CN109214196B

CN109214196B - Data interaction method, device and equipment

Info

Publication number: CN109214196B
Application number: CN201810916949.4A
Authority: CN
Inventors: 李佳; 李文龙; 何晓光
Original assignee: Advanced New Technologies Co Ltd
Current assignee: Advanced New Technologies Co Ltd; Advantageous New Technologies Co Ltd
Priority date: 2018-08-13
Filing date: 2018-08-13
Publication date: 2022-04-19
Anticipated expiration: 2038-08-13
Also published as: CN109214196A

Abstract

The embodiment of the specification discloses a data interaction method, a data interaction device and data interaction equipment, wherein the method comprises the following steps: receiving a service request sent by terminal equipment; and generating a data transmission rule corresponding to the service request according to a preset data protocol generation rule, wherein the data transmission rule is used for converting the format of the data to be interacted into a format except the data format which can be analyzed in a preset analysis mode, and performing data interaction with the terminal equipment based on the generated data transmission rule.

Description

Data interaction method, device and equipment

Technical Field

The present specification relates to the field of computer technologies, and in particular, to a data interaction method, apparatus, and device.

Background

In the dynamic web site, a large amount of data interaction exists, the interaction data mainly can be data interaction between a browser and a server, and in addition, through the data interaction, a user can use internet services such as login, shopping or inquiry.

Generally, script data in a web page and data logic in the web page in a dynamic web site are visible to a user, so that other users (such as hackers and the like) may crack and replace the user data or the service based on the script data and the data logic, thereby simulating the real operation of the user or personal information of the user and the like. Generally, a front-end service logic code can be protected through a front-end code obfuscation scheme, and transmitted data content can be protected through encryption and encoding, but since a data format protocol submitted to a server end is fixed and well agreed in advance, a hacker can directly forge user data in a large scale by developing an attack script after breaking the service logic and an encryption algorithm of the service to cheat the server, thereby causing large-scale loss. Therefore, a more secure data interaction solution is needed during data interaction.

Disclosure of Invention

An object of the embodiments of the present specification is to provide a data interaction method, apparatus, and device, so as to provide a more secure data interaction scheme.

In order to implement the above technical solution, the embodiments of the present specification are implemented as follows:

the data interaction method provided by the embodiment of the specification comprises the following steps:

receiving a service request sent by terminal equipment;

generating a data transmission rule corresponding to the service request according to a preset data protocol generation rule, wherein the data transmission rule is used for converting the format of the data to be interacted into a format except the data format which can be analyzed in a preset analysis mode;

and performing data interaction with the terminal equipment based on the generated data transmission rule.

Optionally, the service request includes a service identifier,

the generating a data transmission rule corresponding to the service request according to a predetermined data protocol generation rule includes:

and if the service identifier is the service identifier of the preset service, generating a rule according to a preset data protocol, and generating a data transmission rule corresponding to the service request.

Optionally, the data transmission rules comprise a first data transmission sub-rule and a second data transmission sub-rule,

the data interaction with the terminal device based on the generated data transmission rule includes:

sending the first data transmission sub-rule to the terminal equipment so that the terminal equipment performs data processing on data to be transmitted according to the first data transmission sub-rule and sends the processed data to be transmitted;

when the processed data to be transmitted sent by the terminal equipment is received, analyzing the processed data to be transmitted according to the second data transmission sub-rule to obtain the data to be transmitted.

Optionally, the sending the first data transmission sub-rule to the terminal device includes:

acquiring service data corresponding to the service request;

and inserting the data of the first data transmission sub-rule into the service data, and sending the service data inserted with the first data transmission sub-rule to the terminal equipment.

Optionally, after generating the data transmission rule corresponding to the service request according to the predetermined data protocol generation rule, the method further includes:

determining a valid time period of the data transmission rule;

and if the current moment is within the effective time period, performing data interaction with the terminal equipment based on the generated data transmission rule.

Optionally, the first data transmission sub-rule comprises one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

Optionally, the data transmission rule further comprises a third data transmission sub-rule,

when the processed data to be transmitted sent by the terminal device is received, analyzing the processed data to be transmitted according to the second data transmission sub-rule to obtain the data to be transmitted, including:

when the processed data to be transmitted sent by the terminal equipment is received, carrying out format conversion on the processed data to be transmitted according to the third data transmission sub-rule to obtain the data to be transmitted in a preset format;

and analyzing the data to be transmitted in the preset format according to the second data transmission sub-rule to obtain the data to be transmitted.

sending a service request to a service server;

receiving a data transmission rule corresponding to the service request and sent by the service server, wherein the data transmission rule is used for converting the format of the data to be interacted into a format except the data format which can be analyzed in a preset analysis mode;

and performing data interaction with the service server based on the generated data transmission rule.

Optionally, the data transmission rule comprises a first data transmission sub-rule,

the data interaction with the service server based on the generated data transmission rule includes:

performing data processing on data to be transmitted according to the first data transmission sub-rule to obtain processed data to be transmitted;

and sending the processed data to be transmitted to the service server.

An embodiment of this specification provides a data interaction device, the device includes:

the request receiving module is used for receiving a service request sent by the terminal equipment;

the rule generating module is used for generating a rule according to a preset data protocol and generating a data transmission rule corresponding to the service request, wherein the data transmission rule is used for converting the format of the data to be interacted into a format except the data format which can be analyzed in a preset analyzing mode;

and the data interaction module is used for carrying out data interaction with the terminal equipment based on the generated data transmission rule.

Optionally, the service request includes a service identifier, and the rule generating module is configured to generate a rule according to a predetermined data protocol if the service identifier is a service identifier of a predetermined service, and generate a data transmission rule corresponding to the service request.

Optionally, the data transmission rule includes a first data transmission sub-rule and a second data transmission sub-rule, and the data interaction module includes:

the rule sending unit is used for sending the first data transmission sub-rule to the terminal equipment so as to enable the terminal equipment to perform data processing on data to be transmitted according to the first data transmission sub-rule and send the processed data to be transmitted;

and the analysis unit is used for analyzing the processed data to be transmitted according to the second data transmission sub-rule when the processed data to be transmitted sent by the terminal equipment is received, so as to obtain the data to be transmitted.

Optionally, the rule sending unit is configured to obtain service data corresponding to the service request; and inserting the data of the first data transmission sub-rule into the service data, and sending the service data inserted with the first data transmission sub-rule to the terminal equipment.

Optionally, the apparatus further comprises:

the validity period determining module is used for determining the valid time period of the data transmission rule;

and the data interaction module is used for carrying out data interaction with the terminal equipment based on the generated data transmission rule if the current moment is in the effective time period.

the analysis unit is used for performing format conversion on the processed data to be transmitted according to the third data transmission sub-rule when the processed data to be transmitted sent by the terminal equipment is received, so as to obtain the data to be transmitted in a preset format; and analyzing the data to be transmitted in the preset format according to the second data transmission sub-rule to obtain the data to be transmitted.

the request sending module is used for sending a service request to the service server;

the rule receiving module is used for receiving a data transmission rule which is sent by the service server and corresponds to the service request, and the data transmission rule is used for converting the format of the data to be interacted into a format which can be analyzed by a preset analysis mode and is different from the data format;

and the data interaction module is used for performing data interaction with the service server based on the generated data transmission rule.

Optionally, the data transmission rule includes a first data transmission sub-rule, and the data interaction module includes:

the data processing unit is used for carrying out data processing on the data to be transmitted according to the first data transmission sub-rule to obtain processed data to be transmitted;

and the data sending unit is used for sending the processed data to be transmitted to the service server.

An embodiment of the present specification provides a data interaction device, where the data interaction device includes:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to:

receiving a service request sent by terminal equipment;

a processor; and

sending a service request to a service server;

As can be seen from the above technical solutions provided by the embodiments of the present specification, in the embodiments of the present specification, when a service request sent by a terminal device is received, a rule is generated according to a predetermined data protocol, and a data transmission rule corresponding to the service request is generated, where the data transmission rule is used to convert a format of data to be interacted into a format other than a data format that can be resolved by a predetermined resolution manner, and a service server may perform data interaction with the terminal device based on the generated data transmission rule, so that, whenever data interaction is required between the terminal device and the service server, the data transmission rule for the service request is generated according to the predetermined data protocol generation rule, and then data interaction may be performed between the terminal device and the service server based on the generated data transmission rule, because the data transmission rule may convert the format of the data to be interacted into a format other than the data format that can be resolved by the predetermined resolution manner Therefore, in the data interaction process, the data to be interacted is reprocessed to obtain a character string or a data packet in a new data format, so that other users are difficult to analyze the data content from the intercepted data, and the safety of data interaction is improved. In addition, the service request received by the same terminal device each time can correspond to different data transmission rules, and the service request received by different terminal devices can also correspond to different data transmission rules, so that the safety of data interaction can be further improved.

Drawings

In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.

FIG. 1 is a diagram illustrating an embodiment of a data interaction method;

FIG. 2 is another embodiment of a data interaction method described herein;

FIG. 3 is a diagram of another embodiment of a data interaction method;

FIG. 4 is a logic diagram illustrating the generation of a data transmission rule according to the present disclosure;

FIG. 5 is a block diagram of an embodiment of a data interaction device according to the present disclosure;

FIG. 6 is a block diagram of an embodiment of a data interaction device according to the present disclosure;

FIG. 7 is a diagram illustrating an embodiment of a data interaction device;

fig. 8 is an embodiment of a data interaction device according to the present disclosure.

Detailed Description

The embodiment of the specification provides a data interaction method, a data interaction device and data interaction equipment.

In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.

Example one

As shown in fig. 1, an execution main body of the method may be a service server, where the service server may be an independent server, or a server cluster composed of a plurality of servers, and the service server may be a background server of a certain service, or a background server of a website (such as an internet shopping website or a payment application) having a plurality of services, and the like. The method can be used for generating the data transmission rule in the data interaction processing, and performing the data interaction processing and the like based on the data transmission rule. The method may specifically comprise the steps of:

in step S102, a service request sent by the terminal device is received.

The terminal device may be a terminal device used by a user, and specifically may be a mobile terminal device such as a mobile phone or a tablet computer, or may be a terminal device such as a notebook computer or a personal computer. The service request may be information for requesting to execute a service, where the service may be any service, such as a resource transfer service (specifically, a payment service, etc.), a login service, an inquiry service, or the like.

In implementation, a large amount of data interaction exists in the dynamic web site, and the interaction data mainly can be data interaction between a browser and a server, and in addition, the user can use internet services such as login, shopping or inquiry through the data interaction. Generally, script data in a web page and data logic in the web page in a dynamic web site are visible to a user, that is, when the user obtains corresponding web page data from the dynamic web site through a browser, the user can view the web page data through functions such as viewing a web page source code or a developer tool set in the browser, and the web page data includes the script data and the data logic in the web page, so that other users (such as a hacker) may crack and replace the user data or the service based on the script data and the data logic, thereby simulating a real operation of the user or going to personal information of the user, and the like. Generally, a front-end service logic code can be protected through a front-end code obfuscation scheme, and transmitted data content can be protected through encryption and encoding, but since a data format protocol submitted to a server end is fixed and agreed in advance (for example, Key-Value combination of a JSON (JSON Object Notation) data structure does not change dynamically), a hacker can directly forge user data in a large scale by developing an attack script after breaking a service logic and an encryption algorithm of the service, so as to cheat the server, thereby causing large-scale loss. In order to protect data interacted between a browser and a server from being easily cracked and replaced by a hacker, and further to simulate a real operation of a user to request for an internet service such as login, shopping or query, an embodiment of the present specification provides an implementation solution that can solve the above problem, and specifically may include the following contents:

the terminal device may be installed with an application of a browser or with an application providing one or more different services, such as an application of online shopping or an instant messaging application, and the different services or the applications may correspond to a service server, when a user needs to request a service from the service server, the user may click a shortcut icon of the browser or the application, the terminal device may start the browser or the application, and then the user may input a network address of the service into an address bar of the browser or click an option of the service provided in the application, and the terminal device may obtain the network address of the service and an identifier of the terminal device (such as a name, a code, or an IMEI (International Mobile Equipment Identity) number of the terminal device, and the like), and can generate the business request through the above-mentioned information, can send the business request to the business server where the business service locates through the network address, the business server can receive the business request that the terminal equipment sends.

In step S104, a data transmission rule corresponding to the service request is generated according to a predetermined data protocol generation rule, where the data transmission rule is used to convert the format of the data to be interacted into a format other than the data format that can be analyzed by a predetermined analysis method.

The data protocol generation rule may be an algorithm or a rule for generating a data transmission rule, and the data protocol generation rule may be implemented by one or more preset algorithms, or by a preset rule or a combination of multiple rules, and may be specifically set according to an actual situation, which is not limited in this embodiment of the specification. The data transmission rule may be a data structure, a data transmission mode, and other rules that need to be adopted in the process of transmitting certain data from one end to the other end. The predetermined parsing method may be any currently used page parsing method, such as a parsing method based on HTML5 page.

In implementation, in order to ensure the security of data transmission, a technician of one or more services may set a data protocol generation rule in a corresponding service server according to actual conditions. After the service server receives the service request sent by the terminal device, the service server may analyze the service request, and extract relevant data of the requested service from the service request, such as a service identifier (e.g., a service name or a code) of a certain requested service, data related to the requested service, and the like, and if the service server determines that the data related to the requested service includes some predetermined data (e.g., sensitive information such as personal information of a user, key information of a service, and the like), the service server may determine that, for the service request, processing such as data structure adjustment, data transmission mode setting, and the like needs to be performed on the interactive data to prevent the interactive data from being intercepted by other users, and for this purpose, the service server may obtain a preset data protocol generation rule and generate a rule based on the data protocol, and generating a data transmission rule corresponding to the service request, wherein the generated data transmission rule can comprise a data structure, a data transmission mode and the like which need to be adopted.

It should be noted that, each time a service request sent by a different terminal device or the same terminal device is received, the service server generates a rule according to a predetermined data protocol, and generates a data transmission rule corresponding to the service request, that is, each service request corresponds to one data transmission rule.

In step S106, data interaction is performed with the terminal device based on the generated data transmission rule.

In implementation, after receiving a service request sent by a terminal device, a service server may obtain service data corresponding to the service request. In addition, after generating the data transmission rule corresponding to the service request through the predetermined data protocol generation rule, the generated data transmission rule may be inserted into the service data, and the data in which the data transmission rule and the service data are mixed may be transmitted to the terminal device. After receiving the data transmission rule and the service data, the terminal device may execute corresponding processing according to the service data, and after obtaining the data to be transmitted based on the service data, may process the data to be transmitted according to the data transmission rule, so that the data to be transmitted is presented in a new data format, where the new data format may be a format other than a data format that can be analyzed in a predetermined analysis manner, that is, the content of the processed data to be transmitted cannot be analyzed in the predetermined analysis manner. Specifically, if redundant information can be inserted into the data to be transmitted, the processed data to be transmitted is divided into data packets with different sizes, and the data packets can be randomly sent to the service server respectively in a random sending manner. After receiving the data to be transmitted, the service server may process the data to be transmitted based on a data transmission rule, specifically, analyze data packets with different sizes, delete redundant information from the data packets to obtain a complete piece of data, and then further process the data to be transmitted.

For example, if a user needs to log in a certain website, the user may request data of a login page of the website through a browser or a corresponding application program, and at this time, the terminal device may generate a service request and send the service request to the service server. After receiving the service request, the service server may determine that the user needs to input sensitive information (or preset information) such as a login account of the user when logging in the website, at this time, the service server may obtain data of a login page, generate a rule according to a predetermined data protocol, generate a data transmission rule corresponding to the service request, insert the data transmission rule into the data of the login page, and send the data to the terminal device. The terminal device can display a login page based on the data of the login page, a user can input the related information of the login account in the login page, after the input is completed, a determination key or a login key in the login page can be clicked, the terminal device obtains the related information of the login account input by the user, the related information of the login account is processed by using the data transmission rule, for example, the related information of the login account is inserted with redundant information, the related information of the login account inserted with the redundant information is randomly divided into a pair of data packets, and the data packets are randomly sent to the service server. After receiving the data packet, the service server may perform data splicing and data analysis on the data in the data packet according to the data transmission rule to obtain the relevant information of the login account, and then may perform identity authentication on the user based on the relevant information of the login account, if the authentication passes, may send a notification message that the authentication passes to the terminal device, and if the authentication fails, may send a notification message that the relevant information of the user login account is re-input to the terminal device, so that the user logs in again.

As shown in fig. 2, an execution subject of the method may be a terminal device, where the terminal device may be a mobile terminal device such as a mobile phone or a tablet computer, and may also be a terminal device such as a notebook computer or a personal computer. The method can be used for generating the data transmission rule in the data interaction processing, and performing the data interaction processing and the like based on the data transmission rule. The method may specifically comprise the steps of:

in step S202, a service request is sent to the service server.

In step S204, a data transmission rule corresponding to the service request sent by the service server is received, where the data transmission rule is used to convert the format of the data to be interacted into a format other than the data format that can be analyzed by a predetermined analysis manner.

In step S206, data interaction is performed with the service server based on the generated data transmission rule.

The specific processing procedure of step S202 to step S206 may refer to the related processing procedure of the step shown in fig. 1, and is not described herein again.

The embodiment of the specification provides a data interaction method, which generates a data transmission rule corresponding to a service request according to a predetermined data protocol generation rule when the service request sent by a terminal device is received, wherein the data transmission rule is used for converting the format of data to be interacted into a format other than a data format capable of being analyzed in a predetermined analysis mode, a service server can perform data interaction with the terminal device based on the generated data transmission rule, so that when the data interaction is required between the terminal device and the service server, the data transmission rule aiming at the service request is generated according to the predetermined data protocol generation rule, then the data interaction can be performed between the terminal device and the service server based on the generated data transmission rule, and as the data transmission rule can convert the format of the data to be interacted into a format other than the data format capable of being analyzed in the predetermined analysis mode, therefore, in the data interaction process, the data to be interacted is reprocessed to obtain a character string or a data packet in a new data format, so that even if other users intercept the data, the data content is difficult to analyze from the data, and the safety of the data interaction is improved. In addition, the service request received by the same terminal device each time can correspond to different data transmission rules, and the service request received by different terminal devices can also correspond to different data transmission rules, so that the safety of data interaction can be further improved.

Example two

As shown in fig. 3, an embodiment of the present disclosure provides a data interaction method, which may be executed by a service server and a terminal device together, where the service server may be an independent server or a server cluster composed of multiple servers, and the service server may be a background server of a certain service or a background server of a website (such as an online shopping website or a payment application) with multiple services. The terminal device can be a mobile terminal device such as a mobile phone or a tablet personal computer, and can also be a terminal device such as a notebook computer or a personal computer. The method can be used for generating the data transmission rule in the data interaction processing, and performing the data interaction processing and the like based on the data transmission rule. The method may specifically comprise the steps of:

in step S302, the terminal device sends a service request to the service server, where the service request includes a service identifier.

The service identifier may be information such as a name or a code of a certain service. Such as transfer or login services.

The content of the step S302 is the same as the content of the step S202 in the first embodiment, and the specific processing procedure of the step S302 may refer to the related content of the step S102 in the first embodiment, which is not described herein again.

In step S304, if the service identifier is a service identifier of a predetermined service, the service server generates a data transmission rule corresponding to the service request according to a predetermined data protocol generation rule.

The predetermined service may be one or more services set in advance at will. The data transmission rule is used for converting the format of the data to be interacted into a format except the data format which can be analyzed through a preset analysis mode.

In implementation, one or more services may be preset as services that require data interaction using a data transmission rule generated in real time according to an actual situation or an actual requirement, and specifically, if it can be determined which services relate to sensitive information such as personal information of a user, related information of an account (such as an account number and a password), and other specified related information, a service including any one or more of the sensitive information may be set as the predetermined service, and a service identifier of the predetermined service may be stored in a service server. After receiving a service request sent by a terminal device, a service server can extract a service identifier in the service request, and can compare the extracted service identifier with a service identifier of a pre-stored predetermined service, and if the service identifier of the pre-stored predetermined service includes the extracted service identifier, it can be determined that the service corresponding to the service request does not include the sensitive information, so that data interaction can be performed without a real-time data transmission rule. If the service identifier of the pre-stored predetermined service includes the extracted service identifier, it may be determined that the service corresponding to the service request includes the sensitive information, and therefore, a data transmission rule corresponding to the service request is generated according to a predetermined data protocol generation rule, where a specific processing procedure for generating the data transmission rule corresponding to the service request according to the predetermined data protocol generation rule may refer to relevant contents in the first embodiment, and will not be described herein again.

In practical application, data interaction involves a terminal device side and a service server side, and when the terminal device side and the service server side perform data interaction based on the generated data transmission rule, specific processing procedures of the terminal device side and the service server side are different, so that the data transmission rule can be divided into a first data transmission sub-rule executed by the terminal device side and a second data transmission sub-rule executed by the service server side, that is, the data transmission rule can include the first data transmission sub-rule and the second data transmission sub-rule, and the first data transmission sub-rule and the second data transmission sub-rule can be implemented by program codes written in a predetermined programming language. Wherein the first data transmission sub-rule may include one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

The identification transformation rule (e.g., name transformation rule, etc.) may be a change rule that specifies a Key field in a generated data structure (e.g., JSON data structure, etc.), for example, the Key field may be changed by shifting AscII "abc" left by one bit to "bcd", or by means of dictionary encryption, or by means of a Map structure on the service server side storing an arbitrary group Key mapping, or by means of a regular expression randomly generating a field identification (e.g., name), etc. The data packet transformation rule may be a rule for controlling the length and segmentation of the transmitted data, and divides the original data information "abcd" into two data packets "abc" and "d" to be sent separately, and at the same time, the data transmission order may also be transformed, for example, transmitting "d" first and then "abc". The serialization rules may be whether the last transmitted data is to be processed once using Base64 encoding or other predetermined encoding format or serialization protocol, and the serialization may be the process of converting the data structure or object state into an available format for later retrieval in the same or another computer environment. The interface configuration rules may be links, ports, protocols and parameters for the interface may be further configured. In addition, rules and the like of redundant data can be included, specifically, a random character string or an object is added to the final data structure, and the redundant data can be ignored or skipped in the process of parsing by the service server.

In practical applications, as shown in fig. 4, the service server may include a dynamic control module and a generation module, where the dynamic control module may be configured to combine a plurality of different rules (for example, combine a name dictionary encryption transformation rule and a data field disorder rule for use, etc.) to generate a first data transmission sub-rule, determine a validity period (for example, validity in a single time or within a predetermined time period) for generating the first data transmission sub-rule, and perform user session management (for example, associate a dynamic scenario returned to the service end according to a user identifier or a session identifier or a Token (for example, Token, etc.)). The generating module may generate a first data transmission sub-rule at the terminal device side and a second data transmission sub-rule at the service server side according to the rule combination, the data structure definition, and the parsing logic at the service server side. In the first data transmission sub-rule, syntax of a programming language such as XML, C + +, Python, Ruby, or Shell may be used. In the second data transfer subroutine, JAVA programming language, and any other programming language other than JAVA programming language may be used for writing.

In practical applications, a data structure can be preset, and the data structure can be implemented by YAML syntax, for example

The above data structure constructed by YAML syntax can be conveniently inter-converted with JSON format used in currently common systems. Based on the data structure, the form of the script corresponding to the first data transmission sub-rule, the data structure and logic in the second data transmission sub-rule, and the like can be determined.

For example, based on the above data structure, when the first data transmission sub-rule is a name transformation (left shift by one bit) rule, the generated script data corresponding to the first data transmission sub-rule may be:

accordingly, the data structure of the second data transfer subroutine when written using the JAVA programming language may be:

based on the above, the data transmission rule generated by the service server includes a first data transmission sub-rule, and the service server may send the first data transmission sub-rule to the terminal device, so that the middle-end device may use the first data transmission sub-rule in subsequent data interaction, which may specifically include the following processing in step S306.

In step S306, the service server sends the first data transmission sub-rule to the terminal device.

In practical applications, the specific processing manner of step S306 may be various, and an optional processing manner is provided below, and specifically, the processing manner may include the following step one and step two.

Step one, acquiring service data corresponding to the service request.

In implementation, the service request may not carry sensitive information such as personal information of a user, related information of an account, or other specified related information, and the service request may be used to request to obtain data of a bearer page of the sensitive information or information of an input prompt of the sensitive information, for example, information used for requesting a login page in the example of step S106 in the first embodiment, and the corresponding service data is data of the login page.

And step two, inserting the data of the first data transmission sub-rule into the service data, and sending the service data inserted with the first data transmission sub-rule to the terminal equipment.

In step S308, the terminal device performs data processing on the data to be transmitted according to the first data transmission sub-rule, so as to obtain processed data to be transmitted.

The data to be transmitted can be any data in the data interaction process between the terminal equipment and the service server.

In implementation, the first data transmission sub-rule may specifically be a data construction code, and may be used to perform structure adjustment or structure modification, and data reassembly and the like on data to be transmitted, so as to obtain a completely new data character string or data packet. After receiving the service data, the terminal device may execute a service logic corresponding to the service data, so as to obtain a corresponding execution result (e.g., display a certain designated page, etc.), a user may input data to be transmitted based on the execution result, and when the user needs to send the data to be transmitted to the service server, the user may perform one or more operations, such as transformation, serialization, data reassembly, etc., on the data to be transmitted by using the first data transmission sub-rule, so as to perform data processing on the data to be transmitted, so as to obtain processed data to be transmitted (specifically, a data character string or a data packet, etc.).

In step S310, the terminal device sends the processed data to be transmitted to the service server.

In step S312, the service server analyzes the processed data to be transmitted according to the second data transmission sub-rule, so as to obtain the data to be transmitted.

In an implementation, the second data transmission sub-rule may specifically be an analysis code on the service server side, where the analysis code may correspond to the data construction code of the first data transmission sub-rule, that is, data constructed by a certain data construction code needs to use an analysis code matched with the analysis code to analyze required actual data (that is, data to be transmitted) from the constructed data. For the processing in step S312, if the terminal device inserts the redundant information into the data to be transmitted through the first data transmission sub-rule, after the terminal device sends the data to be transmitted with the redundant information to the service server, the service server may analyze the data to be transmitted with the redundant information through the analysis code of the second data transmission sub-rule, extract the redundant information from the data to be transmitted, delete the extracted redundant information, and finally obtain complete data to be transmitted without the redundant information, thereby ensuring the integrity of the data.

In addition, in order to further improve the security of data interaction, an effective time period may be set for each generated data transmission rule, that is, in the effective time period, the generated data transmission rule may be normally used, and specifically, the following contents may be included: and if the current time is in the effective time period, performing data interaction with the terminal equipment based on the generated data transmission rule.

Furthermore, if the generated data transmission rule is used outside the valid time period, it can be regarded as an attack behavior, and data interaction can be prevented.

In practical applications, programming languages used in the terminal device and the service server may be different, so that when data interaction is performed between the terminal device and the service server, contents of the data interaction may not be determined, and for this reason, specific processing manners of step S312 may be various, and an optional processing manner is provided below, and specifically, the processing manner may include the following step one and step two.

Step one, when the processed data to be transmitted sent by the terminal equipment is received, format conversion is carried out on the processed data to be transmitted according to a third data transmission sub-rule, and the data to be transmitted in the preset format is obtained.

The third data transmission sub-rule may be a conversion rule of one format, that is, data of a certain format may be converted into data of another format, and the specific content of the third data transmission sub-rule may be set according to an actual situation, which is not limited in the embodiment of the present specification. The data to be transmitted in the predetermined format may be any format of data to be transmitted, such as object format of Javascript or POJO format.

In implementation, according to actual situations, a third data transmission sub-rule may be set in the service server, and data in different formats may be converted into data in the same format through the third data transmission sub-rule.

Based on a preset data structure mentioned in the above step S304, the JSON format used in the currently common system can be conveniently converted into each other, and the intermediate format of data to be used by the service server is defined here, and can be conveniently converted and converted. For example, the format of the processed data to be transmitted is NodeJS, and after the format conversion is performed by the service server, the format of the obtained data on the service server side may be an object format of Javascript, or after the format conversion is performed by the service server, the format of the obtained data on the service server side may be a POJO format, and the like, if the processed data to be transmitted is written in JAVA programming language.

And step two, analyzing the data to be transmitted in the preset format according to the second data transmission sub-rule to obtain the data to be transmitted.

It should be noted that the processing for generating the first data transmission sub-rule and the second data transmission sub-rule is completed by the service server, and in practical application, the processing for generating the data transmission rule may also be completed by another server outside the service server, and the specific processing process may refer to the above related contents, and is not described herein again.

EXAMPLE III

Based on the same idea, the data interaction method provided by the embodiment of the present specification further provides a data interaction device, as shown in fig. 5.

The data interaction device comprises: a request receiving module 501, a rule generating module 502 and a data interaction module 503, wherein:

a request receiving module 501, configured to receive a service request sent by a terminal device;

a rule generating module 502, configured to generate a rule according to a predetermined data protocol, and generate a data transmission rule corresponding to the service request, where the data transmission rule is used to convert a format of data to be interacted into a format other than a data format that can be analyzed in a predetermined analysis manner;

and a data interaction module 503, configured to perform data interaction with the terminal device based on the generated data transmission rule.

In this embodiment of the present specification, the service request includes a service identifier, and the rule generating module 502 is configured to generate a rule according to a predetermined data protocol if the service identifier is a service identifier of a predetermined service, and generate a data transmission rule corresponding to the service request.

In this embodiment of the present specification, the data transmission rule includes a first data transmission sub-rule and a second data transmission sub-rule, and the data interaction module 503 includes:

In an embodiment of this specification, the rule sending unit is configured to obtain service data corresponding to the service request; and inserting the data of the first data transmission sub-rule into the service data, and sending the service data inserted with the first data transmission sub-rule to the terminal equipment.

In an embodiment of this specification, the apparatus further includes:

In an embodiment of the present specification, the first data transmission sub-rule includes one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

In an embodiment of this specification, the data transmission rule further includes a third data transmission sub-rule, and the parsing unit is configured to, when the processed data to be transmitted sent by the terminal device is received, perform format conversion on the processed data to be transmitted according to the third data transmission sub-rule, so as to obtain data to be transmitted in a predetermined format; and analyzing the data to be transmitted in the preset format according to the second data transmission sub-rule to obtain the data to be transmitted.

The embodiment of the present specification provides a data interaction apparatus, which generates a data transmission rule corresponding to a service request according to a predetermined data protocol generation rule when receiving the service request sent by a terminal device, where the data transmission rule is used to convert a format of data to be interacted into a format other than a data format that can be resolved by a predetermined resolution manner, and a service server may perform data interaction with the terminal device based on the generated data transmission rule, so that, whenever data interaction is required between the terminal device and the service server, a data transmission rule for the service request is generated according to the predetermined data protocol generation rule, and then, data interaction may be performed between the terminal device and the service server based on the generated data transmission rule, because the data transmission rule converts the format of the data to be interacted into a format other than the data format that can be resolved by the predetermined resolution manner, therefore, in the data interaction process, the data to be interacted is reprocessed to obtain a character string or a data packet in a new data format, so that even if other users intercept the data, the data content is difficult to analyze from the data, and the safety of the data interaction is improved. In addition, the service request received by the same terminal device each time can correspond to different data transmission rules, and the service request received by different terminal devices can also correspond to different data transmission rules, so that the safety of data interaction can be further improved.

Example four

Based on the same idea, embodiments of the present specification further provide a data interaction apparatus, as shown in fig. 6.

The data interaction device comprises: a request sending module 601, a rule receiving module 602, and a data interaction module 603, wherein:

a request sending module 601, configured to send a service request to a service server;

a rule receiving module 602, configured to receive a data transmission rule corresponding to the service request and sent by the service server, where the data transmission rule is used to convert a format of data to be interacted into a format other than a data format that can be analyzed in a predetermined analysis manner;

and a data interaction module 603, configured to perform data interaction with the service server based on the generated data transmission rule.

In this embodiment of the present specification, the data transmission rule includes a first data transmission sub-rule, and the data interaction module 603 includes:

EXAMPLE five

Based on the same idea, the data interaction apparatus provided in the embodiment of the present specification further provides a data interaction device, as shown in fig. 7.

The data interaction device may be the service server provided in the above embodiment.

The data interaction device may have a large difference due to different configurations or performances, and may include one or more processors 701 and a memory 702, where the memory 702 may store one or more stored applications or data. Memory 702 may be, among other things, transient storage or persistent storage. The application program stored in memory 702 may include one or more modules (not shown), each of which may include a series of computer-executable instructions for a data interaction device. Still further, the processor 701 may be configured to communicate with the memory 702 to execute a series of computer-executable instructions in the memory 702 on the data interaction device. The data interaction apparatus may also include one or more power supplies 703, one or more wired or wireless network interfaces 704, one or more input-output interfaces 705, one or more keyboards 706.

In particular, in this embodiment, the data interaction device includes a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer-executable instructions for the data interaction device, and the one or more programs configured to be executed by the one or more processors include computer-executable instructions for:

receiving a service request sent by terminal equipment;

In the embodiment of this specification, the service request includes a service identifier,

In the embodiment of the specification, the data transmission rule comprises a first data transmission sub-rule and a second data transmission sub-rule,

In this embodiment of the present specification, the sending the first data transmission sub-rule to the terminal device includes:

acquiring service data corresponding to the service request;

In an embodiment of this specification, after generating a data transmission rule corresponding to the service request according to a predetermined data protocol generation rule, the method further includes:

determining a valid time period of the data transmission rule;

In the embodiment of the present specification, the data transmission rule further includes a third data transmission sub-rule,

The embodiment of the present specification provides a data interaction device, which generates a data transmission rule corresponding to a service request according to a predetermined data protocol generation rule when receiving the service request sent by a terminal device, where the data transmission rule is used to convert a format of data to be interacted into a format other than a data format that can be resolved by a predetermined resolution manner, and a service server may perform data interaction with the terminal device based on the generated data transmission rule, so that, whenever data interaction is required between the terminal device and the service server, a data transmission rule for the service request is generated according to the predetermined data protocol generation rule, and then, data interaction may be performed between the terminal device and the service server based on the generated data transmission rule, because the data transmission rule converts the format of the data to be interacted into a format other than the data format that can be resolved by the predetermined resolution manner, therefore, in the data interaction process, the data to be interacted is reprocessed to obtain a character string or a data packet in a new data format, so that even if other users intercept the data, the data content is difficult to analyze from the data, and the safety of the data interaction is improved. In addition, the service request received by the same terminal device each time can correspond to different data transmission rules, and the service request received by different terminal devices can also correspond to different data transmission rules, so that the safety of data interaction can be further improved.

EXAMPLE six

Based on the same idea, embodiments of the present specification further provide a data interaction device, as shown in fig. 8.

The data interaction device may be the terminal device provided in the above embodiment.

The data interaction device may have a large difference due to different configurations or performances, and may include one or more processors 801 and a memory 802, and one or more stored applications or data may be stored in the memory 802. Wherein the memory 802 may be a transient storage or a persistent storage. The application program stored in memory 802 may include one or more modules (not shown), each of which may include a series of computer-executable instructions for a data interaction device. Still further, the processor 801 may be configured to communicate with the memory 802 to execute a series of computer-executable instructions in the memory 802 on the data interaction device. The data interaction apparatus may also include one or more power supplies 803, one or more wired or wireless network interfaces 804, one or more input-output interfaces 805, one or more keyboards 806.

sending a service request to a service server;

In the embodiment of the specification, the data transmission rule comprises a first data transmission sub-rule,

and sending the processed data to be transmitted to the service server.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more software and/or hardware implementations in implementing one or more embodiments of the present description.

As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

Embodiments of the present description are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

One or more embodiments of the present description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

The above description is only an example of the present specification, and is not intended to limit the present specification. Various modifications and alterations to this description will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present specification should be included in the scope of the claims of the present specification.

Claims

1. A method of data interaction, the method comprising:

receiving a service request sent by terminal equipment;

performing data interaction with the terminal equipment based on the generated data transmission rule, wherein the data transmission rule comprises a first data transmission sub-rule used for performing structure adjustment or structure modification on the data to be interacted and data recombination processing, so that the terminal equipment processes the data to be interacted according to the first data transmission sub-rule in the data interaction process; the first data transmission sub-rule is used for determining a data transmission sequence of a data packet obtained by splitting the data to be interacted.

2. The method of claim 1, wherein the service request includes a service identification,

3. The method of claim 1 or 2, the data transmission rule comprising a second data transmission sub-rule,

4. The method of claim 3, the sending the first data transmission sub-rule to the terminal device, comprising:

acquiring service data corresponding to the service request;

5. The method of claim 4, after generating the data transmission rule corresponding to the service request according to the predetermined data protocol generation rule, the method further comprising:

determining a valid time period of the data transmission rule;

6. The method of claim 5, the first data transmission sub-rule comprising one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

7. The method of claim 3, the data transmission rules further comprising a third data transmission sub-rule,

8. A method of data interaction, the method comprising:

sending a service request to a service server;

based on the generated data transmission rule, performing data interaction with the service server, wherein the data transmission rule comprises a first data transmission sub-rule used for performing structure adjustment or structure modification on the data to be interacted and data recombination processing, so that the terminal equipment processes the data to be interacted according to the first data transmission sub-rule in the data interaction process; the first data transmission sub-rule is used for determining a data transmission sequence of a data packet obtained by splitting the data to be interacted.

9. The method of claim 8, the interacting data with the business server based on the generated data transmission rule, comprising:

and sending the processed data to be transmitted to the service server.

10. The method of claim 9, the first data transmission sub-rule comprising one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

11. A data interaction apparatus, the apparatus comprising:

the data interaction module is used for performing data interaction with the terminal equipment based on the generated data transmission rule, wherein the data transmission rule comprises a first data transmission sub-rule used for performing structure adjustment or structure modification on the data to be interacted and data recombination processing, so that the terminal equipment processes the data to be interacted according to the first data transmission sub-rule in the data interaction process; the first data transmission sub-rule is used for determining a data transmission sequence of a data packet obtained by splitting the data to be interacted.

12. The apparatus according to claim 11, wherein the service request includes a service identifier, and the rule generating module is configured to generate a rule according to a predetermined data protocol if the service identifier is a service identifier of a predetermined service, and generate a data transmission rule corresponding to the service request.

13. The apparatus of claim 11 or 12, the data transmission rule comprising a second data transmission sub-rule, the data interaction module comprising:

14. The apparatus according to claim 13, wherein the rule sending unit is configured to obtain service data corresponding to the service request; and inserting the data of the first data transmission sub-rule into the service data, and sending the service data inserted with the first data transmission sub-rule to the terminal equipment.

15. The apparatus of claim 14, the apparatus further comprising:

16. The apparatus of claim 15, the first data transmission sub-rule comprising one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

17. The apparatus according to claim 13, wherein the data transmission rules further include a third data transmission sub-rule, and the parsing unit is configured to, when receiving the processed data to be transmitted sent by the terminal device, perform format conversion on the processed data to be transmitted according to the third data transmission sub-rule to obtain data to be transmitted in a predetermined format; and analyzing the data to be transmitted in the preset format according to the second data transmission sub-rule to obtain the data to be transmitted.

18. A data interaction apparatus, the apparatus comprising:

the data interaction module is used for performing data interaction with the service server based on the generated data transmission rule, wherein the data transmission rule comprises a first data transmission sub-rule used for performing structure adjustment or structure modification on the data to be interacted and data recombination processing, so that the terminal equipment processes the data to be interacted according to the first data transmission sub-rule in the data interaction process; the first data transmission sub-rule is used for determining a data transmission sequence of a data packet obtained by splitting the data to be interacted.

19. The apparatus of claim 18, the data interaction module, comprising:

20. The apparatus of claim 19, the first data transmission sub-rule comprising one or more of an identification transformation rule, a packet transformation rule, a serialization rule, an interface configuration rule, and a redundancy data rule.

21. A data interaction device, the data interaction device comprising:

a processor; and

receiving a service request sent by terminal equipment;

22. A data interaction device, the data interaction device comprising:

a processor; and

sending a service request to a service server;