CN108322451A - Data processing method, device, computer equipment and storage medium - Google Patents

Data processing method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN108322451A
CN108322451A CN201810030994.XA CN201810030994A CN108322451A CN 108322451 A CN108322451 A CN 108322451A CN 201810030994 A CN201810030994 A CN 201810030994A CN 108322451 A CN108322451 A CN 108322451A
Authority
CN
China
Prior art keywords
terminal
distributed system
data
key
interim conversation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810030994.XA
Other languages
Chinese (zh)
Other versions
CN108322451B (en
Inventor
张宇
宦鹏飞
谢丹力
王梦寒
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
Original Assignee
OneConnect Smart Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Smart Technology Co Ltd filed Critical OneConnect Smart Technology Co Ltd
Priority to CN201810030994.XA priority Critical patent/CN108322451B/en
Priority to PCT/CN2018/096760 priority patent/WO2019136959A1/en
Publication of CN108322451A publication Critical patent/CN108322451A/en
Application granted granted Critical
Publication of CN108322451B publication Critical patent/CN108322451B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • H04L67/303Terminal profiles

Abstract

This application involves a kind of data processing method, system, computer equipment and storage mediums.The method includes being exchanged to obtain the first interim conversation key with distributed system according to Key Exchange Protocol by preconfigured interface;It is encrypted by the first interim conversation key pair data to be written;Encrypted data to be written are sent to distributed system by preconfigured interface, so that distributed system is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, the second interim conversation key is answered with the first interim conversation key pair.Interface can be configured in terminal using this method in advance, without disposing Ingress node in distributed system, lower deployment cost is greatly saved, and by configuring interface to authorization terminal, the data source in distributed system can be made abundant, simpler convenience is accessed, and alleviates the pressure of distributed system access node significantly, avoids and the relevant issues of data is written by an access node.

Description

Data processing method, device, computer equipment and storage medium
Technical field
This application involves field of computer technology, more particularly to a kind of data processing method, device, computer equipment and Storage medium.
Background technology
The occupation mode of distributed database is that data are written toward this lane database jointly in multi-party mechanism.Normal conditions Under, the node of distributed system, which is added, can provide read-write interface.
The reading and writing data of existing distributed system is all the mechanism by being docked with distributed system to initiate and control, During a write operation, the request that data are stored in distributed system is initiated by docking mechanism, data can be by distribution Other nodes that the write-in interface that system provides writes data into distributed system, and is synchronized in distributed system, primary During read operation, the reading interface that access mechanism is provided by distributed system reads data and is used from distributed system.
Therefore, all data that be stored in distributed system must be come via the read-write interface that distributed system is provided It completes, will result in this way in authority set and the problems such as performance bottleneck.In addition to this, once this read-write interface goes out to ask Topic, then the risk of write-in data in no normal direction distributed system can be caused.When there are many data volume to be written, data are also had The problems such as write-in delay, loss.
Invention content
Based on this, it is necessary in view of the above technical problems, provide and a kind of transfer access limit to the data of authorization terminal Processing method, device, computer equipment and storage medium.
A kind of data processing method, the method includes:
Exchange according to Key Exchange Protocol that obtain the first interim conversation close with distributed system by preconfigured interface Key;
It is encrypted by the first interim conversation key pair data to be written;
Encrypted data to be written are sent to the distributed system by preconfigured interface, so that described point Cloth system is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair, described Second interim conversation key is answered with the first interim conversation key pair.
It is encrypted by the first interim conversation key pair data to be written described in one of the embodiments, After step, further include:
It is signed to encrypted data to be written by the terminal secret key disposed in advance;
It is described that encrypted data to be written are sent to by the distributed system by preconfigured interface, so that institute It states distributed system and is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair The step of, including:
The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that After the distributed system carries out sign test success by terminal public key to the data to be written received, pass through the second interim conversation Data to be written after key pair encryption are decrypted to obtain first in plain text, and the terminal public key is corresponding with the terminal secret key.
The method further includes in one of the embodiments,:
It is waited for by what preconfigured interface distributed system returned by the way that the second interim conversation key is encrypted Read data;
It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
It is described in one of the embodiments, to pass through second by what preconfigured interface distributed system returned The step of interim conversation key encrypted data to be read, including:
Pass through terminal public key and the second interim conversation key by what preconfigured interface distributed system returned It endorses and encrypted data to be read;
The data to be read by after the first interim conversation key pair encryption are decrypted to obtain second Before the step of plaintext, further include:
Sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key and obtains encrypted continue Access evidence.
The method further includes in one of the embodiments,:
Registration request is sent to distributed system, registration type and terminal iidentification are carried in the registration request;
Receive the configuration file that the distributed system is generated according to the terminal iidentification and the registration type;
It is configured according to the configuration file.
The method further includes in one of the embodiments,:
End message is obtained, and terminal public key and terminal corresponding with terminal public key private are generated according to the end message Key;
The terminal public key is sent to distributed system;
The configuration file that the reception distributed system is generated according to the terminal iidentification and the registration type Step, including:
After the distributed system is to signing successfully to the terminal public key by certificate authority, described point is received The configuration file that cloth system is generated according to the terminal iidentification and the registration type.
The method further includes in one of the embodiments,:
End message is obtained, and the end message is sent to distributed system;
The terminal secret key corresponding with the end message and terminal public key that distributed system returns are received, the terminal is private Key and the terminal public key are what the distributed system was generated by certificate authority according to the end message.
A kind of data processing equipment, described device include:
Key Acquisition Module is obtained for being exchanged with distributed system according to Key Exchange Protocol by preconfigured interface Obtain the first interim conversation key;
Encrypting module, for being encrypted by the first interim conversation key pair data to be written;
Writing module, for encrypted data to be written to be sent to the distributed system by preconfigured interface System, so that the distributed system is decrypted to obtain by encrypted data to be written described in the second interim conversation key pair First in plain text, and the second interim conversation key is answered with the first interim conversation key pair.
A kind of computer equipment, including memory, processor and storage can be run on a memory and on a processor The step of computer program, the processor realizes any of the above-described the method when executing the computer program.
A kind of computer readable storage medium, is stored thereon with computer program, and the computer program is held by processor The step of method described in any one of the above embodiments is realized when row.
Above-mentioned data processing method, device, computer equipment and storage medium configure interface, no in authorization center in advance Used in the Ingress node of distributed system deployment, lower deployment cost is greatly saved, and by configuring interface to terminal, can make Data source in distributed system is abundant, accesses simpler convenience, and alleviate distributed system access node significantly Pressure, avoid and the relevant issues of data be written by an access node.
Description of the drawings
Fig. 1 is the application scenario diagram of data processing method in one embodiment;
Fig. 2 is the flow diagram of data processing method in one embodiment;
Fig. 3 is the flow chart for being pre-configured with step in an embodiment;
Fig. 4 is the sequence diagram of the data processing method in an embodiment;
Fig. 5 is the structure diagram of data processing equipment in one embodiment;
Fig. 6 is the internal structure chart of one embodiment Computer equipment.
Specific implementation mode
It is with reference to the accompanying drawings and embodiments, right in order to make the object, technical solution and advantage of the application be more clearly understood The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, not For limiting the application.
Data processing method provided by the present application can be applied in application environment as shown in Figure 1.Wherein, terminal is logical Network is crossed to be attached by network with distributed system.Distributed system is by advance configuring terminal, by script portion It affixes one's name to the access limit at the read-write node of distributed system to transfer to terminal, to which data to be written can be uploaded by terminal To the arbitrary node of distributed system, such as terminal can be configured by configuration file, which can be Integrated SDK (Software Development Kit, software tool kit), is matched by the interface etc. to terminal It sets, forms a security module in terminal, which obtains the key pipe of the access rights of distributed system, encryption and decryption Reason, the management of terminal secret key, management of the certificate of authority etc..Wherein, terminal by the security module according to Key Exchange Protocol with Distributed system, which exchanges, obtains the first interim conversation key, is encrypted by the first interim conversation key pair data to be written; Encrypted data to be written are sent to distributed system to realize the write-in of data by preconfigured interface, are equally counted According to reading can be then by the security module to distributed system transmission data read requests, then by preconfigured What interface distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first special meeting Data to be read after words key pair encryption are decrypted to obtain second plaintext.Wherein, terminal 102 can be, but not limited to be various Personal computer, laptop, smart mobile phone, tablet computer and portable wearable device.
In one embodiment, as shown in Fig. 2, providing a kind of data processing method, in this way applied to the end in Fig. 1 It illustrates, includes the following steps for end:
S202:It is exchanged with distributed system according to Key Exchange Protocol by preconfigured interface and obtains the first special meeting Talk about key.
Wherein, which can be block chain or other distributed systems, be not specifically limited herein.
Specifically, to be terminal obtained preconfigured interface by being registered to distributed system, such as terminal is to distribution Formula system sends registration request, and distributed system judges whether terminal is security terminal, then can be to this when for security terminal Terminal is authorized, such as is sent corresponding configuration file and configured etc. to the target interface of terminal.I.e. by being pre-configured with Originally the access limit at the read-write node for being deployed in distributed system is transferred into terminal, to which data to be uploaded can pass through It after terminal processes, is uploaded on the arbitrary node of distributed system, and distributed system no longer needs to dispose a large amount of read-write section Point can substantially reduce cost.The deployment process can be existed by forming the form of security module in terminal, such as will match After the SDK set downloads to terminal progress load operating, which is then managed collectively the interface interacted with distributed system.
Wherein, the first interim conversation key can accomplish that different types of data use different special meetings as needed Key is talked about, such as terminal can be different from the interim conversation key of distributed system progress data interaction each time, so i.e. Criminal is set to get the key that the interim conversation key may be unexpected by data interaction next time, to which number can not be got According in plain text.
Specifically, it can be stored with shared parameter of curve in terminal and authorization terminal, such as is stored in first terminal One shared parameter of curve is stored with the second shared parameter of curve in second terminal, and is stored with all be total in distributed system Parameter of curve is enjoyed, each shared parameter of curve includes elliptic curve E, rank N and basic point G.By preconfigured interface according to Key Exchange Protocol exchanges the first interim conversation key of acquisition with distributed system and can specifically include:To by preconfigured Interface sends key to distributed system and exchanges request;It receives distributed system and the first key that request returns is exchanged according to key Key code;The first interim conversation key is generated according to first key key code;Wherein the second interim conversation key is given birth to by terminal At the second random number, and according to second generating random number the second key key code, the second key key code is sent to distribution System, first the second special meeting of generating random number that distributed system is generated according to the second key key code and distributed system Talk about key.
Illustrate the generating process of the first interim conversation key and the second interim conversation key in detail below:Terminal is to distribution Formula system sends key and exchanges request, which carries terminal iidentification, and terminal iidentification can uniquely determine the terminal, and raw At the second random number;After the key that distributed system receives terminal transmission exchanges request, then gets and answered with the terminal-pair Basic point G, and generate the first random number a, distributed system is according to basic point G and the first generating random number first key key code A=a*G, and the first key key code of generation is sent to terminal;Terminal is random according to the basic point G itself stored and second Number generates the second key key code B=b*G, and the second key key code is sent to distributed system;Distributed system root The second interim conversation key Q=a*B is calculated according to the second key key code and the first random number, terminal is according to first key The first interim conversation key Q '=b*A is calculated in key code and the second random number, according to law of communication and associative law Q=Q ', Process is Q=a*B=a*b*G=b*a*G=b*G=Q '.Wherein the transmission of A can disclose, i.e., attacker can obtain A.By In the discrete logarithm problem of elliptic curve be problem, so attacker cannot calculate a by A, G.It can to exchange both sides To negotiate a key in the case of not shared any secret, the safety of data to be written thereby may be ensured that.
S204:It is encrypted by the first interim conversation key pair data to be written.
Specifically, after interim conversation key is calculated in terminal and distributed system, terminal first can be faced by this When session key data to be written are encrypted, thereby may be ensured that the safety of the data to be written, and be further It, can be by terminal iidentification and should so that distributed system will be seen that the data to be written that specifically which terminal is sent Encrypted data to be written send jointly to distributed system, which can uniquely determine the terminal, can be with It is the MAC Address etc. of terminal.
S206:Encrypted data to be written are sent to distributed system by preconfigured interface, so that distribution Formula system is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, the second special meeting Words key is answered with the first interim conversation key pair.
Specifically, after data encryption success, then encrypted data to be written are sent by preconfigured interface Into distributed system, distributed system can get and just be calculated after receiving the encrypted data to be written The second interim conversation key, be decrypted to obtain data by the data to be written of the second interim conversation key pair encryption bright Text.And preferably, when sending data to be written to distributed system simultaneously there are multiple terminals, then distributed system root first Calculated the second interim conversation key is obtained according to the terminal iidentification of terminal, such as in distributed system to calculate this second interim When session key, the second interim conversation key is associated storage with corresponding terminal iidentification first, to distributed system System can obtain the second calculated interim conversation key according to terminal iidentification, should add further according to the second interim conversation key pair Close data to be uploaded, which are decrypted, can be obtained first in plain text.
It wherein, can also be according to the data encryption side in distributed system after distributed system gets the first plaintext Storage is encrypted to ensure safety of the data in distributed system to data in formula.
Above-mentioned data processing method configures interface in authorization center in advance, does not have to the entrance section disposed in distributed system Point is greatly saved lower deployment cost, and by configuring interface to authorization terminal, can make the data source in distributed system It is abundant, simpler convenience is accessed, and alleviate the pressure of distributed system access node significantly, avoids and accessed by one Node is written the relevant issues of data.
The step of being encrypted in one of the embodiments, by the first interim conversation key pair data to be written it Afterwards, i.e. step S204 further includes that the terminal secret key by disposing in advance signs to encrypted data to be written later;From And encrypted data to be written are sent to by distributed system by preconfigured interface, so that distributed system passes through The step of data to be written after two interim conversation key pair encryptions are decrypted to obtain the first plaintext, i.e., step S206 can be wrapped It includes:The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that distribution After formula system carries out sign test success by terminal public key to the data to be written received, added by the second interim conversation key pair Data to be written after close are decrypted to obtain first in plain text, and terminal public key is corresponding with terminal secret key.
It specifically, can also be in advance in order to further ensure the safety of data transmission between terminal and distributed system The data that the deployment public and private key of terminal, i.e. terminal are sent to distributed system are signed by terminal secret key, in distribution Sign test can be carried out by corresponding terminal public key at system, further ensure the safety of data transmission.
The public and private key of the terminal disposed in advance can be generated by terminal, i.e., terminal generates terminal in registration Public key is submitted to distributed system, then by distributed system by the certificate authority of distributed system to the terminal public key It carries out signature to be stored in distributed system, and the certificate of authority is returned to terminal, to indicate endpoint registration success;In other reality It applies in example, the public and private key of the terminal can be generated in distributed system, i.e., distributed system generates eventually according to end message The public and private key at end, is then returned to terminal, and in order to ensure the safety of terminal secret key, which can pass through by terminal secret key It is carried out under line.
It specifically, can also be by this after terminal is encrypted by the first interim conversation key pair data to be written The terminal secret key disposed in advance endorses to the encrypted data to be written, to be written by the encryption and after endorsing Data and terminal iidentification are sent to distributed system, and distributed system upon receipt of the data, can be first according to terminal Mark gets terminal public key, and sign test is carried out to the encryption and the data to be written endorsed by terminal public key, only sign test at Acquisition first can just be decrypted after work(by the data to be written of the second interim conversation key pair encryption in plain text, otherwise directly delete Except the unsuccessful data to be written of sign test, to ensure that the data uploaded in distributed system are secure datas.Wherein obtain It is signed to distributed system by the certificate of distributed system to can be the step of terminal public key, therefore can be first Sign test is carried out to the terminal public key after the signature by distributed system certificate corresponding private key and obtains terminal public key.Preferably, Different session keys can be used for encrypted and digitally signed, accomplish one key of a purposes.And it can in order to ensure data It by property, can be endorsed by bilayer, such as terminal is added after being endorsed by terminal secret key, then by distributed system public key Label, to after distributed system receives data, carry out sign test, sign test by the corresponding private key of distributed system public key first After success, then by terminal public key progress sign test, finally it is decrypted again by the second interim conversation key, is further ensured that number According to safety.
Distributed system can carry out signature verification to the data sent in the terminal in above-described embodiment, confirm awarding for the terminal Weigh permission, it is ensured that the data are really by sending and being not tampered in the terminal;Thereby guarantee that the data in distributed system are effective Property and authenticity.With this solution, the safety of the upload data in the system of multiple terminals access distributed system is efficiently solved Problem, the mandate reading side of data can be tested after obtaining data by obtaining the certificate of some authorization terminal in distributed system Card obtains the authenticity of data, solves the trust problem of authorized organization.
The data processing method can also include data reading step, digital independent step in one of the embodiments, It is rapid may include returned by preconfigured interface distributed system it is encrypted by the second interim conversation key Data to be read;It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
Specifically, it is mainly concerned in above-described embodiment and the data to be uploaded of terminal is uploaded in distributed system, this Embodiment is directed primarily to terminal and reads data to be read from distributed system, and wherein terminal can be first to distributed system Transmission data read requests carry terminal iidentification in the data read request, and then distributed system is exchanged according to key and assisted View carries out key with terminal and exchanges to obtain the second interim conversation key and the first interim conversation key, the first interim conversation key It may refer to the specific acquisition modes of the second interim conversation key described above, details are not described herein.Distributed system passes through The second accessed interim conversation key pair data to be read are encrypted, and encrypted data to be read are sent to pair The terminal answered, the access so that terminal can be continued by the first interim conversation secret key decryption corresponding with the second interim conversation key According to second plaintext is obtained, so as to handle second plaintext.
In above-described embodiment, interface is configured in authorization center in advance, does not have to the Ingress node disposed in distributed system, greatly It is big to have saved lower deployment cost, and by that authorization terminal configuration interface, the data source in distributed system can be made abundant, Simpler convenience is accessed, and alleviates the pressure of distributed system access node significantly, is avoided by an access node The relevant issues of data are written.Each terminal-pair identical data uses unique mark simultaneously, avoids the repetition into chain data.It is real The access for having showed multiple sources, to realize the function of data sharing.Also, each entrance is independent of each other, some entrance Delay machine be not interfere with the work of other entrance.
It is returned in one of the embodiments, by preconfigured interface distributed system interim by second The step of session key encrypted data to be read may include:It is returned by preconfigured interface distributed system Endorsed and encrypted data to be read by terminal public key and the second interim conversation key.To pass through the first interim conversation Before the step of data to be read after key pair encryption are decrypted to obtain second plaintext, can also include:Pass through terminal private Key carries out sign test to the data to be read after endorsing by terminal public key and obtains encrypted data to be read.
Specifically, can be with the public key and private key of configurating terminal in the stage of being pre-configured with, and the public key of terminal is stored in point In cloth system, to which when terminal reads data from distributed system, distributed system can face by second first When session key the data to be read are encrypted, then endorsed the data to be read with further by terminal public key Ensure the safety of data to be read.When terminal receives the data to be read, terminal secret key is got first, to the encryption Sign test is carried out with the data to be read after endorsing, after sign test success, can just pass through the first interim conversation to the data to be read Key is decrypted to obtain second plaintext, to carry out other processing to the second plaintext.Wherein, for encrypted and digitally signed Different session keys can be used, accomplishes one key of a purposes.And in order to ensure the reliability of data, can be added by bilayer Label, such as distributed system can be endorsed by distributed system private key again after being endorsed by terminal public key, from And after terminal receives data, sign test is carried out by distributed system public key first, after sign test success, then passes through terminal secret key Sign test is carried out, is finally decrypted again by the first interim conversation key, is further ensured that the safety of data.
In this embodiment, the terminal of access can not have to the Ingress node of deployment distributed system, and portion is greatly saved Cost is affixed one's name to, while the own characteristic of different terminals can be directed to, provides the interface configuration of differentiation so that access way is more rich It is rich.Using this system, the data source in distributed system can be made abundant, access simpler convenience, and significantly Alleviate the pressure of distributed system access server.It avoids and the relevant issues of data is written by an access port.Simultaneously Each mechanism and enterprise use unique mark to identical data, avoid the repetition into chain data.The access of multiple sources is realized, To realize the function of data sharing.Also, each entrance is independent of each other, and the delay machine of some entrance is not interfere with not Entrance work.
The data processing method can also be pre-configured with step including one in one of the embodiments, this is pre-configured with Step is in order to which the access limit being deployed in originally at the read-write node of distributed system is transferred to terminal, to which data can be with By being uploaded directly into distributed system after terminal processes, and terminal can directly get data from distributed system, connect The terminal entered can not have to the Ingress node of deployment distributed system, and lower deployment cost is greatly saved.
Referring to Fig. 3, Fig. 3 is the flow chart for being pre-configured with step in an embodiment, this is pre-configured with step and may include:
S302:Registration request is sent to distributed system, registration type and terminal iidentification are carried in registration request.
Specifically, it when terminal is wanted directly to carry out data exchange with distributed system, then needs to get distributed system The mandate of system, therefore registration request is sent from terminal to distributed system, terminal iidentification is carried in the registration request, with unique Ground characterizes the terminal, and registration type is since some terminals are Stored Data Type terminals, some terminals are accounting-type terminals, For different terminals, its configuration file is different, can be directed to the own characteristic of different authorization terminals, provide differentiation Interface configuration so that access way more horn of plenty.
Wherein, for distributed system in the registration request for receiving the terminal, can be determined first according to terminal iidentification should Then terminal judges whether the terminal is the mark that security terminal can be prestored in security terminal, such as distributed system, When receiving the registration request of terminal, it can be compared with the mark of pre-stored security terminal, only compare first Success, just will continue to get corresponding configuration file according to terminal iidentification and registration type.
S304:Receive the configuration file that distributed system is generated according to terminal iidentification and registration type.
Specifically, the step of getting corresponding configuration file according to terminal iidentification and registration type may include according to note Registration type in volume request gets corresponding configuration file, then the relevant information of terminal is filled in the configuration file, Such as terminal iidentification etc..Specifically, registration type may include Stored Data Type and accounting-type etc., and class is stored for data Type includes in the interface of the initialization in configuration file:Data encryption, decryption, data ID obscure, distributed system data The interfaces such as library inquiry;Accounting-type then needs to provide the account books such as homomorphic cryptography, the ring signatures book keeping operation relevant interface of reconciliation.It is being distributed After formula system generates corresponding configuration file, which can be sent to corresponding terminal, and in order to ensure configuration text The safety of part prevents the configuration file in being transmitted on line from being obtained by illegal molecule, can will be matched by way of being transmitted under line It sets file and is sent to corresponding terminal.
S306:It is configured according to configuration file.
Specifically, after terminal gets the configuration file, terminal is configured according to the content in configuration file.Configuration File is not only the access rights of authorization terminal, also includes other functions, such as encryption and decryption, private key/certificate management etc., The SDK modules finished writing are comparable to, by local load operating, and authorization terminal is equivalent to and calls SDK after terminal downloads, by Distributed system read-write node is uniformly accessed in SDK, these functions are because more complicated, it is possible to provide security module, match When setting, it is understood that be configuration security module, to which follow-up data upload and digital independent are entirely unified from safety Resume module.
In above-described embodiment, the access limit at the read-write node for being deployed in distributed system originally is transferred into terminal, To which data can be by being uploaded directly into distributed system after terminal processes, and terminal can be obtained directly from distributed system Data are got, the terminal of access can not have to the Ingress node of deployment distributed system, lower deployment cost is greatly saved.
It can also include the public and private key generation step of terminal, the step that this, which is pre-configured with step, in one of the embodiments, May include two kinds of realization methods, one is public private key pair is generated by terminal, terminal is submitted to distributed system when registration The certificate authority of system has the certificate authority to sign terminal public key, and by after signature terminal public key and end It, can when receiving the data signed by terminal secret key in order to distributed system in the mark associated storage to distributed system of end To carry out sign test by the terminal public key.Submit end message to distributed system, distribution system by terminal when another way System generates the public and private key of terminal according to the end message, and the terminal secret key of generation is returned to terminal, optionally, by under line The terminal secret key is returned to terminal by mode, to ensure the safety of terminal secret key.
Two ways is described in detail respectively below:First way may include that terminal obtains end message, And terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distribution System.Wherein end message may include terminal iidentification, user information, such as account and password etc., can according to the end message To generate the public and private key of terminal by Open-Source Tools, or the end message is sent to the certificate authority of authority, by weighing The certificate authority of prestige generates the public and private key of terminal according to the end message, and is issued to terminal, and terminal is public by the terminal of generation Key is uploaded to distributed system, in order to which distributed system is when receiving the data signed by terminal secret key, can pass through The terminal public key carries out sign test.Specifically, the configuration file that distributed system is generated according to terminal iidentification and registration type is received The step of, including:After distributed system is to signing successfully to terminal public key by certificate authority, distributed system is received The configuration file generated according to terminal iidentification and registration type.After distributed system receives the terminal public key of terminal upload, It is signed to terminal public key by the certificate authority in distributed system, to be stored in distributed system, prevents this Terminal public key is got by other illegal molecules, and after the completion of storage, then issues the certificate of authority to terminal, i.e., according to terminal mark Know the configuration file generated with registration type.
The second way can be that terminal gets end message, and end message is sent to distributed system, by dividing Cloth system generates the public and private key of corresponding terminal according to the end message, this wherein end message may include terminal iidentification, User information, such as account and password etc., distributed system are believed by the certificate authority of distributed system according to the terminal Breath generates the public and private key of terminal, and the terminal secret key is sent to terminal and is stored, and terminal public key is then associated with terminal iidentification and deposits Storage, in order to which distributed system is when receiving the data signed by terminal secret key, can pass through the end to distributed system Public key is held to carry out sign test.The terminal secret key corresponding with end message and terminal public key that distributed system returns are received, terminal is private Key and terminal public key are what distributed system was generated by certificate authority according to end message.
In above-described embodiment, the public and private key of terminal can also be generated by being pre-configured with step, in terminal and distributed system It when carrying out data transmission, is encrypted, is also endorsed by the public and private key of terminal, further not only by interim conversation key Improve the safety of data.
Refering to Fig. 4, Fig. 4 is the sequence diagram of the data processing method in an embodiment, with terminal to distribution in the embodiment Formula system uploads data and illustrates, and the public and private key of terminal is generated by terminal, in this embodiment, the distributed system For block chain.
Wherein, terminal gets end message first, then generates the public and private key of terminal according to end message;Secondly terminal to Block chain sends registration request, which carries registration type, terminal iidentification and the terminal public key of generation information;The Three, after block chain receives the registration request, signed to the terminal public key by the certificate authority of block chain, and deposit On storage to block chain, and corresponding configuration file is generated according to registration type and terminal iidentification;4th, block chain is literary by the configuration Part is issued to terminal, which can carry out by way of under line;5th, terminal matches terminal according to the configuration file It sets, such as forms corresponding security module;6th, after configuration is complete, terminal can get the certificate of authority from block chain, i.e., Data can be encrypted, to guarantee data security;7th, terminal is by security module according to Key Exchange Protocol and block Chain, which swaps, obtains interim conversation key;8th, it is encrypted by the interim conversation key pair data to be uploaded, and pass through Terminal secret key endorses to data;9th, the data after encrypting and endorsing are sent to block chain by terminal by security module; Tenth, block chain can get terminal public key according to terminal iidentification, pass through after the data after receiving the encryption and endorsing Data of the terminal public key to the encryption and after endorsing carry out sign test, and facing for acquisition of having a rest is exchanged by key again after sign test success When session key encrypted data are decrypted to obtain in plain text, can also be as desired by block chain after obtaining plaintext On the public private key pair data be encrypted after be stored on block chain, to ensure safety of the data on block chain.
Above-mentioned data processing method configures interface in authorization center in advance, does not have to the Ingress node disposed in block chain, greatly It is big to have saved lower deployment cost, and by configuring interface to authorization terminal, the data source in block chain can be made abundant, access Simpler convenience, and the pressure of block link ingress is alleviated significantly, it avoids and number is written by an access node According to relevant issues.
It should be understood that although each step in the flow chart of Fig. 2-4 is shown successively according to the instruction of arrow, These steps are not that the inevitable sequence indicated according to arrow executes successively.Unless expressly stating otherwise herein, these steps Execution there is no stringent sequences to limit, these steps can execute in other order.Moreover, at least one in Fig. 2-4 Part steps may include that either these sub-steps of multiple stages or stage are not necessarily in synchronization to multiple sub-steps Completion is executed, but can be executed at different times, the execution sequence in these sub-steps or stage is also not necessarily successively It carries out, but can either the sub-step of other steps or at least part in stage be in turn or alternately with other steps It executes.
In one of the embodiments, as shown in figure 5, providing a kind of data processing equipment, including Key Acquisition Module 100, encrypting module 200 and writing module 300, wherein:
Key Acquisition Module 100, for being handed over according to Key Exchange Protocol and distributed system by preconfigured interface It changes and obtains the first interim conversation key.
Encrypting module 200 is encrypted for passing through the first interim conversation key pair data to be written.
Writing module 300, for encrypted data to be written to be sent to distributed system by preconfigured interface System so that distributed system be decrypted to obtain first by the data to be written after the second interim conversation key pair encryption it is bright Text, the second interim conversation key are answered with the first interim conversation key pair.
Device can also include in one of the embodiments,:
Signature blocks, for after being encrypted by the first interim conversation key pair data to be written, passing through advance portion The terminal secret key of administration signs to encrypted data to be written.
Writing module 300 is additionally operable to send the data to be written after encryption and signature by preconfigured interface Lead to distributed system so that after distributed system carries out sign test success by terminal public key to the data to be written received The data to be written crossed after the second interim conversation key pair encryption are decrypted to obtain first in plain text, terminal public key and terminal secret key It is corresponding.
Device can also include in one of the embodiments,:
Read module, it is close by the second interim conversation for being returned by preconfigured interface distributed system The encrypted data to be read of key.
Deciphering module, for being decrypted to obtain second by the data to be read after the first interim conversation key pair encryption In plain text.
Read module is additionally operable to return by preconfigured interface distributed system in one of the embodiments, Endorsed and encrypted data to be read by terminal public key and the second interim conversation key.
Device can also include sign test module, for passing through the data to be read after the first interim conversation key pair encryption Before being decrypted to obtain second plaintext, sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key Obtain encrypted data to be read.
Device can also include in one of the embodiments,:
Sending module carries registration type and end for sending registration request to distributed system in registration request End mark.
Receiving module, the configuration file generated according to terminal iidentification and registration type for receiving distributed system.
Configuration module, for being configured according to configuration file.
Device can also include in one of the embodiments,:
First public and private key generation module, for obtaining end message, and according to end message generate terminal public key and with The corresponding terminal secret key of terminal public key.
Sending module is additionally operable to terminal public key being sent to distributed system.
Receiving module is additionally operable to after distributed system is to signing successfully to terminal public key by certificate authority, is received The configuration file that distributed system is generated according to terminal iidentification and registration type.
Sending module can be also used for obtaining end message in one of the embodiments, and end message is sent to Distributed system.
Receiving module is additionally operable to receive the terminal secret key corresponding with end message and terminal public key that distributed system returns, Terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
Specific about data processing equipment limits the restriction that may refer to above for data processing method, herein not It repeats again.Modules in above-mentioned data processing equipment can be realized fully or partially through software, hardware and combinations thereof.On Stating each module can be embedded in or independently of in the processor in computer equipment, can also store in a software form in the form of hardware In memory in computer equipment, the corresponding operation of the above modules is executed in order to which processor calls.
In one embodiment, a kind of computer equipment is provided, which can be terminal, internal structure Figure can be as shown in Figure 6.The computer equipment includes the processor connected by system bus, memory, network interface, display Screen and input unit.Wherein, the processor of the computer equipment is for providing calculating and control ability.The computer equipment is deposited Reservoir includes non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system and computer journey Sequence.The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The calculating The network interface of machine equipment is used to communicate by network connection with external terminal.When the computer program is executed by processor with Realize a kind of data processing method.The display screen of the computer equipment can be liquid crystal display or electric ink display screen, The input unit of the computer equipment can be the touch layer covered on display screen, can also be to be arranged on computer equipment shell Button, trace ball or Trackpad, can also be external keyboard, Trackpad or mouse etc..
It will be understood by those skilled in the art that structure shown in Fig. 6, is only tied with the relevant part of application scheme The block diagram of structure does not constitute the restriction for the computer equipment being applied thereon to application scheme, specific computer equipment May include either combining certain components than more or fewer components as shown in the figure or being arranged with different components.
In one embodiment, a kind of computer equipment is provided, including memory, processor and storage are on a memory And the computer program that can be run on a processor, processor realize following steps when executing computer program:By matching in advance The interface set, which is exchanged according to Key Exchange Protocol with distributed system, obtains the first interim conversation key;Pass through the first interim conversation Key pair data to be written are encrypted;Encrypted data to be written are sent to distributed system by preconfigured interface System so that distributed system be decrypted to obtain first by the data to be written after the second interim conversation key pair encryption it is bright Text, the second interim conversation key are answered with the first interim conversation key pair.
In one embodiment, it is realized when processor executes computer program to be written by the first interim conversation key pair After entering the step of data are encrypted, can also include:By the terminal secret key disposed in advance to encrypted number to be written According to signing;Processor execute realized when computer program by preconfigured interface by encrypted data to be written It is sent to distributed system, so that distributed system is solved by the data to be written after the second interim conversation key pair encryption Close the step of obtaining the first plaintext, may include:By preconfigured interface by the number to be written after encryption and signature According to distributed system is sent to, so that distributed system carries out sign test success by terminal public key to the data to be written received Afterwards, it is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, terminal public key and end Private key is held to correspond to.
In one embodiment, following steps are also realized when processor executes computer program:It is connect by preconfigured What mouth reception distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first interim conversation Data to be read after key pair encryption are decrypted to obtain second plaintext.
In one embodiment, that is realized when processor execution computer program is distributed by preconfigured interface The step of data to be read encrypted by the second interim conversation key that formula system returns, may include:By matching in advance What the interface distributed system set returned is endorsed and is continued with encrypted by terminal public key and the second interim conversation key Access evidence;Processor execute computer program when realize by the data to be read after the first interim conversation key pair encryption into Before the step of row decryption obtains second plaintext, can also include:By terminal secret key to being waited for after being endorsed by terminal public key It reads data progress sign test and obtains encrypted data to be read.
In one embodiment, following steps are also realized when processor executes computer program:It is sent to distributed system Registration request carries registration type and terminal iidentification in registration request;Distributed system is received according to terminal iidentification and note The configuration file that volume type generates;It is configured according to configuration file.
In one embodiment, following steps are also realized when processor executes computer program:Obtain end message, and root Terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distributed system System;Processor executes the configuration that the reception distributed system realized when computer program is generated according to terminal iidentification and registration type The step of file may include:After distributed system is to signing successfully to terminal public key by certificate authority, receives and divide The configuration file that cloth system is generated according to terminal iidentification and registration type.
In one embodiment, following steps are also realized when processor executes computer program:End message is obtained, and will End message is sent to distributed system;Receive the terminal secret key corresponding with end message and terminal public affairs that distributed system returns Key, terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated Machine program realizes following steps when being executed by processor:It is with distributed according to Key Exchange Protocol by preconfigured interface System, which exchanges, obtains the first interim conversation key;It is encrypted by the first interim conversation key pair data to be written;By advance Encrypted data to be written are sent to distributed system by the interface of configuration, so that distributed system passes through the second interim conversation Data to be written after key pair encryption are decrypted to obtain first in plain text, and the second interim conversation key and the first interim conversation are close Key corresponds to.
In one embodiment, that is realized when computer program is executed by processor is treated by the first interim conversation key After the step of write-in data are encrypted, can also include:By the terminal secret key disposed in advance to encrypted to be written Data are signed;That is realized when computer program is executed by processor will be encrypted to be written by preconfigured interface Data are sent to distributed system so that distributed system by the data to be written after the second interim conversation key pair encryption into Row decrypts the step of obtaining the first plaintext, may include:It will be to be written after encryption and signature by preconfigured interface Enter data and be sent to distributed system, so that distributed system carries out sign test by terminal public key to the data to be written received After success, it is decrypted to obtain first in plain text by the data to be written after the second interim conversation key pair encryption, terminal public key It is corresponding with terminal secret key.
In one embodiment, following steps are also realized when computer program is executed by processor:By preconfigured What interface distributed system returned passes through the encrypted data to be read of the second interim conversation key;Pass through the first special meeting Data to be read after words key pair encryption are decrypted to obtain second plaintext.
In one embodiment, that is realized when computer program is executed by processor is divided by preconfigured interface The step of data to be read encrypted by the second interim conversation key that cloth system returns, may include:By advance What the interface distributed system of configuration returned is endorsed and is waited for encrypted by terminal public key and the second interim conversation key Read data;Realized when computer program is executed by processor by the access of continuing after the first interim conversation key pair encryption Before the step of being decrypted to obtain second plaintext, can also include:By terminal secret key to being endorsed by terminal public key after Data to be read carry out sign test obtain encrypted data to be read.
In one embodiment, following steps are also realized when computer program is executed by processor:It is sent out to distributed system Registration request is sent, registration type and terminal iidentification are carried in registration request;Receive distributed system according to terminal iidentification and The configuration file that registration type generates;It is configured according to configuration file.
In one embodiment, following steps are also realized when computer program is executed by processor:End message is obtained, and Terminal public key and terminal secret key corresponding with terminal public key are generated according to end message;Terminal public key is sent to distributed system System;The reception distributed system realized when computer program is executed by processor is matched according to what terminal iidentification and registration type generated The step of setting file may include:After distributed system is to signing successfully to terminal public key by certificate authority, receive The configuration file that distributed system is generated according to terminal iidentification and registration type.
In one embodiment, following steps are also realized when computer program is executed by processor:End message is obtained, and End message is sent to distributed system;Receive terminal secret key corresponding with end message and terminal that distributed system returns Public key, terminal secret key and terminal public key are what distributed system was generated by certificate authority according to end message.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer In read/write memory medium, the computer program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, Any reference to memory, storage, database or other media used in each embodiment provided herein, Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM (PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms, Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..
Each technical characteristic of above example can be combined arbitrarily, to keep description succinct, not to above-described embodiment In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance Shield is all considered to be the range of this specification record.
The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, under the premise of not departing from the application design, various modifications and improvements can be made, these belong to the protection of the application Range.Therefore, the protection domain of the application patent should be determined by the appended claims.

Claims (10)

1. a kind of data processing method, the method includes:
It is exchanged with distributed system according to Key Exchange Protocol by preconfigured interface and obtains the first interim conversation key;
It is encrypted by the first interim conversation key pair data to be written;
Encrypted data to be written are sent to the distributed system by preconfigured interface, so that the distribution System is decrypted to obtain first in plain text by encrypted data to be written described in the second interim conversation key pair, and described second Interim conversation key is answered with the first interim conversation key pair.
2. according to the method described in claim 1, it is characterized in that, described to be written by the first interim conversation key pair After the step of data are encrypted, further include:
It is signed to encrypted data to be written by the terminal secret key disposed in advance;
It is described that encrypted data to be written are sent to by the distributed system by preconfigured interface, so that described point Cloth system is decrypted to obtain the step of the first plaintext by encrypted data to be written described in the second interim conversation key pair Suddenly, including:
The data to be written after encryption and signature are sent to distributed system by preconfigured interface, so that described After distributed system carries out sign test success by terminal public key to the data to be written received, pass through the second interim conversation key It is decrypted to obtain first in plain text to encrypted data to be written, the terminal public key is corresponding with the terminal secret key.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
It is returned by preconfigured interface distributed system encrypted to be read by the second interim conversation key Data;
It is decrypted to obtain second plaintext by the data to be read after the first interim conversation key pair encryption.
4. according to the method described in claim 3, it is characterized in that, described pass through preconfigured interface distributed system The step of data to be read encrypted by the second interim conversation key returned, including:
It is endorsed by terminal public key and the second interim conversation key by what preconfigured interface distributed system returned With encrypted data to be read;
The data to be read by after the first interim conversation key pair encryption are decrypted to obtain second plaintext The step of before, further include:
Sign test is carried out to the data to be read after endorsing by terminal public key by terminal secret key and obtains encrypted access of continuing According to.
5. method according to any one of claims 1 to 4, which is characterized in that the method further includes:
Registration request is sent to distributed system, registration type and terminal iidentification are carried in the registration request;
Receive the configuration file that the distributed system is generated according to the terminal iidentification and the registration type;
It is configured according to the configuration file.
6. according to the method described in claim 5, it is characterized in that, the method further includes:
End message is obtained, and terminal public key and terminal secret key corresponding with terminal public key are generated according to the end message;
The terminal public key is sent to distributed system;
Described the step of receiving the configuration file that the distributed system is generated according to the terminal iidentification and the registration type, Including:
After the distributed system is to signing successfully to the terminal public key by certificate authority, the distribution is received The configuration file that system is generated according to the terminal iidentification and the registration type.
7. according to the method described in claim 5, it is characterized in that, the method further includes:
End message is obtained, and the end message is sent to distributed system;
Receive distributed system return terminal secret key corresponding with the end message and terminal public key, the terminal secret key and The terminal public key is what the distributed system was generated by certificate authority according to the end message.
8. a kind of data processing equipment, which is characterized in that described device includes:
Key Acquisition Module obtains for being exchanged with distributed system according to Key Exchange Protocol by preconfigured interface One interim conversation key;
Encrypting module, for being encrypted by the first interim conversation key pair data to be written;
Writing module, for encrypted data to be written to be sent to the distributed system by preconfigured interface, So that the distributed system is decrypted to obtain by encrypted data to be written described in the second interim conversation key pair One in plain text, and the second interim conversation key is answered with the first interim conversation key pair.
9. a kind of computer equipment, including memory, processor and storage are on a memory and the meter that can run on a processor Calculation machine program, which is characterized in that the processor realizes any one of claim 1 to 7 institute when executing the computer program The step of stating method.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program The step of method described in any one of claim 1 to 7 is realized when being executed by processor.
CN201810030994.XA 2018-01-12 2018-01-12 Data processing method, data processing device, computer equipment and storage medium Active CN108322451B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201810030994.XA CN108322451B (en) 2018-01-12 2018-01-12 Data processing method, data processing device, computer equipment and storage medium
PCT/CN2018/096760 WO2019136959A1 (en) 2018-01-12 2018-07-24 Data processing method and device, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810030994.XA CN108322451B (en) 2018-01-12 2018-01-12 Data processing method, data processing device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN108322451A true CN108322451A (en) 2018-07-24
CN108322451B CN108322451B (en) 2020-09-22

Family

ID=62894319

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810030994.XA Active CN108322451B (en) 2018-01-12 2018-01-12 Data processing method, data processing device, computer equipment and storage medium

Country Status (2)

Country Link
CN (1) CN108322451B (en)
WO (1) WO2019136959A1 (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109040076A (en) * 2018-08-09 2018-12-18 腾讯科技(深圳)有限公司 A kind of data processing method, system, device, equipment and medium
CN109241756A (en) * 2018-08-20 2019-01-18 深圳市腾讯网络信息技术有限公司 Data processing method, system, server and medium based on block chain
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109670325A (en) * 2018-12-21 2019-04-23 北京思源互联科技有限公司 A kind of devices and methods therefor of configuration file encryption and decryption
CN109698834A (en) * 2019-01-11 2019-04-30 深圳市元征科技股份有限公司 A kind of encrypted transmission method and system
CN110166460A (en) * 2019-05-24 2019-08-23 北京思源互联科技有限公司 Register method and device, storage medium, the electronic device of service account
CN110969527A (en) * 2018-09-29 2020-04-07 北京天能博信息科技有限公司 Data processing method of block chain and related equipment
CN111294349A (en) * 2020-01-22 2020-06-16 重庆大学 Method and device for sharing data of Internet of things equipment
CN111314072A (en) * 2020-02-21 2020-06-19 北京邮电大学 Extensible identity authentication method and system based on SM2 algorithm
CN111541690A (en) * 2020-04-21 2020-08-14 北京智芯微电子科技有限公司 Safety protection method for communication between intelligent terminal and server
CN112003697A (en) * 2020-08-25 2020-11-27 成都卫士通信息产业股份有限公司 Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium
CN113138809A (en) * 2021-04-30 2021-07-20 广东天波信息技术股份有限公司 Method and system for safely switching working modes of terminal
CN113343309A (en) * 2021-08-02 2021-09-03 北京东方通软件有限公司 Natural person database privacy security protection method and device and terminal equipment
CN115147956A (en) * 2022-06-29 2022-10-04 中国第一汽车股份有限公司 Data processing method and device, electronic equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1710985A (en) * 2005-06-30 2005-12-21 中国科学院计算技术研究所 Enciphered consulating method for speech-sound communication in grouped network
US20080104615A1 (en) * 2006-11-01 2008-05-01 Microsoft Corporation Health integration platform api
KR101197207B1 (en) * 2011-05-17 2012-11-02 인크로스 주식회사 Method for Verification of Contensts Using Verification Platform
CN102970299A (en) * 2012-11-27 2013-03-13 西安电子科技大学 File safe protection system and method thereof
CN103167498A (en) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 Ability control method and system
CN105516117A (en) * 2015-12-02 2016-04-20 南方电网科学研究院有限责任公司 Cloud computing based power data security storage method
CN107135219A (en) * 2017-05-05 2017-09-05 四川长虹电器股份有限公司 A kind of Internet of Things information secure transmission method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101661930B1 (en) * 2015-08-03 2016-10-05 주식회사 코인플러그 Certificate issuance system based on block chain
CN106100981B (en) * 2016-08-22 2019-08-23 布比(北京)网络技术有限公司 Social network data exchange method and device
CN106534092B (en) * 2016-11-02 2019-07-02 西安电子科技大学 The privacy data encryption method of key is depended on based on message

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1710985A (en) * 2005-06-30 2005-12-21 中国科学院计算技术研究所 Enciphered consulating method for speech-sound communication in grouped network
US20080104615A1 (en) * 2006-11-01 2008-05-01 Microsoft Corporation Health integration platform api
KR101197207B1 (en) * 2011-05-17 2012-11-02 인크로스 주식회사 Method for Verification of Contensts Using Verification Platform
CN103167498A (en) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 Ability control method and system
CN102970299A (en) * 2012-11-27 2013-03-13 西安电子科技大学 File safe protection system and method thereof
CN105516117A (en) * 2015-12-02 2016-04-20 南方电网科学研究院有限责任公司 Cloud computing based power data security storage method
CN107135219A (en) * 2017-05-05 2017-09-05 四川长虹电器股份有限公司 A kind of Internet of Things information secure transmission method

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109040076B (en) * 2018-08-09 2020-07-24 腾讯科技(深圳)有限公司 Data processing method, system, device, equipment and medium
CN109040076A (en) * 2018-08-09 2018-12-18 腾讯科技(深圳)有限公司 A kind of data processing method, system, device, equipment and medium
CN109241756A (en) * 2018-08-20 2019-01-18 深圳市腾讯网络信息技术有限公司 Data processing method, system, server and medium based on block chain
CN110969527A (en) * 2018-09-29 2020-04-07 北京天能博信息科技有限公司 Data processing method of block chain and related equipment
CN110969527B (en) * 2018-09-29 2023-02-24 北京天能博信息科技有限公司 Data processing method of block chain and related equipment
CN109361663A (en) * 2018-10-10 2019-02-19 中航信托股份有限公司 A kind of correlation technique, system and relevant apparatus accessing encryption data
CN109361663B (en) * 2018-10-10 2021-05-28 中航信托股份有限公司 Method, system and device for accessing encrypted data
CN109670325A (en) * 2018-12-21 2019-04-23 北京思源互联科技有限公司 A kind of devices and methods therefor of configuration file encryption and decryption
CN109670325B (en) * 2018-12-21 2023-03-28 北京思源理想控股集团有限公司 Device and method for encrypting and decrypting configuration file
CN109698834A (en) * 2019-01-11 2019-04-30 深圳市元征科技股份有限公司 A kind of encrypted transmission method and system
CN110166460A (en) * 2019-05-24 2019-08-23 北京思源互联科技有限公司 Register method and device, storage medium, the electronic device of service account
CN110166460B (en) * 2019-05-24 2021-12-14 北京思源理想控股集团有限公司 Service account registration method and device, storage medium and electronic device
CN111294349A (en) * 2020-01-22 2020-06-16 重庆大学 Method and device for sharing data of Internet of things equipment
CN111294349B (en) * 2020-01-22 2021-09-03 重庆大学 Method and device for sharing data of Internet of things equipment
CN111314072A (en) * 2020-02-21 2020-06-19 北京邮电大学 Extensible identity authentication method and system based on SM2 algorithm
CN111541690A (en) * 2020-04-21 2020-08-14 北京智芯微电子科技有限公司 Safety protection method for communication between intelligent terminal and server
CN111541690B (en) * 2020-04-21 2022-05-20 北京智芯微电子科技有限公司 Safety protection method for communication between intelligent terminal and server
CN112003697A (en) * 2020-08-25 2020-11-27 成都卫士通信息产业股份有限公司 Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium
CN112003697B (en) * 2020-08-25 2023-09-29 成都卫士通信息产业股份有限公司 Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium
CN113138809A (en) * 2021-04-30 2021-07-20 广东天波信息技术股份有限公司 Method and system for safely switching working modes of terminal
CN113343309A (en) * 2021-08-02 2021-09-03 北京东方通软件有限公司 Natural person database privacy security protection method and device and terminal equipment
CN115147956A (en) * 2022-06-29 2022-10-04 中国第一汽车股份有限公司 Data processing method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
WO2019136959A1 (en) 2019-07-18
CN108322451B (en) 2020-09-22

Similar Documents

Publication Publication Date Title
CN108322451A (en) Data processing method, device, computer equipment and storage medium
CN106960165B (en) Method for realizing multi-party electronic contract countersigning based on block chain intelligent contract
CN112232527B (en) Safe distributed federal deep learning method
EP3454238B1 (en) Registration and authorization method, device and system
CN111600908B (en) Data processing method, system, computer device and readable storage medium
CN108667612B (en) Trust service architecture and method based on block chain
CN110417750B (en) Block chain technology-based file reading and storing method, terminal device and storage medium
CN110061845A (en) Block chain data ciphering method, device, computer equipment and storage medium
KR101984254B1 (en) Node device constituting a block-chain network and an operation method of the node device
CN113537984A (en) Content verification method and device based on block chain and electronic equipment
KR102205654B1 (en) Authentication method in a distributed circumstance
CN103310169B (en) A kind of method protecting SD card data and protection system
CN112003858B (en) Block chain-based platform docking method, electronic device and storage medium
CN106161359A (en) The method and device of certification user, the method and device of registration wearable device
CN109861817A (en) Generate method, apparatus, system, equipment and the medium of key
CN110675253A (en) Block chain-based exclusive digital asset trusted keeping and transferring device and method
CN109359977A (en) Network communication method, device, computer equipment and storage medium
CN109995781A (en) Transmission method, device, medium and the equipment of data
CN110135175A (en) Information processing, acquisition methods, device, equipment and medium based on block chain
CN114070614B (en) Identity authentication method, apparatus, device, storage medium and computer program product
CN110708162B (en) Resource acquisition method and device, computer readable medium and electronic equipment
KR20180127384A (en) Authorization methods and devices for joint accounts, and authentication methods and devices for joint accounts
CN110942382A (en) Electronic contract generating method and device, computer equipment and storage medium
CN114500069A (en) Method and system for storing and sharing electronic contract
CN110445757A (en) Personnel information encryption method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1251093

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant