CN108924104B - E-government affair encryption and decryption method - Google Patents
E-government affair encryption and decryption method Download PDFInfo
- Publication number
- CN108924104B CN108924104B CN201810642814.3A CN201810642814A CN108924104B CN 108924104 B CN108924104 B CN 108924104B CN 201810642814 A CN201810642814 A CN 201810642814A CN 108924104 B CN108924104 B CN 108924104B
- Authority
- CN
- China
- Prior art keywords
- self
- user
- built system
- code
- music
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0872—Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Reverberation, Karaoke And Other Acoustics (AREA)
Abstract
The invention discloses a method for encrypting and decrypting electronic government affairs, which authenticates a self-built system firstly and then authenticates the user by presetting a self-built system authentication code, a user encryption code and a user decryption code, and allows the user to access the self-built system only after double authentications are passed, thereby realizing single-point login of a government affair service network and the self-built system, simultaneously ensuring the safety of the system, saving login time, improving the efficiency of handling government affair service items by the user and improving the satisfaction degree of the user; the self-built system is restrained through the self-built system authentication code, when the self-built system has problems, the government affair service network can unilaterally refuse the access of the self-built system by modifying the self-built system authentication code, and disputes existing in the butt joint of the self-built system and the government affair service network can be efficiently solved; the authentication code of the self-built system is more specific and innovative through specific time code, song name code and music character, and is prevented from being decrypted by other systems.
Description
Technical Field
The invention relates to the field of information systems, in particular to the field of electronic government affair identity authentication.
Background
With the development of electronic government affairs, different electronic government affairs need to log in different government affair systems, and a plurality of government affair systems are not very different in individuation and difference, so that a user logs in by mistake to cause bad results of time delay, time waste and the like, and the user is easy to be confused in several wrong government affair systems in a circulating mode.
At present, the state puts out the government affair service items to be transacted in one network, the network refers to gathering all the government affair service items of the whole province to one website for transacting, the network refers to the government affair service network, so that the government affair service items have an entrance for unified transaction on one network, and the transaction is also a self-built business system at each department.
However, in the prior art, after a user logs in the one-network platform, identity authentication is also performed, but when the user transacts a business, identity authentication needs to be performed again after discovering, which brings bad experience to the user and cannot realize single sign-on.
Disclosure of Invention
The embodiment of the invention aims to provide a method for encrypting and decrypting electronic government affairs, and aims to solve the technical problem that single sign-on cannot be realized in the prior art.
The embodiment of the invention is realized in such a way that an electronic government affair encryption method comprises the following steps:
presetting a self-built system authentication code and a user encryption code;
obtaining login request information and user information of a user requesting to login the self-built system;
generating a self-built system authentication code of the current time according to the self-built system authentication code, and sending the self-built system authentication code of the current time to a self-built system;
acquiring an instruction of successful authentication of the self-built system, encrypting the user information according to the user encryption code, and sending the user information to the self-built system;
and acquiring a command of successful user authentication, and allowing the user to log in the self-built system.
Preferably, the self-built system authentication code comprises a time code, a song name code and a music character;
the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour, 2 bits of second;
the 3-bit song name coding means that the music score of N songs is circularly arranged, and 3-bit digital sequence is used for numbering each song;
the music characters are used for converting the music score into music characters according to high pitch, middle pitch and low pitch in the music score after cyclic arrangement;
the user encryption coding refers to that the user information is coded according to the following steps: the rule of "account length" + "&" + "password length" + "_" + "one-account one-password order cross and case interchange" cryptographically generated codes from left to right.
Preferably, the music characters are: the high tone characters are represented by the capital letters A, B, C, D, E, F, G, the middle tone characters are represented by the numerals 1, 2, 3, 4, 5, 6, 7, and the low tone characters are represented by the lower case letters a, b, c, d, e, f, g.
Preferably, the step of generating the self-established system authentication code of the current time according to the self-established system authentication code and sending the self-established system authentication code of the current time to the self-established system specifically comprises:
acquiring a current time as a first time, and converting the first time into a 14-bit time code;
randomly acquiring continuous 30-bit music characters and 3-bit song name codes corresponding to the first music characters in the 30-bit music characters;
and sending the 14-bit time code, the 3-bit song name code and the 30-bit music character to a self-built system.
The invention also provides a method for decrypting electronic government affairs, which comprises the following steps:
presetting a self-built system authentication code and a user decryption code;
acquiring a self-built system authentication code of the current time;
according to the self-built system authentication code, if the self-built system authentication code at the current time is successfully authenticated within S seconds, sending a command of successful self-built system authentication;
acquiring encrypted user information, and decrypting according to the user decryption code;
and when the decrypted user information is successfully authenticated, sending a user authentication success instruction, and allowing the user to log in the self-built system.
Preferably, the self-built system authentication code comprises a time code, a song name code and a music character;
the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour, 2 bits of second;
the 3-bit song name coding means that the music score of all songs are circularly arranged, and 3-bit digital sequence is used for numbering each song;
the music characters are used for converting the music score into music characters according to high pitch, middle pitch and low pitch in the music score after cyclic arrangement;
the user decryption code means that the received encrypted user information is sequentially processed from left to right according to the following steps: the rule of 'account length' + '&' + 'password length' + '__' + 'one-account one-password sequence cross and case interchanging' carries out the code generated by decryption.
Preferably, the step of sending the instruction that the authentication of the self-built system is successful if the authentication of the self-built system authentication code at the current time is successful within S seconds according to the self-built system authentication code specifically includes:
converting the 14-bit time code to a first time;
whether the 30 continuous music characters exist in the music characters searched from the music score of the song corresponding to the 3-bit song name code;
if so, acquiring the current time as a second time;
comparing whether the time difference between the second time and the first time is less than S seconds;
and if so, sending an instruction of successful authentication of the self-built system.
Preferably, S is 3 to 20.
N is a positive integer.
Preferably, the step of "comparing whether the time difference between the second time and the first time is less than S seconds" further comprises the steps of:
if not, sending an authentication overtime command of the self-built system.
Preferably, the step "when the decrypted user information is successfully authenticated, sending a user authentication success instruction, and allowing the user to log in the self-built system" further includes the steps of:
and when the decrypted user information fails to be authenticated, sending a user authentication failure instruction, and refusing the user to log in the self-built system.
The invention has the beneficial effects that:
according to the invention, the authentication code and the user encryption code of the self-built system are preset, so that double authentication is realized, namely, the authentication of the self-built system is firstly carried out, then the user authentication is carried out, and only after the double authentication is passed, the user is allowed to access the self-built system, so that the security of the system is ensured while the user logs in the government affair service network and the self-built system in a single point, and meanwhile, the user is prevented from repeatedly inputting a user name and a password and logging in the self-built system again, the user experience is improved, the logging time is saved, the efficiency of handling government affair service items by the user is improved, and the user satisfaction is improved; the self-built system is restricted through the self-built system authentication code, and the self-built system can be directly logged in through the government affair service network only if the self-built system is approved by the government affair service network, when the self-built system has problems and the government affair service network does not approve the capacity of the self-built system, the government affair service network can unilaterally refuse the access of the self-built system or refuse the self-built system to accept the government affair service matters of a user, so that the dispute existing in the butt joint of the self-built system and the government affair service network can be efficiently solved; the authentication code of the self-built system is more specific and innovative through specific time code, song name code and music character, and is prevented from being decrypted by other systems; the security coefficient of encryption is further improved by adding music characters; moreover, 30 music characters can be in the music score of the same song, and can also cross songs, thereby further improving the safety factor; and the safety of user information is further improved by presetting user encryption codes and user decryption codes.
Drawings
FIG. 1 is a flow chart of a method of electronic government encryption in accordance with an embodiment of the present invention;
fig. 2 is a flowchart of a method for e-government decryption in accordance with an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and examples, and for convenience of description, only parts related to the examples of the present invention are shown. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Example one
Fig. 1 is a flowchart illustrating a method for e-government encryption according to an embodiment of the present invention, the method including the steps of:
s101, presetting a self-built system authentication code and a user encryption code;
the self-building system refers to a self-building system of each government department, namely a decryption end of the invention;
in the electronic government affair unified identity authentication system, an encryption terminal is generally arranged in a government affair service network, and a decryption terminal is arranged in a self-built system;
the government affair service network (namely an encryption terminal) gathers all government affair service items, each government affair service item corresponds to different self-built systems, a user selects the self-built system where the government affair service item to be transacted is located by logging in the government affair service network, and inputs a corresponding user name and a corresponding password for authentication, and the authentication process is divided into two steps:
firstly, whether the self-built system is a mature and steady self-built system approved by the government affair service network or not is authenticated; when the self-built system is only in interface butt joint with the government affair service network but does not have specific business for handling the government affair service items or has problems in handling the specific business, the government affair service network can refuse the self-built system to process the specific business by modifying the authentication code of the self-built system;
secondly, after the government affair service network approves the specific business handling capacity of the self-built system, the self-built system can be authenticated by presetting the same self-built system authentication code as the self-built system, and then user information is encrypted according to the user encryption code and then is sent to the self-built system for identity authentication, so that two systems of single sign-on are realized;
the preset self-built system authentication code refers to a preset time code, a song name code and a music character;
presetting a time code, wherein the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour and 2 bits of second;
presetting music scores of N songs, circularly arranging the music scores, and enabling each song to correspond to 3-bit song name codes;
the 3-bit song name code means that 3-bit digital sequence is used for numbering each song, for example, the 3-bit song name code corresponding to the first song is 001, the 3-bit song name code corresponding to the first song is 002, and so on;
the cyclic arrangement means that the music score of a first song is followed by the music score of a second song, the music score of the second song is followed by the music score of a third song, and so on, and the music score of the Nth song is followed by the music score of the first song;
n is a positive integer;
converting the music score into music characters in advance according to the high pitch, the middle pitch and the low pitch in the music score after cyclic arrangement;
wherein, the capital letters A, B, C, D, E, F, G are used for representing high pitch characters, the numbers 1, 2, 3, 4, 5, 6 and 7 are used for representing middle pitch characters, and the lowercase letters a, b, c, d, e, f and g are used for representing low pitch characters;
after the step, the music score of each song is changed into music characters consisting of high-pitch characters, middle-pitch characters and low-pitch characters;
the preset user encryption code refers to the user information according to the following steps: the code generated by encrypting from left to right by the rule of 'account length' + '&' + 'password length' + '___' + 'one-account one-password sequence cross and case interchange' is the encrypted user information;
for example, the user information of a certain user includes a user name and a password, where the user name is: libY _123 with a password of 123qAz12345, and generating the encrypted user information according to the user encryption code is: 8&11_ L1I2B3yQ _ a1Z 223345;
s102, obtaining login request information and user information of a user requesting to login the self-built system;
the user login request information refers to the system name of the self-built system which the user requests to login;
the user information comprises a user name and a password of the user;
for example, if a user clicks 'market supervision authority' in a government affairs service network and inputs a user name and a password, the login request information is the market supervision authority, and the user information is the user name and the password;
s103, generating a self-built system authentication code of the current time according to the self-built system authentication code, and sending the self-built system authentication code of the current time to a self-built system, wherein the steps are as follows:
acquiring a current time as a first time, and converting the first time into a 14-bit time code;
randomly acquiring continuous 30-bit music characters and 3-bit song name codes corresponding to the first music characters in the 30-bit music characters;
transmitting the 14-bit time code, the 3-bit song name code and the 30-bit music character to a self-built system;
the current time refers to the time for acquiring the login request information of the user;
the 14-bit time code comprises 4 bits of time code 2, 2 minutes 2 bits of time code, for example, the time for obtaining the login request information of a certain user is 27 minutes 1 second at 21 points of 5, 15 and 15 months in 2018, and the time code is 20180515212701 after being converted into the 14-bit time code;
randomly acquiring one music character in the music score as a first character, sequentially acquiring 30 music characters from the first character, and simultaneously acquiring a 3-bit song name code corresponding to the first character;
s104, acquiring an instruction of successful authentication of the self-built system, encrypting the user information according to the user encryption code, and sending the user information to the self-built system;
when an instruction of successful authentication of the self-built system sent by the self-built system is received, encrypting the user information according to the user encryption code, and sending the user information to the self-built system;
when receiving an authentication overtime command of the self-built system sent by the self-built system, prompting a user to retry;
when the authentication of the self-built system is overtime, the self-built system is instable in the current network and needs the user to retry;
s105, acquiring a command of successful user authentication, and allowing the user to log in the self-built system;
when receiving an instruction of authentication failure of the self-built system or an instruction of authentication failure of a user sent by the self-built system, rejecting a request of the user for logging in the self-built system;
when authentication failure of the self-built system occurs, the self-built system does not have the technical capability, the operation capability or the management capability of processing government affair service matters, is not approved by a government affair service network, and has the technical problems of under maturity and under stability, and the government affair service network does not accept any request of a user for accessing the self-built system;
when user authentication fails, the user information is proved to have safety problems, and the account is possibly stolen, so that the user can be prompted to retry, or the user is directly refused to log in the self-built system;
the embodiment of the invention presets a self-built system authentication code and a user encryption code, then obtains login request information and user information of a user for requesting to login the self-built system, generates a self-built system authentication code at the current time according to the self-built system authentication code, sends the self-built system authentication code at the current time to the self-built system, continuously obtains an instruction of successful self-built system authentication, encrypts the user information according to the user encryption code, sends the user information to the self-built system, finally obtains an instruction of successful user authentication, allows the user to login the self-built system, realizes double authentication, namely, firstly performs authentication of the self-built system, then performs user authentication, allows the user to access the self-built system only after the double authentication is passed, realizes single-point login government service network and the self-built system, and simultaneously ensures the safety of the system, meanwhile, the user is prevented from repeatedly inputting a user name and a password and then repeatedly logging in the self-built system, the user experience is improved, the logging time is saved, the efficiency of handling government affair service items by the user is improved, and the user satisfaction is improved; the self-built system is restricted through the self-built system authentication code, and the self-built system can be directly logged in through the government affair service network only after the self-built system is approved by a government affair service network (namely an encryption terminal), when the self-built system has problems and the government affair service network does not approve the capacity of the self-built system, the government affair service network can unilaterally refuse the access of the self-built system or refuse the self-built system to accept the affairs of handling the government affair service of a user by modifying the self-built system authentication code, so that the dispute existing in the butt joint of the self-built system and the government affair service network can be efficiently solved; the authentication code of the self-built system is more specific and innovative through specific time code, song name code and music character, and is prevented from being decrypted by other systems; the security coefficient of encryption is further improved by adding music characters; moreover, 30 music characters can be in the music score of the same song, and can also cross songs, thereby further improving the safety factor; and the safety of user information is further improved by presetting user encryption codes.
Example two
Fig. 2 is a flowchart illustrating a method for decrypting e-government affairs according to the present invention, the method comprising the steps of:
s201, presetting a self-built system authentication code and a user decryption code;
in the electronic government affair unified identity authentication system, an encryption terminal is generally arranged in a government affair service network, and a decryption terminal is arranged in a self-built system;
the self-building system refers to a self-building system of each government department, namely a decryption end of the invention;
the government affair service network gathers all government affair service items, each government affair service item corresponds to different self-built systems, a user selects the self-built system where the government affair service item needing to be transacted is located by logging in the government affair service network, and inputs a corresponding user name and a corresponding password for authentication, and the authentication process comprises two steps:
firstly, whether the self-built system is a mature and steady self-built system approved by the government affair service network or not is authenticated; when the self-built system is only in interface butt joint with the government affair service network but does not have specific business for handling the government affair service items or has problems in handling the specific business, the government affair service network can refuse the self-built system to process the specific business by modifying the authentication code of the self-built system;
secondly, after the government affair service network approves the specific business handling capacity of the self-built system, the self-built system can be authenticated by presetting the same self-built system authentication code as the self-built system, and then user information is encrypted according to the user encryption code and then is sent to the self-built system for identity authentication, so that two systems of single sign-on are realized;
the self-built system authentication code comprises a time code, a song name code and a music character;
the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour, 2 bits of second;
presetting music scores of N songs, circularly arranging the music scores, and enabling each song to correspond to 3-bit song name codes;
the 3-bit song name codes are obtained by circularly arranging the music scores of all songs and numbering each song by using a 3-bit digital sequence, for example, the 3-bit song name code corresponding to the first song is 001, the 3-bit song name code corresponding to the first song is 002, and the like;
the cyclic arrangement means that the music score of a first song is followed by the music score of a second song, the music score of the second song is followed by the music score of a third song, and so on, and the music score of the Nth song is followed by the music score of the first song;
n is a positive integer;
converting the music score into music characters in advance according to the high pitch, the middle pitch and the low pitch in the music score after cyclic arrangement;
wherein, the capital letters A, B, C, D, E, F, G are used for representing high pitch characters, the numbers 1, 2, 3, 4, 5, 6 and 7 are used for representing middle pitch characters, and the lowercase letters a, b, c, d, e, f and g are used for representing low pitch characters;
after the step, each song music score is changed into music characters consisting of high pitch characters, middle pitch characters and low pitch characters;
the user decryption code means that the received encrypted user information is sequentially processed from left to right according to the following steps: the code generated by decrypting the account length "+" & "+" password length "+" _ "+" one-account one-password sequence is crossed and the case and case are interchanged "is the decrypted user information;
for example, when the encrypted user information received by the self-established system from the government service network (i.e., the encryption end) is 8&11_ L1I2B3yQ _ a1Z223345, the decrypted user information is, according to the user decryption code: the user name is libY _123, and the password is 123qAz 12345;
s202, acquiring a self-built system authentication code of the current time;
the self-built system authentication code of the current time refers to a self-built system authentication code of the current time generated by a government affairs service network (namely an encryption terminal) according to the self-built system authentication code, and the self-built system authentication code of the current time comprises a 14-bit time code, a 3-bit song name code and 30-bit music characters;
s203, according to the self-built system authentication code, if the self-built system authentication code at the current time is successfully authenticated within S seconds, sending a command of successful self-built system authentication;
if the 30 continuous music characters exist in the music characters starting from the music score of the song corresponding to the 3-bit song name code within S seconds, sending a command of successful authentication of the self-built system, namely sending the command of successful authentication of the self-built system to a government affair service network (namely an encryption terminal);
if the 30 continuous music characters do not exist in the music characters starting from the music score of the song corresponding to the 3-bit song name code, sending an instruction of authentication failure of the self-built system, wherein S seconds may be exceeded, the music scores of N songs are all searched in a traversing manner, and the 30 continuous music characters are not found, so that the self-built system is not approved by a government affair service network, and the purpose of logging in the self-built system cannot be realized by logging in the government affair service network, so that the instruction of authentication failure of the self-built system is sent;
if the 30-bit music characters are found in the music characters at the beginning of the music score of the song corresponding to the 3-bit song name code although the time exceeds S seconds, the self-built system has some technical problems, such as unstable network, unstable interface, immature government service provided and the like, and then an instruction of overtime authentication of the self-built system is sent, and the user can retry again;
s is 3 to 20;
if the authentication is successful within 3-20 seconds, the network is smooth and stable, and the self-built system has excellent performance;
if the authentication is passed after 20 seconds, or the authentication fails, the network environment of the self-built system is poor, the network is unstable, and the self-built system has poor performance;
step S203 may include the steps of:
converting the 14-bit time code to a first time;
whether the 30 continuous music characters exist in the music characters searched from the music score of the song corresponding to the 3-bit song name code; if not, sending an instruction of authentication failure of the self-built system; if so, acquiring the current time as a second time; comparing whether the time difference between the second time and the first time is less than S seconds, and if not, sending an authentication overtime command of the self-built system; if yes, sending an instruction of successful authentication of the self-built system, and entering the step S204;
s204, acquiring the encrypted user information, and decrypting according to the user decryption code;
acquiring encrypted user information sent by a government affair service network (namely an encryption terminal), and decrypting according to the user decryption code;
s205, when the decrypted user information is successfully authenticated, sending a user authentication success instruction, and allowing the user to log in the self-built system;
the identity authentication mode comprises identity authentication of a registered user of the self-built system and identity authentication of a third-party authentication platform;
the identity authentication of the registered user of the self-building system means that the user is registered in the self-building system in advance to obtain a user name and a password, and after the user inputs the user name and the password in a government affair service network (namely an encryption terminal), the government affair service network (namely the encryption terminal) encrypts the user name and the password according to user encryption codes and then sends the encrypted user name and password to the self-building system;
the self-built system analyzes the user name and the password of the user according to the user decryption code, matches the user name and the password in a database of the self-built system, and allows the user to log in the self-built system if matching is successful, which indicates that the user authentication is successful; if the matching is not successful, the user authentication is failed, and a user authentication failure instruction is sent to a government affair service network (namely an encryption terminal);
the identity authentication of the third-party authentication platform means that the user is not registered in the self-built system (i.e., a decryption end), or the self-built system allows the user to use the third-party authentication platform for authentication and login, at this time, when the user requests to log in the self-built system in a government affairs service network (i.e., an encryption end), the user needs to input a user name and a password of the third-party authentication platform (for example, the user name and the password of a social security system of an individual user, the user name and the password of a public deposit system, the user name and the password of a pay treasure system, an industrial and commercial system and a public security system corresponding to an enterprise user, and the like), and the government affairs service network (i.e., the encryption end) encrypts the user name and the password according to the user encryption code and then sends;
and the self-building system analyzes the user name and the password of the user on a third-party authentication platform according to the user decryption code, sends the user name and the password to the third-party authentication platform for matching, allows the user to log in the self-building system if the user authentication succeeds, and refuses the user to log in the self-building system if the user authentication fails.
When the command of the authentication overtime of the self-built system is sent, the command of the authentication overtime of the self-built system is sent to a government affair service network (namely an encryption terminal);
when the authentication of the self-built system is overtime, the self-built system is instable in the current network and needs the user to retry;
when the command of authentication failure of the self-built system is sent, the command of authentication failure of the self-built system is sent to a government affair service network (namely an encryption terminal);
when authentication failure of the self-built system occurs, the self-built system does not have the technical capability, the operation capability or the management capability of processing government affair service matters, is not approved by a government affair service network, and has the technical problems of under maturity and under stability, and the government affair service network does not accept any request of a user for accessing the self-built system;
when a user authentication failure instruction is sent, namely when the user authentication failure occurs, the user information has a safety problem and possibly has the condition of account stealing, the user can be prompted to retry or directly refused to log in the self-built system.
The method comprises the steps that a self-built system authentication code and a user decryption code are preset to obtain a self-built system authentication code at the current time, if the self-built system authentication code at the current time is successfully authenticated within S seconds, an instruction of successful self-built system authentication is sent to obtain encrypted user information, decryption is carried out according to the user decryption code, and if the decrypted user information is successfully authenticated, the user is allowed to log in the self-built system; the dual authentication is realized, namely, the authentication of the self-built system is firstly carried out, then the user authentication is carried out, and only after the dual authentication is passed, the user is allowed to access the self-built system, so that the security of the system is ensured while the single sign-on of the government affair service network and the self-built system is realized, meanwhile, the user is prevented from repeatedly inputting a user name and a password and then repeatedly logging in the self-built system, the user experience is improved, the logging time is saved, the efficiency of handling government affair service items by the user is improved, and the user satisfaction is improved; the self-built system is restricted through the self-built system authentication code, and the self-built system can be directly logged in through the government affair service network only after the self-built system is approved by a government affair service network (namely an encryption terminal), when the self-built system has problems and the government affair service network does not approve the capacity of the self-built system, the government affair service network can unilaterally refuse the access of the self-built system or refuse the self-built system to accept the affairs of handling the government affair service of a user by modifying the self-built system authentication code, so that the dispute existing in the butt joint of the self-built system and the government affair service network can be efficiently solved; the authentication code of the self-built system is more specific and innovative through specific time code, song name code and music character, and is prevented from being decrypted by other systems; the security coefficient of encryption is further improved by adding music characters; moreover, 30 music characters can be in the music score of the same song, and can also cross songs, thereby further improving the safety factor; and the security of the user information is further improved by presetting the user decryption code.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (8)
1. A method of electronic government encryption, the method comprising the steps of:
presetting a self-built system authentication code and a user encryption code;
obtaining login request information and user information of a user requesting to login the self-built system;
generating a self-built system authentication code of the current time according to the self-built system authentication code, and sending the self-built system authentication code of the current time to a self-built system;
acquiring an instruction of successful authentication of the self-built system, encrypting the user information according to the user encryption code, and sending the user information to the self-built system;
acquiring a command of successful user authentication, and allowing the user to log in the self-built system;
the self-built system authentication code comprises a time code, a song name code and a music character;
the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour, 2 bits of second;
the song name coding means that the music score of N songs are circularly arranged, and each song is numbered by 3-digit numerical sequence;
the music characters are used for converting the music score into music characters according to high pitch, middle pitch and low pitch in the music score after cyclic arrangement;
the user encryption coding refers to that the user information is coded according to the following steps: the rule of "account length" + "&" + "password length" + "_" + "one-account one-password order cross and case interchange" cryptographically generated codes from left to right.
2. A method of e-government encryption according to claim 1, wherein said musical characters are: the high tone characters are represented by the capital letters A, B, C, D, E, F, G, the middle tone characters are represented by the numerals 1, 2, 3, 4, 5, 6, 7, and the low tone characters are represented by the lower case letters a, b, c, d, e, f, g.
3. A method for encrypting electronic government affairs according to any one of claims 1-2, wherein the step of generating the self-established system authentication code of the current time according to the self-established system authentication code and transmitting the self-established system authentication code of the current time to the self-established system comprises the steps of:
acquiring a current time as a first time, and converting the first time into a 14-bit time code;
randomly acquiring continuous 30-bit music characters and 3-bit song name codes corresponding to the first music characters in the 30-bit music characters;
and sending the 14-bit time code, the 3-bit song name code and the 30-bit music character to a self-built system.
4. A method of electronic government affair decryption, the method comprising the steps of:
presetting a self-built system authentication code and a user decryption code;
acquiring a self-built system authentication code of the current time;
according to the self-built system authentication code, if the self-built system authentication code at the current time is successfully authenticated within S seconds, sending a command of successful self-built system authentication;
acquiring encrypted user information, and decrypting according to the user decryption code;
when the decrypted user information is successfully authenticated, a user authentication success instruction is sent, and the user is allowed to log in the self-built system;
the self-built system authentication code comprises a time code, a song name code and a music character;
the time code comprises 4 bits of year, 2 bits of month, 2 bits of day, 2 bits of hour, 2 bits of second;
the song name coding means that the music score of all songs are circularly arranged, and each song is numbered by 3-digit numerical sequence;
the music characters are used for converting the music score into music characters according to high pitch, middle pitch and low pitch in the music score after cyclic arrangement;
the user decryption code means that the received encrypted user information is sequentially processed from left to right according to the following steps: the rule of 'account length' + '&' + 'password length' + '__' + 'one-account one-password sequence cross and case interchanging' carries out the code generated by decryption.
5. The method for decrypting electronic government affairs according to claim 4, wherein the step of "if the self-established system authentication code at the current time is successfully authenticated within S seconds according to the self-established system authentication code, then sending the instruction that the self-established system authentication is successful" is specifically:
converting the 14-bit time code into a first time;
whether continuous 30-bit music characters exist in the music characters searched from the music score of the song corresponding to the 3-bit song name code;
if so, acquiring the current time as a second time;
comparing whether the time difference between the second time and the first time is less than S seconds;
and if so, sending an instruction of successful authentication of the self-built system.
6. The method of electronic government affair decryption according to claim 5, wherein S is 3-20,
n is a positive integer.
7. The method for electronic government affair decryption of claim 6, wherein the step of "comparing whether the time difference between the second time and the first time is less than S seconds" further comprises the steps of:
if not, sending an authentication overtime command of the self-built system.
8. The method for decrypting electronic government affairs according to claim 4, wherein the step of sending a user authentication success command when the decrypted user information is authenticated successfully and allowing the user to log in the self-built system further comprises the steps of:
and when the decrypted user information fails to be authenticated, sending a user authentication failure instruction, and refusing the user to log in the self-built system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810642814.3A CN108924104B (en) | 2018-06-21 | 2018-06-21 | E-government affair encryption and decryption method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810642814.3A CN108924104B (en) | 2018-06-21 | 2018-06-21 | E-government affair encryption and decryption method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108924104A CN108924104A (en) | 2018-11-30 |
| CN108924104B true CN108924104B (en) | 2021-06-15 |
Family
ID=64421715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810642814.3A Active CN108924104B (en) | 2018-06-21 | 2018-06-21 | E-government affair encryption and decryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108924104B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113179246B (en) * | 2021-03-19 | 2022-08-26 | 重庆扬成大数据科技有限公司 | Working method for carrying out government affair data fusion safety through four-in-one network |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011091558A1 (en) * | 2010-01-13 | 2011-08-04 | Liu Wenxiang | Network service |
| CN103761600A (en) * | 2013-12-30 | 2014-04-30 | 武汉烽火信息集成技术有限公司 | Platform and method for e-government affair comprehensive application |
| CN106230842A (en) * | 2016-08-05 | 2016-12-14 | 张家口乐淘商贸有限公司 | A kind of data processing method of ecommerce government system |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | Method for user authentication based on dynamic password |
| CN107977917A (en) * | 2017-12-15 | 2018-05-01 | 安徽长泰信息安全服务有限公司 | A kind of E-Government integrated application platform and method |
-
2018
- 2018-06-21 CN CN201810642814.3A patent/CN108924104B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011091558A1 (en) * | 2010-01-13 | 2011-08-04 | Liu Wenxiang | Network service |
| CN103761600A (en) * | 2013-12-30 | 2014-04-30 | 武汉烽火信息集成技术有限公司 | Platform and method for e-government affair comprehensive application |
| CN106230594A (en) * | 2016-07-22 | 2016-12-14 | 浪潮通用软件有限公司 | Method for user authentication based on dynamic password |
| CN106230842A (en) * | 2016-08-05 | 2016-12-14 | 张家口乐淘商贸有限公司 | A kind of data processing method of ecommerce government system |
| CN107977917A (en) * | 2017-12-15 | 2018-05-01 | 安徽长泰信息安全服务有限公司 | A kind of E-Government integrated application platform and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108924104A (en) | 2018-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11743041B2 (en) | Technologies for private key recovery in distributed ledger systems | |
| CN108256340B (en) | Data acquisition method and device, terminal equipment and storage medium | |
| US9998441B2 (en) | Client authentication using social relationship data | |
| US20190173873A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
| CN109145540B (en) | Intelligent terminal identity authentication method and device based on block chain | |
| US10904233B2 (en) | Protection from data security threats | |
| CN107241184B (en) | Personal password generation and management method based on improved AES | |
| US20180262471A1 (en) | Identity verification and authentication method and system | |
| CN106572076A (en) | Web service access method, client side and server side | |
| CN113656661B (en) | Mobile government affair system based on natural language recognition | |
| CN105553667A (en) | Dynamic password generating method | |
| CN102833276A (en) | Webpage login system based on token | |
| CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
| CN115842680A (en) | Network identity authentication management method and system | |
| CN108924104B (en) | E-government affair encryption and decryption method | |
| CN115333803A (en) | User password encryption processing method, device, equipment and storage medium | |
| CN114710274A (en) | Data calling method and device, electronic equipment and storage medium | |
| CN112398861B (en) | Encryption system and method for sensitive data in web configuration system | |
| CN109412754B (en) | Data storage, distribution and access method of coding cloud | |
| CN110995454A (en) | Service verification method and system | |
| CN107844290B (en) | Software product design method and device based on data stream security threat analysis | |
| WO2018157667A1 (en) | Method and device for generating password | |
| CN112434231A (en) | Data processing method and device and electronic equipment | |
| CN104519073A (en) | AAA multi-factor security-enhanced authentication method | |
| CN111541810B (en) | Online address book information protection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 730000 Zhang Suzhou beach, Chengguan District, Lanzhou City, Gansu Province, No. 553 Applicant after: China Power World Wide Information Technology Co.,Ltd. Address before: 730000 Zhang Suzhou beach, Chengguan District, Lanzhou City, Gansu Province, No. 553 Applicant before: GANSU WANWEI Co. |