is not matched with the preset verification information, the identity verification is unsuccessful.
The server may store therein preset authentication information, each preset authentication information corresponding to each user. And matching the acquired verification information with preset verification information, wherein the matching result is used as the basis of the identity verification result.
Specifically, the determining whether the verification information matches the preset verification information may include: respectively judging whether the fingerprint information is matched with preset fingerprint information, judging whether the face information is matched with preset face information, judging whether the unlocking image information is matched with preset unlocking image information, and judging whether the password information is matched with preset password information; if the fingerprint information is matched with preset fingerprint information, the face information is matched with the preset face information, the unlocking image information is matched with the preset unlocking image information, and the password information is matched with the preset password information, the verification information is matched with the preset verification information.
Specifically, whether the fingerprint information is matched with the preset fingerprint information or not is judged, the fingerprint information is matched with the preset fingerprint information, if the matching degree is greater than a preset threshold value, the acquired fingerprint information and the stored fingerprint information are considered to be the fingerprint information of the same user, and the fingerprint information is judged to be matched with the preset fingerprint information. The method for judging whether the fingerprint information is matched with the preset fingerprint information can be realized based on Guangzhou micro-positive fingerprint identification algorithm MZFinger5.0. Of course, the specific method of determining whether the fingerprint information matches the preset challenge information is not limited in the embodiment of the present invention, and other methods may be used.
In the embodiment of the present invention, it may be determined whether the face information matches the preset face information, where the face information is matched with the stored face information, and if the matching degree is greater than a preset threshold, the acquired face information and the stored face information are considered to be face information of the same user, and it is determined that the face information matches the preset face information. The specific method for judging whether the face information is matched with the preset face information may be based on a camshift algorithm. Of course, the specific method for determining whether the face information matches the preset face information is not limited in the embodiment of the present invention, and other methods may be used.
Judging whether the unlocking image information is matched with preset unlocking image information may include: analyzing the unlocking image information to obtain a plurality of sections of gesture tracks; extracting a vector value of each segment of the gesture track; generating a vector column corresponding to the unlocking image information according to the vector value of each section of the gesture track; judging whether the vector column corresponding to the unlocking image information is matched with the vector column corresponding to the preset unlocking image information; and if the vector column corresponding to the unlocking image information is matched with the vector column corresponding to the preset unlocking image information, judging that the unlocking image information is matched with the preset unlocking image information. Otherwise, the unlocking image information is not matched with the preset unlocking image information.
If the password in the password information is consistent with the password in the preset password information, the password information is judged to be matched with the preset password information. Otherwise, the password information is not matched with the preset password information.
In the embodiment of the invention, the unlocking image information is image information comprising a plurality of segments of gesture tracks. First, the unlocking image information may be parsed into a plurality of gesture tracks. And establishing a coordinate system in the unlocking image, and calculating a vector value corresponding to each gesture track. A vector column may then be generated based on the positional relationship of the gesture trajectory in the unlock image. And finally, reading a vector column corresponding to a preset unlocking image in the stored vector columns, judging whether the vector column generated by the unlocking image information is the same as the vector column corresponding to the stored preset unlocking image, if so, judging that the unlocking image is matched with the preset unlocking image, and if not, judging that the unlocking image is not matched with the preset unlocking image.
Therefore, the matching result of the fingerprint information and the preset fingerprint information, the matching result of the face information and the preset face information, the matching result of the unlocking image information and the preset unlocking image information, and the matching result of the password information and the preset password information can be obtained, and when the four matching results are matched, the verification information is judged to be matched with the preset verification information.
Thereby, the matching result of the authentication information and the preset authentication information. Determining an identity authentication result according to a matching result of the authentication information and preset authentication information, and judging that the identity authentication is successful when the authentication information is matched with the preset authentication information; and when the verification information is not matched with the preset verification information, the identity verification is judged to be unsuccessful.
Step S130: and if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information.
After the identity authentication result is obtained, when the identity authentication result is that the identity authentication is successful, the file information can be judged according to the identity information. Because there are different permissions for each user, some files stored by the server may be downloaded to a user, while other files stored by the server may not be downloaded. For example, the server stores a list of "members" that can download all the stored content and a list of "non-members" that can download part of the content.
Therefore, whether the file information in the downloading request can be downloaded can be judged according to the acquired identity information. Specifically, referring to fig. 4, step S130 may include:
step S131: and acquiring authority information corresponding to the identity information.
In the embodiment of the present invention, the identity information of each user may correspond to different authority information. And, the authority information corresponding to the identity information of each user may be stored in the server. Therefore, the authority information corresponding to the identity information of the user sending the downloading request can be searched.
Specifically, the identity information of each user may be an ID account, and the right corresponding to each ID account is stored in the server. The server can directly search the corresponding authority information according to the ID account.
Further, the rights may be classified into various levels, for example, a plurality of levels of L1, L2, L3, L4, L5, and the like.
Step S132: and searching a file downloading list corresponding to the authority information according to the authority information.
In the embodiment of the present invention, different rights information may correspond to different downloaded files, that is, different downloadable files of rights information have different contents. The server may store a file download list, where the file download list includes all downloaded file information corresponding to the authority of the user sending the download request. Therefore, the authority information corresponding to the user sending the downloading request and the corresponding file downloading list can be searched.
For example, a plurality of download file names are respectively associated with a plurality of levels such as L1, L2, L3, L4, and L5, and if the level of the user who sends the download request is L2, a file download list is generated from the plurality of download file names corresponding to L2.
Step S133: and judging whether the file information exists in the file downloading list or not.
And after the file downloading list is acquired, judging whether the file information exists in the file downloading list. For example, the file download list is a file download list generated from a plurality of download file names corresponding to L2, the download file names include file names such as a1, a2, A3, and a4, and if the file information is a2, it is determined that the acquired file information is present in the file download list, and if the file information is a5, it is determined that the acquired file information is not present in the file download list.
Step S144: and if the file information exists in the file downloading list, determining that the file information can be downloaded.
When the file information exists in the file downloading list, the file information is a file which can be downloaded and corresponds to the authority corresponding to the user sending the downloading request, and therefore the file information is judged to be downloadable.
Step S140: and if the file information is judged to be downloadable, encrypting the file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal.
After the judgment result of the file information is obtained, when the file information in the downloading request is judged to be downloadable, the file content corresponding to the file information stored in the server is searched. And then encrypting the file content to obtain an encrypted file. Specifically, the method may include: generating an encryption key by the address information and the identity information according to a preset algorithm; and encrypting the file content corresponding to the file information according to the encryption key and a preset encryption algorithm to obtain an encrypted file.
Further, the generation of the encryption key by the address information and the identity information according to a preset algorithm may be a conversion of the address information and the identity information into first digital data and second digital data, respectively; and generating an encryption key according to the combination of the first digital data and the second digital data.
Specifically, the address information is converted into digital data. If the address information is the MAC address, the MAC address is in a hexadecimal representation form, and the MAC address can be converted into decimal digits as the first digit data corresponding to the address information. E.g., 08:00:20:0A:8C:6D, it may be converted to decimal numeric data 803210140109. If the address information is an IP address, and the IP address is in a decimal expression form, the IP address can be directly used as the first numerical data corresponding to the address information. E.g., 192.168.0.1, is converted to 19216801.
Further, the identity information is converted into digital data. The identity information is an ID account, and when the ID account is in a decimal expression form, the ID account can be directly used as second digital data corresponding to the identity information. For example, if the ID account is 35367, the digital data corresponding to the identity information is 35367. When the ID information is composed of various letters, the ID information can be converted into decimal numeric data according to an ASCII comparison table and used as second numeric data corresponding to the identity information.
After first digital data corresponding to the address information and second digital data corresponding to the identity information are obtained, the first digital data corresponding to the address information and the second digital data corresponding to the identity information are combined through a specific algorithm to generate an encryption key. The specific algorithm is not limited, and may be a multiple equation or other more complex algorithm that is used to calculate the first digital data and the second digital data to obtain a value as the encryption key.
In the embodiment of the present invention, the algorithm for generating the encryption key from the first digital data and the second digital data is not limited, and may be a customized algorithm, and the complexity thereof is improved to a certain extent, so as to improve the security.
And after the encryption key is obtained, searching the file content corresponding to the file information in the downloading request from the stored file content. And after the file content corresponding to the file information is found, encrypting the file content through a preset encryption algorithm and the obtained encryption key to obtain an encrypted file. The preset Encryption algorithm may be any one of Encryption algorithms, such as des (data Encryption standard), aes (advanced Encryption standard), rsa (rivest Shamir adleman), and so on. Of course, the specific type of the preset encryption algorithm is not limited in the embodiment of the present invention, and may be selected according to the actual situation.
Therefore, the encrypted file corresponding to the file information can be obtained. And, the encrypted file is transmitted to the user terminal that transmitted the download request.
In this embodiment of the present invention, the file downloading method may further include: receiving a file decryption request sent by the user terminal, wherein the file decryption request comprises address information and identity information; generating a decryption key according to the address information and the identity information; and sending the decryption key to the user terminal so that the user terminal decrypts the encrypted file according to the decryption key and a preset decryption algorithm to obtain a decrypted file, wherein the preset decryption algorithm corresponds to the preset encryption algorithm.
Specifically, the decryption request includes address information and identity information. The decryption key may be generated based on the address information and the identity information, and the method of generating the decryption key is the same as the method of generating the encryption key. And then the decryption key is sent to the user terminal, so that the user terminal can decrypt the encrypted file according to the received decryption key and a preset decryption algorithm to obtain the decrypted file. It should be noted that the preset decryption algorithm corresponds to the preset encryption algorithm, that is, the preset decryption algorithm is an algorithm for decrypting the file encrypted by the preset encryption algorithm.
In this embodiment of the present invention, the file downloading method may further include: receiving a file uploading request sent by a user terminal, wherein the uploading request comprises address information, verification information, identity information and file information; judging whether the address information is in a preset address information range or not, if so, performing identity authentication on the user according to the authentication information to obtain an identity authentication result; if the identity authentication result is that the identity authentication is successful, judging whether the file information can be uploaded according to the identity information; and if the file information is judged to be uploaded, receiving file contents corresponding to the file information and sent by the user terminal, and storing the file contents in a classified manner.
It can be understood that the specific methods of the address information determination, the identity verification, and the file information determination are consistent with the method in the file downloading process, and are not described in detail herein.
Second embodiment
Referring to fig. 5, the file downloading apparatus 200 according to a second embodiment of the present invention is applied to a server of a file downloading system, and the file downloading apparatus 200 includes a request receiving module 210, a first determining module 220, a second determining module 230, and a file sending module 240. The request receiving module 210 is configured to receive a download request sent by a user terminal according to an operation of a user, where the download request includes address information, verification information, identity information, and file information; the first determining module 220 is configured to determine whether the address information is within a preset address information range, and if the address information is within the preset address information range, perform authentication on the user according to the authentication information to obtain an authentication result; the second determining module 230 is configured to determine whether the file information can be downloaded according to the identity information if the identity authentication result is that the identity authentication is successful; the file sending module 240 is configured to encrypt the file content corresponding to the file information to obtain an encrypted file if it is determined that the file information is downloadable, and send the encrypted file to the user terminal.
In the embodiment of the present invention, the second determination module 220 includes a permission information obtaining unit, a list searching unit, a file information determining unit, and a file determining unit. The authority information acquisition unit is used for acquiring authority information corresponding to the identity information; the list searching unit is used for searching a file downloading list corresponding to the authority information according to the authority information; the file information judging unit is used for judging whether the file information exists in the file downloading list or not; the file determining unit is configured to determine that the file information is downloadable if the file information exists in the file download list.
In the embodiment of the present invention, the file transmission module 240 includes a key generation unit and an encryption unit. The key generation unit is used for generating an encryption key according to the address information and the identity information according to a preset algorithm; and the encryption unit is used for encrypting the file content corresponding to the file information according to the encryption key and a preset encryption algorithm to obtain an encrypted file.
In the embodiment of the present invention, the first determining module 220 includes a matching determining unit and a result generating unit. The matching judgment unit is used for judging whether the verification information is matched with preset verification information or not; the result generation unit is used for successfully verifying the identity if the verification information is matched with the preset verification information; and if the verification information is not matched with the preset verification information, the identity verification is unsuccessful.
In summary, the file downloading method and apparatus provided in the embodiments of the present invention receive a downloading request including address information, verification information, identity information, and file information; then judging whether the address information is in a preset address information range, if so, performing identity authentication on the user according to authentication information to obtain an identity authentication result; if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information; and finally, if the file information is judged to be downloadable, encrypting the file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal. Therefore, the address information, the verification information, the identity information and the file information are realized in the file downloading process, the safety is improved, and the problem of low safety of file transmission in the prior art is solved.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (7)

1. A file downloading method, applied to a server of a file downloading system, the method comprising:
receiving a downloading request sent by a user terminal according to the operation of a user, wherein the downloading request comprises address information, verification information, identity information and file information;
judging whether the address information is in a preset address information range or not, if so, performing identity authentication on the user according to the authentication information to obtain an identity authentication result;
if the identity authentication result is that the identity authentication is successful, judging whether the file information can be downloaded according to the identity information;
if the file information is judged to be downloadable, encrypting file content corresponding to the file information to obtain an encrypted file, and sending the encrypted file to the user terminal;
the determining whether the file information can be downloaded according to the identity information includes: acquiring authority information corresponding to the identity information; searching a file downloading list corresponding to the authority information according to the authority information; judging whether the file information exists in the file downloading list or not; if the file information exists in the file downloading list, determining that the file information can be downloaded;
the encrypting the file content corresponding to the file information to obtain an encrypted file includes: generating an encryption key by the address information and the identity information according to a preset algorithm; encrypting the file content corresponding to the file information according to the encryption key and a preset encryption algorithm to obtain an encrypted file;
the identity information includes account information, and generating an encryption key by using the address information and the identity information according to a preset algorithm includes: converting the address information and the identity information into first digital data and second digital data respectively; and generating an encryption key according to the combination of the first digital data and the second digital data.
2. The method of claim 1, further comprising:
receiving a file decryption request sent by the user terminal, wherein the file decryption request comprises address information and identity information;
generating a decryption key according to the address information and the identity information;
and sending the decryption key to the user terminal so that the user terminal decrypts the encrypted file according to the decryption key and a preset decryption algorithm to obtain a decrypted file, wherein the preset decryption algorithm corresponds to the preset encryption algorithm.
3. The method of claim 1, wherein the authenticating the user according to the authentication information comprises:
judging whether the verification information is matched with preset verification information or not;
if the verification information is matched with the preset verification information, the identity verification is successful; and if the verification information is not matched with the preset verification information, the identity verification is unsuccessful.
4. The method of claim 3, wherein the verification information includes fingerprint information, face information, unlock image information, and password information, and the determining whether the verification information matches preset verification information includes:
respectively judging whether the fingerprint information is matched with preset fingerprint information, judging whether the face information is matched with preset face information, judging whether the unlocking image information is matched with preset unlocking image information, and judging whether the password information is matched with preset password information;
if the fingerprint information is matched with preset fingerprint information, the face information is matched with the preset face information, the unlocking image information is matched with the preset unlocking image information, and the password information is matched with the preset password information, the verification information is matched with the preset verification information.
5. The method of claim 4, wherein the determining whether the unlock image information matches preset unlock image information comprises:
analyzing the unlocking image information to obtain a plurality of sections of gesture tracks;
extracting a vector value of each segment of the gesture track;
generating a vector column corresponding to the unlocking image information according to the vector value of each section of the gesture track;
judging whether the vector column corresponding to the unlocking image information is matched with the vector column corresponding to the preset unlocking image information;
and if the vector column corresponding to the unlocking image information is matched with the vector column corresponding to the preset unlocking image information, judging that the unlocking image information is matched with the preset unlocking image information.
6. The method of claim 1, further comprising:
receiving a file uploading request sent by a user terminal, wherein the uploading request comprises address information, verification information, identity information and file information;
judging whether the address information is in a preset address information range or not, if so, performing identity authentication on the user according to the authentication information to obtain an identity authentication result;
if the identity authentication result is that the identity authentication is successful, judging whether the file information can be uploaded according to the identity information;
and if the file information is judged to be uploaded, receiving file contents corresponding to the file information and sent by the user terminal, and storing the file contents in a classified manner.
7. A file downloading device is characterized in that the device is applied to a server of a file downloading system and comprises a request receiving module, a first judging module, a second judging module and a file sending module, wherein,
the request receiving module is used for receiving a downloading request sent by a user terminal according to the operation of a user, wherein the downloading request comprises address information, verification information, identity information and file information;
the first judging module is used for judging whether the address information is in a preset address information range, and if the address information is in the preset address information range, performing identity verification on the user according to the verification information to obtain an identity verification result;
the second judging module is used for judging whether the file information can be downloaded according to the identity information if the identity verification result is that the identity verification is successful;
the file sending module is used for encrypting file contents corresponding to the file information to obtain an encrypted file and sending the encrypted file to the user terminal if the file information is judged to be downloadable;
the second judgment module comprises a permission information acquisition unit, a list search unit, a file information judgment unit and a file judgment unit, wherein the permission information acquisition unit is used for acquiring permission information corresponding to the identity information; the list searching unit is used for searching a file downloading list corresponding to the authority information according to the authority information; the file information judging unit is used for judging whether the file information exists in the file downloading list or not; the file determining unit is used for determining that the file information can be downloaded if the file information exists in the file downloading list;
the file sending module comprises a key generation unit and an encryption unit, wherein the key generation unit is used for generating an encryption key by the address information and the identity information according to a preset algorithm; the encryption unit is used for encrypting the file content corresponding to the file information according to the encryption key and a preset encryption algorithm to obtain an encrypted file;
the key generation unit is specifically configured to: converting the address information and the identity information into first digital data and second digital data respectively; and generating an encryption key according to the combination of the first digital data and the second digital data.
CN201710679533.0A 2017-08-10 2017-08-10 File downloading method and device Active CN107241364B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710679533.0A CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710679533.0A CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Publications (2)

Publication Number Publication Date
CN107241364A CN107241364A (en) 2017-10-10
CN107241364B true CN107241364B (en) 2020-05-08

Family

ID=59989879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710679533.0A Active CN107241364B (en) 2017-08-10 2017-08-10 File downloading method and device

Country Status (1)

Country Link
CN (1) CN107241364B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682376B (en) * 2017-11-21 2021-03-23 北京顶象技术有限公司 Wind control data interaction method and device
CN108347629A (en) * 2018-03-16 2018-07-31 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN108418826A (en) * 2018-03-16 2018-08-17 中影数字巨幕(北京)有限公司 Video file processing method, device, server and storage medium
CN110149535A (en) * 2019-05-16 2019-08-20 北京小米移动软件有限公司 Image management method and device, storage medium
CN110519154B (en) * 2019-08-15 2022-11-15 中国平安财产保险股份有限公司 Data transmission method, device, equipment and computer readable storage medium
CN111460400B (en) * 2020-03-31 2024-06-18 腾讯科技(深圳)有限公司 Data processing method, device and computer readable storage medium
CN111885047A (en) * 2020-07-21 2020-11-03 黑芝麻智能科技(重庆)有限公司 Method for terminal to acquire data, method for terminal to access data and terminal
CN112133080B (en) * 2020-08-18 2021-12-03 宁波三星医疗电气股份有限公司 Storage method of metering data of power acquisition terminal, power acquisition terminal and power system
CN112527750A (en) * 2020-12-15 2021-03-19 中孚安全技术有限公司 Domestic operating system file storage method and system
CN112653777B (en) * 2020-12-18 2023-05-16 北京百家科技集团有限公司 File downloading method, terminal, server, electronic equipment and storage medium
CN113420331B (en) * 2021-06-30 2022-12-13 建信金融科技有限责任公司 Method and device for managing file downloading permission
CN114039729B (en) * 2022-01-08 2022-04-19 广州市成格信息技术有限公司 Intelligent network management method and system based on optical network technology
CN114999030A (en) * 2022-05-25 2022-09-02 杭州萤石软件有限公司 Unlocking method, system, electronic equipment and storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7155415B2 (en) * 2000-04-07 2006-12-26 Movielink Llc Secure digital content licensing system and method
CN103268456B (en) * 2013-05-31 2017-02-08 杭州华三通信技术有限公司 Method and device for file safety control
CN103914520B (en) * 2014-03-18 2022-01-25 小米科技有限责任公司 Data query method, terminal device and server

Also Published As

Publication number Publication date
CN107241364A (en) 2017-10-10

Similar Documents

Publication Publication Date Title
CN107241364B (en) File downloading method and device
US9525550B2 (en) Method and apparatus for securing a mobile application
AU2013101034B4 (en) Registration and authentication of computing devices using a digital skeleton key
US20050154924A1 (en) Multiple factor-based user identification and authentication
US20170171183A1 (en) Authentication of access request of a device and protecting confidential information
CN107786331B (en) Data processing method, device, system and computer readable storage medium
WO2017202025A1 (en) Terminal file encryption method, terminal file decryption method, and terminal
KR102578428B1 (en) Update biometric template protection key
CN113709115B (en) Authentication method and device
KR20210046357A (en) Method and apparatus for key storing and recovery for blockchain based system
CN106487758B (en) data security signature method, service terminal and private key backup server
CN107248972B (en) Data encryption and decryption method and device and electronic equipment
US20070106903A1 (en) Multiple Factor-Based User Identification and Authentication
CN114386104A (en) Method for storing sensitive data, data reading method and device
CN114501431A (en) Message transmission method and device, storage medium and electronic equipment
KR102375973B1 (en) Security server using case based reasoning engine and storage medium for installing security function
US11606196B1 (en) Authentication system for a multiuser device
US20210258141A1 (en) Method for recognizing expression of opinion capable of ensuring anonymity and preventing sybil attacks, method for registering that stores user?s identification information, and method for authenticating the user
JP6923878B2 (en) Authentication device, authentication system, authentication method and program
US11949772B2 (en) Optimized authentication system for a multiuser device
US12021975B2 (en) Authentication system for a multiuser device
US11811915B1 (en) Stateless system to protect data
KR20200071880A (en) Method of providing personal information collection agreement procedure in iot system, and apparatuses performing the same
CN108388867B (en) Logistics distribution method and device and server
US11856105B1 (en) Secure multi-factor authentication system including identity verification of an authorized user

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant