CN108777620B - Data transmission method and device, mobile terminal and storage medium - Google Patents

Data transmission method and device, mobile terminal and storage medium Download PDF

Info

Publication number
CN108777620B
CN108777620B CN201810550254.9A CN201810550254A CN108777620B CN 108777620 B CN108777620 B CN 108777620B CN 201810550254 A CN201810550254 A CN 201810550254A CN 108777620 B CN108777620 B CN 108777620B
Authority
CN
China
Prior art keywords
data
ciphertext
end page
decryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810550254.9A
Other languages
Chinese (zh)
Other versions
CN108777620A (en
Inventor
李建军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN201810550254.9A priority Critical patent/CN108777620B/en
Publication of CN108777620A publication Critical patent/CN108777620A/en
Application granted granted Critical
Publication of CN108777620B publication Critical patent/CN108777620B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to the field of internet data transmission, and in particular, to a data transmission method, apparatus, mobile terminal, and storage medium. A data transmission method, the data transmission method comprising: constructing a front-end page, wherein the front-end page has a cross-platform characteristic and is used for interacting with a back-end system; deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generation system in cooperation with the encryption and decryption rules, wherein the key generation system is used for generating keys and managing the keys; generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination; and receiving the ciphertext transmitted by the front-end page, and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules. The decoupling of data interaction between back-end systems is realized, the occupation of transmission channel resources is avoided, and the flow pressure is reduced; the safety of data transmission is enhanced; the data is not easy to crack violently.

Description

Data transmission method, device, mobile terminal and storage medium
Technical Field
The present invention relates to the field of internet data transmission, and in particular, to a data transmission method, apparatus, mobile terminal, and storage medium.
Background
The existing data transmission between different systems is usually completed by directly calling an intranet interface between the systems. When one system has edition modification, other relevant systems need to be informed in time, and the other systems can ensure stable and effective transmission process in mutual data transmission according to corresponding adjustment of the edition modification condition, and moreover, interface calling needs to be performed with sound fault-tolerant processing in advance. The defects of completing data transmission by using an intranet interface mainly include:
(1) The data interaction among all systems is easy to generate a coupling phenomenon to generate flow pressure;
(2) The confidentiality in the transmission process is weak, and the data security is poor;
(3) The cross-platform performance is poor, and the change of a single system must force any system which is in data interaction association with the single system to make corresponding change so as to complete the subsequent effective data transmission.
Disclosure of Invention
The invention aims to solve the problems that when a front-end system and a plurality of back-end systems transmit data through an intranet interface based on the traditional data transmission method, the data coupling phenomenon among the back-end systems is easily caused, the flow pressure is increased, and the maintenance cost is high; the problem that the another system cannot be correspondingly adjusted to cause unpredictable errors in data interaction between the another system and the another system due to the fact that the any system cannot be effectively and timely informed of the revision condition is solved by the data transmission method, the device, the mobile terminal and the storage medium.
A data transmission method comprises the following specific steps: s1: constructing a front-end page, wherein the front-end page has a cross-platform characteristic and is used for interacting with a back-end system; s2: deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generation system in cooperation with the encryption and decryption rules, wherein the key generation system is used for generating keys and managing the keys; s3: generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination; s4: and receiving the ciphertext sent by the front-end page, and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
In one embodiment, the S1 includes: s101: calling a scripting language with cross-platform characteristics to generate a front-end page interacted with a back-end system; s102: adding a data interface for interacting with the front-end page in any one back-end system; s103: adding an interface for calling back-end system data in the front-end page; s104: and calling a data interface of any back-end system in the front-end page, and judging whether the connection function of the data transmission established between the front-end page and the back-end system is normal or not through testing.
In one embodiment, the S104 includes: s10401: if the connection function of the front-end page and the back-end for establishing data transmission is normal, carrying out the next step; s10402: and if the connection function of the front-end page and the back-end for establishing data transmission is abnormal, outputting corresponding error information to the front-end page.
In one embodiment, the step S2 includes: s201: deploying a set of encryption and decryption rules supported by any back-end system in the back-end system, wherein the encryption and decryption rules comprise an encryption algorithm and a corresponding decryption algorithm, and a key used as an encryption and decryption parameter is arranged in the encryption algorithm and the decryption algorithm; s202: and setting a key generation system for generating the key, wherein the key is one of the parameters used when the encryption algorithm encrypts the plaintext into the ciphertext, and the key is one of the parameters used when the decryption algorithm decrypts the ciphertext into the plaintext.
In one embodiment, the step S3 includes: s301: the front-end page calls a data interface of a back-end system serving as a data source and sends a data transmission request to the back-end system; s302: according to the request of the front-end page, the back-end system sends a request to a key generation system, the key generation system generates a key according to the request, and the generated key is returned to the back-end system; s303: and the back-end system receives the key and uses the key as a parameter of an encryption algorithm in the encryption and decryption rule to encrypt data requested by the front-end page to form a ciphertext, and the ciphertext is used as a response and fed back to the front-end page.
In one embodiment, step S4 comprises: s401: when receiving data, the back-end system interacts with the front-end page and establishes a data transmission channel, and the front-end page calls a data interface of the back-end system and transmits a ciphertext with a timestamp to the back-end system for receiving the data; s402: and after receiving the ciphertext, the back-end system sends a request to the key generation system to acquire the key and decrypt the ciphertext received from the front-end page into plaintext data.
In one embodiment, when the backend system decrypts the ciphertext, after the decryption fails, the backend system of the data destination requests the key generation system to decrypt the ciphertext again after obtaining the key, when the decryption failure times are accumulated to a certain number, the backend system feeds back decryption failure information to the front-end page, when the backend system decrypts the ciphertext, after the decryption succeeds, the backend system further determines whether the timestamp attached to the ciphertext is within the error allowable range, and the determining step includes: s40201: if the timestamp attached to the data is not within the error allowable range, returning error reporting information of the timestamp error; s40202: if the timestamp attached to the data is within the error allowable range, the back-end system successfully receives the data, the back-end system feeds back the condition of successful decryption to the front-end page, and the front-end page records the data receiving condition, so that the data is safely transmitted.
Based on the same technical concept, the invention also provides a data transmission device which comprises a front-end page construction unit, a key system setting unit, an encrypted data transmission unit and a data receiving unit.
The front-end page construction unit is used for constructing a front-end page, and the front-end page has a cross-platform characteristic and is used for interacting with a back-end system; the key system setting unit is used for deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generating system matched with the encryption and decryption rules, wherein the key generating system is used for generating keys and managing keys; the transmission encrypted data unit is used for generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination; and the receiving data unit is used for receiving the ciphertext transmitted by the front-end page and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
Based on the same technical concept, the invention also provides a mobile terminal, which comprises:
a touch-sensitive display; a memory; one or more processors;
the one or more processors are configured to perform the steps of the above-described data transmission method.
Based on the same technical concept, the present invention also provides a storage medium storing computer-readable instructions, which, when executed by one or more processors, cause the one or more processors to perform the steps of the above data transmission method.
Compared with each back-end service system with data interaction requirements, the data transmission method, the data transmission device, the mobile terminal and the storage medium construct a front-end page with cross-platform characteristics to achieve a cross-platform effect of data interaction among a plurality of back-end systems; a set of encryption and decryption rules are deployed in each back-end system, each back-end system supports the encryption and decryption rules, a key generation system is set in cooperation with the encryption and decryption rules and is used for generating and managing keys, and the generated keys are used as execution parameters for encryption or decryption after being called by the encryption and decryption algorithms supported by the encryption and decryption rules, so that transmitted data can be encrypted according to the keys and the encryption algorithms, or received data can be decrypted according to the keys and the decryption algorithms; when each back-end system transmits data, firstly confirming the interaction with a front-end page and establishing a data transmission channel, calling a data interface of a system serving as a data source in the back-end system by the front-end page, acquiring encrypted data after response, and transmitting the encrypted data serving as transmission parameters to the back-end system serving as a data destination, thereby completing the encryption and transmission of the data; when each back-end system receives data, firstly, the interaction with a front-end page is confirmed and a data transmission channel is established, at the moment, the front-end page calls a data interface of a system serving as a data destination in the back-end system to obtain a ciphertext with a time stamp transmitted to the data destination after response, and the destination back-end system decrypts the ciphertext into a plaintext by using a key and a decryption algorithm after receiving the ciphertext, so that the data transmission between different back-end systems is completed.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention.
FIG. 1 is a flow chart of an overall implementation of data transmission according to an embodiment of the present invention;
FIG. 2 is a flow diagram of the construction of a front end page in one embodiment of the present invention;
FIG. 3 is a flowchart illustrating a method for determining whether a connection between a front-end page and a backend system is normal according to an embodiment of the present invention;
FIG. 4 is a flow chart of a system for setting keys in accordance with an embodiment of the present invention;
FIG. 5 is a flow chart of encrypting and transmitting encrypted data according to an embodiment of the present invention;
FIG. 6 is a flow chart of receiving and decrypting data in one embodiment of the invention;
FIG. 7 is a flowchart illustrating an embodiment of the present invention for determining whether a timestamp is within an error tolerance;
FIG. 8 is a block diagram of a data transfer device according to an embodiment of the present invention;
fig. 9 is a schematic block diagram of an embodiment of a structure of a mobile terminal part according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of an overall implementation of data transmission in an embodiment of the present invention, and as shown in the figure, the data transmission method includes the following steps:
s1: constructing a front-end page, the front-end page having a cross-platform characteristic, for interacting with a backend system.
The front-end page construction needs to download the React installation package, firstly, the webpage source code of the React is used, and the structure is as follows:
< | A! DOCTYPEhtml > < html > < head > < script src = ">/build/act.js" >/build/act-dom.js "> < script src =" >/build/browser.min.js "> < script > < body > < digit =" example "> < script type =" text/baby ">// user code > </body >/html.
The type attribute of the last < script > tag is text/babel. This is because the JSX syntax unique to act is not compatible with JavaScript. Wherever JSX is used, type = "text/babel" is added. Second, the above code one shares three libraries: js, exact-dom.js and browser.js, which must be loaded first. Js is a core library of the fact, contact-DOM is a function related to the DOM, browser is used for converting the JSX grammar into the JavaScript grammar, and the step is time-consuming and should be completed by being put to a server when the browser is actually online.
And secondly, performing syntax transformation on the js file of the src subdirectory, and putting all the transcoded files in the built subdirectory $ babelsrc-out-dirguild.
And finally, rendering is converted into html nodes so as to facilitate the operation of dom: render is the most basic method of reach to translate templates into HTML language and insert the designated DOM nodes. Here, the insertion hello world is taken as an example to illustrate:
ReactDOM.render(<h1>Helloworld!</h1>,document.getElementById('example'))。
s2: and deploying a set of encryption and decryption rules supported by the back-end system, and setting a key generation system in cooperation with the encryption and decryption rules, wherein the key generation system is used for generating keys and managing the keys.
The MAC address filtering can specify that some MAC addresses can access the wireless network but others cannot, and the function of the 'independent key' can specify an independent key for a single MAC, and the key only can be used by a network card with the MAC address, and other network cards cannot be used, so that certain safety is increased. Opening wireless setting- > ' MAC address filtering ', adding a new entry on a ' MAC address filtering ' page ', wherein the following interfaces are interfaces filled with parameters:
the "MAC address" parameter we fill in the MAC address 00-0A-EB-88-65-06 of TL-WN620G in this example, and the "type" can be selected as "allow"/"inhibit"/"64-bit key"/"128-bit key"/"152-bit key", in this example, 64-bit key. "allow" and "disallow" simply allow or disallow the passage of a certain MAC address, which is the same as the previous MAC address function, and is not considered to be a point of importance here. The 'key' is filled in 10 bits of AAAAAAAAAA, and no 'key format selection' is provided, and only '16-system' input is supported. The "status" selection takes effect. And finally clicking the storage, returning to the upper-level interface after the storage, wherein the state of the MAC address filtering function is opened, if the MAC address filtering function is closed, the right button becomes an open filter, and clicking the button to open the function.
S3: and generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination.
And the transmission of the encrypted data realizes the data exchange between the front-end page and the back-end system by connecting the same table of the same database server. When the front-end page requests the back-end system to process data, the front-end page Insert one piece of data and the back-end system select front-end page Insert data are processed.
S4: and receiving the ciphertext transmitted by the front-end page, and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
And the decryption is carried out on the ciphertext by using the key used for encryption and an inverse algorithm of the same algorithm to obtain readable plaintext.
Fig. 2 is a flowchart of constructing a front-end page according to an embodiment of the present invention, and as shown in the drawing, the step S1 includes steps S101 to S104:
s101: and calling a script language with cross-platform characteristics to generate a front-end page interacted with the back-end system.
The front-end page is provided with a data interface which is mutually interacted with the back-end system, and when data transmission is carried out between the systems, the interaction between the systems is completed through the connection between the interface of the front-end page and the interface of the back-end system.
S102: and adding a data interface for interacting with the front-end page in any back-end system.
And adding a data interface which is mutually interacted with the front end page in the back end system, and finishing the interaction between the systems through the connection between the interface of the front end page and the interface of the back end system when the data transmission is carried out between the systems.
S103: and adding an interface for calling the data of the back-end system in the front-end page.
And adding a data interface button in the front-end page, and connecting the data interface button to the domain name address of the interface of the back-end data in a hyperlink mode to call the data interface of the back-end system by the front-end page.
S104: and calling a data interface of any back-end system in the front-end page, and judging whether the connection function of the data transmission established between the front-end page and the back-end system is normal or not through testing.
And calling a data interface of the back-end system through the data interface of the front-end page, and judging whether the data transmission function between the front-end page and the back-end system is normal or not through a test experiment.
Fig. 3 is a flowchart illustrating a step 104 of determining whether the connection between the front-end page and the backend system is normal according to an embodiment of the present invention, where as shown in the figure, the step 10401 to the step 10402:
s10401: and if the connection function of the front-end page and the back-end for establishing data transmission is normal, carrying out the next work.
And through the judgment of a test experiment, if the function between the front-end page data interface and the back-end system data interface is normal, the next operation is smoothly carried out.
S10402: and if the connection function of the data transmission established between the front-end page and the rear end is abnormal, outputting corresponding error information to the front-end page.
Through the judgment of a test experiment, if the function between the front-end page data interface and the back-end system data interface is abnormal, the system sends an error report.
Fig. 4 is a flowchart of a system for setting a key according to an embodiment of the present invention, and as shown in the figure, the step S2 includes steps S201 to S202:
s201: a set of encryption and decryption rules supported by any back-end system are deployed in the back-end system, the encryption and decryption rules comprise an encryption algorithm and a corresponding decryption algorithm, and a key used as an encryption and decryption parameter is arranged in the encryption algorithm and the decryption algorithm.
Selecting a system supporting encryption and decryption rules, adding a set of encryption and decryption algorithms, wherein the encryption and decryption algorithms comprise encryption algorithms, and appointing a set of decryption algorithms corresponding to the encryption algorithms; the key is used for encrypting data into ciphertext and decrypting the same data into plaintext.
S202: and setting a key generation system for generating the key, wherein the key is one of the parameters used when the encryption algorithm encrypts the plaintext into the ciphertext, and the key is one of the parameters used when the decryption algorithm decrypts the ciphertext into the plaintext.
The key generation system is used for generating keys for encrypting data and decrypting data, the keys are used as parameters, data to be transmitted are encrypted into ciphertext, and data received by the back-end system are decrypted into plaintext.
Fig. 5 is a flowchart of an embodiment of the present invention for encrypting and transmitting encrypted data, and as shown in the figure, the step S3 includes steps S301 to S303:
s301: the front-end page calls a data interface of a back-end system serving as a data source and sends a data transmission request to the back-end system.
The back-end system is used as a data source, and a data interface of the back-end system is called through a front-end page to realize sending a data transmission request to the back-end system.
S302: and according to the request of the front-end page, the back-end system sends a request to the key generation system, and the key generation system generates a key according to the request and returns the generated key to the back-end system.
The back-end system sends a request for generating the key to the key generation system according to the request of the front-end page, and the key generation system generates the key according to the request of the back-end system and transmits the key to the back-end system.
S303: and the back-end system receives the key and then uses the key as a parameter of an encryption algorithm in the encryption and decryption rule to encrypt the data requested by the front-end page to form a ciphertext, and uses the ciphertext as a response to feed back the ciphertext to the front-end page.
The back-end system encrypts data to be transmitted by using the key to form a scrambled ciphertext, and feeds the encrypted ciphertext back to the front-end page. A key updating mechanism is arranged in the key generating system, and the key is updated regularly by setting an updating period so as to reduce the probability that the transmitted ciphertext is cracked violently;
fig. 6 is a flowchart of an embodiment of the present invention, wherein the step SS includes steps S401 to S403:
s401: and when receiving data, the back-end system interacts with the front-end page and establishes a data transmission channel, and the front-end page calls a data interface of the back-end system and transmits the ciphertext with the timestamp to the back-end system for receiving the data.
And the back-end system establishes a data transmission channel for data transmission between the front-end page and the back-end system after confirming the correct front-end page, the front-end page attaches a time stamp to the obtained encrypted data, and the data attached with the time stamp is transmitted to the back-end system through the transmission channel.
S402: and after receiving the ciphertext, the back-end system sends a request to the key generation system to acquire the key and decrypt the ciphertext received from the front-end page into plaintext data.
After the back-end system successfully receives the ciphertext, a request for acquiring the key is sent to the key generation system to acquire the key, the key is used for decrypting the encrypted data and acquiring a readable plaintext, whether the decrypted data is decrypted successfully or not needs to be judged, whether a timestamp attached to the data is within an error allowable range or not is judged, the error allowable range of the timestamp is automatically set by personnel, the front-end page and the back-end system are located in the same time zone, the back-end system transmits the ciphertext to the front-end page after attaching the timestamp, and the format of the timestamp is as follows: second, hour day, month and year. If the front-end page and the back-end system are located in different time zones, a timestamp attached to the ciphertext is generated after a timestamp of a time zone difference is added to or subtracted from a timestamp generated by local time;
whether different back-end systems are used as data sources or data destinations, due to the existence of time difference or transmission delay and other reasons, the two systems cannot be completely synchronized when acquiring keys, and in order to prevent the occurrence of decryption failure caused by key asynchronism, the following convention is made for encryption and decryption rules: the back-end system of the data source destination is allowed to decrypt by using several versions of keys which are most recent in time, and the decryption succeeds when any one key is decrypted.
Fig. 7 is a flowchart illustrating a process of determining whether the timestamp is within the error tolerance according to an embodiment of the present invention, where in step S402, when the backend system decrypts the ciphertext, after the decryption fails, the backend system of the data destination requests the key generation system to obtain the key again to decrypt the ciphertext, and when the decryption failure times are accumulated to a certain number, the backend system feeds back decryption failure information to the front-end page; in step S402, when the back-end system decrypts the ciphertext, and after the decryption is successful, it further determines whether the timestamp attached to the ciphertext is within the error tolerance, where the determining step includes: the step S402 includes steps S40201 to 40204:
s40201: if the timestamp attached to the data is not in the error allowable range, returning error reporting information of timestamp errors.
And for the ciphertext transmitted to the back-end system, if the decrypted data is unsuccessful and the readable plaintext is not obtained, the back-end system sends out an error prompt and reports error information.
S40202: if the timestamp attached to the data is within the error allowable range, the back-end system successfully receives the data, the back-end system feeds back the condition of successful decryption to the front-end page, and the front-end page records the data receiving condition, so that the data is safely transmitted.
And for the ciphertext transmitted to the back-end system, if the data is decrypted successfully and the readable plaintext is obtained, whether the attached timestamp is in the error allowable range is continuously judged.
If the front-end page and the back-end system are located in the same time zone, the timestamp format is as follows: second, hour, day-month-year; if the front-end page and the back-end system are located in different time zones, a time stamp used for being attached to the ciphertext is generated after the time stamp generated by the local time is added with or subtracted from the time stamp with the time zone difference; and according to the range of the set time stamp, if the time stamp is judged not to be in the error allowable range, returning the time stamp and reporting error information. If the attached time stamp is within the error tolerance range, the back-end system successfully receives the data.
Based on the same technical concept, an embodiment of the present invention further provides a data transmission method, and as shown in fig. 8, the data transmission apparatus includes a front-end page construction unit, a key setting system unit, an encrypted data transmission unit, and a data reception unit.
The front-end page building unit is used for building a front-end page, and the front-end page has a cross-platform characteristic and is used for interacting with a back-end system;
the key system setting unit is used for deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generating system matched with the encryption and decryption rules, wherein the key generating system is used for generating keys and managing keys;
the transmission encrypted data unit is used for generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination;
and the receiving data unit is used for receiving the ciphertext transmitted by the front-end page and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
Based on the same technical concept, the present invention further provides a mobile terminal for implementing a data transmission method, as shown in fig. 9, for convenience of description, only a portion 20 related to the embodiment of the present invention is shown, and specific technical details are not disclosed, please refer to the method portion of the embodiment of the present invention. The terminal may be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of Sales), a vehicle-mounted computer, etc., taking the mobile terminal as the mobile phone as an example:
fig. 9 is a block diagram illustrating a part of a mobile phone related to a mobile terminal according to an embodiment of the present invention. Referring to fig. 9, the handset includes: baseband processing module 410, memory 420, input unit 430, display unit 440, sensor 450, audio circuit 460, wireless Fidelity (WiFi) module 470, processor 480, and power supply 490. Those skilled in the art will appreciate that the handset configuration shown in fig. 9 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
The baseband processing module 410 may be used to synthesize a baseband signal to be transmitted or decode a received baseband signal. Specifically, the audio signal is compiled into a baseband code for transmission when being transmitted; upon reception, the received baseband code is interpreted as an audio signal. Meanwhile, it is also responsible for compiling address information, text information (short message text, website and text), and picture information.
The memory 420 may be used to store software programs and modules, and the processor 480 executes various functional applications and data processing of the mobile phone by operating the software programs and modules stored in the memory 420. The memory 420 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, etc. Further, the memory 420 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The input unit 430 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the cellular phone. Specifically, the input unit 430 may include a touch panel 431 and other input devices 432. The touch panel 431, also called a touch screen, can collect the touch operation of the user on or near the touch panel 431 (for example, the operation of the user on or near the touch panel 431 by using any suitable object or accessory such as a finger, a stylus, etc.), and drive the corresponding connection device according to a preset program. Alternatively, the touch panel 431 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 480, and receives and executes commands sent from the processor 480. In addition, the touch panel 431 may be implemented in various types, such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. The input unit 430 may include other input devices 432 in addition to the touch panel 431. In particular, other input devices 432 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 440 may be used to display information input by the user or information provided to the user and various menus of the cellular phone. The Display unit 440 may include a Display panel 441, and optionally, the Display panel 441 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel 431 may cover the display panel 441, and when the touch panel 431 detects a touch operation on or near the touch panel 431, the touch panel is transmitted to the processor 480 to determine the type of the touch event, and then the processor 480 provides a corresponding visual output on the display panel 441 according to the type of the touch event. Although the touch panel 431 and the display panel 441 are shown in fig. 9 as two separate components to implement the input and output functions of the mobile phone, in some embodiments, the touch panel 431 and the display panel 441 may be integrated to implement the input and output functions of the mobile phone.
The handset may also include at least one sensor 450, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that adjusts the brightness of the display panel 441 according to the brightness of ambient light, and a proximity sensor that turns off the display panel 441 and/or the backlight when the mobile phone is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer and tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.
Audio circuit 460, speaker 461, microphone 462 may provide an audio interface between the user and the cell phone. The audio circuit 460 may transmit the electrical signal converted from the received audio data to the speaker 461, and convert the electrical signal into a sound signal for output by the speaker 461; on the other hand, the microphone 462 converts the collected sound signal into an electrical signal, which is received by the audio circuit 460 and converted into audio data, which is then processed by the audio data output processor 480 and then transmitted to, for example, another cellular phone via the RF circuit 410, or output to the memory 420 for further processing.
WiFi belongs to short-distance wireless transmission technology, and the mobile phone can help a user to receive and send e-mails, browse webpages, access streaming media and the like through the WiFi module 470, and provides wireless broadband Internet access for the user. Although fig. 9 shows the WiFi module 470, it is understood that it does not belong to the essential constitution of the handset, and may be omitted entirely as needed within the scope not changing the essence of the invention.
The processor 480 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 420 and calling data stored in the memory 420, thereby integrally monitoring the mobile phone. Optionally, processor 480 may include one or more processing units; preferably, the processor 480 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 480.
The handset also includes a power supply 490 (e.g., a battery) for powering the various components, which may preferably be logically connected to the processor 480 via a power management system, so that the power management system may perform functions such as managing charging, discharging, and power consumption.
Although not shown, the mobile phone may further include a camera, a bluetooth module, etc., which are not described herein.
In the embodiment of the present invention, the processor 480 included in the terminal may execute the steps of the data transmission method in the foregoing embodiment.
Based on the same technical concept, the present invention also provides a storage medium storing computer-readable instructions, which when executed by one or more processors, cause the one or more processors to perform the steps of the data transmission method in the above embodiments.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), random Access Memory (RAM), magnetic or optical disks, and the like.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by hardware that is instructed to implement by a program, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above embodiments only express some exemplary embodiments of the present invention, and the description thereof is specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent should be subject to the appended claims.

Claims (10)

1. A data transmission method, characterized in that the data transmission method comprises:
s1: constructing a front-end page, wherein the front-end page has a cross-platform characteristic and is used for interacting with a back-end system;
s2: deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generation system in cooperation with the encryption and decryption rules, wherein the key generation system is used for generating keys and managing the keys;
s3: deploying MAC address filtering rules on the back-end system, and adding a preset white list for the MAC address filtering function, wherein the white list comprises a plurality of MAC addresses which can be edited by a background;
s4: judging whether the MAC address for logging in the front-end page is in a white list or not;
s5: if not, rejecting the interaction request of the front-end page and the back-end system;
s6: if so, generating a ciphertext by using a key generation system and an encryption and decryption rule, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination;
s7: and receiving the ciphertext transmitted by the front-end page, and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
2. A data transmission method according to claim 1, wherein said step S1 comprises:
s101: calling a scripting language with cross-platform characteristics to generate a front-end page interacted with a back-end system;
s102: adding a data interface for interacting with the front-end page in any back-end system;
s103: adding an interface for calling back-end system data in the front-end page;
s104: and calling a data interface of any back-end system in the front-end page, and judging whether the connection function of the data transmission established between the front-end page and the back-end system is normal or not through testing.
3. A data transmission method according to claim 2, wherein said S104 comprises:
s10401: if the connection function of the data transmission established between the front-end page and the rear end is normal, performing the next step;
s10402: and if the connection function of the front-end page and the back-end for establishing data transmission is abnormal, outputting corresponding error information to the front-end page.
4. A data transmission method according to claim 1, wherein said step S2 comprises:
s201: a set of encryption and decryption rules supported by any back-end system are deployed in the back-end system, the encryption and decryption rules comprise an encryption algorithm and a corresponding decryption algorithm, and a key used as an encryption and decryption parameter is arranged in the encryption algorithm and the decryption algorithm;
s202: and setting a key generation system for generating the key, wherein the key is one of the parameters used when the encryption algorithm encrypts the plaintext into the ciphertext, and the key is one of the parameters used when the decryption algorithm decrypts the ciphertext into the plaintext.
5. A data transmission method according to claim 1, wherein said step S6 comprises:
s601: the front-end page calls a data interface of a back-end system serving as a data source and sends a data transmission request to the back-end system;
s602: according to the request of the front-end page, the back-end system sends a request to a key generation system, and the key generation system generates a key according to the request and returns the generated key to the back-end system;
s603: and the back-end system receives the key and then uses the key as a parameter of an encryption algorithm in the encryption and decryption rule to encrypt the data requested by the front-end page to form a ciphertext, and uses the ciphertext as a response to feed back the ciphertext to the front-end page.
6. A data transmission method according to claim 1, wherein said step S7 comprises:
s701: when receiving data, the back-end system interacts with the front-end page and establishes a data transmission channel, and the front-end page calls a data interface of the back-end system and transmits a ciphertext with a timestamp to the back-end system for receiving the data;
s702: and after receiving the ciphertext, the back-end system sends a request to the key generation system to acquire the key and decrypt the ciphertext received from the front-end page into plaintext data.
7. The data transmission method according to claim 6, wherein in step S702, when the backend system decrypts the ciphertext, after the decryption fails, the backend system of the data destination requests the key generation system again to obtain the key and then decrypts the ciphertext, and when the decryption failure times are accumulated to a certain number, the backend system feeds back the decryption failure information to the front-end page;
in step S702, when the backend system decrypts the ciphertext, and after the decryption is successful, it further determines whether the timestamp attached to the ciphertext is within the error tolerance, where the determining step includes:
s70201: if the timestamp attached to the data is not within the error allowable range, returning error reporting information of the timestamp error;
s70202: if the timestamp attached to the data is within the error allowable range, the back-end system successfully receives the data, the back-end system feeds back the condition of successful decryption to the front-end page, and the front-end page records the data receiving condition, so that the data is safely transmitted.
8. A data transmission device is characterized by comprising a front-end page construction unit, a key system setting unit, an encrypted data transmission unit and a data receiving unit:
the front-end page building unit is used for building a front-end page, and the front-end page has a cross-platform characteristic and is used for interacting with a back-end system;
the key system setting unit is used for deploying a set of encryption and decryption rules supported by a back-end system, and setting a key generating system matched with the encryption and decryption rules, wherein the key generating system is used for generating keys and managing keys; deploying MAC address filtering rules on the back-end system, and adding a preset white list for the MAC address filtering function, wherein the white list comprises a plurality of MAC addresses which can be edited by a background; judging whether the MAC address for logging in the front-end page is in a white list or not; if not, rejecting the interaction request of the front-end page and the back-end system;
the transmission encrypted data unit is used for generating a ciphertext by using a key generation system and an encryption and decryption rule if the transmission encrypted data unit is true, and transmitting the ciphertext serving as a transmission parameter to a front-end page serving as a data destination;
and the receiving data unit is used for receiving the ciphertext transmitted by the front-end page and decrypting the ciphertext into a plaintext by using the key generation system and the encryption and decryption rules.
9. A mobile terminal, comprising:
a touch-sensitive display;
a memory;
one or more processors;
the one or more processors are configured for performing the steps of the data transmission method according to any one of claims 1 to 7.
10. A storage medium having stored thereon computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the data transmission method of any one of claims 1 to 7.
CN201810550254.9A 2018-05-31 2018-05-31 Data transmission method and device, mobile terminal and storage medium Active CN108777620B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810550254.9A CN108777620B (en) 2018-05-31 2018-05-31 Data transmission method and device, mobile terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810550254.9A CN108777620B (en) 2018-05-31 2018-05-31 Data transmission method and device, mobile terminal and storage medium

Publications (2)

Publication Number Publication Date
CN108777620A CN108777620A (en) 2018-11-09
CN108777620B true CN108777620B (en) 2023-04-07

Family

ID=64028317

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810550254.9A Active CN108777620B (en) 2018-05-31 2018-05-31 Data transmission method and device, mobile terminal and storage medium

Country Status (1)

Country Link
CN (1) CN108777620B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417860A (en) * 2019-06-21 2019-11-05 深圳壹账通智能科技有限公司 File transfer management method, apparatus, equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9397828B1 (en) * 2014-05-13 2016-07-19 Google Inc. Embedding keys in hardware

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1310464C (en) * 2002-09-24 2007-04-11 黎明网络有限公司 Method for safe data transmission based on public cipher key architecture and apparatus thereof
CN101098225B (en) * 2006-06-29 2012-07-25 中国银联股份有限公司 Safety data transmission method and paying method, paying terminal and paying server
CN103944890B (en) * 2014-04-08 2017-03-08 山东乾云启创信息科技股份有限公司 Virtual interaction system based on customer end/server mode and method
CN105071922A (en) * 2015-08-25 2015-11-18 浙江汇信科技有限公司 Method of using cryptographic equipment by JAVASCRIPT
CN105827408A (en) * 2015-12-03 2016-08-03 中国航天系统工程有限公司 Timestamp technique-based industrial network security transmission method
US10261919B2 (en) * 2016-07-08 2019-04-16 Hewlett Packard Enterprise Development Lp Selective memory encryption
CN106293743A (en) * 2016-08-11 2017-01-04 上海泛微网络科技股份有限公司 A kind of mobile modeling and build Mobile solution the method realizing cross-platform issue
CN107770377A (en) * 2017-10-17 2018-03-06 广东广业开元科技有限公司 A kind of method of the establishment interactive voice mobile phone news client based on HTML5
CN107895120B (en) * 2017-11-06 2020-08-28 聚好看科技股份有限公司 Data processing method and device in cross-platform application, electronic equipment and storage medium
CN107908933B (en) * 2017-11-08 2020-08-28 北京顶象技术有限公司 Character string encryption method based on intermediate language

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9397828B1 (en) * 2014-05-13 2016-07-19 Google Inc. Embedding keys in hardware

Also Published As

Publication number Publication date
CN108777620A (en) 2018-11-09

Similar Documents

Publication Publication Date Title
CN106415501B (en) Companion application for campaign collaboration
CN108769027B (en) Secure communication method, device, mobile terminal and storage medium
US20160191355A1 (en) Presenting execution of a remote application in a mobile device native format
US20150319173A1 (en) Co-verification method, two dimensional code generation method, and device and system therefor
US20130212486A1 (en) Context determination for mobile devices when accessing remote resources
EP2187330A1 (en) Method and apparatus for encrypting user data
CN104954126B (en) Sensitive operation verification method, device and system
CN111597542B (en) Verification information sharing method and device, electronic equipment and storage medium
CN108124016B (en) Method and device for sending POST (POST on POST) request
WO2019001348A1 (en) Object interception method, terminal, server and storage medium
CN109428871B (en) Defense strategy determination method and device
CN109801136B (en) Food ordering method, system, terminal, server and medium for preventing malicious ordering
CN111600931A (en) Information sharing method and electronic equipment
WO2019179068A1 (en) Risk detection method and device, and mobile terminal and storage medium
WO2015003636A1 (en) Method and device for interception of page elements
JP2017017559A (en) Communication system and program
US20080160960A1 (en) Remote processing device management
KR20150111028A (en) Electric contract apparatus, electric contract server and electric contract system thereof
CN107948278B (en) Information transmission method, terminal equipment and system
CN116541865A (en) Password input method, device, equipment and storage medium based on data security
CN113238868A (en) Task processing method, device, server, equipment, system and storage medium
CN109218082B (en) Network configuration parameter processing method, device and equipment
CN109086595B (en) Service account switching method, system, device and server
CN108777620B (en) Data transmission method and device, mobile terminal and storage medium
CN107577933B (en) Application login method and device, computer equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant