CN107749878B - Method and device for synchronizing files - Google Patents

Method and device for synchronizing files Download PDF

Info

Publication number
CN107749878B
CN107749878B CN201710961966.5A CN201710961966A CN107749878B CN 107749878 B CN107749878 B CN 107749878B CN 201710961966 A CN201710961966 A CN 201710961966A CN 107749878 B CN107749878 B CN 107749878B
Authority
CN
China
Prior art keywords
information
characteristic value
algorithm
preset
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710961966.5A
Other languages
Chinese (zh)
Other versions
CN107749878A (en
Inventor
岳炳词
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Security Technologies Co Ltd
Original Assignee
New H3C Security Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Security Technologies Co Ltd filed Critical New H3C Security Technologies Co Ltd
Priority to CN201710961966.5A priority Critical patent/CN107749878B/en
Publication of CN107749878A publication Critical patent/CN107749878A/en
Application granted granted Critical
Publication of CN107749878B publication Critical patent/CN107749878B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the application provides a method for synchronizing files, and belongs to the technical field of communication. The method is applied to monitoring end equipment, and comprises the following steps: receiving a synchronization request sent by synchronization end equipment, wherein the synchronization request carries target update content and a first characteristic value corresponding to a target file, and the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm; determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm; and if the first characteristic value and the second characteristic value are the same, updating the target file based on the target updating content. By adopting the invention, the safety of the data in the monitoring terminal equipment can be improved.

Description

Method and device for synchronizing files
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for synchronizing files.
Background
With the development of internet technology, remote management of devices such as servers and PC (personal computer) terminals has become widespread. The server or the PC terminal which needs to be remotely managed can be called as monitoring terminal equipment; the terminal for managing the monitoring end device can be called as a synchronization end device. Technical personnel can edit and modify part or all of the files in the monitoring terminal equipment through the synchronization terminal equipment.
In practice, a technician may install, in the synchronization end device, an image file of a file that needs to be remotely managed in the monitoring end device, where the content of the file is identical to that of the image file of the file. When a technician needs to remotely modify a certain file (i.e., a target file), a corresponding mirror image file is modified in a synchronization end device, and after the modification is completed, the synchronization end device sends a synchronization request to a monitoring end device, where the synchronization request carries modified file content (which may be referred to as target update content). The monitoring end equipment can modify the target file according to the target update content in the synchronous request.
However, the synchronization request may be maliciously intercepted by a hacker, and the hacker may tamper the target update content in the synchronization request and then send the tampered synchronization request to the monitoring end device, which may result in lower security of data in the monitoring end device.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method and an apparatus for synchronizing files, so as to improve security of data in a monitoring device. The specific technical scheme is as follows:
in a first aspect, a method for synchronizing files is provided, where the method is applied to a monitoring end device, and the method includes:
receiving a synchronization request sent by synchronization end equipment, wherein the synchronization request carries target update content and a first characteristic value corresponding to a target file, and the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information in the synchronization end equipment and a preset first algorithm;
determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm;
and if the first characteristic value and the second characteristic value are the same, updating the target file based on the target updating content.
In a second aspect, a method for synchronizing files is provided, where the method is applied to a synchronization end device, and the method includes:
acquiring target update content corresponding to a target file to be updated and locally stored user identity information;
determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm;
and sending a synchronization request to the monitoring end equipment to which the target file belongs, wherein the synchronization request carries the target updating content and the first characteristic value, so that the monitoring end equipment updates the target file based on the target updating content when the first characteristic value is verified.
In a third aspect, an apparatus for synchronizing files is provided, where the apparatus is applied to a monitoring end device, and the apparatus includes:
a first receiving module, configured to receive a synchronization request sent by a synchronization end device, where the synchronization request carries a target update content and a first feature value corresponding to a target file, and the first feature value is determined by the synchronization end device according to the target update content, user identity information in the synchronization end device, and a preset first algorithm;
the first determining module is used for determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm;
and the updating module is used for updating the target file based on the target updating content if the first characteristic value is the same as the second characteristic value.
In a fourth aspect, an apparatus for synchronizing files is provided, where the apparatus is applied to a synchronization end device, and the apparatus includes:
the acquisition module is used for acquiring target update content corresponding to a target file to be updated and locally stored user identity information;
the first determining module is used for determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm;
a first sending module, configured to send a synchronization request to a monitoring end device to which the target file belongs, where the synchronization request carries the target update content and the first feature value, so that the monitoring end device updates the target file based on the target update content when the first feature value is verified.
In a fifth aspect, there is provided a monitoring end device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: the method steps described in the first aspect are implemented.
In a sixth aspect, there is provided a method of synchronizing files, comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: the method steps described in the second aspect are implemented.
The method for synchronizing files provided by the embodiment of the invention can be applied to monitoring end equipment, the monitoring end equipment can receive a synchronization request sent by the synchronization end equipment, the synchronization request carries target update content and a first characteristic value corresponding to a target file, the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm, the monitoring end equipment determines a second characteristic value according to the target update content, locally stored user identity information and the preset first algorithm, and if the first characteristic value is the same as the second characteristic value, the target file is updated based on the target update content. Based on the scheme, whether the target updating content is tampered or not can be verified, and the target file can be updated only when the target updating content is not tampered, so that the safety of data in the monitoring terminal equipment is improved.
Of course, it is not necessary for any product or method of the present application to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flowchart of a method for synchronizing files according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for synchronizing files according to an embodiment of the present invention;
FIG. 3 is a flowchart of a method for synchronizing files according to an embodiment of the present invention;
FIG. 4 is a flowchart of a method for synchronizing files according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of an apparatus for synchronizing files according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of an apparatus for synchronizing files according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a monitoring end device according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a synchronization end device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the invention provides a method for synchronizing files, which can be realized by synchronization end equipment and monitoring end equipment together. The monitoring terminal device may be a server or a PC (personal computer) terminal. The monitoring end device usually contains a plurality of files, and an administrator can set files (which can be called key files) needing remote management, such as D: \ web, in the monitoring end device. The administrator can also set user identity information having modification permission on the key file in the monitoring terminal device, where the user identity information may include administrator account information and password information, and may also include an identifier (such as a mobile phone number) of a user terminal bound to an administrator account. The synchronous end device can be a terminal for managing the monitoring end device, an administrator can install the synchronous end system in the synchronous end device, and simultaneously can establish an image file of a key file in the monitoring end device, such as D: \ web. In addition, the administrator can set information such as the address and port number of the monitoring end device in the synchronization end device. The administrator can input administrator account information and password information in the synchronization end equipment, the synchronization end equipment can send a linkage request to the monitoring end equipment, the linkage request can carry the administrator account information and the password information input by the administrator, the monitoring end equipment can judge the administrator account information and the password information in the linkage request after receiving the linkage request, the administrator account information and the password information are matched with the administrator account information and the password information stored locally, if the administrator account information and the password information are matched, the administrator account information and the password information are authenticated, a linkage relation is established with the linkage request, and therefore the administrator can edit or modify key files in the monitoring end equipment through the synchronization end equipment.
As shown in fig. 1, the method may include the steps of:
step 101, a synchronization end device obtains target update content corresponding to a target file to be updated and locally stored user identity information.
In implementation, when an administrator needs to modify a certain file (i.e., a target file) in the key files, the administrator may open an image file corresponding to the target file in the synchronization end device, and then may modify the content of the image file. The synchronization end device can generate target update content according to the modification content input by the user and store the target update content. The target update content may include the modified content of the target file, and information such as an identifier of the target file. After the administrator finishes the modification, the administrator can click the synchronization option, and the synchronization end device can detect the synchronization instruction of the corresponding target file and then acquire the locally stored user identity information. The user identity information may include administrator account information and password information, and may also include an identifier (such as a mobile phone number) of the user terminal bound to the administrator account and/or additional authentication information, and a subsequent process of acquiring the additional authentication information will be described in detail.
It should be noted that, in view of security, generally, only one administrator has synchronization authority (i.e., editing and modifying authority) for one key file.
Optionally, for the case that the user identity information includes administrator account information, password information, and additional verification information, correspondingly, the processing procedure of step 101 may be as follows: and the synchronization terminal equipment acquires pre-stored administrator account information and password information and receives additional authentication information input by a user.
In implementation, after the user inputs the administrator account information and the password information in the synchronization end device for the first time, the synchronization end device may store the synchronization end device. After the user clicks the synchronization option, the synchronization end device can display an input interface of the additional verification information, the administrator can input the additional verification information, and the synchronization end device can receive the additional verification information input by the user and can acquire pre-stored account information and password information of the administrator for subsequent processing.
Step 102, the synchronization end device determines a first characteristic value according to the target update content, the user identity information and a preset first algorithm.
In implementation, the synchronization end device may pre-store an Algorithm (i.e., a first Algorithm) for calculating the feature value, where the Algorithm may use an MD5(Message Digest Algorithm5, fifth version of Message Digest Algorithm) Algorithm, and the present embodiment is not limited. After the synchronization end device obtains the target update content and the user identity information, a first characteristic value may be calculated according to the target update content, the user identity information, and a pre-stored algorithm (i.e., a first algorithm).
Optionally, the synchronization end device may first generate a character string according to the user identity information, and then calculate the first feature value according to the character string and the target update content, and accordingly, the processing procedure in step 102 may be as follows: the synchronization end device generates a third character string according to the administrator account information, the password information, the additional verification information and a preset character string generation algorithm, then splices the target update content and the third character string to obtain a fourth character string, and then determines a first characteristic value according to the fourth character string and a preset first algorithm.
In implementation, after the synchronization end device obtains the user identity information, a character string (i.e., a third character string) corresponding to the user identity information may be generated according to a pre-stored character string generation algorithm. Taking the example that the user identity information may include administrator account information, password information, and additional verification information, the synchronization end device may splice the administrator account information, the password information, and the additional verification information to generate a third string, or may obtain the third string through calculation, and the specific process may be as follows: the synchronization end device respectively expands the administrator account information and the password information into a preset number of bits (such as 32 bits), and then performs or operation on the expanded administrator account information and the expanded password information to obtain a first operation result of the preset number of bits (such as 32 bits), wherein the preset number of bits is the same as the number of bits of the additional verification information. And the synchronization end equipment performs exclusive-or operation on the first operation result and the additional verification information to obtain a second operation result, wherein the second operation result is a third character string.
The synchronization end device may splice the third character string behind the target update content to obtain a fourth character string, and then calculate the first feature value according to the fourth character string and a preset first algorithm. For example, MD5 calculation may be performed on the fourth string to obtain the first feature value.
Step 103, the synchronization end device sends a synchronization request to the monitoring end device to which the target file belongs, wherein the synchronization request carries the target update content and the first characteristic value.
In implementation, after the synchronization end device calculates the first characteristic value, a synchronization request message may be generated according to the target update content and the first characteristic value, and then the synchronization request is sent to the monitoring end device. The message may include an IP (Internet Protocol) header, a TCP (Transmission Control Protocol) header, target update content, a first characteristic value, and a checksum (check bit). The format of the message may be as follows:
IP header TCP head Targeted update content First characteristic value checksum
Because the synchronous request does not contain the user identity information, even if the synchronous request is maliciously intercepted by a hacker, the hacker cannot acquire the user identity information, and thus cannot calculate the characteristic value meeting the verification condition, so that after the hacker tampers the synchronous request, the monitoring end device can recognize that the synchronous request is tampered through verification, the target file is not updated, and the security of data in the monitoring end device is improved.
And 104, the monitoring end equipment receives a synchronization request sent by the synchronization end equipment, wherein the synchronization request carries target update content and a first characteristic value corresponding to a target file.
The first characteristic value is determined by the synchronization end device according to the target update content, the user identity information in the synchronization end device and a preset first algorithm.
In implementation, the monitoring end device may receive a synchronization request sent by the synchronization end device, and then may parse the synchronization request to obtain target update content and a first feature value corresponding to the target file, so as to perform subsequent processing. The user identity information may include administrator account information and password information, and may also include an identifier (such as a mobile phone number) of the user terminal bound to the administrator account and/or additional authentication information.
And 105, the monitoring terminal equipment determines a second characteristic value according to the target updating content, the locally stored user identity information and a preset first algorithm.
In implementation, the monitoring end device may pre-store an Algorithm (i.e., a first Algorithm) for calculating the feature value, where the Algorithm may use an MD5(Message Digest Algorithm5, fifth version of Message Digest Algorithm) Algorithm, and the present embodiment is not limited. It should be noted that the first algorithm stored in the monitoring-side device is the same as the first algorithm stored in the synchronization-side device. After the monitoring end device obtains the target updating content and the first characteristic value, the monitoring end device can obtain the user identity information stored in advance locally, and then the monitoring end device can calculate a second characteristic value according to the target updating content, the user identity information stored in advance locally and the first algorithm.
Optionally, the monitoring end device may also generate a character string according to the user identity information, and then calculate the second feature value according to the character string and the received target update content, and accordingly, the processing procedure in step 105 may be as follows: the monitoring terminal device generates a first character string according to locally stored administrator account information, password information, additional verification information and a preset character string generation algorithm, then splices target update content and the first character string to obtain a second character string, and then determines a second characteristic value according to the second character string and the preset first algorithm.
In implementation, after the monitoring end device obtains the locally stored user identity information, a character string (i.e., a first character string) corresponding to the user identity information may be generated according to a pre-stored character string generation algorithm. Taking the example that the user identity information may include administrator account information, password information, and additional verification information, the monitoring end device may splice the administrator account information, the password information, and the additional verification information to generate a first character string, or may obtain the first character string through calculation, and the specific process may be as follows: the monitoring terminal device expands the administrator account information and the password information into preset bit numbers (such as 32 bits) respectively, and then performs or operation on the expanded administrator account information and the expanded password information to obtain a first operation result of the preset bit numbers (such as 32 bits), wherein the preset bit numbers are the same as the bit numbers of the additional verification information. And the monitoring terminal equipment performs exclusive-or operation on the first operation result and the additional verification information to obtain a second operation result, wherein the second operation result is a third character string. It should be noted that the string generation algorithm in the monitoring end device is the same as the string generation algorithm in the synchronization end device.
The monitoring terminal device obtains a first character string, can splice the first character string behind the received target update content to obtain a second character string, and then calculates a second characteristic value according to the second character string and a preset first algorithm. For example, MD5 calculation may be performed on the second string to obtain the first feature value.
And 106, if the first characteristic value is the same as the second characteristic value, the monitoring terminal equipment updates the target file based on the target updating content.
In implementation, after the monitoring end device calculates the second characteristic value, the monitoring end device may compare the first characteristic value with the second characteristic value, if the first characteristic value is the same as the second characteristic value, the synchronization request is successfully verified (that is, the content in the synchronization request is not tampered), and the monitoring end device may update the target file based on the target update content; if the first characteristic value and the second characteristic value are the same, the synchronization request fails to verify (namely, the content in the synchronization request is tampered), and the monitoring end device can keep the content of the target file unchanged.
In addition, if the first characteristic value is the same as the second characteristic value, the monitoring end device may further send a transmission success message to the synchronization end device to notify the synchronization end device that the synchronization request is successfully verified, and after receiving the transmission success message, the synchronization end device may continue to send the synchronization request to the monitoring end device based on the above manner; if the first characteristic value is different from the second characteristic value, the monitoring end device can also send a transmission failure message to the synchronization end device to inform the synchronization end device that the synchronization request fails to be verified, and after receiving the transmission failure message, the synchronization end device can stop sending the synchronization request to the monitoring end device and can output a warning prompt message.
Optionally, as shown in fig. 2, the step of acquiring the additional verification information by the synchronization end device may be as follows:
in step 201, a synchronization end device receives administrator account information and password information input by a user.
In implementation, after the synchronization end device detects a synchronization instruction corresponding to a target file, a user identity verification interface may be displayed first, an administrator may input account information and password information of the administrator in the user identity verification interface, and the synchronization end device may receive the administrator account information and password information input by the user, so as to perform subsequent processing. Alternatively, the user authentication interface and the input interface for the additional authentication information may be the same interface.
Step 202, the synchronization end device sends the administrator account information and the password information to the monitoring end device.
In implementation, after receiving the administrator account information and the password information, the synchronization end device may send an acquisition request carrying additional verification information of the administrator account information and the password information to the monitoring end device, and then send the acquisition request to the monitoring end device.
In step 203, the monitoring end device receives the administrator account information and the password information sent by the synchronization end device.
In implementation, after receiving the acquisition request appended with the verification information, the monitoring end device may analyze the acquisition request to acquire the administrator account information and the password information sent by the synchronization end device.
And step 204, if the received administrator account information and password information are matched with the administrator account information and password information which are stored in advance, the monitoring terminal equipment generates additional verification information and sends the additional verification information to the user terminal bound with the administrator account.
In implementation, the monitoring end device may compare the received administrator account information with locally stored administrator account information, may also compare the received password information with locally stored password information, and if both are the same, the verification is passed, and the monitoring end device may randomly generate additional verification information, and may send the additional verification information to the user terminal bound to the administrator account. For example, if the user terminal is a mobile phone, the monitoring end device may send the additional verification information to the mobile phone of the administrator by means of a short message. The technical personnel can configure the identifier of the user terminal bound with the administrator account in the monitoring terminal device in advance, and the monitoring terminal device can send additional verification information to the corresponding user terminal according to the pre-stored identifier of the user terminal. Or, the user may also input an identifier of the user terminal bound to the administrator account in the user identity verification interface, and the synchronization end device may carry the identifier of the user terminal in the first acquisition request and send the first acquisition request to the monitoring end device.
It should be noted that, in order to improve security, an effective duration (for example, 2 hours) of the additional verification information may be set, the monitoring end device may start timing after sending the additional verification information to the user terminal, and if a synchronization request sent by the synchronization end device is received within a preset effective duration and the synchronization request is successfully verified, the target file may be updated based on target update content of the synchronization request, otherwise, the content of the target file is kept unchanged.
Optionally, the administrator may be authenticated according to the additional authentication information, and after the authentication is passed, the synchronization end device sends a synchronization request to the monitoring end device, as shown in fig. 3, the processing procedure may include the following steps:
step 301, the synchronization end device determines a third eigenvalue according to the additional verification information and a preset second algorithm.
In implementation, after the user terminal receives the additional authentication information, the administrator may view the additional authentication information through the user terminal, and then may input the additional authentication information in the sync-side device. The synchronization end device may store a second algorithm in advance, and the second algorithm may be the same as the first algorithm. After receiving the additional verification information input by the user, the synchronization end device may calculate a third feature value according to the additional verification information and a preset second algorithm.
Step 302, the synchronization end device sends a verification request carrying the third characteristic value to the monitoring end device.
Step 303, the monitoring end device receives a verification request carrying the third characteristic value sent by the synchronization end device.
And the third characteristic value is determined by the synchronous terminal equipment according to the additional verification information and a preset second algorithm.
In implementation, after the monitoring end device receives the verification request, the monitoring end device may parse the verification request to obtain a third feature value.
And step 304, the monitoring end device determines a fourth characteristic value according to the pre-stored additional verification information and a preset second algorithm.
In implementation, the monitoring end device may pre-store a second Algorithm, where the second Algorithm may use an MD5(Message Digest Algorithm5, fifth version of Message Digest Algorithm) Algorithm, and the like, and this embodiment is not limited in this embodiment. It should be noted that the second algorithm stored in the monitoring-side device is the same as the second algorithm stored in the synchronization-side device. After receiving the third eigenvalue, the monitoring end device may obtain locally stored additional verification information, and then may calculate a fourth eigenvalue according to the additional verification information and the second algorithm.
And 305, if the third characteristic value is the same as the fourth characteristic value, the monitoring end device sends a verification success notification to the synchronization end device.
In implementation, the monitoring end device may determine whether the third characteristic value and the fourth characteristic value are the same, and if so, send a verification success notification to the synchronization end device. Otherwise, sending a verification failure notice to the synchronous terminal equipment. For the condition of setting the valid duration of the additional verification information, the monitoring end device further needs to determine whether the verification request is received within the valid duration, and if so, and the third characteristic value is the same as the fourth characteristic value, a verification success notification is sent to the synchronization end device. Otherwise, sending a verification failure notice to the synchronous terminal equipment.
And step 306, when receiving the verification success notification sent by the monitoring end device, the synchronization end device executes the step of determining the first characteristic value according to the target update content, the user identity information and the preset first algorithm.
In implementation, after the synchronization end device sends the verification request, if the verification success notification sent by the monitoring end device is received, the step 102 may be executed, otherwise, the subsequent processing is not performed.
The embodiment also provides a method for synchronizing files, as shown in fig. 4, the method may include the following steps:
step 401, the synchronization end device obtains target update content corresponding to a target file, and receives administrator account information and password information input by a user.
Step 402, the synchronization end device sends the administrator account information and the password information to the monitoring end device.
In step 403, the monitoring side device determines whether the received administrator account information and password information are matched with the administrator account information and password information stored in advance. If yes, go to step 404, if no, go to step 405.
In step 404, the monitoring device generates additional verification information and sends the additional verification information to the user terminal bound to the administrator account.
In step 405, the monitoring device returns an acquisition failure notification.
And step 406, the synchronization end device determines a third characteristic value according to the additional verification information and a preset second algorithm, and sends a verification request carrying the third characteristic value to the monitoring end device.
Step 407, the monitoring end device determines a fourth feature value according to the pre-stored additional verification information and a preset second algorithm.
In step 408, the monitoring end device determines whether the third characteristic value is the same as the fourth characteristic value.
If so, step 409 is performed, and if not, step 416 is performed.
In step 409, the monitoring end device sends a verification success notification to the synchronization end device.
Step 410, the synchronization end device determines a first characteristic value according to the target update content, the user identity information and a preset first algorithm.
Step 411, the synchronization end device sends a synchronization request to the monitoring end device to which the target file belongs.
In step 412, the monitoring end device determines a second characteristic value according to the target update content, the locally stored user identity information, and a preset first algorithm.
Step 413, whether the first characteristic value and the second characteristic value are the same, if yes, step 414 is executed, and if not, step 415 is executed.
And step 414, the monitoring end equipment updates the target file based on the target updating content.
In step 415, the monitoring end device keeps the content of the target file unchanged.
In step 416, the monitoring device sends a verification failure notification to the synchronization device.
The method for synchronizing files provided by the embodiment of the invention can be applied to monitoring end equipment, the monitoring end equipment can receive a synchronization request sent by the synchronization end equipment, the synchronization request carries target update content and a first characteristic value corresponding to a target file, the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm, the monitoring end equipment determines a second characteristic value according to the target update content, locally stored user identity information and the preset first algorithm, and if the first characteristic value is the same as the second characteristic value, the target file is updated based on the target update content. Based on the scheme, whether the target updating content is tampered or not can be verified, and the target file can be updated only when the target updating content is not tampered, so that the safety of data in the monitoring terminal equipment is improved.
Based on the same technical concept, an embodiment of the present invention further provides an apparatus for synchronizing files, where the apparatus may be applied to a monitoring end device, and as shown in fig. 5, the apparatus includes:
a first receiving module 510, configured to receive a synchronization request sent by a synchronization end device, where the synchronization request carries a target update content and a first feature value corresponding to a target file, and the first feature value is determined by the synchronization end device according to the target update content, user identity information, and a preset first algorithm;
a first determining module 520, configured to determine a second feature value according to the target update content, locally stored user identity information, and the preset first algorithm;
an updating module 530, configured to update the target file based on the target update content if the first feature value and the second feature value are the same.
Optionally, the user identity information includes administrator account information, password information, and additional authentication information.
Optionally, the apparatus further comprises:
the second receiving module is used for receiving the administrator account information and the password information sent by the synchronization terminal equipment;
the first sending module is used for generating additional verification information if the received administrator account information and the received password information are matched with the administrator account information and the prestored password information, and sending the additional verification information to the user terminal bound with the administrator account.
Optionally, the apparatus further comprises:
a third receiving module, configured to receive a verification request sent by the synchronization end device and carrying a third eigenvalue, where the third eigenvalue is determined by the synchronization end device according to additional verification information and a preset second algorithm;
the second determining module is used for determining a fourth characteristic value according to pre-stored additional verification information and a preset second algorithm;
and a second sending module, configured to send a verification success notification to the synchronization end device if the third characteristic value is the same as the fourth characteristic value.
Optionally, the first determining module 520 is specifically configured to:
generating a first character string according to locally stored administrator account information, password information, additional verification information and a preset character string generation algorithm;
splicing the target updating content and the first character string to obtain a second character string;
and determining a second characteristic value according to the second character string and the preset first algorithm.
Based on the same technical concept, an embodiment of the present invention further provides a device for synchronizing files, where the modified device may be applied to a synchronization end device, as shown in fig. 6, the device includes:
an obtaining module 610, configured to obtain target update content corresponding to a target file to be updated and locally stored user identity information;
a first determining module 620, configured to determine a first feature value according to the target update content, the user identity information, and a preset first algorithm;
a first sending module 630, configured to send a synchronization request to a monitoring end device to which the target file belongs, where the synchronization request carries the target update content and the first feature value, so that the monitoring end device updates the target file based on the target update content when the first feature value is verified.
Optionally, the user identity information includes administrator account information, password information, and additional verification information, and the obtaining module 610 is specifically configured to:
and acquiring pre-stored administrator account information and password information, and receiving additional authentication information input by a user.
Optionally, the apparatus further comprises:
the receiving module is used for receiving administrator account information and password information input by a user;
and the second sending module is used for sending the administrator account information and the password information to the monitoring terminal equipment.
Optionally, the apparatus further comprises:
the second determining module is used for determining a third characteristic value according to the additional verification information and a preset second algorithm;
a third sending module, configured to send a verification request carrying a third characteristic value to the monitoring end device;
the first determining module is further configured to execute the step of determining a first feature value according to the target update content, the user identity information, and a preset first algorithm when receiving a verification success notification sent by the monitoring end device.
Optionally, the first determining module is specifically configured to:
generating a third character string according to the administrator account information, the password information, the additional verification information and a preset character string generation algorithm;
splicing the target updating content and the third character string to obtain a fourth character string;
and determining a first characteristic value according to the fourth character string and a preset first algorithm.
The method for synchronizing files provided by the embodiment of the invention can be applied to monitoring end equipment, the monitoring end equipment can receive a synchronization request sent by the synchronization end equipment, the synchronization request carries target update content and a first characteristic value corresponding to a target file, the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm, the monitoring end equipment determines a second characteristic value according to the target update content, locally stored user identity information and the preset first algorithm, and if the first characteristic value is the same as the second characteristic value, the target file is updated based on the target update content. Based on the scheme, whether the target updating content is tampered or not can be verified, and the target file can be updated only when the target updating content is not tampered, so that the safety of data in the monitoring terminal equipment is improved.
The embodiment of the present application further provides a monitoring end device, as shown in fig. 7, which includes a processor 701, a communication interface 702, a memory 703 and a communication bus 704, where the processor 701, the communication interface 702, and the memory 703 complete mutual communication through the communication bus 704,
a memory 703 for storing a computer program;
the processor 701 is configured to, when executing the program stored in the memory 703, enable the monitoring end device to execute the following steps:
receiving a synchronization request sent by synchronization end equipment, wherein the synchronization request carries target update content and a first characteristic value corresponding to a target file, and the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm;
determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm;
and if the first characteristic value and the second characteristic value are the same, updating the target file based on the target updating content.
Optionally, the user identity information includes administrator account information, password information, and additional authentication information.
Optionally, the method further includes:
receiving administrator account information and password information sent by the synchronization terminal equipment;
and if the received administrator account information and password information are matched with the administrator account information and password information which are stored in advance, generating additional verification information, and sending the additional verification information to the user terminal bound with the administrator account.
Optionally, before receiving the synchronization request sent by the synchronization end device, the method further includes:
receiving a verification request which is sent by the synchronization end equipment and carries a third characteristic value, wherein the third characteristic value is determined by the synchronization end equipment according to additional verification information and a preset second algorithm;
determining a fourth characteristic value according to pre-stored additional verification information and a preset second algorithm;
and if the third characteristic value is the same as the fourth characteristic value, sending a verification success notice to the synchronous end equipment.
Optionally, the determining a second feature value according to the target update content, the locally stored user identity information, and the preset first algorithm includes:
generating a first character string according to locally stored administrator account information, password information, additional verification information and a preset character string generation algorithm;
splicing the target updating content and the first character string to obtain a second character string;
and determining a second characteristic value according to the second character string and the preset first algorithm.
The Memory may include a RAM (Random Access Memory) or an NVM (Non-Volatile Memory), such as at least one disk Memory. Additionally, the memory may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processing), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
The embodiment of the present application further provides a synchronization end device, as shown in fig. 8, which includes a processor 801, a communication interface 802, a memory 803, and a communication bus 804, where the processor 801, the communication interface 802, and the memory 803 complete mutual communication through the communication bus 804,
a memory 803 for storing a computer program;
the processor 801 is configured to, when executing the program stored in the memory 803, enable the synchronization end device to execute the following steps:
acquiring target update content corresponding to a target file to be updated and locally stored user identity information;
determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm;
and sending a synchronization request to the monitoring end equipment to which the target file belongs, wherein the synchronization request carries the target updating content and the first characteristic value, so that the monitoring end equipment updates the target file based on the target updating content when the first characteristic value is verified.
Optionally, the user identity information includes administrator account information, password information, and additional verification information, and the obtaining local user identity information includes:
and acquiring pre-stored administrator account information and password information, and receiving additional authentication information input by a user.
Optionally, before receiving the additional verification information input by the user, the method further includes:
receiving administrator account information and password information input by a user;
and sending the administrator account information and the password information to the monitoring terminal equipment.
Optionally, before determining the first feature value according to the target update content, the user identity information, and a preset first algorithm, the method further includes:
determining a third characteristic value according to the additional verification information and a preset second algorithm;
sending a verification request carrying a third characteristic value to the monitoring terminal equipment;
and when receiving a verification success notification sent by the monitoring end equipment, executing the step of determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm.
Optionally, the determining a first feature value according to the target update content, the user identity information, and a preset first algorithm includes:
generating a third character string according to the administrator account information, the password information, the additional verification information and a preset character string generation algorithm;
splicing the target updating content and the third character string to obtain a fourth character string;
and determining a first characteristic value according to the fourth character string and a preset first algorithm.
The Memory may include a RAM (Random Access Memory) or an NVM (Non-Volatile Memory), such as at least one disk Memory. Additionally, the memory may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processing), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
The method for synchronizing files provided by the embodiment of the invention can be applied to monitoring end equipment, the monitoring end equipment can receive a synchronization request sent by the synchronization end equipment, the synchronization request carries target update content and a first characteristic value corresponding to a target file, the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm, the monitoring end equipment determines a second characteristic value according to the target update content, locally stored user identity information and the preset first algorithm, and if the first characteristic value is the same as the second characteristic value, the target file is updated based on the target update content. Based on the scheme, whether the target updating content is tampered or not can be verified, and the target file can be updated only when the target updating content is not tampered, so that the safety of data in the monitoring terminal equipment is improved.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application are included in the protection scope of the present application.

Claims (22)

1. A method for synchronizing files is applied to monitoring end equipment, and comprises the following steps:
receiving a synchronization request sent by synchronization end equipment, wherein the synchronization request carries target update content and a first characteristic value corresponding to a target file, the first characteristic value is determined by the synchronization end equipment according to the target update content, user identity information and a preset first algorithm, and the synchronization request does not contain the user identity information;
determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm;
and if the first characteristic value and the second characteristic value are the same, updating the target file based on the target updating content.
2. The method of claim 1, wherein the user identity information comprises administrator account information, password information, and additional authentication information.
3. The method of claim 2, further comprising:
receiving administrator account information and password information sent by the synchronization terminal equipment;
and if the received administrator account information and password information are matched with the administrator account information and password information which are stored in advance, generating additional verification information, and sending the additional verification information to the user terminal bound with the administrator account.
4. The method according to claim 2, wherein before receiving the synchronization request sent by the synchronization end device, the method further comprises:
receiving a verification request which is sent by the synchronization end equipment and carries a third characteristic value, wherein the third characteristic value is determined by the synchronization end equipment according to additional verification information and a preset second algorithm;
determining a fourth characteristic value according to pre-stored additional verification information and a preset second algorithm;
and if the third characteristic value is the same as the fourth characteristic value, sending a verification success notice to the synchronous end equipment.
5. The method according to claim 2, wherein the determining a second feature value according to the target update content, the locally stored user identity information, and the preset first algorithm comprises:
generating a first character string according to locally stored administrator account information, password information, additional verification information and a preset character string generation algorithm;
splicing the target updating content and the first character string to obtain a second character string;
and determining a second characteristic value according to the second character string and the preset first algorithm.
6. A method for synchronizing files is applied to a synchronization end device, and comprises the following steps:
acquiring target update content corresponding to a target file to be updated and locally stored user identity information, wherein the synchronization request does not contain the user identity information;
determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm;
and sending a synchronization request to the monitoring end equipment to which the target file belongs, wherein the synchronization request carries the target updating content and the first characteristic value, so that the monitoring end equipment updates the target file based on the target updating content when the first characteristic value is verified.
7. The method of claim 6, wherein the user identity information includes administrator account information, password information, and additional authentication information, and the obtaining local user identity information includes:
and acquiring pre-stored administrator account information and password information, and receiving additional authentication information input by a user.
8. The method of claim 7, wherein prior to receiving the additional authentication information input by the user, further comprising:
receiving administrator account information and password information input by a user;
and sending the administrator account information and the password information to the monitoring terminal equipment.
9. The method according to claim 7, wherein before determining the first feature value according to the target update content, the user identity information and the preset first algorithm, further comprising:
determining a third characteristic value according to the additional verification information and a preset second algorithm;
sending a verification request carrying a third characteristic value to the monitoring terminal equipment;
and when receiving a verification success notification sent by the monitoring end equipment, executing the step of determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm.
10. The method according to claim 7, wherein the determining a first feature value according to the target update content, the user identity information and a preset first algorithm comprises:
generating a third character string according to the administrator account information, the password information, the additional verification information and a preset character string generation algorithm;
splicing the target updating content and the third character string to obtain a fourth character string;
and determining a first characteristic value according to the fourth character string and a preset first algorithm.
11. An apparatus for synchronizing files, the apparatus being applied to a monitoring end device, the apparatus comprising:
a first receiving module, configured to receive a synchronization request sent by a synchronization end device, where the synchronization request carries a target update content and a first feature value corresponding to a target file, and the first feature value is determined by the synchronization end device according to the target update content, user identity information, and a preset first algorithm, and the synchronization request does not include the user identity information;
the first determining module is used for determining a second characteristic value according to the target updating content, the locally stored user identity information and the preset first algorithm;
and the updating module is used for updating the target file based on the target updating content if the first characteristic value is the same as the second characteristic value.
12. The apparatus of claim 11, wherein the user identity information comprises administrator account information, password information, and additional authentication information.
13. The apparatus of claim 12, further comprising:
the second receiving module is used for receiving the administrator account information and the password information sent by the synchronization terminal equipment;
the first sending module is used for generating additional verification information if the received administrator account information and the received password information are matched with the administrator account information and the prestored password information, and sending the additional verification information to the user terminal bound with the administrator account.
14. The apparatus of claim 12, further comprising:
a third receiving module, configured to receive a verification request sent by the synchronization end device and carrying a third eigenvalue, where the third eigenvalue is determined by the synchronization end device according to additional verification information and a preset second algorithm;
the second determining module is used for determining a fourth characteristic value according to pre-stored additional verification information and a preset second algorithm;
and a second sending module, configured to send a verification success notification to the synchronization end device if the third characteristic value is the same as the fourth characteristic value.
15. The device according to claim 12, characterized in that it is specifically configured to:
generating a first character string according to locally stored administrator account information, password information, additional verification information and a preset character string generation algorithm;
splicing the target updating content and the first character string to obtain a second character string;
and determining a second characteristic value according to the second character string and the preset first algorithm.
16. An apparatus for synchronizing files, the apparatus being applied to a sync-end device, the apparatus comprising:
an obtaining module, configured to obtain target update content corresponding to a target file to be updated and locally stored user identity information, where the synchronization request does not include the user identity information;
the first determining module is used for determining a first characteristic value according to the target updating content, the user identity information and a preset first algorithm;
a first sending module, configured to send a synchronization request to a monitoring end device to which the target file belongs, where the synchronization request carries the target update content and the first feature value, so that the monitoring end device updates the target file based on the target update content when the first feature value is verified.
17. The apparatus according to claim 16, wherein the user identity information includes administrator account information, password information, and additional verification information, and the obtaining module is specifically configured to:
and acquiring pre-stored administrator account information and password information, and receiving additional authentication information input by a user.
18. The apparatus of claim 17, further comprising:
the receiving module is used for receiving administrator account information and password information input by a user;
and the second sending module is used for sending the administrator account information and the password information to the monitoring terminal equipment.
19. The apparatus of claim 17, further comprising:
the second determining module is used for determining a third characteristic value according to the additional verification information and a preset second algorithm;
a third sending module, configured to send a verification request carrying a third characteristic value to the monitoring end device;
the first determining module is further configured to execute the step of determining a first feature value according to the target update content, the user identity information, and a preset first algorithm when receiving a verification success notification sent by the monitoring end device.
20. The apparatus of claim 17, wherein the first determining module is specifically configured to:
generating a third character string according to the administrator account information, the password information, the additional verification information and a preset character string generation algorithm;
splicing the target updating content and the third character string to obtain a fourth character string;
and determining a first characteristic value according to the fourth character string and a preset first algorithm.
21. A monitoring-side device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: carrying out the method steps of any one of claims 1 to 5.
22. A sync-end device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: -carrying out the method steps of any one of claims 6 to 10.
CN201710961966.5A 2017-10-16 2017-10-16 Method and device for synchronizing files Active CN107749878B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710961966.5A CN107749878B (en) 2017-10-16 2017-10-16 Method and device for synchronizing files

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710961966.5A CN107749878B (en) 2017-10-16 2017-10-16 Method and device for synchronizing files

Publications (2)

Publication Number Publication Date
CN107749878A CN107749878A (en) 2018-03-02
CN107749878B true CN107749878B (en) 2021-05-14

Family

ID=61253829

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710961966.5A Active CN107749878B (en) 2017-10-16 2017-10-16 Method and device for synchronizing files

Country Status (1)

Country Link
CN (1) CN107749878B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104507080A (en) * 2014-11-19 2015-04-08 广东欧珀移动通信有限公司 File processing method and terminal
CN104580429A (en) * 2014-12-26 2015-04-29 北京奇虎科技有限公司 Method for loading communication information, server and cloud disk client
CN104580085A (en) * 2013-10-17 2015-04-29 腾讯科技(深圳)有限公司 Business data updating method, system, client side and server
CN107172100A (en) * 2017-07-13 2017-09-15 浪潮(北京)电子信息产业有限公司 A kind of local security updates the method and device of BIOS mirror images

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2518257A (en) * 2013-09-13 2015-03-18 Vodafone Ip Licensing Ltd Methods and systems for operating a secure mobile device
CN105007302B (en) * 2015-06-04 2018-05-15 广东省国际工程咨询有限公司 A kind of mobile terminal data storage method
CN107181770B (en) * 2017-07-31 2019-02-15 北京深思数盾科技股份有限公司 Method of data synchronization and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580085A (en) * 2013-10-17 2015-04-29 腾讯科技(深圳)有限公司 Business data updating method, system, client side and server
CN104507080A (en) * 2014-11-19 2015-04-08 广东欧珀移动通信有限公司 File processing method and terminal
CN104580429A (en) * 2014-12-26 2015-04-29 北京奇虎科技有限公司 Method for loading communication information, server and cloud disk client
CN107172100A (en) * 2017-07-13 2017-09-15 浪潮(北京)电子信息产业有限公司 A kind of local security updates the method and device of BIOS mirror images

Also Published As

Publication number Publication date
CN107749878A (en) 2018-03-02

Similar Documents

Publication Publication Date Title
CN109639661B (en) Server certificate updating method, device, equipment and computer readable storage medium
CN109510796B (en) Equipment binding method and system
CN111107073B (en) Application automatic login method and device, computer equipment and storage medium
CN102955700A (en) System and method for upgrading software
CN110597918B (en) Account management method, account management device and computer readable storage medium
CN104573435A (en) Method for terminal authority management and terminal
CN107294924B (en) Vulnerability detection method, device and system
CN108134713B (en) Communication method and device
CN110597541B (en) Interface updating processing method, device, equipment and storage medium based on block chain
CN111460410A (en) Server login method, device and system and computer readable storage medium
CN110958239A (en) Method and device for verifying access request, storage medium and electronic device
CN111405016B (en) User information acquisition method and related equipment
WO2016173174A1 (en) Network locking data upgrading method and device
CN107749878B (en) Method and device for synchronizing files
CN111737747A (en) Database security method, device, equipment and computer storage medium
CN115243256A (en) Gateway dynamic login method and device
US20220210164A1 (en) Apparatus and method for managing remote attestation
CN111932326B (en) Data processing method based on block chain network and related equipment
CN113868628A (en) Signature verification method and device, computer equipment and storage medium
CN113849802A (en) Equipment authentication method and device, electronic equipment and storage medium
JP2006005613A (en) Authentication system
CN114301774B (en) Device configuration method, system, device, electronic device and storage medium
CN112487470A (en) Information verification method and device, terminal equipment and computer readable storage medium
CN105825124A (en) Server illegal operation monitoring method and monitoring system
CN111740836B (en) Secure login method and device, electronic equipment and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant