CN108322451A - Data processing method, device, computer equipment and storage medium - Google Patents
Data processing method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN108322451A CN108322451A CN201810030994.XA CN201810030994A CN108322451A CN 108322451 A CN108322451 A CN 108322451A CN 201810030994 A CN201810030994 A CN 201810030994A CN 108322451 A CN108322451 A CN 108322451A
- Authority
- CN
- China
- Prior art keywords
- terminal
- distributed system
- data
- key
- interim conversation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/303—Terminal profiles
Abstract
This application involves a kind of data processing method, system, computer equipment and storage mediums.The method includes being exchanged to obtain the first interim conversation key with distributed system according to Key Exchange Protocol by preconfigured interface;It is encrypted by the first interim conversation key pair data to be written;Encrypted data to be written are sent to distributed system by preconfigured interface, so that distributed system is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, the second interim conversation key is answered with the first interim conversation key pair.Interface can be configured in terminal using this method in advance, without disposing Ingress node in distributed system, lower deployment cost is greatly saved, and by configuring interface to authorization terminal, the data source in distributed system can be made abundant, simpler convenience is accessed, and alleviates the pressure of distributed system access node significantly, avoids and the relevant issues of data is written by an access node.
Description
Technical field
This application involves field of computer technology, more particularly to a kind of data processing method, device, computer equipment and
Storage medium.
Background technology
The occupation mode of distributed database is that data are written toward this lane database jointly in multi-party mechanism.Normal conditions
Under, the node of distributed system, which is added, can provide read-write interface.
The reading and writing data of existing distributed system is all the mechanism by being docked with distributed system to initiate and control,
During a write operation, the request that data are stored in distributed system is initiated by docking mechanism, data can be by distribution
Other nodes that the write-in interface that system provides writes data into distributed system, and is synchronized in distributed system, primary
During read operation, the reading interface that access mechanism is provided by distributed system reads data and is used from distributed system.
Therefore, all data that be stored in distributed system must be come via the read-write interface that distributed system is provided
It completes, will result in this way in authority set and the problems such as performance bottleneck.In addition to this, once this read-write interface goes out to ask
Topic, then the risk of write-in data in no normal direction distributed system can be caused.When there are many data volume to be written, data are also had
The problems such as write-in delay, loss.
Invention content
Based on this, it is necessary in view of the above technical problems, provide and a kind of transfer access limit to the data of authorization terminal
Processing method, device, computer equipment and storage medium.
A kind of data processing method, the method includes:
Exchange according to Key Exchange Protocol that obtain the first interim conversation close with distributed system by preconfigured interface
Key;
It is encrypted by the first interim conversation key pair data to be written;
Encrypted data to be written are sent to the distributed system by preconfigured interface, so that described point
Cloth system is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair, described
Second interim conversation key is answered with the first interim conversation key pair.
It is encrypted by the first interim conversation key pair data to be written described in one of the embodiments,
After step, further include:
It is signed to encrypted data to be written by the terminal secret key disposed in advance;
It is described that encrypted data to be written are sent to by the distributed system by preconfigured interface, so that institute
It states distributed system and is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair
The step of, including:
The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that
After the distributed system carries out sign test success by terminal public key to the data to be written received, pass through the second interim conversation
Data to be written after key pair encryption are decrypted to obtain first in plain text, and the terminal public key is corresponding with the terminal secret key.
The method further includes in one of the embodiments,:
It is waited for by what preconfigured interface distributed system returned by the way that the second interim conversation key is encrypted
Read data;
It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
It is described in one of the embodiments, to pass through second by what preconfigured interface distributed system returned
The step of interim conversation key encrypted data to be read, including:
Pass through terminal public key and the second interim conversation key by what preconfigured interface distributed system returned
It endorses and encrypted data to be read;
The data to be read by after the first interim conversation key pair encryption are decrypted to obtain second
Before the step of plaintext, further include:
Sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key and obtains encrypted continue
Access evidence.
The method further includes in one of the embodiments,:
Registration request is sent to distributed system, registration type and terminal iidentification are carried in the registration request;
Receive the configuration file that the distributed system is generated according to the terminal iidentification and the registration type;
It is configured according to the configuration file.
The method further includes in one of the embodiments,:
End message is obtained, and terminal public key and terminal corresponding with terminal public key private are generated according to the end message
Key;
The terminal public key is sent to distributed system;
The configuration file that the reception distributed system is generated according to the terminal iidentification and the registration type
Step, including:
After the distributed system is to signing successfully to the terminal public key by certificate authority, described point is received
The configuration file that cloth system is generated according to the terminal iidentification and the registration type.
The method further includes in one of the embodiments,:
End message is obtained, and the end message is sent to distributed system;
The terminal secret key corresponding with the end message and terminal public key that distributed system returns are received, the terminal is private
Key and the terminal public key are what the distributed system was generated by certificate authority according to the end message.
A kind of data processing equipment, described device include:
Key Acquisition Module is obtained for being exchanged with distributed system according to Key Exchange Protocol by preconfigured interface
Obtain the first interim conversation key;
Encrypting module, for being encrypted by the first interim conversation key pair data to be written;
Writing module, for encrypted data to be written to be sent to the distributed system by preconfigured interface
System, so that the distributed system is decrypted to obtain by encrypted data to be written described in the second interim conversation key pair
First in plain text, and the second interim conversation key is answered with the first interim conversation key pair.
A kind of computer equipment, including memory, processor and storage can be run on a memory and on a processor
The step of computer program, the processor realizes any of the above-described the method when executing the computer program.
A kind of computer readable storage medium, is stored thereon with computer program, and the computer program is held by processor
The step of method described in any one of the above embodiments is realized when row.
Above-mentioned data processing method, device, computer equipment and storage medium configure interface, no in authorization center in advance
Used in the Ingress node of distributed system deployment, lower deployment cost is greatly saved, and by configuring interface to terminal, can make
Data source in distributed system is abundant, accesses simpler convenience, and alleviate distributed system access node significantly
Pressure, avoid and the relevant issues of data be written by an access node.
Description of the drawings
Fig. 1 is the application scenario diagram of data processing method in one embodiment;
Fig. 2 is the flow diagram of data processing method in one embodiment;
Fig. 3 is the flow chart for being pre-configured with step in an embodiment;
Fig. 4 is the sequence diagram of the data processing method in an embodiment;
Fig. 5 is the structure diagram of data processing equipment in one embodiment;
Fig. 6 is the internal structure chart of one embodiment Computer equipment.
Specific implementation mode
It is with reference to the accompanying drawings and embodiments, right in order to make the object, technical solution and advantage of the application be more clearly understood
The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, not
For limiting the application.
Data processing method provided by the present application can be applied in application environment as shown in Figure 1.Wherein, terminal is logical
Network is crossed to be attached by network with distributed system.Distributed system is by advance configuring terminal, by script portion
It affixes one's name to the access limit at the read-write node of distributed system to transfer to terminal, to which data to be written can be uploaded by terminal
To the arbitrary node of distributed system, such as terminal can be configured by configuration file, which can be
Integrated SDK (Software Development Kit, software tool kit), is matched by the interface etc. to terminal
It sets, forms a security module in terminal, which obtains the key pipe of the access rights of distributed system, encryption and decryption
Reason, the management of terminal secret key, management of the certificate of authority etc..Wherein, terminal by the security module according to Key Exchange Protocol with
Distributed system, which exchanges, obtains the first interim conversation key, is encrypted by the first interim conversation key pair data to be written;
Encrypted data to be written are sent to distributed system to realize the write-in of data by preconfigured interface, are equally counted
According to reading can be then by the security module to distributed system transmission data read requests, then by preconfigured
What interface distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first special meeting
Data to be read after words key pair encryption are decrypted to obtain second plaintext.Wherein, terminal 102 can be, but not limited to be various
Personal computer, laptop, smart mobile phone, tablet computer and portable wearable device.
In one embodiment, as shown in Fig. 2, providing a kind of data processing method, in this way applied to the end in Fig. 1
It illustrates, includes the following steps for end:
S202:It is exchanged with distributed system according to Key Exchange Protocol by preconfigured interface and obtains the first special meeting
Talk about key.
Wherein, which can be block chain or other distributed systems, be not specifically limited herein.
Specifically, to be terminal obtained preconfigured interface by being registered to distributed system, such as terminal is to distribution
Formula system sends registration request, and distributed system judges whether terminal is security terminal, then can be to this when for security terminal
Terminal is authorized, such as is sent corresponding configuration file and configured etc. to the target interface of terminal.I.e. by being pre-configured with
Originally the access limit at the read-write node for being deployed in distributed system is transferred into terminal, to which data to be uploaded can pass through
It after terminal processes, is uploaded on the arbitrary node of distributed system, and distributed system no longer needs to dispose a large amount of read-write section
Point can substantially reduce cost.The deployment process can be existed by forming the form of security module in terminal, such as will match
After the SDK set downloads to terminal progress load operating, which is then managed collectively the interface interacted with distributed system.
Wherein, the first interim conversation key can accomplish that different types of data use different special meetings as needed
Key is talked about, such as terminal can be different from the interim conversation key of distributed system progress data interaction each time, so i.e.
Criminal is set to get the key that the interim conversation key may be unexpected by data interaction next time, to which number can not be got
According in plain text.
Specifically, it can be stored with shared parameter of curve in terminal and authorization terminal, such as is stored in first terminal
One shared parameter of curve is stored with the second shared parameter of curve in second terminal, and is stored with all be total in distributed system
Parameter of curve is enjoyed, each shared parameter of curve includes elliptic curve E, rank N and basic point G.By preconfigured interface according to
Key Exchange Protocol exchanges the first interim conversation key of acquisition with distributed system and can specifically include:To by preconfigured
Interface sends key to distributed system and exchanges request;It receives distributed system and the first key that request returns is exchanged according to key
Key code;The first interim conversation key is generated according to first key key code;Wherein the second interim conversation key is given birth to by terminal
At the second random number, and according to second generating random number the second key key code, the second key key code is sent to distribution
System, first the second special meeting of generating random number that distributed system is generated according to the second key key code and distributed system
Talk about key.
Illustrate the generating process of the first interim conversation key and the second interim conversation key in detail below:Terminal is to distribution
Formula system sends key and exchanges request, which carries terminal iidentification, and terminal iidentification can uniquely determine the terminal, and raw
At the second random number;After the key that distributed system receives terminal transmission exchanges request, then gets and answered with the terminal-pair
Basic point G, and generate the first random number a, distributed system is according to basic point G and the first generating random number first key key code
A=a*G, and the first key key code of generation is sent to terminal;Terminal is random according to the basic point G itself stored and second
Number generates the second key key code B=b*G, and the second key key code is sent to distributed system;Distributed system root
The second interim conversation key Q=a*B is calculated according to the second key key code and the first random number, terminal is according to first key
The first interim conversation key Q '=b*A is calculated in key code and the second random number, according to law of communication and associative law Q=Q ',
Process is Q=a*B=a*b*G=b*a*G=b*G=Q '.Wherein the transmission of A can disclose, i.e., attacker can obtain A.By
In the discrete logarithm problem of elliptic curve be problem, so attacker cannot calculate a by A, G.It can to exchange both sides
To negotiate a key in the case of not shared any secret, the safety of data to be written thereby may be ensured that.
S204:It is encrypted by the first interim conversation key pair data to be written.
Specifically, after interim conversation key is calculated in terminal and distributed system, terminal first can be faced by this
When session key data to be written are encrypted, thereby may be ensured that the safety of the data to be written, and be further
It, can be by terminal iidentification and should so that distributed system will be seen that the data to be written that specifically which terminal is sent
Encrypted data to be written send jointly to distributed system, which can uniquely determine the terminal, can be with
It is the MAC Address etc. of terminal.
S206:Encrypted data to be written are sent to distributed system by preconfigured interface, so that distribution
Formula system is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, the second special meeting
Words key is answered with the first interim conversation key pair.
Specifically, after data encryption success, then encrypted data to be written are sent by preconfigured interface
Into distributed system, distributed system can get and just be calculated after receiving the encrypted data to be written
The second interim conversation key, be decrypted to obtain data by the data to be written of the second interim conversation key pair encryption bright
Text.And preferably, when sending data to be written to distributed system simultaneously there are multiple terminals, then distributed system root first
Calculated the second interim conversation key is obtained according to the terminal iidentification of terminal, such as in distributed system to calculate this second interim
When session key, the second interim conversation key is associated storage with corresponding terminal iidentification first, to distributed system
System can obtain the second calculated interim conversation key according to terminal iidentification, should add further according to the second interim conversation key pair
Close data to be uploaded, which are decrypted, can be obtained first in plain text.
It wherein, can also be according to the data encryption side in distributed system after distributed system gets the first plaintext
Storage is encrypted to ensure safety of the data in distributed system to data in formula.
Above-mentioned data processing method configures interface in authorization center in advance, does not have to the entrance section disposed in distributed system
Point is greatly saved lower deployment cost, and by configuring interface to authorization terminal, can make the data source in distributed system
It is abundant, simpler convenience is accessed, and alleviate the pressure of distributed system access node significantly, avoids and accessed by one
Node is written the relevant issues of data.
The step of being encrypted in one of the embodiments, by the first interim conversation key pair data to be written it
Afterwards, i.e. step S204 further includes that the terminal secret key by disposing in advance signs to encrypted data to be written later;From
And encrypted data to be written are sent to by distributed system by preconfigured interface, so that distributed system passes through
The step of data to be written after two interim conversation key pair encryptions are decrypted to obtain the first plaintext, i.e., step S206 can be wrapped
It includes:The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that distribution
After formula system carries out sign test success by terminal public key to the data to be written received, added by the second interim conversation key pair
Data to be written after close are decrypted to obtain first in plain text, and terminal public key is corresponding with terminal secret key.
It specifically, can also be in advance in order to further ensure the safety of data transmission between terminal and distributed system
The data that the deployment public and private key of terminal, i.e. terminal are sent to distributed system are signed by terminal secret key, in distribution
Sign test can be carried out by corresponding terminal public key at system, further ensure the safety of data transmission.
The public and private key of the terminal disposed in advance can be generated by terminal, i.e., terminal generates terminal in registration
Public key is submitted to distributed system, then by distributed system by the certificate authority of distributed system to the terminal public key
It carries out signature to be stored in distributed system, and the certificate of authority is returned to terminal, to indicate endpoint registration success;In other reality
It applies in example, the public and private key of the terminal can be generated in distributed system, i.e., distributed system generates eventually according to end message
The public and private key at end, is then returned to terminal, and in order to ensure the safety of terminal secret key, which can pass through by terminal secret key
It is carried out under line.
It specifically, can also be by this after terminal is encrypted by the first interim conversation key pair data to be written
The terminal secret key disposed in advance endorses to the encrypted data to be written, to be written by the encryption and after endorsing
Data and terminal iidentification are sent to distributed system, and distributed system upon receipt of the data, can be first according to terminal
Mark gets terminal public key, and sign test is carried out to the encryption and the data to be written endorsed by terminal public key, only sign test at
Acquisition first can just be decrypted after work(by the data to be written of the second interim conversation key pair encryption in plain text, otherwise directly delete
Except the unsuccessful data to be written of sign test, to ensure that the data uploaded in distributed system are secure datas.Wherein obtain
It is signed to distributed system by the certificate of distributed system to can be the step of terminal public key, therefore can be first
Sign test is carried out to the terminal public key after the signature by distributed system certificate corresponding private key and obtains terminal public key.Preferably,
Different session keys can be used for encrypted and digitally signed, accomplish one key of a purposes.And it can in order to ensure data
It by property, can be endorsed by bilayer, such as terminal is added after being endorsed by terminal secret key, then by distributed system public key
Label, to after distributed system receives data, carry out sign test, sign test by the corresponding private key of distributed system public key first
After success, then by terminal public key progress sign test, finally it is decrypted again by the second interim conversation key, is further ensured that number
According to safety.
Distributed system can carry out signature verification to the data sent in the terminal in above-described embodiment, confirm awarding for the terminal
Weigh permission, it is ensured that the data are really by sending and being not tampered in the terminal;Thereby guarantee that the data in distributed system are effective
Property and authenticity.With this solution, the safety of the upload data in the system of multiple terminals access distributed system is efficiently solved
Problem, the mandate reading side of data can be tested after obtaining data by obtaining the certificate of some authorization terminal in distributed system
Card obtains the authenticity of data, solves the trust problem of authorized organization.
The data processing method can also include data reading step, digital independent step in one of the embodiments,
It is rapid may include returned by preconfigured interface distributed system it is encrypted by the second interim conversation key
Data to be read;It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
Specifically, it is mainly concerned in above-described embodiment and the data to be uploaded of terminal is uploaded in distributed system, this
Embodiment is directed primarily to terminal and reads data to be read from distributed system, and wherein terminal can be first to distributed system
Transmission data read requests carry terminal iidentification in the data read request, and then distributed system is exchanged according to key and assisted
View carries out key with terminal and exchanges to obtain the second interim conversation key and the first interim conversation key, the first interim conversation key
It may refer to the specific acquisition modes of the second interim conversation key described above, details are not described herein.Distributed system passes through
The second accessed interim conversation key pair data to be read are encrypted, and encrypted data to be read are sent to pair
The terminal answered, the access so that terminal can be continued by the first interim conversation secret key decryption corresponding with the second interim conversation key
According to second plaintext is obtained, so as to handle second plaintext.
In above-described embodiment, interface is configured in authorization center in advance, does not have to the Ingress node disposed in distributed system, greatly
It is big to have saved lower deployment cost, and by that authorization terminal configuration interface, the data source in distributed system can be made abundant,
Simpler convenience is accessed, and alleviates the pressure of distributed system access node significantly, is avoided by an access node
The relevant issues of data are written.Each terminal-pair identical data uses unique mark simultaneously, avoids the repetition into chain data.It is real
The access for having showed multiple sources, to realize the function of data sharing.Also, each entrance is independent of each other, some entrance
Delay machine be not interfere with the work of other entrance.
It is returned in one of the embodiments, by preconfigured interface distributed system interim by second
The step of session key encrypted data to be read may include:It is returned by preconfigured interface distributed system
Endorsed and encrypted data to be read by terminal public key and the second interim conversation key.To pass through the first interim conversation
Before the step of data to be read after key pair encryption are decrypted to obtain second plaintext, can also include:Pass through terminal private
Key carries out sign test to the data to be read after endorsing by terminal public key and obtains encrypted data to be read.
Specifically, can be with the public key and private key of configurating terminal in the stage of being pre-configured with, and the public key of terminal is stored in point
In cloth system, to which when terminal reads data from distributed system, distributed system can face by second first
When session key the data to be read are encrypted, then endorsed the data to be read with further by terminal public key
Ensure the safety of data to be read.When terminal receives the data to be read, terminal secret key is got first, to the encryption
Sign test is carried out with the data to be read after endorsing, after sign test success, can just pass through the first interim conversation to the data to be read
Key is decrypted to obtain second plaintext, to carry out other processing to the second plaintext.Wherein, for encrypted and digitally signed
Different session keys can be used, accomplishes one key of a purposes.And in order to ensure the reliability of data, can be added by bilayer
Label, such as distributed system can be endorsed by distributed system private key again after being endorsed by terminal public key, from
And after terminal receives data, sign test is carried out by distributed system public key first, after sign test success, then passes through terminal secret key
Sign test is carried out, is finally decrypted again by the first interim conversation key, is further ensured that the safety of data.
In this embodiment, the terminal of access can not have to the Ingress node of deployment distributed system, and portion is greatly saved
Cost is affixed one's name to, while the own characteristic of different terminals can be directed to, provides the interface configuration of differentiation so that access way is more rich
It is rich.Using this system, the data source in distributed system can be made abundant, access simpler convenience, and significantly
Alleviate the pressure of distributed system access server.It avoids and the relevant issues of data is written by an access port.Simultaneously
Each mechanism and enterprise use unique mark to identical data, avoid the repetition into chain data.The access of multiple sources is realized,
To realize the function of data sharing.Also, each entrance is independent of each other, and the delay machine of some entrance is not interfere with not
Entrance work.
The data processing method can also be pre-configured with step including one in one of the embodiments, this is pre-configured with
Step is in order to which the access limit being deployed in originally at the read-write node of distributed system is transferred to terminal, to which data can be with
By being uploaded directly into distributed system after terminal processes, and terminal can directly get data from distributed system, connect
The terminal entered can not have to the Ingress node of deployment distributed system, and lower deployment cost is greatly saved.
Referring to Fig. 3, Fig. 3 is the flow chart for being pre-configured with step in an embodiment, this is pre-configured with step and may include:
S302:Registration request is sent to distributed system, registration type and terminal iidentification are carried in registration request.
Specifically, it when terminal is wanted directly to carry out data exchange with distributed system, then needs to get distributed system
The mandate of system, therefore registration request is sent from terminal to distributed system, terminal iidentification is carried in the registration request, with unique
Ground characterizes the terminal, and registration type is since some terminals are Stored Data Type terminals, some terminals are accounting-type terminals,
For different terminals, its configuration file is different, can be directed to the own characteristic of different authorization terminals, provide differentiation
Interface configuration so that access way more horn of plenty.
Wherein, for distributed system in the registration request for receiving the terminal, can be determined first according to terminal iidentification should
Then terminal judges whether the terminal is the mark that security terminal can be prestored in security terminal, such as distributed system,
When receiving the registration request of terminal, it can be compared with the mark of pre-stored security terminal, only compare first
Success, just will continue to get corresponding configuration file according to terminal iidentification and registration type.
S304:Receive the configuration file that distributed system is generated according to terminal iidentification and registration type.
Specifically, the step of getting corresponding configuration file according to terminal iidentification and registration type may include according to note
Registration type in volume request gets corresponding configuration file, then the relevant information of terminal is filled in the configuration file,
Such as terminal iidentification etc..Specifically, registration type may include Stored Data Type and accounting-type etc., and class is stored for data
Type includes in the interface of the initialization in configuration file:Data encryption, decryption, data ID obscure, distributed system data
The interfaces such as library inquiry;Accounting-type then needs to provide the account books such as homomorphic cryptography, the ring signatures book keeping operation relevant interface of reconciliation.It is being distributed
After formula system generates corresponding configuration file, which can be sent to corresponding terminal, and in order to ensure configuration text
The safety of part prevents the configuration file in being transmitted on line from being obtained by illegal molecule, can will be matched by way of being transmitted under line
It sets file and is sent to corresponding terminal.
S306:It is configured according to configuration file.
Specifically, after terminal gets the configuration file, terminal is configured according to the content in configuration file.Configuration
File is not only the access rights of authorization terminal, also includes other functions, such as encryption and decryption, private key/certificate management etc.,
The SDK modules finished writing are comparable to, by local load operating, and authorization terminal is equivalent to and calls SDK after terminal downloads, by
Distributed system read-write node is uniformly accessed in SDK, these functions are because more complicated, it is possible to provide security module, match
When setting, it is understood that be configuration security module, to which follow-up data upload and digital independent are entirely unified from safety
Resume module.
In above-described embodiment, the access limit at the read-write node for being deployed in distributed system originally is transferred into terminal,
To which data can be by being uploaded directly into distributed system after terminal processes, and terminal can be obtained directly from distributed system
Data are got, the terminal of access can not have to the Ingress node of deployment distributed system, lower deployment cost is greatly saved.
It can also include the public and private key generation step of terminal, the step that this, which is pre-configured with step, in one of the embodiments,
May include two kinds of realization methods, one is public private key pair is generated by terminal, terminal is submitted to distributed system when registration
The certificate authority of system has the certificate authority to sign terminal public key, and by after signature terminal public key and end
It, can when receiving the data signed by terminal secret key in order to distributed system in the mark associated storage to distributed system of end
To carry out sign test by the terminal public key.Submit end message to distributed system, distribution system by terminal when another way
System generates the public and private key of terminal according to the end message, and the terminal secret key of generation is returned to terminal, optionally, by under line
The terminal secret key is returned to terminal by mode, to ensure the safety of terminal secret key.
Two ways is described in detail respectively below:First way may include that terminal obtains end message,
And terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distribution
System.Wherein end message may include terminal iidentification, user information, such as account and password etc., can according to the end message
To generate the public and private key of terminal by Open-Source Tools, or the end message is sent to the certificate authority of authority, by weighing
The certificate authority of prestige generates the public and private key of terminal according to the end message, and is issued to terminal, and terminal is public by the terminal of generation
Key is uploaded to distributed system, in order to which distributed system is when receiving the data signed by terminal secret key, can pass through
The terminal public key carries out sign test.Specifically, the configuration file that distributed system is generated according to terminal iidentification and registration type is received
The step of, including:After distributed system is to signing successfully to terminal public key by certificate authority, distributed system is received
The configuration file generated according to terminal iidentification and registration type.After distributed system receives the terminal public key of terminal upload,
It is signed to terminal public key by the certificate authority in distributed system, to be stored in distributed system, prevents this
Terminal public key is got by other illegal molecules, and after the completion of storage, then issues the certificate of authority to terminal, i.e., according to terminal mark
Know the configuration file generated with registration type.
The second way can be that terminal gets end message, and end message is sent to distributed system, by dividing
Cloth system generates the public and private key of corresponding terminal according to the end message, this wherein end message may include terminal iidentification,
User information, such as account and password etc., distributed system are believed by the certificate authority of distributed system according to the terminal
Breath generates the public and private key of terminal, and the terminal secret key is sent to terminal and is stored, and terminal public key is then associated with terminal iidentification and deposits
Storage, in order to which distributed system is when receiving the data signed by terminal secret key, can pass through the end to distributed system
Public key is held to carry out sign test.The terminal secret key corresponding with end message and terminal public key that distributed system returns are received, terminal is private
Key and terminal public key are what distributed system was generated by certificate authority according to end message.
In above-described embodiment, the public and private key of terminal can also be generated by being pre-configured with step, in terminal and distributed system
It when carrying out data transmission, is encrypted, is also endorsed by the public and private key of terminal, further not only by interim conversation key
Improve the safety of data.
Refering to Fig. 4, Fig. 4 is the sequence diagram of the data processing method in an embodiment, with terminal to distribution in the embodiment
Formula system uploads data and illustrates, and the public and private key of terminal is generated by terminal, in this embodiment, the distributed system
For block chain.
Wherein, terminal gets end message first, then generates the public and private key of terminal according to end message;Secondly terminal to
Block chain sends registration request, which carries registration type, terminal iidentification and the terminal public key of generation information;The
Three, after block chain receives the registration request, signed to the terminal public key by the certificate authority of block chain, and deposit
On storage to block chain, and corresponding configuration file is generated according to registration type and terminal iidentification;4th, block chain is literary by the configuration
Part is issued to terminal, which can carry out by way of under line;5th, terminal matches terminal according to the configuration file
It sets, such as forms corresponding security module;6th, after configuration is complete, terminal can get the certificate of authority from block chain, i.e.,
Data can be encrypted, to guarantee data security;7th, terminal is by security module according to Key Exchange Protocol and block
Chain, which swaps, obtains interim conversation key;8th, it is encrypted by the interim conversation key pair data to be uploaded, and pass through
Terminal secret key endorses to data;9th, the data after encrypting and endorsing are sent to block chain by terminal by security module;
Tenth, block chain can get terminal public key according to terminal iidentification, pass through after the data after receiving the encryption and endorsing
Data of the terminal public key to the encryption and after endorsing carry out sign test, and facing for acquisition of having a rest is exchanged by key again after sign test success
When session key encrypted data are decrypted to obtain in plain text, can also be as desired by block chain after obtaining plaintext
On the public private key pair data be encrypted after be stored on block chain, to ensure safety of the data on block chain.
Above-mentioned data processing method configures interface in authorization center in advance, does not have to the Ingress node disposed in block chain, greatly
It is big to have saved lower deployment cost, and by configuring interface to authorization terminal, the data source in block chain can be made abundant, access
Simpler convenience, and the pressure of block link ingress is alleviated significantly, it avoids and number is written by an access node
According to relevant issues.
It should be understood that although each step in the flow chart of Fig. 2-4 is shown successively according to the instruction of arrow,
These steps are not that the inevitable sequence indicated according to arrow executes successively.Unless expressly stating otherwise herein, these steps
Execution there is no stringent sequences to limit, these steps can execute in other order.Moreover, at least one in Fig. 2-4
Part steps may include that either these sub-steps of multiple stages or stage are not necessarily in synchronization to multiple sub-steps
Completion is executed, but can be executed at different times, the execution sequence in these sub-steps or stage is also not necessarily successively
It carries out, but can either the sub-step of other steps or at least part in stage be in turn or alternately with other steps
It executes.
In one of the embodiments, as shown in figure 5, providing a kind of data processing equipment, including Key Acquisition Module
100, encrypting module 200 and writing module 300, wherein:
Key Acquisition Module 100, for being handed over according to Key Exchange Protocol and distributed system by preconfigured interface
It changes and obtains the first interim conversation key.
Encrypting module 200 is encrypted for passing through the first interim conversation key pair data to be written.
Writing module 300, for encrypted data to be written to be sent to distributed system by preconfigured interface
System so that distributed system be decrypted to obtain first by the data to be written after the second interim conversation key pair encryption it is bright
Text, the second interim conversation key are answered with the first interim conversation key pair.
Device can also include in one of the embodiments,:
Signature blocks, for after being encrypted by the first interim conversation key pair data to be written, passing through advance portion
The terminal secret key of administration signs to encrypted data to be written.
Writing module 300 is additionally operable to send the data to be written after encryption and signature by preconfigured interface
Lead to distributed system so that after distributed system carries out sign test success by terminal public key to the data to be written received
The data to be written crossed after the second interim conversation key pair encryption are decrypted to obtain first in plain text, terminal public key and terminal secret key
It is corresponding.
Device can also include in one of the embodiments,:
Read module, it is close by the second interim conversation for being returned by preconfigured interface distributed system
The encrypted data to be read of key.
Deciphering module, for being decrypted to obtain second by the data to be read after the first interim conversation key pair encryption
In plain text.
Read module is additionally operable to return by preconfigured interface distributed system in one of the embodiments,
Endorsed and encrypted data to be read by terminal public key and the second interim conversation key.
Device can also include sign test module, for passing through the data to be read after the first interim conversation key pair encryption
Before being decrypted to obtain second plaintext, sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key
Obtain encrypted data to be read.
Device can also include in one of the embodiments,:
Sending module carries registration type and end for sending registration request to distributed system in registration request
End mark.
Receiving module, the configuration file generated according to terminal iidentification and registration type for receiving distributed system.
Configuration module, for being configured according to configuration file.
Device can also include in one of the embodiments,:
First public and private key generation module, for obtaining end message, and according to end message generate terminal public key and with
The corresponding terminal secret key of terminal public key.
Sending module is additionally operable to terminal public key being sent to distributed system.
Receiving module is additionally operable to after distributed system is to signing successfully to terminal public key by certificate authority, is received
The configuration file that distributed system is generated according to terminal iidentification and registration type.
Sending module can be also used for obtaining end message in one of the embodiments, and end message is sent to
Distributed system.
Receiving module is additionally operable to receive the terminal secret key corresponding with end message and terminal public key that distributed system returns,
Terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
Specific about data processing equipment limits the restriction that may refer to above for data processing method, herein not
It repeats again.Modules in above-mentioned data processing equipment can be realized fully or partially through software, hardware and combinations thereof.On
Stating each module can be embedded in or independently of in the processor in computer equipment, can also store in a software form in the form of hardware
In memory in computer equipment, the corresponding operation of the above modules is executed in order to which processor calls.
In one embodiment, a kind of computer equipment is provided, which can be terminal, internal structure
Figure can be as shown in Figure 6.The computer equipment includes the processor connected by system bus, memory, network interface, display
Screen and input unit.Wherein, the processor of the computer equipment is for providing calculating and control ability.The computer equipment is deposited
Reservoir includes non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system and computer journey
Sequence.The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The calculating
The network interface of machine equipment is used to communicate by network connection with external terminal.When the computer program is executed by processor with
Realize a kind of data processing method.The display screen of the computer equipment can be liquid crystal display or electric ink display screen,
The input unit of the computer equipment can be the touch layer covered on display screen, can also be to be arranged on computer equipment shell
Button, trace ball or Trackpad, can also be external keyboard, Trackpad or mouse etc..
It will be understood by those skilled in the art that structure shown in Fig. 6, is only tied with the relevant part of application scheme
The block diagram of structure does not constitute the restriction for the computer equipment being applied thereon to application scheme, specific computer equipment
May include either combining certain components than more or fewer components as shown in the figure or being arranged with different components.
In one embodiment, a kind of computer equipment is provided, including memory, processor and storage are on a memory
And the computer program that can be run on a processor, processor realize following steps when executing computer program:By matching in advance
The interface set, which is exchanged according to Key Exchange Protocol with distributed system, obtains the first interim conversation key;Pass through the first interim conversation
Key pair data to be written are encrypted;Encrypted data to be written are sent to distributed system by preconfigured interface
System so that distributed system be decrypted to obtain first by the data to be written after the second interim conversation key pair encryption it is bright
Text, the second interim conversation key are answered with the first interim conversation key pair.
In one embodiment, it is realized when processor executes computer program to be written by the first interim conversation key pair
After entering the step of data are encrypted, can also include:By the terminal secret key disposed in advance to encrypted number to be written
According to signing;Processor execute realized when computer program by preconfigured interface by encrypted data to be written
It is sent to distributed system, so that distributed system is solved by the data to be written after the second interim conversation key pair encryption
Close the step of obtaining the first plaintext, may include:By preconfigured interface by the number to be written after encryption and signature
According to distributed system is sent to, so that distributed system carries out sign test success by terminal public key to the data to be written received
Afterwards, it is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, terminal public key and end
Private key is held to correspond to.
In one embodiment, following steps are also realized when processor executes computer program:It is connect by preconfigured
What mouth reception distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first interim conversation
Data to be read after key pair encryption are decrypted to obtain second plaintext.
In one embodiment, that is realized when processor execution computer program is distributed by preconfigured interface
The step of data to be read encrypted by the second interim conversation key that formula system returns, may include:By matching in advance
What the interface distributed system set returned is endorsed and is continued with encrypted by terminal public key and the second interim conversation key
Access evidence;Processor execute computer program when realize by the data to be read after the first interim conversation key pair encryption into
Before the step of row decryption obtains second plaintext, can also include:By terminal secret key to being waited for after being endorsed by terminal public key
It reads data progress sign test and obtains encrypted data to be read.
In one embodiment, following steps are also realized when processor executes computer program:It is sent to distributed system
Registration request carries registration type and terminal iidentification in registration request;Distributed system is received according to terminal iidentification and note
The configuration file that volume type generates;It is configured according to configuration file.
In one embodiment, following steps are also realized when processor executes computer program:Obtain end message, and root
Terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distributed system
System;Processor executes the configuration that the reception distributed system realized when computer program is generated according to terminal iidentification and registration type
The step of file may include:After distributed system is to signing successfully to terminal public key by certificate authority, receives and divide
The configuration file that cloth system is generated according to terminal iidentification and registration type.
In one embodiment, following steps are also realized when processor executes computer program:End message is obtained, and will
End message is sent to distributed system;Receive the terminal secret key corresponding with end message and terminal public affairs that distributed system returns
Key, terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated
Machine program realizes following steps when being executed by processor:It is with distributed according to Key Exchange Protocol by preconfigured interface
System, which exchanges, obtains the first interim conversation key;It is encrypted by the first interim conversation key pair data to be written;By advance
Encrypted data to be written are sent to distributed system by the interface of configuration, so that distributed system passes through the second interim conversation
Data to be written after key pair encryption are decrypted to obtain first in plain text, and the second interim conversation key and the first interim conversation are close
Key corresponds to.
In one embodiment, that is realized when computer program is executed by processor is treated by the first interim conversation key
After the step of write-in data are encrypted, can also include:By the terminal secret key disposed in advance to encrypted to be written
Data are signed;That is realized when computer program is executed by processor will be encrypted to be written by preconfigured interface
Data are sent to distributed system so that distributed system by the data to be written after the second interim conversation key pair encryption into
Row decrypts the step of obtaining the first plaintext, may include:It will be to be written after encryption and signature by preconfigured interface
Enter data and be sent to distributed system, so that distributed system carries out sign test by terminal public key to the data to be written received
After success, it is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, terminal public key
It is corresponding with terminal secret key.
In one embodiment, following steps are also realized when computer program is executed by processor:By preconfigured
What interface distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first special meeting
Data to be read after words key pair encryption are decrypted to obtain second plaintext.
In one embodiment, that is realized when computer program is executed by processor is divided by preconfigured interface
The step of data to be read encrypted by the second interim conversation key that cloth system returns, may include:By advance
What the interface distributed system of configuration returned is endorsed and is waited for encrypted by terminal public key and the second interim conversation key
Read data;Realized when computer program is executed by processor by the access of continuing after the first interim conversation key pair encryption
Before the step of being decrypted to obtain second plaintext, can also include:By terminal secret key to being endorsed by terminal public key after
Data to be read carry out sign test obtain encrypted data to be read.
In one embodiment, following steps are also realized when computer program is executed by processor:It is sent out to distributed system
Registration request is sent, registration type and terminal iidentification are carried in registration request;Receive distributed system according to terminal iidentification and
The configuration file that registration type generates;It is configured according to configuration file.
In one embodiment, following steps are also realized when computer program is executed by processor:End message is obtained, and
Terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distributed system
System;The reception distributed system realized when computer program is executed by processor is matched according to what terminal iidentification and registration type generated
The step of setting file may include:After distributed system is to signing successfully to terminal public key by certificate authority, receive
The configuration file that distributed system is generated according to terminal iidentification and registration type.
In one embodiment, following steps are also realized when computer program is executed by processor:End message is obtained, and
End message is sent to distributed system;Receive terminal secret key corresponding with end message and terminal that distributed system returns
Public key, terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer
In read/write memory medium, the computer program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein,
Any reference to memory, storage, database or other media used in each embodiment provided herein,
Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM
(PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include
Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms,
Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing
Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM
(RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..
Each technical characteristic of above example can be combined arbitrarily, to keep description succinct, not to above-described embodiment
In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance
Shield is all considered to be the range of this specification record.
The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously
It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art
It says, under the premise of not departing from the application design, various modifications and improvements can be made, these belong to the protection of the application
Range.Therefore, the protection domain of the application patent should be determined by the appended claims.
Claims (10)
1. a kind of data processing method, the method includes:
It is exchanged with distributed system according to Key Exchange Protocol by preconfigured interface and obtains the first interim conversation key;
It is encrypted by the first interim conversation key pair data to be written;
Encrypted data to be written are sent to the distributed system by preconfigured interface, so that the distribution
System is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair, and described second
Interim conversation key is answered with the first interim conversation key pair.
2. according to the method described in claim 1, it is characterized in that, described to be written by the first interim conversation key pair
After the step of data are encrypted, further include:
It is signed to encrypted data to be written by the terminal secret key disposed in advance;
It is described that encrypted data to be written are sent to by the distributed system by preconfigured interface, so that described point
Cloth system is decrypted to obtain the step of the first plaintext by encrypted data to be written described in the second interim conversation key pair
Suddenly, including:
The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that described
After distributed system carries out sign test success by terminal public key to the data to be written received, pass through the second interim conversation key
It is decrypted to obtain first in plain text to encrypted data to be written, the terminal public key is corresponding with the terminal secret key.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
It is returned by preconfigured interface distributed system encrypted to be read by the second interim conversation key
Data;
It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
4. according to the method described in claim 3, it is characterized in that, described pass through preconfigured interface distributed system
The step of data to be read encrypted by the second interim conversation key returned, including:
It is endorsed by terminal public key and the second interim conversation key by what preconfigured interface distributed system returned
With encrypted data to be read;
The data to be read by after the first interim conversation key pair encryption are decrypted to obtain second plaintext
The step of before, further include:
Sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key and obtains encrypted access of continuing
According to.
5. method according to any one of claims 1 to 4, which is characterized in that the method further includes:
Registration request is sent to distributed system, registration type and terminal iidentification are carried in the registration request;
Receive the configuration file that the distributed system is generated according to the terminal iidentification and the registration type;
It is configured according to the configuration file.
6. according to the method described in claim 5, it is characterized in that, the method further includes:
End message is obtained, and terminal public key and terminal secret key corresponding with terminal public key are generated according to the end message;
The terminal public key is sent to distributed system;
Described the step of receiving the configuration file that the distributed system is generated according to the terminal iidentification and the registration type,
Including:
After the distributed system is to signing successfully to the terminal public key by certificate authority, the distribution is received
The configuration file that system is generated according to the terminal iidentification and the registration type.
7. according to the method described in claim 5, it is characterized in that, the method further includes:
End message is obtained, and the end message is sent to distributed system;
Receive distributed system return terminal secret key corresponding with the end message and terminal public key, the terminal secret key and
The terminal public key is what the distributed system was generated by certificate authority according to the end message.
8. a kind of data processing equipment, which is characterized in that described device includes:
Key Acquisition Module obtains for being exchanged with distributed system according to Key Exchange Protocol by preconfigured interface
One interim conversation key;
Encrypting module, for being encrypted by the first interim conversation key pair data to be written;
Writing module, for encrypted data to be written to be sent to the distributed system by preconfigured interface,
So that the distributed system is decrypted to obtain by encrypted data to be written described in the second interim conversation key pair
One in plain text, and the second interim conversation key is answered with the first interim conversation key pair.
9. a kind of computer equipment, including memory, processor and storage are on a memory and the meter that can run on a processor
Calculation machine program, which is characterized in that the processor realizes any one of claim 1 to 7 institute when executing the computer program
The step of stating method.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
The step of method described in any one of claim 1 to 7 is realized when being executed by processor.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810030994.XA CN108322451B (en) | 2018-01-12 | 2018-01-12 | Data processing method, data processing device, computer equipment and storage medium |
PCT/CN2018/096760 WO2019136959A1 (en) | 2018-01-12 | 2018-07-24 | Data processing method and device, computer device and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810030994.XA CN108322451B (en) | 2018-01-12 | 2018-01-12 | Data processing method, data processing device, computer equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108322451A true CN108322451A (en) | 2018-07-24 |
CN108322451B CN108322451B (en) | 2020-09-22 |
Family
ID=62894319
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810030994.XA Active CN108322451B (en) | 2018-01-12 | 2018-01-12 | Data processing method, data processing device, computer equipment and storage medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN108322451B (en) |
WO (1) | WO2019136959A1 (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109040076A (en) * | 2018-08-09 | 2018-12-18 | 腾讯科技(深圳)有限公司 | A kind of data processing method, system, device, equipment and medium |
CN109241756A (en) * | 2018-08-20 | 2019-01-18 | 深圳市腾讯网络信息技术有限公司 | Data processing method, system, server and medium based on block chain |
CN109361663A (en) * | 2018-10-10 | 2019-02-19 | 中航信托股份有限公司 | A kind of correlation technique, system and relevant apparatus accessing encryption data |
CN109670325A (en) * | 2018-12-21 | 2019-04-23 | 北京思源互联科技有限公司 | A kind of devices and methods therefor of configuration file encryption and decryption |
CN109698834A (en) * | 2019-01-11 | 2019-04-30 | 深圳市元征科技股份有限公司 | A kind of encrypted transmission method and system |
CN110166460A (en) * | 2019-05-24 | 2019-08-23 | 北京思源互联科技有限公司 | Register method and device, storage medium, the electronic device of service account |
CN110969527A (en) * | 2018-09-29 | 2020-04-07 | 北京天能博信息科技有限公司 | Data processing method of block chain and related equipment |
CN111294349A (en) * | 2020-01-22 | 2020-06-16 | 重庆大学 | Method and device for sharing data of Internet of things equipment |
CN111314072A (en) * | 2020-02-21 | 2020-06-19 | 北京邮电大学 | Extensible identity authentication method and system based on SM2 algorithm |
CN111541690A (en) * | 2020-04-21 | 2020-08-14 | 北京智芯微电子科技有限公司 | Safety protection method for communication between intelligent terminal and server |
CN112003697A (en) * | 2020-08-25 | 2020-11-27 | 成都卫士通信息产业股份有限公司 | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium |
CN113138809A (en) * | 2021-04-30 | 2021-07-20 | 广东天波信息技术股份有限公司 | Method and system for safely switching working modes of terminal |
CN113343309A (en) * | 2021-08-02 | 2021-09-03 | 北京东方通软件有限公司 | Natural person database privacy security protection method and device and terminal equipment |
CN115147956A (en) * | 2022-06-29 | 2022-10-04 | 中国第一汽车股份有限公司 | Data processing method and device, electronic equipment and storage medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1710985A (en) * | 2005-06-30 | 2005-12-21 | 中国科学院计算技术研究所 | Enciphered consulating method for speech-sound communication in grouped network |
US20080104615A1 (en) * | 2006-11-01 | 2008-05-01 | Microsoft Corporation | Health integration platform api |
KR101197207B1 (en) * | 2011-05-17 | 2012-11-02 | 인크로스 주식회사 | Method for Verification of Contensts Using Verification Platform |
CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
CN103167498A (en) * | 2011-12-19 | 2013-06-19 | 卓望数码技术(深圳)有限公司 | Ability control method and system |
CN105516117A (en) * | 2015-12-02 | 2016-04-20 | 南方电网科学研究院有限责任公司 | Cloud computing based power data security storage method |
CN107135219A (en) * | 2017-05-05 | 2017-09-05 | 四川长虹电器股份有限公司 | A kind of Internet of Things information secure transmission method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101661930B1 (en) * | 2015-08-03 | 2016-10-05 | 주식회사 코인플러그 | Certificate issuance system based on block chain |
CN106100981B (en) * | 2016-08-22 | 2019-08-23 | 布比(北京)网络技术有限公司 | Social network data exchange method and device |
CN106534092B (en) * | 2016-11-02 | 2019-07-02 | 西安电子科技大学 | The privacy data encryption method of key is depended on based on message |
-
2018
- 2018-01-12 CN CN201810030994.XA patent/CN108322451B/en active Active
- 2018-07-24 WO PCT/CN2018/096760 patent/WO2019136959A1/en active Application Filing
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1710985A (en) * | 2005-06-30 | 2005-12-21 | 中国科学院计算技术研究所 | Enciphered consulating method for speech-sound communication in grouped network |
US20080104615A1 (en) * | 2006-11-01 | 2008-05-01 | Microsoft Corporation | Health integration platform api |
KR101197207B1 (en) * | 2011-05-17 | 2012-11-02 | 인크로스 주식회사 | Method for Verification of Contensts Using Verification Platform |
CN103167498A (en) * | 2011-12-19 | 2013-06-19 | 卓望数码技术(深圳)有限公司 | Ability control method and system |
CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
CN105516117A (en) * | 2015-12-02 | 2016-04-20 | 南方电网科学研究院有限责任公司 | Cloud computing based power data security storage method |
CN107135219A (en) * | 2017-05-05 | 2017-09-05 | 四川长虹电器股份有限公司 | A kind of Internet of Things information secure transmission method |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109040076B (en) * | 2018-08-09 | 2020-07-24 | 腾讯科技(深圳)有限公司 | Data processing method, system, device, equipment and medium |
CN109040076A (en) * | 2018-08-09 | 2018-12-18 | 腾讯科技(深圳)有限公司 | A kind of data processing method, system, device, equipment and medium |
CN109241756A (en) * | 2018-08-20 | 2019-01-18 | 深圳市腾讯网络信息技术有限公司 | Data processing method, system, server and medium based on block chain |
CN110969527A (en) * | 2018-09-29 | 2020-04-07 | 北京天能博信息科技有限公司 | Data processing method of block chain and related equipment |
CN110969527B (en) * | 2018-09-29 | 2023-02-24 | 北京天能博信息科技有限公司 | Data processing method of block chain and related equipment |
CN109361663A (en) * | 2018-10-10 | 2019-02-19 | 中航信托股份有限公司 | A kind of correlation technique, system and relevant apparatus accessing encryption data |
CN109361663B (en) * | 2018-10-10 | 2021-05-28 | 中航信托股份有限公司 | Method, system and device for accessing encrypted data |
CN109670325A (en) * | 2018-12-21 | 2019-04-23 | 北京思源互联科技有限公司 | A kind of devices and methods therefor of configuration file encryption and decryption |
CN109670325B (en) * | 2018-12-21 | 2023-03-28 | 北京思源理想控股集团有限公司 | Device and method for encrypting and decrypting configuration file |
CN109698834A (en) * | 2019-01-11 | 2019-04-30 | 深圳市元征科技股份有限公司 | A kind of encrypted transmission method and system |
CN110166460A (en) * | 2019-05-24 | 2019-08-23 | 北京思源互联科技有限公司 | Register method and device, storage medium, the electronic device of service account |
CN110166460B (en) * | 2019-05-24 | 2021-12-14 | 北京思源理想控股集团有限公司 | Service account registration method and device, storage medium and electronic device |
CN111294349A (en) * | 2020-01-22 | 2020-06-16 | 重庆大学 | Method and device for sharing data of Internet of things equipment |
CN111294349B (en) * | 2020-01-22 | 2021-09-03 | 重庆大学 | Method and device for sharing data of Internet of things equipment |
CN111314072A (en) * | 2020-02-21 | 2020-06-19 | 北京邮电大学 | Extensible identity authentication method and system based on SM2 algorithm |
CN111541690A (en) * | 2020-04-21 | 2020-08-14 | 北京智芯微电子科技有限公司 | Safety protection method for communication between intelligent terminal and server |
CN111541690B (en) * | 2020-04-21 | 2022-05-20 | 北京智芯微电子科技有限公司 | Safety protection method for communication between intelligent terminal and server |
CN112003697A (en) * | 2020-08-25 | 2020-11-27 | 成都卫士通信息产业股份有限公司 | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium |
CN112003697B (en) * | 2020-08-25 | 2023-09-29 | 成都卫士通信息产业股份有限公司 | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium |
CN113138809A (en) * | 2021-04-30 | 2021-07-20 | 广东天波信息技术股份有限公司 | Method and system for safely switching working modes of terminal |
CN113343309A (en) * | 2021-08-02 | 2021-09-03 | 北京东方通软件有限公司 | Natural person database privacy security protection method and device and terminal equipment |
CN115147956A (en) * | 2022-06-29 | 2022-10-04 | 中国第一汽车股份有限公司 | Data processing method and device, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
WO2019136959A1 (en) | 2019-07-18 |
CN108322451B (en) | 2020-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108322451A (en) | Data processing method, device, computer equipment and storage medium | |
CN106960165B (en) | Method for realizing multi-party electronic contract countersigning based on block chain intelligent contract | |
CN112232527B (en) | Safe distributed federal deep learning method | |
EP3454238B1 (en) | Registration and authorization method, device and system | |
CN111600908B (en) | Data processing method, system, computer device and readable storage medium | |
CN108667612B (en) | Trust service architecture and method based on block chain | |
CN110417750B (en) | Block chain technology-based file reading and storing method, terminal device and storage medium | |
CN110061845A (en) | Block chain data ciphering method, device, computer equipment and storage medium | |
KR101984254B1 (en) | Node device constituting a block-chain network and an operation method of the node device | |
CN113537984A (en) | Content verification method and device based on block chain and electronic equipment | |
KR102205654B1 (en) | Authentication method in a distributed circumstance | |
CN103310169B (en) | A kind of method protecting SD card data and protection system | |
CN112003858B (en) | Block chain-based platform docking method, electronic device and storage medium | |
CN106161359A (en) | The method and device of certification user, the method and device of registration wearable device | |
CN109861817A (en) | Generate method, apparatus, system, equipment and the medium of key | |
CN110675253A (en) | Block chain-based exclusive digital asset trusted keeping and transferring device and method | |
CN109359977A (en) | Network communication method, device, computer equipment and storage medium | |
CN109995781A (en) | Transmission method, device, medium and the equipment of data | |
CN110135175A (en) | Information processing, acquisition methods, device, equipment and medium based on block chain | |
CN114070614B (en) | Identity authentication method, apparatus, device, storage medium and computer program product | |
CN110708162B (en) | Resource acquisition method and device, computer readable medium and electronic equipment | |
KR20180127384A (en) | Authorization methods and devices for joint accounts, and authentication methods and devices for joint accounts | |
CN110942382A (en) | Electronic contract generating method and device, computer equipment and storage medium | |
CN114500069A (en) | Method and system for storing and sharing electronic contract | |
CN110445757A (en) | Personnel information encryption method, device, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1251093 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |