CN109583237A - User data protection method, server and storage medium - Google Patents
User data protection method, server and storage medium Download PDFInfo
- Publication number
- CN109583237A CN109583237A CN201811503783.XA CN201811503783A CN109583237A CN 109583237 A CN109583237 A CN 109583237A CN 201811503783 A CN201811503783 A CN 201811503783A CN 109583237 A CN109583237 A CN 109583237A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- encrypted
- user
- segment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000013507 mapping Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 16
- 230000001681 protective effect Effects 0.000 claims description 16
- 238000004364 calculation method Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 abstract description 6
- 238000006243 chemical reaction Methods 0.000 description 18
- 230000007246 mechanism Effects 0.000 description 11
- 230000008520 organization Effects 0.000 description 11
- 238000012795 verification Methods 0.000 description 10
- 238000004321 preservation Methods 0.000 description 6
- 230000011218 segmentation Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005315 distribution function Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 229910052709 silver Inorganic materials 0.000 description 1
- 239000004332 silver Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to data processings, disclose a kind of user data protection method, this method comprises: determining the sensitive data in user data after receiving user data;Encryption is carried out to the sensitive data according to preset Encryption Algorithm and generates encryption data;Sensitive data in user data is replaced with into the encryption data, form and saves user encryption data.The present invention is also disclosed that a kind of server and computer storage medium.Using the present invention, the risk of privacy of user data leak can be reduced, improve the safety of user data.
Description
Technical field
The present invention relates to technical field of data processing more particularly to a kind of user data protection methods, server and calculating
Machine readable storage medium storing program for executing.
Background technique
With the continuous development of conventional internet and mobile Internet, public's privacy information (such as phone number, silver are obtained
The privacy informations such as row account number, passport NO., home address) approach it is more and more (for example, can be obtained from express delivery list
Transmit/receive part people phone number and home address, can be obtained from airline ticket seize the opportunity people passport NO., can be from bank
The bank account numbers etc. of client are obtained on various bills), normal life and order of work to the public constitute serious challenge.
For this status, although the various government departments for being related to public's privacy and/company are also taking specific measure
Protection public's privacy information is still related to privacy information protection side used by the government department and/company of public's privacy at present
Case usually uses the methods of mask, masks portion numbers, or directly use symmetric cryptography or rivest, shamir, adelman, right
The fields such as cell-phone number are encrypted, or hint obliquely at table by establishing data, are tabled look-up and are converted original number and encrypted number, Huo Zhetong
It crosses the random number generated and replacement Treatment is carried out to privacy of user data.
The prior art includes following one or more technological deficiencies: one, destroying the availability of respective field, make total
Word sequence itself is imperfect;Two, it needs to make corresponding change to application system, database or operation flow, often due to implementing
Difficulty is big, influence business operation, is computationally intensive, database table storage extends the reasons such as difficulty causes to be difficult to land;Three, decryption is tired
It is difficult (for example, the courier of express company needs by way of inputting or scanning express delivery two dimensional code, to be obtained from Courier Service device
The corresponding phone number for transmitting/receiving part people);Four, safety is not strong, and confidentiality depends on the confidentiality of mapping table, lacks solid
Contemporary cryptology basis;Five, it is replaced using random number, the random number of generation usually requires to obey specific distribution function, no
Only calculation amount is larger, and usually can not easily be decrypted, and constitutes obstacle to the Subsequent secure application of data.
Summary of the invention
In view of the foregoing, the present invention provides a kind of user data protection method, server and computer-readable storage medium
Matter, its main purpose is, the safety for reducing the risk of privacy of user data leak, improving user data.
To achieve the above object, the present invention provides a kind of user data protection method, this method comprises:
S1, the user data that client is sent is received, preset kind sensitive data is determined from the user data, it is described
Preset kind sensitive data includes numeric type data and nonumeric type data;
S2, when determining the user data includes numeric type data, according to preset first Encryption Algorithm to the number
Value type data carry out part number or all same digit number encryption of number, numeric type encryption data are generated, when determining
When to state the user data include nonumeric type data, the nonumeric type data are carried out according to preset second Encryption Algorithm
The field encryption of part field or whole fields, generates nonumeric type encryption data;And
S3, the numeric type data in the user data is substituted for the numeric type encryption data, and/or, it will be described
Nonumeric type data in preset kind sensitive data are substituted for the nonumeric type encryption data, obtain encryption user data,
And save the encryption user data.
In addition, the server includes: memory, processor the present invention also provides a kind of server, deposited on the memory
The user data protective program that can be run on the processor is contained, the user data protective program is held by the processor
, it can be achieved that arbitrary steps in user data protection method as described above when row.
In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium
It include user data protective program in storage medium, it can be achieved that as above when the user data protective program is executed by processor
Arbitrary steps in the user data protection method.
User data protection method, server and computer readable storage medium proposed by the present invention, it is original by guaranteeing
The data of preservation are the data of encryption, even if the data saved are maliciously leaked, also guarantee the safety of user's sensitive data enough;
Ciphering process is not related to complicated functional operation, and calculation amount is small, and must be according to preset encryption and decryption to the data of preservation
Algorithm realizes decryption, so that authorization could be decrypted and be become a reality.
Detailed description of the invention
Fig. 1 is the flow chart of user data protection method preferred embodiment of the present invention;
Fig. 2 is the schematic diagram of server preferred embodiment of the present invention;
Fig. 3 is the program module schematic diagram of user data protective program in Fig. 2.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The present invention provides a kind of user data protection method.Referring to Fig.1 shown in, be user data protection method of the present invention compared with
The flow chart of good embodiment.This method can be executed by a device, which can be by software and or hardware realization.
In the present embodiment, the user data protection method includes step S1-S3.
S1, the user data that client is sent is received, preset kind sensitive data is determined from the user data, it is described
Preset kind sensitive data includes numeric type data and nonumeric type data.
For example, preset kind sensitive data may include the phone number of user, home address, passport NO., the age and
Income etc. is related to the information of privacy of user.
The numeric type data refers to the data being all made of 0-9 number, for example, phone number, passport NO. etc..
The nonumeric type data refer to the data not being made of 0-9 number all, for example, home address, marriage shape
Condition, hobby interests etc..
S2, when determining the user data includes numeric type data, according to preset first Encryption Algorithm to the number
Value type data carry out part number or all same digit number encryption of number, numeric type encryption data are generated, when determining
When to state the user data include nonumeric type data, the nonumeric type data are carried out according to preset second Encryption Algorithm
The field encryption of part field or whole fields, generates nonumeric type encryption data.
Wherein, the same digit number encryption refers to that the initial data by a N bit digital to be encrypted is encrypted to one
The encryption data of a N bit digital, for example, " digital data encryption " is counted at the encryption data of 4 bit digitals by the data of 4 bit digitals
The encryption of word, N are positive integer.
S3, the numeric type data in the user data is substituted for the numeric type encryption data, and/or, it will be described
Nonumeric type data in preset kind sensitive data are substituted for the nonumeric type encryption data, obtain encryption user data,
And save the encryption user data.
Preset kind sensitive data in above-mentioned user data is replaced with into corresponding encryption data.
The user data protection method that above-described embodiment proposes, the data of original preservation are the data of encryption, even if saving
Data maliciously leaked, also enough guarantee user's sensitive data safety;Ciphering process is not related to complicated functional operation,
Calculation amount is small, and must be realized and be decrypted according to preset enciphering and deciphering algorithm to the data of preservation, so that authorization can be just decrypted into
For reality.
In order to guarantee the decryption safety of encryption data, in other embodiments, this method further include: step S4-S6.
S4, receive user for the decoding requests of one or more encryption user data, verify the user whether have this one
The decrypted rights of a or multiple encryption user data.
For example, the acquisition request can be downloading request or check request etc. online.
Preferably, the Authority Verification data that the decrypted user of having the right of encryption user data can be pre-saved, for example, permission
Verify data includes subscriber identity data (for example, work number), finger print data, face characteristic data etc., if the user of the user marks
Data are known in the Authority Verification data pre-saved, then are verified, if not in the Authority Verification data pre-saved,
Authentication failed;Alternatively, if having the Authority Verification data pre-saved and the finger print data and/or face characteristic from user acquisition
Data Matching is then verified, if the Authority Verification data not pre-saved with from the user acquire finger print data and/or
Face characteristic Data Matching, then authentication failed.
If S5, authentication failed refuse to respond the decoding request, alternatively, if being verified, according to preset first solution
Close algorithm to the one or more encryption user data numeric type encryption data carry out part number or all number it is same
Digit number decryption generates numeric type ciphertext data, and/or, the one or more is added according to preset second decipherment algorithm
The nonumeric type encryption data of close user data carries out the field decryption of part field or whole fields, generates nonumeric type solution
Ciphertext data.
The same digit number decryption refers to that the encryption data by a N bit digital to be decrypted is decrypted into one N
The ciphertext data of number, for example, " digital encrypting and decrypting " is counted at the ciphertext data of 4 bit digitals by the encryption data of 4 bit digitals
The decryption of word, N are positive integer.
S6, in one or more of encryption user data, the numeric type encryption data is substituted for the numerical value
Type ciphertext data, and/or, the nonumeric type encryption data is substituted for the nonumeric type encryption data, to be decrypted
User data, and the decrypted user data are sent to the user.
In order not to destroy the availability of respective field, so that encryption data sufficiently complete itself, if numeric type to be encrypted
Data are multiple digital bits data (for example, phone numbers " do not destroy the availability of respective field), described in the present embodiment
One Encryption Algorithm includes: a1-a4.
A1, rule is determined according to predetermined encryption digit order number, determines the be-encrypted data section of the first presetting digit capacity, and
Non-encrypted data section in addition to the be-encrypted data section.
For example, the be-encrypted data section of above-mentioned first presetting digit capacity be phone number centre 4 " " machine number, be denoted as
Nm, the non-encrypted data section are 3 bit digital of the phone number leftmost side, are denoted as 4 bit digital of Nl and the rightmost side, are denoted as Nr.
A2, using Crypted password algorithm predetermined corresponding with numeric type data to be encrypted and key, to true
Fixed non-encrypted data section carries out calculation process and generates operation values.
For example, above-mentioned Crypted password algorithm predetermined includes hash algorithm and binary number conversion algorithm, the Kazakhstan
The operational formula of uncommon algorithm can indicate are as follows: Hash=Digest (Nl+Nr+K), wherein K represents key, and Nl represents to be encrypted
The numeric type data leftmost side the second presetting digit capacity data segment, Nr represents the third of the numeric type data rightmost side to be encrypted
The data segment of presetting digit capacity, Hash represent cryptographic Hash;The binary number conversion algorithm is that binary hash value is converted into ten
The operational formula of the algorithm of the operation values of system, the binary number conversion algorithm can indicate are as follows: Num=CalcNum (Hash).
The above-mentioned operation values generated by calculation process can be metric digital 9.
A3, it is carried out using operation values of the predetermined encryption hybrid operation algorithm to the be-encrypted data section and generation
Hybrid operation is encrypted, the Hybrid Encryption data segment E_Nm of the first presetting digit capacity is obtained.
For example, the encryption hybrid operation algorithm can be resulting plus a2 step for the be-encrypted data section of the first presetting digit capacity
Operation values, to resulting and remake modulo operation, " i.e. mod operation ".The formula of the hybrid operation algorithm can indicate are as follows: E_Nm
=(Nm+Num) mod 10n, wherein Nm represents the be-encrypted data section, and Num represents the operation values, and n is equal to described to be added
The data bits of ciphertext data section;Modulo operation is defined as follows: working as a=bq+r, q is integer, and q is made to reach maximum, at this time a mod
B is equal to r, and r is nonnegative number.
The Hybrid Encryption data segment E_Nm of above-mentioned first presetting digit capacity can be exemplified as (2417+9) mod 104=2426.
A4, the be-encrypted data section replaced with into the Hybrid Encryption data in the numeric type data to be encrypted
Section, generates encrypted multiple digital bits data.
For example, above-mentioned encrypted multiple digital bits data are Nl+E_Nm+Nr, Nl represents the numeric type data to be encrypted
The data segment of second presetting digit capacity of the leftmost side, Nr represent the number of the third presetting digit capacity of the numeric type data rightmost side to be encrypted
According to section, E_Nm represents the Hybrid Encryption data segment.
Optionally, if the data bits of the numeric type data to be encrypted is greater than 2, the predetermined encryption number
Position determines that rule includes:
It is pre- by the second of the leftmost side of the numeric type data (for example, phone number " 13424174205 ") to be encrypted
If digit data segment (for example, 3 bit digitals of the leftmost side) is used as preceding segment data Nl, most by the numeric type data to be encrypted
The third presetting digit capacity data (for example, 4 bit digitals of the rightmost side) on right side are used as rear segment data Nr, and the preceding segment data Nl is with after
Segment data Nr is non-encrypted data section, wherein second presetting digit capacity and third presetting digit capacity and be less than described to be added
The digit of close numeric type data;
By the preceding segment data and rear segment data after being removed in the numeric type data to be encrypted, remaining data segment
Nm is the be-encrypted data section (for example, " 2417 ").
Optionally, if the data bits of the numeric type data to be encrypted is equal to 2, the predetermined encryption number
Position determines that rule includes:
By 1 data of the leftmost side of the numeric type data to be encrypted (for example, age " described to) (for example, most left
Side 1 bit digital " number) be used as preceding segment data Nl, the preceding segment data Nl is non-encrypted data section;
By the preceding segment data after removing in the numeric type data to be encrypted, remaining data segment Nm is described
Be-encrypted data section (for example, " for institute).
Preferably, the Crypted password algorithm predetermined includes hash algorithm and binary number conversion algorithm,
In:
The operational formula of the hash algorithm can indicate are as follows: Hash=Digest (Nl+Nr+K), wherein K is represented should be to
Encrypt the corresponding key of multiple digital bits number, it should be noted that for the multiple digital digit to be encrypted of all preset kinds
According to corresponding key can be unification, and Nl represents the number of the second presetting digit capacity of the multiple digital bits data to be encrypted leftmost side
According to Nr represents the data of the third presetting digit capacity of the multiple digital bits data to be encrypted rightmost side, and Hash represents cryptographic Hash.
The binary number conversion algorithm is the algorithm that binary hash value is converted into metric operation values, this two
The operational formula of system number conversion algorithm can indicate are as follows: Num=CalcNum (Hash), wherein Hash represents aforementioned Hash and calculates
The calculated cryptographic Hash of method.
Preferably, second Encryption Algorithm in the present embodiment includes:
According to the mapping relations of the type of predetermined nonumeric type data and encryption rule, the preset kind is determined
The corresponding encryption rule of each nonumeric type data in sensitive data;
Each nonumeric type data in the preset kind sensitive data are encrypted according to corresponding encryption rule.
In order to guarantee can inversely decrypting for nonumeric type data, the complexity of calculating is reduced, nonumeric type number is effectively ensured
According to safety, optionally, the nonumeric type data include home address data, the corresponding encryption of the home address data
Rule includes:
Home address data are split according to default level administrative division, be divided into average family address date section and
Privacy home address data segment;For example, above-mentioned default level administrative division may is that street, village, town etc..
According to the mapping of predetermined default level administrative division, privacy home address data segment and encryption address data
Relation data determines the corresponding privacy home address data segment of default level administrative division in home address data and cryptographically
The mapping relations data of location data, and according to the mapping relations number of determining privacy home address data segment and encryption address data
According to finding the corresponding encryption address data of privacy home address data segment of segmentation;For example, different privacy home address data
The corresponding different encryption address data of section, the encryption address data can be the data encoding of more data bit, for example, " according to pre-
The corresponding data encoding of X5 unit X6 " can be that " data encoding answered can be that " " " area, " " X5 unit X7 " are right
The data encoding answered can be that " data encoding answered can be " " " area.
Privacy home address data segment in home address data is substituted for the encryption address data found, generates family
Address encryption data.
Preferably, described " home address data to be split according to default level administrative division, are divided into average family
The step of address date section and privacy home address data segment " includes:
Identify the default level administrative division data in home address data;
Home address data are carried out front and back data according to the default level administrative division data identified to divide, including are known
Not Chu default level administrative division data leading portion address date be average family address date section, remove average family number of addresses
It is privacy home address data segment according to the back segment address date other than section.
For example, if the default administrative division includes street, home address data " e.g., X4, the street X3 in the area city X2 X5
The corresponding default level administrative division data of unit X6 " are " street answered ".
To above-mentioned family data carry out front and back data segmentation result are as follows: " area the above-mentioned city X2 street X3 " for the leading portion
Location data, " described X5 unit X6 " are back segment address date.
In order to guarantee can inversely decrypting for nonumeric type data, the complexity of calculating is reduced, nonumeric type number is effectively ensured
According to safety, optionally, the nonumeric type data include institution where he works's title (for example, work work unit's title or
School's title of person's study), the corresponding encryption rule of the organization names includes:
Identify the mechanism font size in organization names;
According to predetermined font size and the mapping relations data of encrypted word number, the mechanism font size pair identified is determined
The encrypted word number answered;
Font size in organization names is substituted for determining encrypted word number, generating mechanism title encryption data.
For example, mechanism font size in organization names is enterprise's font size or school's font size, it can be from industrial and commercial registration mechanism number
It is determined according in library.
Different font sizes corresponds to different encrypted word numbers, and the encrypted word number can be the data of more data bit
Coding, for example, " with font size can be that " a number corresponding data are compiled, and " " corresponding number is corresponding to the corresponding data encoding of font size
Data encoding can be " data encoding answered ".
Optionally, if numeric type data to be decrypted is multiple digital bits data (for example, phone number " selection of land, if to be decrypted
Numeric type number), first decipherment algorithm in the present embodiment includes: b1-b4.
B1, rule is determined according to predetermined decryption digit order number, determines the data segment to be decrypted of the first presetting digit capacity, and
Non- ciphertext data section in addition to the data segment to be decrypted.
For example, the data segment to be decrypted of above-mentioned first presetting digit capacity is the centre 4 " 2426 " of phone number to be decrypted, note
For E_Nm, above-mentioned non-ciphertext data section is 3 bit digital of the phone number leftmost side to be decrypted, is denoted as 4 digit of Nl and the rightmost side
Word is denoted as Nr.If not decrypting number segment is provided with encryption indicator position, then first restore encryption indicator position, then negated decryption when calculating
Number segment.
B2, using clear crytpographic key algorithm predetermined corresponding with numeric type data to be decrypted and key, to true
Fixed non-encrypted data section carries out calculation process and generates operation values.
For example, above-mentioned cryptographic algorithm predetermined includes hash algorithm and binary number conversion algorithm, which is calculated
The operational formula of method can indicate are as follows: Hash=Digest (Nl+Nr+K), wherein K represents key, and it is to be decrypted more that Nl represents this
The data of second presetting digit capacity of the numeric bit data leftmost side, the third that Nr represents the multiple digital bits data to be decrypted rightmost side are default
The data of digit, Hash represent cryptographic Hash;The binary number conversion algorithm is metric for binary hash value to be converted into
The operational formula of the algorithm of operation values, the binary number conversion algorithm can indicate are as follows: Num=CalcNum (Hash).
The above-mentioned operation values generated by calculation process can be metric digital 9.
B3, it is carried out using operation values of the predetermined decryption hybrid operation algorithm to the data segment to be decrypted and generation
Hybrid operation is decrypted, the mixing ciphertext data section Nm of the first presetting digit capacity is obtained.
For example, the decryption hybrid operation algorithm can for the first presetting digit capacity data segment to be decrypted subtract b2 step it is resulting
Operation values remake modulo operation to resulting difference, " i.e. mod operation ".The formula of the hybrid operation algorithm can indicate are as follows: Nm=
(E_Nm-Num)mod 10n, wherein E_Nm represents the data segment to be decrypted, and Num represents the operation values, n be equal to it is described to
The number length of encryption data section;Modulo operation is defined as follows: working as a=bq+r, q is integer, and q is made to reach maximum, at this time a
Mod b is equal to r, and r is nonnegative number.
The mixing ciphertext data section Nm of above-mentioned first presetting digit capacity can be exemplified as (2426-9) mod 104=2417.
B4, the data segment to be decrypted replaced with into the mixing ciphertext data in the multiple digital bits data to be decrypted
Section, the multiple digital bits data after generating decryption.
Multiple digital bits data after above-mentioned decryption are " 13424174205 ".
Preferably, the predetermined decryption digit order number determines that rule includes:
It is pre- by the second of the leftmost side of the multiple digital bits data (for example, phone number " 13424264205 ") to be decrypted
If digit data (for example, 3 bit digitals of the leftmost side) are used as preceding segment data Nl, by the most right of the multiple digital bits data to be decrypted
The third presetting digit capacity data (for example, 4 bit digitals of the rightmost side) of side are used as rear segment data Nr, the preceding segment data Nl and back segment
Data Nr is non-ciphertext data section, wherein second presetting digit capacity and third presetting digit capacity and be less than the multiple digital
The digit of position data;
By the preceding segment data and rear segment data after being removed in the multiple digital bits data to be decrypted, remaining data segment
E_Nm is the data segment to be decrypted (for example, " 2426 ").
Preferably, the clear crytpographic key algorithm predetermined includes hash algorithm and binary number conversion algorithm,
In:
The operational formula of the hash algorithm is represented by Hash=Digest (Nl+Nr+K), and K represents the majority to be decrypted
The corresponding key of numeric bit data, it should be noted that corresponding for the multiple digital bits data to be decrypted of all preset kinds
Key can be unification, and Nl represents the data of the second presetting digit capacity of the multiple digital bits data to be decrypted leftmost side, and Nr is represented
The data of the third presetting digit capacity of the multiple digital bits data to be decrypted rightmost side, Hash represent cryptographic Hash.
The binary number conversion algorithm is the algorithm that binary hash value is converted into metric operation values, this two
The operational formula of system number conversion algorithm can be expressed as Num=CalcNum (Hash), and Hash represents the hash algorithm and calculates
Cryptographic Hash.
Optionally, when the nonumeric type encryption data includes home address encryption data, second decipherment algorithm
Include:
Home address encryption data is split according to default level administrative division, is divided into average family address date
Section and encryption address data segment;For example, above-mentioned default level administrative division may is that street, village, town etc..
According to the mapping of predetermined default level administrative division, privacy home address data segment and encryption address data
Relation data determines the corresponding privacy home address data segment of default level administrative division in home address encryption data and adds
The mapping relations data of close address date, and closed according to the mapping of determining privacy home address data segment and encryption address data
Coefficient evidence finds the corresponding privacy home address data segment of encryption address data of segmentation;For example, different privacy home addresses
Data segment corresponds to different encryption address data, and the encryption address data can be the data encoding of more data bit, for example,
" e.g., X5 unit X6 " corresponding data encoding can be " data encoding answered can be " " " according to, " " and X5 unit X7
Number " corresponding data encoding can be " data encoding answered can be " " " according to.
Encryption address data in home address data are substituted for the privacy home address data segment found, generate family
Address ciphertext data.
Optionally, when the nonumeric type encryption data includes organization names encryption data, second decipherment algorithm
Include:
Identify the encrypted word number in organization names encryption data;
According to predetermined font size and the mapping relations data of encrypted word number, the encryption byte number identified is determined
According to corresponding font size;For example, different font sizes corresponds to different encrypted word numbers, the encrypted word number can be majority
According to the data encoding of position, for example, " the corresponding data encoding of close font size data signal can be that " a number corresponding data are compiled, " " corresponding
The corresponding data encoding of number can be " data encoding answered ".
Encrypted word number in organization names encryption data is substituted for determining font size, generating mechanism title decrypts number
According to.
It is the schematic diagram of 1 preferred embodiment of server of the present invention referring to shown in Fig. 2.
In the present embodiment, server 1 can be rack-mount server, blade server, tower server or cabinet
Formula server.
The server 1 includes memory 11, processor 12 and network interface 13.
Wherein, memory 11 include at least a type of readable storage medium storing program for executing, the readable storage medium storing program for executing include flash memory,
Hard disk, multimedia card, card-type memory (for example, SD or DX memory etc.), magnetic storage, disk, CD etc..Memory 11
It can be the internal storage unit of the server 1, such as the hard disk of the server 1 in some embodiments.Memory 11 exists
It is hard to be also possible to the plug-in type being equipped on the External memory equipment of the server 1, such as the server 1 in other embodiments
Disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card
(Flash Card) etc..Further, memory 11 can also both including the server 1 internal storage unit and also including outside
Store equipment.
Memory 11 can be not only used for the application software and Various types of data that storage is installed on the server 1, such as user
Data protection program 10 etc. can be also used for temporarily storing the data that has exported or will export.
Processor 12 can be in some embodiments a central processing unit (Central Processing Unit,
CPU), controller, microcontroller, microprocessor or other data processing chips, the program for being stored in run memory 11
Code or processing data, such as user data protective program 10 etc..
Network interface 13 optionally may include standard wireline interface and wireless interface (such as WI-FI interface), be commonly used in
Communication connection is established between the server 1 and other electronic equipments.For example, client (being not marked in figure).
Fig. 2 illustrates only the server 1 with component 11-13, it will be appreciated by persons skilled in the art that Fig. 2 shows
Structure do not constitute the restriction to server 1, may include than illustrating less perhaps more components or the certain portions of combination
Part or different component layouts.
Optionally, which can also include user interface, and user interface may include display (Display), defeated
Enter unit such as keyboard (Keyboard), optional user interface can also include standard wireline interface and wireless interface.
Optionally, in some embodiments, display can be light-emitting diode display, liquid crystal display, touch control type LCD and show
Device and Organic Light Emitting Diode (Organic Light-Emitting Diode, OLED) touch device etc..Wherein, display
It is properly termed as display screen or display unit, for showing the information handled in the server 1 and for showing visual use
Family interface.
Optionally, in other examples, user data protective program 10 can also be divided into one or more
Module, one or more module are stored in memory 11, and (the present embodiment is processor by one or more processors
12) performed, to complete the present invention, the so-called module of the present invention is the series of computation machine program for referring to complete specific function
Instruction segment.It is the module diagram of 10 preferred embodiment of user data protective program in Fig. 2, the reality for example, referring to shown in Fig. 3
It applies in example, user data protective program 10 can only include module 110-130.
First receiving module 110 determines default for receiving the user data of client transmission from the user data
Type sensitive data, the preset kind sensitive data include numeric type data and nonumeric type data.
For example, preset kind sensitive data may include the phone number of user, home address, passport NO., the age and
Income etc. is related to the information of privacy of user.
The numeric type data refers to the data being all made of 0-9 number, for example, phone number, passport NO. etc..
The nonumeric type data refer to the data not being made of 0-9 number all, for example, home address, marriage shape
Condition, hobby interests etc..
Encrypting module 120, for being encrypted according to preset first when determining the user data includes numeric type data
Algorithm carries out part number to the numeric type data or all the same digit number of number encrypts, and generates numeric type and encrypts number
According to when determining the user data includes nonumeric type data, according to preset second Encryption Algorithm to the non-number
Value type data carry out the field encryption of part field or whole fields, generate nonumeric type encryption data.
Wherein, the same digit number encryption refers to that the initial data by a N bit digital to be encrypted is encrypted to one
The encryption data of a N bit digital, for example, " digital data encryption " is counted at the encryption data of 4 bit digitals by the data of 4 bit digitals
The encryption of word, N are positive integer.
First replacement module 130 is encrypted for the numeric type data in the user data to be substituted for the numeric type
Data, and/or, the nonumeric type data in the preset kind sensitive data are substituted for the nonumeric type encryption data,
Encryption user data is obtained, and saves the encryption user data.
Preset kind sensitive data in above-mentioned user data is replaced with into corresponding encryption data.
The user data protection method that above-described embodiment proposes, the data of original preservation are the data of encryption, even if saving
Data maliciously leaked, also enough guarantee user's sensitive data safety;Ciphering process is not related to complicated functional operation,
Calculation amount is small, and must be realized and be decrypted according to preset enciphering and deciphering algorithm to the data of preservation, so that authorization can be just decrypted into
For reality.
In order to guarantee the decryption safety of encryption data, in other embodiments, the user data protective program 10 includes
Module 140-160.
Second receiving module 140, for receiving user for the decoding request of one or more encryption user data, verifying
Whether the user has the decrypted rights of one or more encryption user data.
For example, the acquisition request can be downloading request or check request etc. online.
Preferably, the Authority Verification data that the decrypted user of having the right of encryption user data can be pre-saved, for example, permission
Verify data includes subscriber identity data (for example, work number), finger print data, face characteristic data etc., if the user of the user marks
Data are known in the Authority Verification data pre-saved, then are verified, if not in the Authority Verification data pre-saved,
Authentication failed;Alternatively, if having the Authority Verification data pre-saved and the finger print data and/or face characteristic from user acquisition
Data Matching is then verified, if the Authority Verification data not pre-saved with from the user acquire finger print data and/or
Face characteristic Data Matching, then authentication failed.
Deciphering module 150 refuses to respond the decoding request if being used for authentication failed, alternatively, if being verified, root
According to preset first decipherment algorithm to the one or more encryption user data numeric type encryption data carry out part number or
The same digit number decryption of the whole numbers of person, generates numeric type ciphertext data, and/or, according to preset second decipherment algorithm pair
The nonumeric type encryption data that the one or more encrypts user data carries out the field decryption of part field or whole fields,
Generate nonumeric type ciphertext data.
The same digit number decryption refers to that the encryption data by a N bit digital to be decrypted is decrypted into one N
The ciphertext data of number, for example, " digital encrypting and decrypting " is counted at the ciphertext data of 4 bit digitals by the encryption data of 4 bit digitals
The decryption of word, N are positive integer.
Second replacement module 160, in one or more of encryption user data, the numeric type to be encrypted number
According to being substituted for the numeric type ciphertext data, and/or, the nonumeric type encryption data is substituted for the nonumeric type and is encrypted
The decrypted user data to obtain decrypted user data, and are sent to the user by data.
In order not to destroy the availability of respective field, so that encryption data sufficiently complete itself, if numeric type to be encrypted
Data are multiple digital bits data (for example, phone numbers " do not destroy the availability of respective field), described in the present embodiment
One Encryption Algorithm includes: a1-a4.
A1, rule is determined according to predetermined encryption digit order number, determines the be-encrypted data section of the first presetting digit capacity, and
Non-encrypted data section in addition to the be-encrypted data section;
For example, the be-encrypted data section of above-mentioned first presetting digit capacity be phone number centre 4 " ", above-mentioned the, be denoted as
Nm, the non-encrypted data section are 3 bit digital of the phone number leftmost side, are denoted as 4 bit digital of Nl and the rightmost side, are denoted as Nr.
A2, using Crypted password algorithm predetermined corresponding with numeric type data to be encrypted and key, to true
Fixed non-encrypted data section carries out calculation process and generates operation values;
For example, above-mentioned Crypted password algorithm predetermined includes hash algorithm and binary number conversion algorithm, the Kazakhstan
The operational formula of uncommon algorithm can indicate are as follows: Hash=Digest (Nl+Nr+K), wherein K represents key, and Nl represents to be encrypted
The numeric type data leftmost side the second presetting digit capacity data segment, Nr represents the third of the numeric type data rightmost side to be encrypted
The data segment of presetting digit capacity, Hash represent cryptographic Hash;The binary number conversion algorithm is that binary hash value is converted into ten
The operational formula of the algorithm of the operation values of system, the binary number conversion algorithm can indicate are as follows: Num=CalcNum (Hash).
The above-mentioned operation values generated by calculation process can be metric digital 9.
A3, it is carried out using operation values of the predetermined encryption hybrid operation algorithm to the be-encrypted data section and generation
Hybrid operation is encrypted, the Hybrid Encryption data segment E_Nm of the first presetting digit capacity is obtained;
For example, the encryption hybrid operation algorithm can be resulting plus a2 step for the be-encrypted data section of the first presetting digit capacity
Operation values, to resulting and remake modulo operation, " i.e. mod operation ".The formula of the hybrid operation algorithm can indicate are as follows: E_Nm
=(Nm+Num) mod 10n, wherein Nm represents the be-encrypted data section, and Num represents the operation values, and n is equal to described to be added
The data bits of ciphertext data section;Modulo operation is defined as follows: working as a=bq+r, q is integer, and q is made to reach maximum, at this time a mod
B is equal to r, and r is nonnegative number.
The Hybrid Encryption data segment E_Nm of above-mentioned first presetting digit capacity can be exemplified as (2417+9) mod 104=2426.
A4, the be-encrypted data section replaced with into the Hybrid Encryption data in the numeric type data to be encrypted
Section, generates encrypted multiple digital bits data.
For example, above-mentioned encrypted multiple digital bits data are Nl+E_Nm+Nr, Nl represents the numeric type data to be encrypted
The data segment of second presetting digit capacity of the leftmost side, Nr represent the number of the third presetting digit capacity of the numeric type data rightmost side to be encrypted
According to section, E_Nm represents the Hybrid Encryption data segment.
Preferably, second Encryption Algorithm in the present embodiment includes:
According to the mapping relations of the type of predetermined nonumeric type data and encryption rule, the preset kind is determined
The corresponding encryption rule of each nonumeric type data in sensitive data;
Each nonumeric type data in the preset kind sensitive data are encrypted according to corresponding encryption rule.
In order to guarantee can inversely decrypting for nonumeric type data, the complexity of calculating is reduced, nonumeric type number is effectively ensured
According to safety, optionally, the nonumeric type data include home address data, the corresponding encryption of the home address data
Rule includes:
Home address data are split according to default level administrative division, be divided into average family address date section and
Privacy home address data segment;For example, above-mentioned default level administrative division may is that street, village, town etc..
According to the mapping of predetermined default level administrative division, privacy home address data segment and encryption address data
Relation data determines the corresponding privacy home address data segment of default level administrative division in home address data and cryptographically
The mapping relations data of location data, and according to the mapping relations number of determining privacy home address data segment and encryption address data
According to finding the corresponding encryption address data of privacy home address data segment of segmentation;For example, different privacy home address data
The corresponding different encryption address data of section, the encryption address data can be the data encoding of more data bit, for example, " according to pre-
The corresponding data encoding of X5 unit X6 " can be that " data encoding answered can be that " " " area, " " X5 unit X7 " are right
The data encoding answered can be that " data encoding answered can be " " " area.
Privacy home address data segment in home address data is substituted for the encryption address data found, generates family
Address encryption data.
Preferably, described " home address data to be split according to default level administrative division, are divided into average family
The step of address date section and privacy home address data segment " includes:
Identify the default level administrative division data in home address data;
Home address data are carried out front and back data according to the default level administrative division data identified to divide, including are known
Not Chu default level administrative division data leading portion address date be average family address date section, remove average family number of addresses
It is privacy home address data segment according to the back segment address date other than section.
For example, if the default administrative division includes street, home address data " e.g., X4, the street X3 in the area city X2 X5
The corresponding default level administrative division data of unit X6 " are " street answered ".
To above-mentioned family data carry out front and back data segmentation result are as follows: " area the above-mentioned city X2 street X3 " for the leading portion
Location data, " described X5 unit X6 " are back segment address date.
In order to guarantee can inversely decrypting for nonumeric type data, the complexity of calculating is reduced, nonumeric type number is effectively ensured
According to safety, optionally, the nonumeric type data include institution where he works's title (for example, work work unit's title or
School's title of person's study), the corresponding encryption rule of the organization names includes:
Identify the mechanism font size in organization names;
According to predetermined font size and the mapping relations data of encrypted word number, the mechanism font size pair identified is determined
The encrypted word number answered;
Font size in organization names is substituted for determining encrypted word number, generating mechanism title encryption data.
For example, mechanism font size in organization names is enterprise's font size or school's font size, it can be from industrial and commercial registration mechanism number
It is determined according in library.
Different font sizes corresponds to different encrypted word numbers, and the encrypted word number can be the data of more data bit
Coding, for example, " with font size can be that " a number corresponding data are compiled, and " " corresponding number is corresponding to the corresponding data encoding of font size
Data encoding can be " data encoding answered ".
Optionally, if numeric type data to be decrypted is multiple digital bits data (for example, phone number " selection of land, if to be decrypted
Numeric type number), first decipherment algorithm in the present embodiment includes: b1-b4.
B1, rule is determined according to predetermined decryption digit order number, determines the data segment to be decrypted of the first presetting digit capacity, and
Non- ciphertext data section in addition to the data segment to be decrypted.
For example, the data segment to be decrypted of above-mentioned first presetting digit capacity is the centre 4 " 2426 " of phone number to be decrypted, note
For E_Nm, above-mentioned non-ciphertext data section is 3 bit digital of the phone number leftmost side to be decrypted, is denoted as 4 digit of Nl and the rightmost side
Word is denoted as Nr.If not decrypting number segment is provided with encryption indicator position, then first restore encryption indicator position, then negated decryption when calculating
Number segment.
B2, using clear crytpographic key algorithm predetermined corresponding with numeric type data to be decrypted and key, to true
Fixed non-encrypted data section carries out calculation process and generates operation values.
For example, above-mentioned cryptographic algorithm predetermined includes hash algorithm and binary number conversion algorithm, which is calculated
The operational formula of method can indicate are as follows: Hash=Digest (Nl+Nr+K), wherein K represents key, and it is to be decrypted more that Nl represents this
The data of second presetting digit capacity of the numeric bit data leftmost side, the third that Nr represents the multiple digital bits data to be decrypted rightmost side are default
The data of digit, Hash represent cryptographic Hash;The binary number conversion algorithm is metric for binary hash value to be converted into
The operational formula of the algorithm of operation values, the binary number conversion algorithm can indicate are as follows: Num=CalcNum (Hash).
The above-mentioned operation values generated by calculation process can be metric digital 9.
B3, it is carried out using operation values of the predetermined decryption hybrid operation algorithm to the data segment to be decrypted and generation
Hybrid operation is decrypted, the mixing ciphertext data section Nm of the first presetting digit capacity is obtained.
For example, the decryption hybrid operation algorithm can for the first presetting digit capacity data segment to be decrypted subtract b2 step it is resulting
Operation values remake modulo operation to resulting difference, " i.e. mod operation ".The formula of the hybrid operation algorithm can indicate are as follows: Nm=
(E_Nm-Num)mod 10n, wherein E_Nm represents the data segment to be decrypted, and Num represents the operation values, n be equal to it is described to
The number length of encryption data section;Modulo operation is defined as follows: working as a=bq+r, q is integer, and q is made to reach maximum, at this time a
Mod b is equal to r, and r is nonnegative number.
The mixing ciphertext data section Nm of above-mentioned first presetting digit capacity can be exemplified as (2426-9) mod 104=2417.
B4, the data segment to be decrypted replaced with into the mixing ciphertext data in the multiple digital bits data to be decrypted
Section, the multiple digital bits data after generating decryption.
Multiple digital bits data after above-mentioned decryption are " 13424174205 ".
In addition, the embodiment of the present invention also proposes a kind of computer readable storage medium, the computer readable storage medium
In include user data protective program 10, following operation is realized when the user data protective program 10 is executed by processor:
A1, the user data that client is sent is received, preset kind sensitive data is determined from the user data, it is described
Preset kind sensitive data includes numeric type data and nonumeric type data;
A2, when determining the user data includes numeric type data, according to preset first Encryption Algorithm to the number
Value type data carry out part number or all same digit number encryption of number, numeric type encryption data are generated, when determining
When to state the user data include nonumeric type data, the nonumeric type data are carried out according to preset second Encryption Algorithm
The field encryption of part field or whole fields, generates nonumeric type encryption data;And
A3, the numeric type data in the user data is substituted for the numeric type encryption data, and/or, it will be described
Nonumeric type data in preset kind sensitive data are substituted for the nonumeric type encryption data, obtain encryption user data,
And save the encryption user data.
The specific embodiment of the computer readable storage medium of the present invention is specific with above-mentioned user data protection method
Embodiment is roughly the same, and details are not described herein.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, device, article or the method that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, device, article or method institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, device of element, article or method.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone,
Computer, server or network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of user data protection method is applied to server, which is characterized in that the described method includes:
S1, the user data that client is sent is received, preset kind sensitive data is determined from the user data, it is described default
Type sensitive data includes numeric type data and nonumeric type data;
S2, when determining the user data includes numeric type data, according to preset first Encryption Algorithm to the numeric type
Data carry out part number or all same digit number encryption of number, numeric type encryption data are generated, when determining the institute
When to state user data include nonumeric type data, part is carried out to the nonumeric type data according to preset second Encryption Algorithm
The field encryption of field or whole fields, generates nonumeric type encryption data;And
S3, the numeric type data in the user data is substituted for the numeric type encryption data, and/or, it will be described default
Nonumeric type data in type sensitive data are substituted for the nonumeric type encryption data, obtain encryption user data, and protect
Deposit the encryption user data.
2. user data protection method according to claim 1, which is characterized in that this method further include:
S4, receive user for the decoding requests of one or more encryption user data, verify the user whether have this or
The decrypted rights of multiple encryption user data;
If S5, authentication failed refuse to respond the decoding request, alternatively, being calculated if being verified according to preset first decryption
Method carries out part number or all same numerical digit of number to the numeric type encryption data of one or more encryption user data
Digital decrypted generates numeric type ciphertext data, and/or, the one or more is encrypted according to preset second decipherment algorithm and is used
The nonumeric type encryption data of user data carries out the field decryption of part field or whole fields, generates nonumeric type decryption number
According to;And
S6, in one or more of encryption user data, the numeric type encryption data is substituted for the numeric type solution
Ciphertext data, and/or, the nonumeric type encryption data is substituted for the nonumeric type encryption data, to obtain decrypted user
Data, and the decrypted user data are sent to the user.
3. user data protection method described in any one of -2 according to claim 1, which is characterized in that when described to be encrypted
Numeric type data when being multiple digital bits data, first Encryption Algorithm includes:
A1, rule is determined according to predetermined encryption digit order number, determines the be-encrypted data section of the first presetting digit capacity, and remove institute
State the non-encrypted data section other than be-encrypted data section;
A2, using Crypted password algorithm predetermined corresponding with numeric type data to be encrypted and key, to determining
Non-encrypted data section carries out calculation process and generates operation values;
A3, the operation values of the be-encrypted data section and generation are encrypted using predetermined encryption hybrid operation algorithm
Hybrid operation obtains the Hybrid Encryption data segment of the first presetting digit capacity;And
A4, the be-encrypted data section replaced with into the Hybrid Encryption data segment in the numeric type data to be encrypted,
Generate encrypted multiple digital bits data.
4. user data protection method according to claim 3, which is characterized in that when the numeric type data to be encrypted
Data bits be greater than 2 when, the predetermined encryption digit order number determines that rule includes:
Using the second presetting digit capacity data segment of the leftmost side of the numeric type data to be encrypted as preceding segment data, will it is described to
The third presetting digit capacity data of the rightmost side of the numeric type data of encryption are as rear segment data, the preceding segment data and rear segment data
As non-encrypted data section;And
By the preceding segment data and rear segment data after removing in the numeric type data to be encrypted, remaining data segment is
The be-encrypted data section.
5. user data protection method according to claim 4, which is characterized in that when the numeric type data to be encrypted
Data bits be equal to 2 when, the predetermined encryption digit order number determines that rule includes:
Using 1 data of the leftmost side of the numeric type data to be encrypted as preceding segment data, the preceding segment data is as non-
Encryption data section;
By the preceding segment data after removing in the numeric type data to be encrypted, remaining data segment is described to be encrypted
Data segment.
6. user data protection method according to claim 5, which is characterized in that second Encryption Algorithm includes:
According to the mapping relations of the type of predetermined nonumeric type data and encryption rule, determine that the preset kind is sensitive
The corresponding encryption rule of each nonumeric type data in data;
Each nonumeric type data in the preset kind sensitive data are encrypted according to corresponding encryption rule.
7. user data protection method according to claim 2, which is characterized in that when the numeric type data to be decrypted
When being multiple digital bits data, first decipherment algorithm includes:
B1, rule is determined according to predetermined decryption digit order number, determines the data segment to be decrypted of the first presetting digit capacity, and remove institute
State the non-ciphertext data section other than data segment to be decrypted;
B2, using clear crytpographic key algorithm predetermined corresponding with numeric type data to be decrypted and key, to determining
Non-encrypted data section carries out calculation process and generates operation values;
B3, the operation values of the data segment to be decrypted and generation are decrypted using predetermined decryption hybrid operation algorithm
Hybrid operation obtains the mixing ciphertext data section of the first presetting digit capacity;And
B4, the data segment to be decrypted replaced with into the mixing ciphertext data section in the multiple digital bits data to be decrypted,
Multiple digital bits data after generating decryption.
8. user data protection method according to claim 7, which is characterized in that the predetermined decryption digit order number
Determine that rule includes:
Using the second presetting digit capacity data of the leftmost side of the multiple digital bits data to be decrypted as preceding segment data, by described wait solve
The third presetting digit capacity data of the rightmost side of close multiple digital bits data are as rear segment data, the preceding segment data and rear segment data
For non-ciphertext data section;
By the preceding segment data and rear segment data after removing in the multiple digital bits data to be decrypted, remaining data segment is
The data segment to be decrypted.
9. a kind of server, which is characterized in that the server includes: memory, processor, and being stored on the memory can be
The user data protective program run on the processor can when the user data protective program is executed by the processor
The step of realizing user data protection method as claimed in any of claims 1 to 8 in one of claims.
10. a kind of computer readable storage medium, which is characterized in that include user data in the computer readable storage medium
Protective program, when the user data protective program is executed by processor, it can be achieved that such as any one of claim 1 to 8 institute
The step of user data protection method stated.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811503783.XA CN109583237A (en) | 2018-12-10 | 2018-12-10 | User data protection method, server and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811503783.XA CN109583237A (en) | 2018-12-10 | 2018-12-10 | User data protection method, server and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109583237A true CN109583237A (en) | 2019-04-05 |
Family
ID=65929372
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811503783.XA Pending CN109583237A (en) | 2018-12-10 | 2018-12-10 | User data protection method, server and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109583237A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110719365A (en) * | 2019-09-27 | 2020-01-21 | 深圳传音控股股份有限公司 | Information processing method, mobile terminal and computer storage medium |
CN111984987A (en) * | 2020-09-01 | 2020-11-24 | 上海梅斯医药科技有限公司 | Method, device, system and medium for desensitization and reduction of electronic medical record |
CN114003953A (en) * | 2021-10-29 | 2022-02-01 | 平安科技(深圳)有限公司 | Data processing method, device and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103853985A (en) * | 2012-12-05 | 2014-06-11 | 中国移动通信集团黑龙江有限公司 | Data encryption method, decryption method and decryption device |
CN104063334A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Encryption method and system based on data attributions |
CN104463003A (en) * | 2013-09-13 | 2015-03-25 | 天津智树电子科技有限公司 | File encryption protecting method |
CN105678185A (en) * | 2015-12-31 | 2016-06-15 | 深圳市科漫达智能管理科技有限公司 | Data security protection method and intelligent terminal management system |
CN107835073A (en) * | 2017-12-15 | 2018-03-23 | 卫盈联信息技术(深圳)有限公司 | The encryption and decryption method of multiple digital bits number and encryption, decryption server |
-
2018
- 2018-12-10 CN CN201811503783.XA patent/CN109583237A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103853985A (en) * | 2012-12-05 | 2014-06-11 | 中国移动通信集团黑龙江有限公司 | Data encryption method, decryption method and decryption device |
CN104463003A (en) * | 2013-09-13 | 2015-03-25 | 天津智树电子科技有限公司 | File encryption protecting method |
CN104063334A (en) * | 2014-07-11 | 2014-09-24 | 中国人民公安大学 | Encryption method and system based on data attributions |
CN105678185A (en) * | 2015-12-31 | 2016-06-15 | 深圳市科漫达智能管理科技有限公司 | Data security protection method and intelligent terminal management system |
CN107835073A (en) * | 2017-12-15 | 2018-03-23 | 卫盈联信息技术(深圳)有限公司 | The encryption and decryption method of multiple digital bits number and encryption, decryption server |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110719365A (en) * | 2019-09-27 | 2020-01-21 | 深圳传音控股股份有限公司 | Information processing method, mobile terminal and computer storage medium |
CN111984987A (en) * | 2020-09-01 | 2020-11-24 | 上海梅斯医药科技有限公司 | Method, device, system and medium for desensitization and reduction of electronic medical record |
CN111984987B (en) * | 2020-09-01 | 2024-04-02 | 上海梅斯医药科技有限公司 | Method, device, system and medium for desensitizing and restoring electronic medical records |
CN114003953A (en) * | 2021-10-29 | 2022-02-01 | 平安科技(深圳)有限公司 | Data processing method, device and storage medium |
CN114003953B (en) * | 2021-10-29 | 2024-10-25 | 平安科技(深圳)有限公司 | Data processing method, device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9208491B2 (en) | Format-preserving cryptographic systems | |
US8806200B2 (en) | Method and system for securing electronic data | |
Barker et al. | Recommendation for random number generation using deterministic random bit generators (revised) | |
US8208627B2 (en) | Format-preserving cryptographic systems | |
US9049023B2 (en) | Outsourcing the decryption of functional encryption ciphertexts | |
US11488134B2 (en) | Format-preserving cryptographic systems | |
US5748782A (en) | Device for implementing a message signature system and chip card comprising such a device | |
CN107078899B (en) | Method of obfuscating data | |
GB2520446A (en) | Quorum based data processing | |
RU2584500C2 (en) | Cryptographic authentication and identification method with real-time encryption | |
CN110710155A (en) | Progressive key encryption algorithm | |
CN110663215B (en) | Elliptic curve point multiplication device and method in white-box scene | |
CN114756895B (en) | Hidden trace data verification method and system based on homomorphic encryption | |
CN109583237A (en) | User data protection method, server and storage medium | |
CN110889121A (en) | Method, server and storage medium for preventing data leakage | |
CN113127915A (en) | Data encryption desensitization method and device, electronic equipment and storage medium | |
CN103607273A (en) | Data file encryption and decryption method based on time limit control | |
US7424114B2 (en) | Method for enhancing security of public key encryption schemas | |
Wang et al. | A new personal information protection approach based on RSA cryptography | |
US8769301B2 (en) | Product authentication based upon a hyperelliptic curve equation and a curve pairing function | |
WO2019114084A1 (en) | Encrypting/decrypting method for multi-digit number and encrypting/decrypting server | |
US20220337415A1 (en) | Data Security Solution Using Randomized 3-Axis Data Shapes and Tokenized Data Element Placement of Encrypted and Non-Encrypted Data | |
US11646885B2 (en) | Safe token storage | |
CN110474873A (en) | It is a kind of based on know range encryption electronic document access control method and system | |
ZHANG | Cryptographic Techniques in Digital Media Security: Current Practices and Future Directions. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190405 |