CN109636553B - Credential management method, apparatus, computer device and storage medium - Google Patents
Credential management method, apparatus, computer device and storage medium Download PDFInfo
- Publication number
- CN109636553B CN109636553B CN201811348221.2A CN201811348221A CN109636553B CN 109636553 B CN109636553 B CN 109636553B CN 201811348221 A CN201811348221 A CN 201811348221A CN 109636553 B CN109636553 B CN 109636553B
- Authority
- CN
- China
- Prior art keywords
- credential
- information
- transaction
- credential information
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 42
- 238000012795 verification Methods 0.000 claims abstract description 19
- 238000013507 mapping Methods 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 claims description 30
- 230000006399 behavior Effects 0.000 claims description 25
- 238000012545 processing Methods 0.000 claims description 25
- 230000009471 action Effects 0.000 claims description 6
- 239000007787 solid Substances 0.000 claims description 6
- 230000003111 delayed effect Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 description 16
- 230000006854 communication Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000003062 neural network model Methods 0.000 description 4
- PEDCQBHIVMGVHV-UHFFFAOYSA-N Glycerine Chemical compound OCC(O)CO PEDCQBHIVMGVHV-UHFFFAOYSA-N 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 238000000605 extraction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000007175 bidirectional communication Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000013527 convolutional neural network Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000004321 preservation Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000005520 cutting process Methods 0.000 description 1
- 238000013075 data extraction Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011176 pooling Methods 0.000 description 1
- 230000000306 recurrent effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/12—Accounting
- G06Q40/125—Finance or payroll
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Engineering & Computer Science (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a credential management method, a device, computer equipment and a storage medium, comprising the following steps: acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information; invoking a transaction log of the transaction behavior detailed information according to the time information; comparing the voucher parameters recorded in the voucher information with corresponding transaction parameters in the transaction log according to the transaction log; and uploading the credential information to a preset general ledger system when the credential parameters are consistent with the transaction parameters. When the terminal uploads the voucher information, the time information of the transaction behavior with the corresponding relation with the voucher information recorded in the voucher information is obtained, and the transaction log recording the transaction behavior is called for verification, so that the accuracy of verification can be improved.
Description
Technical Field
The embodiment of the invention relates to the field of data management, in particular to a credential management method, a credential management device, computer equipment and a storage medium.
Background
The general ledger system mainly has the functions of accounting document processing, cashier management, account book management, auxiliary accounting management, end-of-term processing and the like. Voucher processing generally comprises filling vouchers, auditing vouchers, voucher pooling accounting and the like, and has the main tasks of finishing accounting work, inquiring and outputting various account books by inputting and processing accounting vouchers; the account management comprises the output of basic accounting accounts such as general accounts, detail accounts and the like, and the query output of various auxiliary accounting accounts such as personal business and unit business and the like; the end-of-term processing includes transfer, reconciliation, and checkout work.
In the prior art, along with the expansion of the operation scale of companies, for partial group companies or cross-country companies, branch companies and subsidiary companies distributed in different regions need to manually input moon certificates in an EXCEL table in the settlement day, and then upload the moon certificates to a general ledger system of a group for auditing and checking.
The inventor of the invention discovers in the research that the method of uploading the monthly certificate to the general ledger system in the prior art needs to be manually input and checked, and a great deal of manpower resources are consumed in the process to input and check matters, so that the efficiency of the whole certificate uploading process is low, and the time and the labor are wasted.
Disclosure of Invention
The embodiment of the invention provides a credential management method, a device, computer equipment and a storage medium, wherein the credential management method, the device, the computer equipment and the storage medium can be used for automatically checking when uploading credentials.
In order to solve the technical problems, the embodiment of the invention adopts the following technical scheme: there is provided a credential management method comprising:
acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information;
Invoking a transaction log of the transaction behavior detailed information according to the time information;
Comparing the voucher parameters recorded in the voucher information with corresponding transaction parameters in the transaction log according to the transaction log;
And uploading the credential information to a preset general ledger system when the credential parameters are consistent with the transaction parameters.
Optionally, before obtaining the credential information to be uploaded, the method further includes:
Recording transaction information when transaction actions occur and generating a transaction log;
Invoking a preset credential generation rule to extract credential parameters required for generating the credential information from the transaction log;
writing the credential parameters into a preset credential template to generate the credential information.
Optionally, after writing the credential parameters into a preset credential template to generate the credential information, the method further includes:
Recording a storage path of the credential information;
establishing a timing task for uploading the credential information in a delayed manner according to a preset uploading date;
When the timed task is reached, the credential information is confirmed to be invoked by the storage path.
Optionally, after writing the credential parameters into a preset credential template to generate the credential information, the method further includes:
acquiring a preset secret setting rule;
And carrying out secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule.
Optionally, the secret setting rule includes a dynamic password, and the obtaining the preset secret setting rule includes:
performing hash operation on the transaction log to generate a hash value;
Selecting any one digit greater than 1 from the hash value to carry out the journaling modulo operation on the hash value;
And adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate the dynamic password.
Optionally, after writing the credential parameters into a preset credential template to generate the credential information, the method further includes:
Screenshot is carried out on the credential information to generate a first screenshot picture;
and associating the first screenshot picture with the credential information to enable the first screenshot picture to establish a mapping relation with the credential information.
Optionally, when the credential parameter is consistent with the transaction parameter, uploading the credential information to a preset ledger system further includes:
acquiring verification information sent by the general ledger system;
Uploading the first screenshot picture to the general ledger system according to the verification information, so that the general ledger system verifies whether the first screenshot picture is consistent with a second screenshot picture of the credential information intercepted in the general ledger system according to a preset image comparison model;
And uploading the transaction log to the general ledger system when the message that the first screenshot picture and the second screenshot picture sent by the general ledger system are inconsistent is acquired.
In order to solve the above technical problem, an embodiment of the present invention further provides a credential management device, including:
The system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information;
The processing module is used for calling the transaction log of the transaction behavior detailed information according to the time information;
the comparison module is used for comparing the voucher parameters recorded in the voucher information with the corresponding transaction parameters in the transaction log according to the transaction log;
and the execution module is used for uploading the credential information to a preset general ledger system when the credential parameters are consistent with the transaction parameters.
Optionally, the credential management device further comprises:
the first recording sub-module is used for recording transaction information when transaction actions occur and generating a transaction log;
The first calling sub-module is used for calling a preset credential generation rule and extracting credential parameters required for generating the credential information from the transaction log;
The first generation sub-module is used for writing the credential parameters into a preset credential template to generate the credential information.
Optionally, the credential management device further comprises:
the second recording submodule is used for recording the storage path of the credential information;
the first processing sub-module is used for establishing a timing task for uploading the credential information in a delayed manner according to a preset uploading date;
and the first execution sub-module is used for confirming that the credential information is called by the storage path when the timing task is achieved.
Optionally, the credential management device further comprises:
the first acquisition submodule is used for acquiring a preset secret setting rule;
And the second processing sub-module is used for carrying out secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule.
Optionally, the encryption rule includes a dynamic password, and the credential management device further includes:
The first computing sub-module is used for carrying out hash operation on the transaction log to generate a hash value;
A second calculation sub-module, configured to select any one of the digits greater than 1 from the hash value to perform a modular arithmetic on the hash value;
And the second execution sub-module is used for adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate the dynamic password.
Optionally, the credential management device further comprises:
The first screenshot submodule is used for screenshot the credential information to generate a first screenshot picture;
And the third execution sub-module is used for associating the first screenshot picture with the credential information so as to establish a mapping relation between the first screenshot picture and the credential information.
Optionally, the credential management device further comprises:
The second acquisition sub-module is used for acquiring verification information sent by the general ledger system;
The third processing sub-module is used for uploading the first screenshot picture to the general ledger system according to the verification information so that the general ledger system verifies whether the first screenshot picture is consistent with a second screenshot picture of the credential information intercepted in the general ledger system according to a preset image comparison model;
And the fourth execution sub-module is used for uploading the transaction log to the general ledger system when the first screenshot picture and the second screenshot picture sent by the general ledger system are obtained to be inconsistent.
To solve the above technical problem, an embodiment of the present invention further provides a computer device, including a memory and a processor, where the memory stores computer readable instructions, and when the computer readable instructions are executed by the processor, the processor is caused to execute the steps of the credential management method described above.
To solve the above technical problem, embodiments of the present invention further provide a storage medium storing computer readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of the credential management method described above.
The embodiment of the invention has the beneficial effects that: when the terminal uploads the voucher information, the transaction log recording the transaction behavior is called by acquiring the time information of the transaction behavior with the corresponding relation with the voucher information recorded in the voucher information, and because each voucher parameter in the voucher information is taken from the content in the transaction log, after the transaction log is called, whether the data recorded in the voucher information is correct or not can be checked through the transaction log, and the voucher information is uploaded to the general account system after the correctness is confirmed. The voucher information is checked through the transaction log, so that the checking accuracy can be improved, meanwhile, the whole uploading process and the checking process do not need to be manually participated, the efficiency of the whole uploading checking process is greatly improved, and the labor cost is saved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a basic flow of a credential management method according to an embodiment of the present invention;
FIG. 2 is a flow chart of generating credential information from a transaction log according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of a timing task uploading credential information according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart of local encryption protection for credential information according to an embodiment of the present invention;
FIG. 5 is a schematic flow chart of generating a dynamic password according to a log file according to an embodiment of the present invention;
FIG. 6 is a flowchart illustrating a first screenshot generated according to an embodiment of the present invention;
FIG. 7 is a flowchart of verifying credential information by image comparison according to an embodiment of the present invention;
FIG. 8 is a schematic diagram of a basic structure of a credential management device according to an embodiment of the present invention;
Fig. 9 is a basic structural block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
In order to enable those skilled in the art to better understand the present invention, the following description will make clear and complete descriptions of the technical solutions according to the embodiments of the present invention with reference to the accompanying drawings.
In some of the flows described in the specification and claims of the present invention and in the foregoing figures, a plurality of operations occurring in a particular order are included, but it should be understood that the operations may be performed out of order or performed in parallel, with the order of operations such as 101, 102, etc., being merely used to distinguish between the various operations, the order of the operations themselves not representing any order of execution. In addition, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first" and "second" herein are used to distinguish different messages, devices, modules, etc., and do not represent a sequence, and are not limited to the "first" and the "second" being different types.
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to fall within the scope of the invention.
As used herein, a "terminal" includes both a device of a wireless signal receiver having no transmitting capability and a device of receiving and transmitting hardware having receiving and transmitting hardware capable of performing bi-directional communications over a bi-directional communication link, as will be appreciated by those skilled in the art. Such a device may include: a cellular or other communication device having a single-line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service, personal communications System) that may combine voice, data processing, facsimile and/or data communications capabilities; PDA (Personal DIGITAL ASSISTANT ) that may include a radio frequency receiver, pager, internet/intranet access, web browser, notepad, calendar and/or GPS (Global Positioning System ) receiver; a conventional laptop and/or palmtop computer or other appliance that has and/or includes a radio frequency receiver. As used herein, "terminal," "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or adapted and/or configured to operate locally and/or in a distributed fashion, to operate at any other location(s) on earth and/or in space. The "terminal" and "terminal device" used herein may also be a communication terminal, a network access terminal, and a music/video playing terminal, for example, may be a PDA, a MID (Mobile INTERNET DEVICE ) and/or a Mobile phone with a music/video playing function, and may also be a smart tv, a set top box, and other devices.
Referring to fig. 1 specifically, fig. 1 is a basic flow chart of a credential management method according to the present embodiment.
As shown in fig. 1, a credential management method includes:
s1100, acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information;
In the present embodiment, a group company or a branch company or a subsidiary company of a nationwide company uploads the voucher information for the month to the general ledger system of the group company. But is not limited thereto, any system that needs to upload credential information can use the credential management method in this embodiment.
Credential information refers to accounting credentials, which refers to written evidence that can be used to prove the occurrence of economic business events, to clarify economic responsibilities, and to register an account book accordingly, with legal effectiveness.
The terminal generates a piece of credential information recording the transaction information every time a transaction or account fund flow is performed.
After the credential information is generated, the credential information is stored in a designated folder of the terminal, and when the credential information needs to be uploaded or the month and day come, the corresponding credential information needs to be read in the folder for uploading.
In order to conveniently inquire specific time information of corresponding transaction behavior in the credential information, when the terminal generates transaction or transfer, the task generation time is recorded, and the time is recorded in the credential information or used as a label of the corresponding credential information.
S1200, calling a transaction log of the transaction behavior detailed information according to the time information;
After the time information in the credential information is acquired, a transaction log having a mapping relation with the credential information needs to be searched through the time information.
The transaction log refers to an event record called log generated by the terminal when the terminal performs transaction or transfer operation every time; each line of transaction log records information such as transaction date, transaction time, transaction direction party, transaction amount, transaction item, operator where the transaction occurs, and the like.
The transaction log typically has the time at which the transaction occurred as the name of the transaction log file of the file. Therefore, by using the time information of the transaction as a search condition, the transaction log having a mapping relation with the transaction behavior can be directly searched in the transaction log database.
S1300, comparing the voucher parameters recorded in the voucher information with corresponding transaction parameters in the transaction log according to the transaction log;
In this embodiment, transaction parameters such as transaction date, transaction time, transaction direction partner, transaction amount, transaction item, and operator who generated the transaction are recorded in the transaction log.
The voucher information records the name, date, number, content abstract, accounting subject related to economic business, accounting direction, amount, accounting mark, number of attached sheets, related personnel signature and other voucher parameters. It should be noted that the content information recorded in the transaction log is more extensive and detailed than the scope recorded in the voucher information, and in some embodiments, the voucher information needs to be generated by extracting the relevant content in the transaction log. Thus, the content in the transaction log belongs to the original data with respect to the content in the credential information.
By comparing whether the credential parameters are consistent with the corresponding transaction parameters, it can be determined whether the credential parameters are accurate.
S1400, uploading the credential information to a preset general ledger system when the credential parameters are consistent with the transaction parameters.
When the comparison confirms that the voucher parameters are consistent with the transaction parameters, the fact that the recorded content in the voucher information is accurate is indicated, and the terminal sends the voucher information to a server side corresponding to the general ledger system. If the certificate parameters are not consistent with the transaction parameters through comparison, the terminal sends warning information to the operation user, and simultaneously sends an abnormal condition record to the general ledger system, and the general ledger system is notified of the matters with access between the certificate parameters and the transaction parameters.
When the terminal uploads the voucher information, the transaction log recording the transaction behavior is called by acquiring the time information of the transaction behavior with the corresponding relation with the voucher information recorded in the voucher information, and because each voucher parameter in the voucher information is taken from the content in the transaction log, the transaction log can be called to check whether the data recorded in the voucher information is correct or not, and the voucher information is uploaded to the general ledger system after the correctness is confirmed. The voucher information is checked through the transaction log, so that the checking accuracy can be improved, meanwhile, the whole uploading process and the checking process do not need to be manually participated, the efficiency of the whole uploading checking process is greatly improved, and the labor cost is saved.
In some embodiments, credential information may need to be generated from the transaction log prior to the transaction log being uploaded. Referring to fig. 2, fig. 2 is a flow chart of generating credential information through a transaction log according to the present embodiment.
As shown in fig. 2, S1100 further includes:
s1011, recording transaction information when transaction actions occur and generating a transaction log;
When the terminal performs transaction, all information in the transaction is collected and written into a corresponding transaction log, so that the transaction log stores original data of the transaction.
S1012, calling a preset credential generation rule to extract credential parameters required for generating the credential information from the transaction log;
During the generation of the credential information, it is necessary to extract corresponding credential parameters from the transaction log. Such as, but not limited to, the name of the transaction, the date, the number, the summary of the content, accounting subjects related to the economic business, the billing direction, the amount of money, billing indicia, the number of attachments, related personnel signatures, etc. However, the credential parameters are not limited thereto, and other transaction parameters in the transaction log can be extracted as credential parameters according to different specific application scenarios.
S1013, writing the credential parameters into a preset credential template to generate the credential information.
After the corresponding credential parameters are extracted from the transaction log, the credential parameters are brought into a preset credential template, wherein the credential template is a blank data table filled with a table header. And writing the credential parameters into the parameter filling columns of the corresponding table heads respectively to finish writing the credential parameters. After all the credential parameters are written, the credential information is generated after the signature of the corresponding operator is written in the credential data table.
The data of the transaction log is used for automatically extracting and generating the credential information, so that the step of manual filling is omitted, the generation efficiency of the credential information is greatly improved, and the labor cost is saved.
In some embodiments, the credential information is not generated in real-time and uploaded in real-time, typically by setting a day of a month as a month date, and uploading all credential information of the current month on the day of the month date. Referring to fig. 3, fig. 3 is a flow chart of uploading credential information by timing tasks according to the present embodiment.
As shown in fig. 3, after S1013, further includes:
s1021, recording a storage path of the credential information;
When the credential information is generated, the credential information is stored in a designated folder, and a path of the folder is recorded to generate a storage path of the credential information. But is not limited to, in some alternative embodiments, the storage of the credential information does not have a designated storage folder, but the credential information has a unique naming convention, e.g., a unique identification of "-pingzheng-" is included in the name of the credential information, and the storage path of the credential information can be retrieved and recorded by retrieval.
S1022, establishing a timing task for uploading the credential information in a delayed manner according to a preset uploading date;
And establishing a time delay task according to the set uploading date, wherein the time point triggered by the time delay task is a certain moment of the day of the regulated month, for example, the month is 9:00 of uploading credential information. In some embodiments, to prevent numerous terminals from uploading credential information to the ledger system at the same time, high concurrency pressure is caused on the server of the ledger system, and different terminals are set to different times for uploading credential information.
For example, in some alternative embodiments, the timing voucher information is uploaded through a Kettle (Kettle). Kettle is an ETL tool of foreign open source, is written by pure java, can run on Window, linux, unix, and is efficient and stable in data extraction. Two script files are arranged in the Kettle, transformation and job are used for completing basic conversion of data, and job is used for completing control of the whole workflow. Setting a month date of each month in the job project of the ETL tool, and reading a storage path of a file for an uploading task corresponding to the month date. When the set month date comes, the set timing task is triggered, the system calls the file corresponding to the storage position pointed by the storage path, and the file is uploaded to the appointed general ledger system, so that the task of managing the uploading certificate is completed.
S1023, when the timing task is achieved, confirming that the credential information is called by the storage path.
When the timed task is reached, the delayed task is zeroed. And the terminal confirms the storage path through the access record, and invokes the credential information for uploading.
Through the mode of timing task, can realize the automatic uploading of moon day voucher information, improve uploading efficiency, simultaneously, can effectively avoid operating user to cause the problem of missing the uploading in the past or other factors.
In some embodiments, in order to avoid the credential information from being tampered or deleted by people after being generated, the terminal pertinently protects part of the operation behaviors of the operation user. Referring to fig. 4, fig. 4 is a flow chart of local encryption protection for credential information according to the present embodiment.
As shown in fig. 4, S1013 further includes:
s1031, obtaining a preset secret setting rule;
In this embodiment, a secret rule is set in advance to protect the credential information from falsification or deletion by a task. The encryption rule comprises that the terminal sets the file of the credential information to be in a read-only mode, i.e. the user cannot modify the credential information. And the encryption rule further comprises that a user needs to input a corresponding password when opening an editing mode of the credential information or deleting the credential information. In some alternative embodiments, to prevent leakage of credential information, the encryption rules also include password verification that is also required when the user performs a copy action.
S1032, carrying out secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule.
The local encryption protection is carried out on the credential information according to the encryption setting rule, the local encryption protection is used for facilitating browsing when an operator performs daily checking verification, the encryption setting protection is carried out when the operator performs modification, deletion, cutting or copying and other operations of the user, and the operator cannot make corresponding modification on the credential information without corresponding passwords.
Specifically, after acquiring an operation instruction of an operation user on the credential information, the terminal firstly identifies a user behavior represented by the operation instruction, then searches whether the behavior is forbidden by secret setting in an operation list, if so, prompts the operation user to input a corresponding password, and if not, directly executes the operation of the user on the credential information.
In some embodiments, to enhance protection of credential information, a set of encryption rules includes a set of methods to generate dynamic passwords from log files. Referring to fig. 5, fig. 5 is a flow chart of generating a dynamic password according to a log file according to the present embodiment.
As shown in fig. 5, S1031 includes:
s1041, performing hash operation on the transaction log to generate a hash value;
In this embodiment, the first step of generating the dynamic password is: and carrying out hash operation on the content of the transaction log through the hash operation to obtain a corresponding hash value.
The hash operation is a function of a message digest that compresses messages of arbitrary length to some fixed length. Thus, different transaction logs can be translated into hash values of uniform length. The hash value is converted to a decimal number for subsequent calculation.
S1042, selecting any one unit number greater than 1 from the hash value to carry out the operation of taking the modulus on the hash value;
A unit number greater than 1 is selected from the decimal hash value, and the value is taken regularly in the step. For example, it is prescribed that the values of 1 and 0 in the hash are removed, and then the value of the third bit, i.e., the hundred bits, is fixedly extracted as the parameter of the modulo operation. But is not limited thereto, in some alternative embodiments, the number of permutations of the per-month values is set for the values by setting a round table.
After extracting a unit number greater than 1, modulo operation is performed on the hash value with the unit number as a remainder of dividing the hash value by the countless number.
S1043, adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate the dynamic password.
In this embodiment, in addition to the dynamic password as the remainder, a fixed password, for example, a 6-bit solid-state password, needs to be set.
To enhance the security of the dynamic password, the remainder obtained by the modulo operation is added to the solid-state password, for example, the remainder obtained by the modulo operation is added before the third bit and the fourth bit password of the solid-state password or replaces the third bit in the solid-state password to be used as the final dynamic password. Or setting a round value table, wherein the round value table records the position of the remainder inserted into the solid state password or replaces which bit in the solid state password.
Since there is a gap between the transaction logs, the hash value generated from the transaction logs is also an uncertain random number, the values of 0 and 1 in the hash value are uncertain, and the value of the extracted unit number is also not a specified value, so that the obtained remainder is also a random variable, and the remainder is changed according to the change of the transaction logs and the extraction mode, and finally one number of the solid-state passwords is inserted or replaced to generate the dynamic password. The dynamic password is difficult to crack due to the diversification of random variables, and most of the dynamic password needs to be memorized manually, only individual characters are randomly generated, and the dynamic password is convenient for a user to memorize and use.
In some embodiments, to prevent the credential information from being tampered with, the credential information is stored as a reconciliation credential when the credential information is generated. Referring to fig. 6, fig. 6 is a flowchart illustrating a first screenshot image generation process.
As shown in fig. 6, S1013 further includes:
s1051, performing screenshot on the credential information to generate a first screenshot picture;
When the credential information is generated, the terminal performs screenshot on the credential information to generate a first screenshot picture.
S1052, associating the first screenshot picture with the credential information to enable the first screenshot picture to establish a mapping relation with the credential information.
After the first screenshot picture is generated, mapping and associating the first screenshot picture with the credential information so as to directly call the first screenshot picture through the credential information. In some alternative embodiments, the first screenshot is stored in the same folder as the credential information.
In some embodiments, the credential information may be subject to data errors during network transmission or risk of interception and modification of data therein by hackers during data transmission. In order to prevent the risk, the terminal performs screenshot preservation on the credential information when generating the credential information. The general ledger system extracts one or more pieces of uploaded credential information for verification in a random extraction mode, sends a verification request for verifying the credential information to a terminal where the extracted credential information is located according to the source of the credential information, and sends a corresponding first screenshot picture to a server of the general ledger system after receiving the verification request. Referring to fig. 7, fig. 7 is a flowchart illustrating a process of verifying credential information by image comparison according to the present embodiment.
As shown in fig. 7, S1400 further includes:
S1511, acquiring verification information sent by the general ledger system;
In order to prevent the risk, the terminal performs screenshot preservation on the credential information when generating the credential information. The general ledger system extracts one or more pieces of credential information uploaded in a random extraction mode to verify, and sends verification information of the credential information to be verified to a terminal where the extracted credential information is located according to the source of the credential information.
S1512, uploading the first screenshot picture to the general ledger system according to the verification information, so that the general ledger system verifies whether the first screenshot picture is consistent with a second screenshot picture of the credential information intercepted in the general ledger system according to a preset image comparison model;
And after receiving the verification message, the terminal uploads the first screenshot picture to the general ledger system. When the general ledger system receives the credential information, the general ledger system also captures the credential information to generate a second screenshot picture.
The general ledger system compares whether the first screenshot picture is consistent with the second screenshot picture or not through an image comparison model. Specifically, the image comparison model is a neural network model that has been trained to a convergence state for comparing whether the images are identical. The image comparison model can be a convolutional neural network model (CNN) that has been trained to a converged state, but the image comparison model can also be: a deep neural network model (DNN), a recurrent neural network model (RNN), or a variant of the three network models.
S1513, uploading the transaction log to the general ledger system when the message that the first screenshot picture and the second screenshot picture sent by the general ledger system are inconsistent is acquired.
When the terminal receives the message that the first screenshot picture and the second screenshot picture sent by the general ledger system are inconsistent, the terminal needs to upload the transaction log to the general ledger system so as to further confirm whether the credential information is wrong or not by the general ledger system, and the error occurs in the credential parameter and other information.
Whether the first screenshot picture is consistent with the second screenshot picture or not can be judged rapidly and accurately through the neural network model, checking efficiency is improved, and risk control capability of an accounting system is enhanced.
In order to solve the technical problems, the embodiment of the invention also provides a credential management device.
Referring to fig. 8 specifically, fig. 8 is a schematic diagram of a basic structure of a credential management device according to the present embodiment.
As shown in fig. 8, a credential management device includes: an acquisition module 2100, a processing module 2200, a comparison module 2300, and an execution module 2400. The acquiring module 2100 is configured to acquire credential information to be uploaded, where the credential information includes time information of transaction behavior occurrence time having a mapping relationship with the credential information; the processing module 2200 is used for calling the transaction log of the transaction behavior detailed information according to the time information; the comparison module 2300 is used for comparing the voucher parameters recorded in the voucher information with the corresponding transaction parameters in the transaction log according to the transaction log; the execution module 2400 is configured to upload the credential information to a preset general ledger system when the credential parameter is consistent with the transaction parameter.
When the terminal uploads the voucher information, the transaction log recording the transaction behavior is called by acquiring the time information of the transaction behavior with the corresponding relation with the voucher information recorded in the voucher information, and because each voucher parameter in the voucher information is taken from the content in the transaction log, the transaction log can be called to check whether the data recorded in the voucher information is correct or not, and the voucher information is uploaded to the general ledger system after the correctness is confirmed. The voucher information is checked through the transaction log, so that the checking accuracy can be improved, meanwhile, the whole uploading process and the checking process do not need to be manually participated, the efficiency of the whole uploading checking process is greatly improved, and the labor cost is saved.
In some implementations, the credential management device further includes: the system comprises a first recording sub-module, a first calling sub-module and a first generating sub-module. The first recording submodule is used for recording transaction information when transaction actions occur and generating a transaction log; the first calling submodule is used for calling a preset voucher generation rule to extract voucher parameters required by voucher information in a transaction log; the first generation sub-module is used for writing the credential parameters into a preset credential template to generate credential information.
In some implementations, the credential management device further includes: the system comprises a second recording sub-module, a first processing sub-module and a first executing sub-module. The second recording submodule is used for recording a storage path of the credential information; the first processing sub-module is used for establishing a timing task for delaying uploading of the credential information according to a preset uploading date; the first execution submodule is used for confirming that the credential information is called by the storage path when the timing task is achieved.
In some implementations, the credential management device further includes: the system comprises a first acquisition sub-module and a second processing sub-module. The first acquisition sub-module is used for acquiring a preset secret setting rule; the second processing sub-module is used for carrying out secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule.
In some embodiments, the encryption rule comprises a dynamic password, and the credential management device further comprises: the system comprises a first computing sub-module, a second computing sub-module and a second executing sub-module. The first computing submodule is used for carrying out hash operation on the transaction log to generate a hash value; the second calculation submodule is used for selecting any one digit greater than 1 from the hash value to carry out the operation of taking the modulus on the hash value; the second execution submodule is used for adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate a dynamic password.
In some implementations, the credential management device further includes: the system comprises a first screenshot sub-module and a third execution sub-module. The first screenshot submodule is used for screenshot the voucher information to generate a first screenshot picture; the third execution submodule is used for associating the first screenshot picture with the credential information to enable the first screenshot picture to establish a mapping relation with the credential information.
In some implementations, the credential management device further includes: the system comprises a second acquisition sub-module, a third processing sub-module and a fourth execution sub-module. The second acquisition sub-module is used for acquiring verification information sent by the general ledger system; the third processing sub-module is used for uploading the first screenshot picture to the general ledger system according to the verification information so that the general ledger system verifies whether the first screenshot picture is consistent with a second screenshot picture of the credential information intercepted in the general ledger system according to a preset image comparison model; and the fourth execution submodule is used for uploading the transaction log to the general ledger system when the first screenshot picture and the second screenshot picture sent by the general ledger system are obtained to be inconsistent.
In order to solve the technical problems, the embodiment of the invention also provides computer equipment. Referring specifically to fig. 9, fig. 9 is a basic structural block diagram of a computer device according to the present embodiment.
As shown in fig. 9, the internal structure of the computer device is schematically shown. The computer device includes a processor, a non-volatile storage medium, a memory, and a network interface connected by a system bus. The non-volatile storage medium of the computer device stores an operating system, a database, and computer readable instructions, where the database may store a control information sequence, and the computer readable instructions, when executed by the processor, may cause the processor to implement a credential management method. The processor of the computer device is used to provide computing and control capabilities, supporting the operation of the entire computer device. The memory of the computer device may have stored therein computer readable instructions that, when executed by the processor, cause the processor to perform a credential management method. The network interface of the computer device is for communicating with a terminal connection. It will be appreciated by persons skilled in the art that the architecture shown in fig. 9 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting as to the computer device to which the present inventive arrangements are applicable, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
The processor in this embodiment is configured to perform specific functions of the acquisition module 2100, the processing module 2200, the comparison module 2300, and the execution module 2400 in fig. 8, and the memory stores program codes and various types of data required for executing the above modules. The network interface is used for data transmission between the user terminal or the server. The memory in this embodiment stores program codes and data required for executing all the sub-modules in the face image key point detection device, and the server can call the program codes and data of the server to execute the functions of all the sub-modules.
When the computer equipment uploads the voucher information, the transaction log recording the transaction behavior is called by acquiring the time information of the transaction behavior with the corresponding relation with the voucher information recorded in the voucher information, and because each voucher parameter in the voucher information is taken from the content in the transaction log, after the transaction log is called, whether the data recorded in the voucher information is correct or not can be checked through the transaction log, and the voucher information is uploaded to the general account system after the correctness is confirmed. The voucher information is checked through the transaction log, so that the checking accuracy can be improved, meanwhile, the whole uploading process and the checking process do not need to be manually participated, the efficiency of the whole uploading checking process is greatly improved, and the labor cost is saved.
The present invention also provides a storage medium storing computer readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of any of the embodiments of the credential management method described above.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored in a computer-readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. The storage medium may be a nonvolatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
Claims (8)
1. A method of credential management, comprising:
acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information;
Invoking a transaction log of the transaction behavior detailed information according to the time information;
Comparing the voucher parameters recorded in the voucher information with corresponding transaction parameters in the transaction log according to the transaction log;
when the credential parameters are consistent with the transaction parameters, uploading the credential information to a preset general ledger system;
Before obtaining the credential information to be uploaded, the method comprises the following steps:
acquiring a preset secret setting rule;
performing secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule;
the secret setting rule comprises a dynamic password, and the obtaining of the preset secret setting rule comprises the following steps:
performing hash operation on the transaction log to generate a hash value;
Selecting any one digit greater than 1 from the hash value to carry out the journaling modulo operation on the hash value;
adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate the dynamic password;
The step of adding the remainder obtained by the modulo operation to a preset specified position of a solid-state password to generate the dynamic password specifically includes:
setting a round value table, and inserting a residue recorded in the round value table into a position in the solid state password or replacing any bit in the solid state password.
2. The method of claim 1, wherein prior to obtaining the credential information to be uploaded, further comprising:
Recording transaction information when transaction actions occur and generating a transaction log;
Invoking a preset credential generation rule to extract credential parameters required for generating the credential information from the transaction log;
writing the credential parameters into a preset credential template to generate the credential information.
3. The method of claim 2, wherein after writing the credential parameters into a preset credential template to generate the credential information, further comprising:
Recording a storage path of the credential information;
establishing a timing task for uploading the credential information in a delayed manner according to a preset uploading date;
When the timed task is reached, the credential information is confirmed to be invoked by the storage path.
4. The method of claim 2, wherein after writing the credential parameters into a preset credential template to generate the credential information, further comprising:
Screenshot is carried out on the credential information to generate a first screenshot picture;
and associating the first screenshot picture with the credential information to enable the first screenshot picture to establish a mapping relation with the credential information.
5. The method according to claim 4, wherein when the credential parameter is consistent with the transaction parameter, after uploading the credential information to a preset ledger system, further comprising:
acquiring verification information sent by the general ledger system;
Uploading the first screenshot picture to the general ledger system according to the verification information, so that the general ledger system verifies whether the first screenshot picture is consistent with a second screenshot picture of the credential information intercepted in the general ledger system according to a preset image comparison model;
And uploading the transaction log to the general ledger system when the message that the first screenshot picture and the second screenshot picture sent by the general ledger system are inconsistent is acquired.
6. A credential management device comprising:
The system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring credential information to be uploaded, wherein the credential information comprises time information of transaction behavior occurrence time with a mapping relation with the credential information;
The processing module is used for calling the transaction log of the transaction behavior detailed information according to the time information;
the comparison module is used for comparing the voucher parameters recorded in the voucher information with the corresponding transaction parameters in the transaction log according to the transaction log;
the execution module is used for uploading the credential information to a preset general ledger system when the credential parameters are consistent with the transaction parameters;
the first acquisition submodule is used for acquiring a preset secret setting rule;
the second processing sub-module is used for carrying out secret setting protection on at least one operation mode of the credential information according to a preset secret setting rule;
The first computing sub-module is used for carrying out hash operation on the transaction log to generate a hash value;
A second calculation sub-module, configured to select any one of the digits greater than 1 from the hash value to perform a modular arithmetic on the hash value;
The second execution sub-module is used for adding the remainder obtained by the modulo operation to a specified position of a preset solid-state password to generate a dynamic password;
Wherein, the second execution submodule is specifically configured to:
setting a round value table, and inserting a residue recorded in the round value table into a position in the solid state password or replacing any bit in the solid state password.
7. A computer device comprising a memory and a processor, the memory having stored therein computer readable instructions that, when executed by the processor, cause the processor to perform the steps of the credential management method of any of claims 1 to 5.
8. A storage medium storing computer readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the credential management method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811348221.2A CN109636553B (en) | 2018-11-13 | 2018-11-13 | Credential management method, apparatus, computer device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811348221.2A CN109636553B (en) | 2018-11-13 | 2018-11-13 | Credential management method, apparatus, computer device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109636553A CN109636553A (en) | 2019-04-16 |
| CN109636553B true CN109636553B (en) | 2024-05-07 |
Family
ID=66067901
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811348221.2A Active CN109636553B (en) | 2018-11-13 | 2018-11-13 | Credential management method, apparatus, computer device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109636553B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111078714B (en) * | 2019-11-25 | 2023-08-15 | 泰康保险集团股份有限公司 | Data processing method and device |
| CN111222180A (en) * | 2020-02-27 | 2020-06-02 | 山东浪潮通软信息科技有限公司 | Method, system, device and medium for judging whether accounting document is tampered |
| CN111506927B (en) * | 2020-04-16 | 2023-04-18 | 中国银行股份有限公司 | Electronic certificate storage method and device, electronic equipment and storage medium |
| CN112598505A (en) * | 2020-12-25 | 2021-04-02 | 无锡航吴科技有限公司 | System and method for supervising nationally-owned financing platform based on comparison rule |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000132095A (en) * | 1998-03-26 | 2000-05-12 | Nippon Telegr & Teleph Corp <Ntt> | Encryption method, decryption method, authentication method, encryption apparatus, decryption apparatus, authentication apparatus, authentication text transmitter apparatus, encryption text receiver apparatus, cipher communication system and authentication system |
| CN101710410A (en) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | Method and system for checking accounting data |
| CN102752110A (en) * | 2011-04-19 | 2012-10-24 | 中国银行股份有限公司 | Dynamic password generating method and system |
| CN103106607A (en) * | 2012-08-22 | 2013-05-15 | 杨磊 | Financial certificate processing system and method thereof |
| CN107248244A (en) * | 2017-05-23 | 2017-10-13 | 深圳怡化电脑股份有限公司 | The acquisition methods and system of financial terminal transaction voucher |
| CN107368833A (en) * | 2017-09-01 | 2017-11-21 | 许军 | A kind of original certificate processing method, device, accepting terminal and system |
| CN107993137A (en) * | 2017-11-15 | 2018-05-04 | 浪潮金融信息技术有限公司 | Account checking method and device, computer-readable storage medium and terminal |
| CN108460262A (en) * | 2018-01-08 | 2018-08-28 | 平安科技(深圳)有限公司 | Cipher management method, device, terminal device and storage medium |
-
2018
- 2018-11-13 CN CN201811348221.2A patent/CN109636553B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000132095A (en) * | 1998-03-26 | 2000-05-12 | Nippon Telegr & Teleph Corp <Ntt> | Encryption method, decryption method, authentication method, encryption apparatus, decryption apparatus, authentication apparatus, authentication text transmitter apparatus, encryption text receiver apparatus, cipher communication system and authentication system |
| CN101710410A (en) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | Method and system for checking accounting data |
| CN102752110A (en) * | 2011-04-19 | 2012-10-24 | 中国银行股份有限公司 | Dynamic password generating method and system |
| CN103106607A (en) * | 2012-08-22 | 2013-05-15 | 杨磊 | Financial certificate processing system and method thereof |
| CN107248244A (en) * | 2017-05-23 | 2017-10-13 | 深圳怡化电脑股份有限公司 | The acquisition methods and system of financial terminal transaction voucher |
| CN107368833A (en) * | 2017-09-01 | 2017-11-21 | 许军 | A kind of original certificate processing method, device, accepting terminal and system |
| CN107993137A (en) * | 2017-11-15 | 2018-05-04 | 浪潮金融信息技术有限公司 | Account checking method and device, computer-readable storage medium and terminal |
| CN108460262A (en) * | 2018-01-08 | 2018-08-28 | 平安科技(深圳)有限公司 | Cipher management method, device, terminal device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109636553A (en) | 2019-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109636553B (en) | Credential management method, apparatus, computer device and storage medium | |
| US11784824B1 (en) | Secure ledger assurance tokenization | |
| US20240169457A1 (en) | Systems and methods for executing and delivering electronic documents | |
| EP3543891B1 (en) | A computer implemented method and a system for tracking of certified documents lifecycle and computer programs thereof | |
| CN110932859B (en) | User information processing method, device and equipment and readable storage medium | |
| CN110377762A (en) | Information query method, device and computer equipment based on electronics folder | |
| CN112883117B (en) | Data synchronization method, equipment and computer readable storage medium | |
| US9578036B2 (en) | Access revocation | |
| CN106156904B (en) | Cross-platform virtual asset tracing method based on eID | |
| CN110493011B (en) | Block chain-based certificate issuing management method and device | |
| CN117495521A (en) | Digital bill generation method and device, electronic equipment and storage medium | |
| CN112288567A (en) | Bank account information processing method and device and readable medium | |
| CN116049901B (en) | Detection task traceable management system based on timestamp encryption | |
| CN117034358A (en) | Service certificate processing method and device and computer equipment | |
| CN113704123B (en) | Interface testing method, device, equipment and storage medium | |
| CN110070361A (en) | Contract based on block chain deposits card method, equipment and storage medium | |
| JP2009042986A (en) | Management system, method and program for marketing sales history of financial product | |
| CN113343256A (en) | Electronic evidence obtaining and storing system based on block chain technology | |
| US20040243494A1 (en) | Financial transaction information capturing and indexing system | |
| Magama et al. | Journey to EDRMS solution in Zimbabwe public sector | |
| CN111079199B (en) | Enterprise credit data screenshot tamper-proofing method based on block chain technology | |
| WO2024114784A1 (en) | Method and system for blockchain-based data management | |
| CN118051896B (en) | Contract signature intelligent management method, device, equipment and medium | |
| US20240152934A1 (en) | Contact verification and non-repudiation system | |
| WO2024079962A1 (en) | Information terminal and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |